Fixes #10842: Update write test for 4.1 and add generation for a node

rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/Create_file/1.0/Create_file.cf

@@ -0,0 +1,15 @@
+# @name Create a file
+# @description Create a file and a directory
+# @version 1.0
+
+bundle agent Create_file
+{
+  vars:
+    "class_prefix" string => canonify(join("_", "this.callers_promisers"));
+
+  methods:
+    "method_call" usebundle => directory_create("/tmp/foo"),
+      ifvarclass => concat("any");
+    "method_call" usebundle => file_create("/tmp/foo/bar"),
+      ifvarclass => concat("directory_create__tmp_foo_ok");
+}

rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/Create_file/1.0/rudder_reporting.cf

@@ -0,0 +1,13 @@
+bundle agent Create_file_rudder_reporting
+{
+  vars:
+    "promisers"          slist => { @{this.callers_promisers}, cf_null }, policy => "ifdefined";
+    "class_prefix"      string => canonify(join("_", "promisers"));
+    "args"               slist => { };
+
+  methods:
+
+    !(directory_create__tmp_foo_ok)::
+      "dummy_report" usebundle => _classes_noop("file_create__tmp_foo_bar");
+      "dummy_report" usebundle => log_rudder("File create /tmp/foo/bar if directory_create__tmp_foo_ok", "file_create__tmp_foo_bar", "${class_prefix}", @{args});
+}

rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/common/1.0/cf-served.cf

@@ -0,0 +1,146 @@
+#####################################################################################
+# Copyright 2011 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+#######################################################
+#
+# Server specific configuration
+#
+#######################################################
+
+bundle server access_rules
+{
+  # Access rules are only defined on a policy server. Standard nodes should not share any files.
+  access:
+
+    policy_server|role_rudder_relay_promises_only::
+      "${def.dir_masterfiles}"
+        handle  => "grant_access_policy",
+        comment => "Grant access to the policy updates",
+        maproot => {  @{def.acl}  },
+        admit   => {  @{def.acl}  };
+
+      "${g.rudder_tools}"
+        maproot => {  @{def.acl}  },
+        admit   => {  @{def.acl}  };
+
+    # Allow server to remotely run the agent
+    # Using ${sys.cf_agent} fails, as cf-serverd cannot canonize its path
+    windows::
+      "${sys.workdir}\bin\cf-agent.exe"
+        admit   => { host2ip("${server_info.cfserved}"), string_downcase(escape("${server_info.cfserved}")) };
+
+    !windows::
+      "${g.rudder_command}" comment => "Grant access to rudder agent command for cfruncommand",
+        admit => { host2ip("${server_info.cfserved}"), string_downcase(escape("${server_info.cfserved}")) };
+
+  roles:
+      # Allow user root to set any class
+      ".*"  authorize => { "root" };
+}
+
+bundle common def
+{
+  vars:
+      "policy_server_file"
+        string  => translatepath("${sys.workdir}/policy_server.dat"),
+        comment => "Path to file containing address to policy server";
+
+      # Use "rudder" as default policy_server if no policy_server.dat exists
+      "policy_server"
+        string  => ifelse(fileexists("${policy_server_file}"),
+                          readfile("${policy_server_file}", 2048),
+                          "rudder"),
+        comment => "IP address or hostname to locate your policy host.";
+
+    !windows::
+      "cf_runagent_shell" 
+        string  => "/bin/sh",
+        comment => "Define path to shell used by cf-runagent";
+
+    any::
+
+      "dir_masterfiles" string => translatepath("${sys.workdir}/masterfiles");
+
+   # List here the IP masks that we grant access to on the server
+
+    policy_server::
+      "acl" slist => {
+      "127.0.0.0/8" , "::1",
+      host2ip("${def.policy_server}"), # the policy server can connect to a relay
+      "192.168.49.0/24",
+    };
+
+    !policy_server::
+      "acl" slist => {
+      "${def.policy_server}", host2ip("${def.policy_server}")
+      };
+
+}
+
+
+body server control
+{
+        trustkeysfrom     => {
+          @{def.acl} ,
+
+        }; #trustkey allows the exchange of keys
+
+        allowconnects     => {
+          @{def.acl} ,
+
+        };
+
+
+        allowallconnects  => {
+          @{def.acl} ,
+
+        };
+
+        maxconnections    => "1000";
+        logallconnections => "true";
+
+        allowlegacyconnects => {
+            host2ip("${def.policy_server}"), # the policy server can connect
+            "192.168.49.0/24",
+
+        };
+
+      windows::
+        cfruncommand => "${sys.cf_agent} -I -D cfruncommand -f \"failsafe.cf\"  &
+                        ${sys.cf_agent} -I -D cfruncommand";
+
+      !windows::
+        # last single quote in cfruncommand is left open, so that
+        # arguments (like -K and --remote-bundles) are properly appended.
+        cfruncommand => "${g.rudder_command} agent run -uR";
+
+        allowusers        => {
+          "root",
+        };
+
+        denybadclocks => "true";
+
+    community_edition.!debug_port::
+        port => "5309";
+    community_edition.debug_port::
+        port => "5310";
+
+}
+
+#######################################################
+

