Fixes #19556: Modify the internal rules and directives at install time to support the new system techniques

webapp/sources/rudder/rudder-core/src/main/resources/ldap/bootstrap.ldif

@@ -4,7 +4,6 @@
 # This file contains the basic structure and minimal entries that MUST be
 # present in the LDAP backend for Rudder to function correctly.
 ###############################################################################
-
 # Base structure
 dn: cn=rudder-configuration
 objectclass: configurationRoot
@@ -23,14 +22,12 @@ ou: Rudder
 description: Branch that stores all Rudder specific data
 
 ## Inventories related branches
-
 dn: ou=Inventories,cn=rudder-configuration
 objectclass: top
 objectclass: organizationalUnit
 ou: Inventories
 description: Inventory information
 
-
 dn: ou=Software,ou=Inventories,cn=rudder-configuration
 objectClass: top
 objectClass: organizationalUnit
@@ -98,7 +95,6 @@ ou: Servers
 description: Logical servers, an OS installation. May be on a virtual machine or a physical machine, from ou=Machines.
 
 # System groups
-
 dn: groupCategoryId=GroupRoot,ou=Rudder,cn=rudder-configuration
 objectClass: groupCategory
 objectClass: top
@@ -184,27 +180,77 @@ description: This category contains "system" active techniques, used to configur
 techniqueCategoryId: Rudder Internal
 isSystem: TRUE
 
-# Distribute policy (root policy server)
-dn: activeTechniqueId=distributePolicy,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+# relay management
+dn: activeTechniqueId=rudderRelay,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
 objectClass: activeTechnique
 objectClass: top
-techniqueId: distributePolicy
-activeTechniqueId: distributePolicy
-acceptationTimestamp: {"1.0":"20110715124328.999Z"}
+techniqueId: rudderRelay
+activeTechniqueId: rudderRelay
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
+isEnabled: TRUE
+isSystem: TRUE
+
+# openldap management
+dn: activeTechniqueId=rudderSlapd,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+objectClass: activeTechnique
+objectClass: top
+techniqueId: rudderSlapd
+activeTechniqueId: rudderSlapd
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
+isEnabled: TRUE
+isSystem: TRUE
+
+# apache management
+dn: activeTechniqueId=rudderApache,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+objectClass: activeTechnique
+objectClass: top
+techniqueId: rudderApache
+activeTechniqueId: rudderApache
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
+isEnabled: TRUE
+isSystem: TRUE
+
+# webapp management
+dn: activeTechniqueId=rudderWebapp,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+objectClass: activeTechnique
+objectClass: top
+techniqueId: rudderWebapp
+activeTechniqueId: rudderWebapp
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
+isEnabled: TRUE
+isSystem: TRUE
+
+# postgres management
+dn: activeTechniqueId=rudderPostgresql,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+objectClass: activeTechnique
+objectClass: top
+techniqueId: rudderPostgresql
+activeTechniqueId: rudderPostgresql
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
+isEnabled: TRUE
+isSystem: TRUE
+
+# server common
+dn: activeTechniqueId=serverCommon,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+objectClass: activeTechnique
+objectClass: top
+techniqueId: serverCommon
+activeTechniqueId: serverCommon
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
 isEnabled: TRUE
 isSystem: TRUE
 
-# common (has policy server)
+# common
 dn: activeTechniqueId=common,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
 objectClass: activeTechnique
 objectClass: top
 techniqueId: common
 activeTechniqueId: common
-acceptationTimestamp: {"1.0":"20110715124328.999Z"}
+acceptationTimestamp: {"1.0":"20210723184528.999Z"}
 isEnabled: TRUE
 isSystem: TRUE
 
-# inventory
+# inventory-all
 dn: activeTechniqueId=inventory,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
 objectClass: activeTechnique
 objectClass: top
@@ -225,30 +271,10 @@ isEnabled: TRUE
 isSystem: TRUE
 directivePriority: 0
 
-# server_roles
-dn: activeTechniqueId=server-roles,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
-objectClass: activeTechnique
-objectClass: top
-techniqueId: server-roles
-activeTechniqueId: server_roles
-acceptationTimestamp: {"1.0":"20140603124328.999Z"}
-isEnabled: TRUE
-isSystem: TRUE
-
-dn: directiveId=server-roles-directive,activeTechniqueId=server-roles,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
-objectClass: directive
-objectClass: top
-directiveId: server-roles-directive
-techniqueVersion: 0:1.0
-cn: Server Roles
-description: Server Roles - Technical
-isEnabled: TRUE
-isSystem: TRUE
-directivePriority: 0
-
 #######################################################################################################################
 ## Rules
 #######################################################################################################################
+
 dn: ou=Rules,ou=Rudder,cn=rudder-configuration
 objectClass: organizationalUnit
 objectClass: top
@@ -267,19 +293,6 @@ isSystem: TRUE
 longDescription: This rule makes all nodes do daily self inventories
 serial: 0
 
-dn: ruleId=server-roles,ou=Rules,ou=Rudder,cn=rudder-configuration
-objectClass: rule
-objectClass: top
-ruleId: server-roles
-ruleTarget: special:all_servers_with_role
-directiveId: server-roles-directive
-cn: Rudder system policy: Server roles
-description: Server roles
-isEnabled: TRUE
-isSystem: TRUE
-longDescription: This rule configures the nodes that have Server Roles defined
-serial: 0
-
 # A demonstration rule: group "all nodes", no directive
 dn: ruleId=32377fd7-02fd-43d0-aab7-28460a91347b,ou=Rules,ou=Rudder,cn=rudder
  -configuration
@@ -297,26 +310,23 @@ isSystem: FALSE
 tag: rootRuleCategory
 serial: 0
 
