-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes #19037: Refactor the system techniques by component #1652
Fixes #19037: Refactor the system techniques by component #1652
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is really nicer than what we have
some minor changes request but this is a great step in the right direction
"pass1" expression => "any"; | ||
methods: | ||
pass3:: | ||
"any" usebundle => enable_reporting; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why are you enabling reporting ? it should already be enabled
redhat:: | ||
"apache_service" string => "httpd"; | ||
|
||
classes: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it doesn't seem useful here to set up the classes
"server_ip_found" expression => regcmp("^[0-9.]+$|^[0-9a-fA-F:]+:[0-9a-fA-F:]+$", "${policy_server_ip}"); | ||
|
||
# Restart apache at the end of the technique if needed | ||
"system_restart_apache" expression => "${allowed_network_prefix}_repaired|${remote_run_prefix}_repaired", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i'd rather have an even more specific name:
"rudder_server_system_restart_apache", or something like that, to minimize classes colision risks
"restart_jetty_password" usebundle => _method_reporting_context("Reload rudder services", "None"); | ||
rudder_system_restart_jetty:: | ||
"restart_jetty_password" usebundle => service_restart("${jetty_service_name}"); | ||
rudder_system_restart_apache:: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as sad earlier, i'd like something more specific, like "rudder_server_system_restart_apache"
"technique_name" string => "server-roles"; | ||
"report_string" string => "Apache WebDAV user and password"; | ||
|
||
"webdav_pwd_cmd" string => "${htpasswd_bin} -b ${g.rudder_base}/etc/htpasswd-webdav ${g.davuser} ${g.davpw}"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
identation is not consistent in this block
rudder_system_restart_jetty:: | ||
"restart_jetty_password" usebundle => service_restart("${jetty_service_name}"); | ||
rudder_system_restart_apache:: | ||
"restart_jetty_password" usebundle => service_reload("${apache_service}"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"restart_jetty_password" usebundle => service_reload("${apache_service}"); | |
"restart_apache_password" usebundle => service_reload("${apache_service}"); |
|
||
any:: | ||
"jetty_prefix" string => canonify("service_restart_${jetty_service_name}"); | ||
"apache_prefix" string => canonify("service_restart_${apache_service_name}"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"apache_prefix" string => canonify("service_restart_${apache_service_name}"); | |
"apache_prefix" string => canonify("service_reload_${apache_service_name}"); |
# Reporting | ||
"report_error" usebundle => rudder_common_report("${technique_name}", "result_error", "${server_roles_common.directiveId}", "${component_name}", "None", "${report_string}"), | ||
ifvarclass => "result_error"; | ||
"report_repaired" usebundle => rudder_common_report("${technique_name}", "result_error", "${server_roles_common.directiveId}", "${component_name}", "None", "${report_string}"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"report_repaired" usebundle => rudder_common_report("${technique_name}", "result_error", "${server_roles_common.directiveId}", "${component_name}", "None", "${report_string}"), | |
"report_repaired" usebundle => rudder_common_report("${technique_name}", "result_repaired", "${server_roles_common.directiveId}", "${component_name}", "None", "${report_string}"), |
"restart_jetty_password" usebundle => enable_reporting; | ||
|
||
# Reporting | ||
"report_error" usebundle => rudder_common_report("${technique_name}", "result_error", "${server_roles_common.directiveId}", "${component_name}", "None", "${report_string}"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is the report_string defined ?
bundle agent rudder_system_relayd_configuration { | ||
vars: | ||
"config_dir" string => "${g.rudder_base}/etc/relayd"; | ||
"config_file" string => "${config_dir}/main.conf2"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"config_file" string => "${config_dir}/main.conf2"; | |
"config_file" string => "${config_dir}/main.conf"; |
"any" usebundle => service_enabled("${apache_service}"); | ||
|
||
# Configure relayd | ||
"any" usebundle => rudder_system_relayd_configuration; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
relayd should not be part of an apache bundle IMHO
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, do you think I should make two different techniques (one apache and one relayd) or keep one "relay" technique with an apache and a relayd bundle?
"restart_jetty_password" usebundle => disable_reporting; | ||
"restart_jetty_password" usebundle => _method_reporting_context("Reload rudder services", "None"); | ||
rudder_system_restart_jetty:: | ||
"restart_jetty_password" usebundle => service_restart("${jetty_service_name}"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need to mention _password here, we do not need to leak this information across bundles, knowing we need to restart it is enough
b9c7cdc
to
4a38e55
Compare
Commit modified |
Fixes #19037: Refactor the system techniques by component
PR updated with a new commit |
Fixes #19037: Refactor the system techniques by component
PR updated with a new commit |
…component Fixes #19037: Refactor the system techniques by component
PR updated with a new commit |
Migrating the changes to #1655 |
https://issues.rudder.io/issues/19037