rudder-core/src/test/resources/configuration-repository/expected-share/root-default-install/common/1.0/cron_setup.cf → rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/common/1.0/cron-setup.cf

@@ -30,27 +30,32 @@ bundle agent setup_cronjob
       "/etc/cron.d/rudder-agent-uuid"
         delete => tidy;
 
-    community_edition.!aix::
+    community_edition.!aix.!windows::
 
       "/etc/cron.d/rudder-agent"
         create        => "true",
         perms         => mog("644", "root", "0"),
         edit_defaults => empty_backup,
-        edit_line     => expand_template("${sys.workdir}/inputs/common/cron/rudder_agent_community_cron");
+        edit_line     => expand_template("${sys.workdir}/inputs/common/cron/rudder-agent-community-cron");
     aix::
 
       # Cleanup the crontab
       "/var/spool/cron/crontabs/root"
         edit_defaults => noempty_backup,
         edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* if \[ -x /opt/rudder/bin/check-rudder-agent \]; then /opt/rudder/bin/check-rudder-agent( >/dev/null)?; fi");
 
+      # Cleanup the pre-4.0 crontab
+      "/var/spool/cron/crontabs/root"
+        edit_defaults => noempty_backup,
+        edit_line => delete_lines_matching("0,5,10,15,20,25,30,35,40,45,50,55 \* \* \* \* /usr/bin/test -x /opt/rudder/bin/check-rudder-agent && /opt/rudder/bin/check-rudder-agent >/dev/null");
+
       # Add Rudder entry
       "/var/spool/cron/crontabs/root"
         create        => "true",
         perms         => mog("600", "root", "cron"),
-        edit_line     => insert_lines("0,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/bin/test -x /opt/rudder/bin/check-rudder-agent && /opt/rudder/bin/check-rudder-agent >/dev/null"),
+        edit_line     => insert_lines("0,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/bin/test -x /opt/rudder/bin/rudder && /opt/rudder/bin/rudder agent check >/dev/null"),
         classes       => rudder_common_classes("rudder_aix_crontab_insertion"),
-        comment       => "Insert an AIX-compatible user crontab to run /opt/rudder/bin/check-rudder-agent";
+        comment       => "Insert an AIX-compatible user crontab to run /opt/rudder/bin/rudder agent check";
 
 }
 
@@ -86,8 +91,11 @@ bundle agent check_cron_daemon
     pass3.!(android|windows|aix)::
       "any" usebundle => rudder_common_reports_generic("Common", "service_restart_${service_name}", "hasPolicyServer-root@@common-root@@2", "CRON Daemon", "None", "Cron daemon status");
 
-    (android|windows|aix)::
-      "any" usebundle => rudder_common_report("Common", "result_na", "hasPolicyServer-root@@common-root@@2", "CRON Daemon", "None", "This is a system without CRON: CRON verifications skipped !");
+    (android|windows)::
+      "any" usebundle => rudder_common_report("Common", "result_na", "hasPolicyServer-root@@common-root@@2", "CRON Daemon", "None", "This is a system without CRON: CRON verifications skipped");
+
+    aix::
+      "any" usebundle => rudder_common_report("Common", "result_na", "hasPolicyServer-root@@common-root@@2", "CRON Daemon", "None", "CRON is not a service on AIX: CRON verifications skipped");
 
   processes:
 

rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/common/1.0/environment-variables.cf