-
-
 #######################################################################################################################
 ## Archives
 #######################################################################################################################
 dn: ou=Archives,ou=Rudder,cn=rudder-configuration
 objectClass: organizationalUnit
 objectClass: top
 ou: Archives
-
 #######################################################################################################################
 ## API Accounts
 #######################################################################################################################
+
 dn: ou=API Accounts,ou=Rudder,cn=rudder-configuration
 objectClass: organizationalUnit
 objectClass: top
 ou: API Accounts
 
 ## Rudder Parameters configuration branch
-
 dn: ou=Parameters,ou=Rudder,cn=rudder-configuration
 objectClass: organizationalUnit
 objectClass: top
@@ -330,7 +340,6 @@ description: Default inform message put in header of managed files by Rudder
 parameterValue: "### Managed by Rudder, edit with care ###"
 
 ## Application properties
-
 dn: ou=Application Properties,cn=rudder-configuration
 objectClass: organizationalUnit
 objectClass: top
@@ -366,4 +375,3 @@ objectClass: top
 propertyName: rudder_report_protocol_default
 propertyValue: HTTPS
 
-

webapp/sources/rudder/rudder-core/src/main/resources/ldap/init-policy-server.ldif

@@ -126,16 +126,82 @@ isSystem: TRUE
 ## Directives
 #######################################################################################################################
 
-dn: directiveId=root-distributePolicy,activeTechniqueId=distributePolicy,techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration
+dn: directiveId=root-rudderRelay,activeTechniqueId=rudderRelay,techniqueCate
+ goryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=r
+ udder-configuration
 objectClass: directive
 objectClass: top
-directiveId: root-distributePolicy
-cn: Distribute Policy
-description: Distribute policy - Technical
+directiveId: root-rudderRelay
+techniqueVersion: 1.0
+cn: Rudder Relay
+directivePriority: 5
+isEnabled: TRUE
+isSystem: TRUE
+serializedTags: []
+
+dn: directiveId=root-rudderSlapd,activeTechniqueId=rudderSlapd,techniqueCate
+ goryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=r
+ udder-configuration
+objectClass: directive
+objectClass: top
+directiveId: root-rudderSlapd
+techniqueVersion: 1.0
+cn: Rudder Slapd
+directivePriority: 5
+isEnabled: TRUE
+isSystem: TRUE
+serializedTags: []
+
+dn: directiveId=root-rudderApache,activeTechniqueId=rudderApache,techniqueCa
+ tegoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn
+ =rudder-configuration
+objectClass: directive
+objectClass: top
+directiveId: root-rudderApache
+techniqueVersion: 1.0
+cn: Rudder Apache
+directivePriority: 5
+isEnabled: TRUE
+isSystem: TRUE
+serializedTags: []
+
+dn: directiveId=root-rudderWebapp,activeTechniqueId=rudderWebapp,techniqueCa
+ tegoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn
+ =rudder-configuration
+objectClass: directive
+objectClass: top
+directiveId: root-rudderWebapp
 techniqueVersion: 0:1.0
+cn: Rudder Webapp
+directivePriority: 5
 isEnabled: TRUE
 isSystem: TRUE
-directivePriority: 0
+
+dn: directiveId=root-serverCommon,activeTechniqueId=serverCommon,techniqueCa
+ tegoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn
+ =rudder-configuration
+objectClass: directive
+objectClass: top
+directiveId: root-serverCommon
+techniqueVersion: 1.0
+cn: Server Common
+directivePriority: 5
+isEnabled: TRUE
+isSystem: TRUE
+serializedTags: []
+
+dn: directiveId=root-rudderPostgresql,activeTechniqueId=rudderPostgresql,tec
+ hniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=R
+ udder,cn=rudder-configuration
+objectClass: directive
+objectClass: top
+directiveId: root-rudderPostgresql
+techniqueVersion: 1.0
+cn: Rudder Postgresql
+directivePriority: 5
+isEnabled: TRUE
+isSystem: TRUE
+serializedTags: []
 
 # common (has policy server)
 
@@ -166,12 +232,17 @@ objectClass: rule
 objectClass: top
 ruleId: root-DP
 ruleTarget: policyServer:root
-directiveId: root-distributePolicy
-cn: Rudder system policy: Distribute Policy
-description: Distribute Policy - Technical
+directiveId: root-rudderApache
+directiveId: root-rudderPostgresql
+directiveId: root-rudderRelay
+directiveId: root-rudderSlapd
+directiveId: root-rudderWebapp
+directiveId: root-serverCommon
+cn: Rudder system policy: Server components
+description: Server components configuration - Technical
 isEnabled: TRUE
 isSystem: TRUE
-longDescription: This rule allows to distribute policies to nodes
+longDescription: This rule allows to configure the rudder root server
 serial: 0
 
 dn: ruleId=hasPolicyServer-root,ou=Rules,ou=Rudder,cn=rudder-configuration

webapp/sources/rudder/rudder-core/src/test/scala/com/normation/rudder/services/queries/TestQueryProcessor.scala

@@ -150,7 +150,7 @@ class TestQueryProcessor extends Loggable {
       res.size
     }).runNow
 
-    val expected = 41+38  //bootstrap + inventory-sample
+    val expected = 43+38  //bootstrap + inventory-sample
     assert(expected == s, s"Not found the expected number of entries in test LDAP directory [expected: ${expected}, found: ${s}], perhaps the demo entries where not correctly loaded")
   }