@@ -0,0 +1,50 @@
+#####################################################################################
+# Copyright 2014 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+# Define module script to read environment variables, in the module format
+# Store them in the node.env context
+bundle agent get_environment_variables
+{
+  vars:
+    !windows::
+      "env_vars_list_cmd" string => "awk 'BEGIN { for (k in ENVIRON) { print k }; }'";
+      "env_vars" slist => splitstring( execresult("${env_vars_list_cmd}","useshell"), "\n" , 2000);
+      "node.env[${env_vars}]" string => getenv( "${env_vars}", 5000);
+
+    # This script output the environment variables, in the format
+    # =node.env[ENV_NAME]=ENV_VALUE
+    # Using the module protocole, the agent will read it, and the variable
+    # will be available using the syntax ${node.env[ENV_NAME]}
+    windows::
+      "script" string => "@echo off
+for /F  \"tokens=1,2* delims==\" %%G IN ('SET') DO ECHO =node.env[%%G]=%%H";
+
+  files:
+    windows::
+      "${sys.workdir}/modules/env.bat"
+        create        => "true",
+        edit_line     => insert_lines("${script}"),
+        edit_defaults => empty,
+        perms         => m("755");
+
+  commands:
+    windows::
+      "\"${sys.workdir}/modules/env.bat\""
+        module => "true";
+
+}

rudder-core/src/test/resources/configuration-repository/expected-share/node-cfe-with-two-directives/rules/cfengine-community/common/1.0/properties.cf

@@ -0,0 +1,71 @@
+#####################################################################################
+# Copyright 2016 Normation SAS
+#####################################################################################
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, Version 3.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#####################################################################################
+
+# Read node properties and put them into the node namespace
+#
+# Properties are available using the node.namespace container that contains the values
+# Those values are read from /var/rudder/cfengine-community/properties/*.json
+# All files are taken in order and overrides the previous one, the last one wins.
+# 
+# Each file must contain at least a 2 levels JSON content, the first level is the namespace level
+# and the second level is the key level.
+# The namespace name must comply with CFEngine variable names rules (ie [a-zA-Z_]+)
+#
+# The merge is a first level merge done at the namespace level.
+# This means that:
+# - a key in a namespace is fully overridden by the same key in the same namespace in a later file.
+# - a key in a namespace is never overriden by the same key in a different namespace
+# - a key that is overriden never retain original data even if it is a data container itself
+# 
+
+# The result key is available in the node.<namespace> data variable
+# usage example: ${node.properties[my_key]}
+#
+# To get the original data (for debug only) there is the properties.property_<fileid> variable
+# usage example: ${properties.property__var_rudder_cfengine_community_inputs_properties_properties_json[properties][my_key]}
+#
+bundle agent properties
+{
+  vars:
+    # The files to read
+    "properties_files" slist => findfiles("${this.promise_dirname}/../../properties.d/*.json");
+
+    # The sorted file list
+    "_sorted_files" slist => sort("properties_files", "lex");
+    # cfengine iterates over lists in promises in the reverse order, so we need the inverted list
+    "sorted_files" slist => reverse("_sorted_files");
+
+    # Canonified sorted file list
+    "file_id[${sorted_files}]" string => canonify("${sorted_files}");
+
+    # Read the files, 10MB maximum
+    # Read into a property_<canonified filename> because cfengine doesn't support to read data into property[<filename>]
+    "property_${file_id[${sorted_files}]}" data => readjson("${sorted_files}", "10000000");
+
+    # Get namespace names
+    "namespace[${sorted_files}]" slist => getindices("property_${file_id[${sorted_files}]}");
+
+    # Initialize all namespace variables (mergedata refuses to merge undefined variables)
+    "node.${namespace[${sorted_files}]}" data => parsejson('{}');
+
+    # First level merge within each namespace, in file name order 
+    "node.${namespace[${sorted_files}]}" data => mergedata("node.${namespace[${sorted_files}]}",
+                                                           "property_${file_id[${sorted_files}]}[${namespace[${sorted_files}]}]");
+
+    # That's all, now we have a node.namespace data that contains the overriden values
+}