New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
3.15.x #4400
Closed
Closed
3.15.x #4400
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech> (cherry picked from commit bf28100)
This mode prints raw strings (with escapes) and jsonified structs. In the future, it can be used to dump databases into a portable JSON file, which can be imported on a different platform. (Where the sizes of structs and types differ). Changelog: None Ticket: None Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech> (cherry picked from commit cdf9b81)
Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech> (cherry picked from commit 1ce77fd)
3.12.x doesn't have libntech, so I manually added the bits we need to libutils, since we want to backport changes to cf-check. Changelog: None Ticket: CFE-2989 Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech>
CFE-3140: An ID of rhel in os-release file will now define both rhel and redhat classes (3.12)
cf-check: Improve portability of --no-fork mode (3.12)
CFE-2989: Human readable JSON5 dumping of LMDB databases (3.12)
Previously, the return code from the process_stop command wrongly did not influence the result of the promise. With this change, when process_stop command returns zero, the promise will be considered repaired and when process_stop returns non-zero the promise will be failed/notkept. Additionally, this change clarifies existing and adds additional log messages. Ticket: ENT-4988 Changelog: Title (cherry picked from commit fa4ea6d)
ENT-4988/3.12.x: Fixed promise result when using process_stop in processes type promises
CFE-3165/3.12.x: Added example illustrating function return types
CFE-3172/3.12.x: Separate examples for readstringlist(), readreallist(), nad readintlist()
CFE-3171/3.12.x: Added tests to exercises multiline mode behavior in data_regextract
* `ps -axo`: truncates the ouptut of ps at the width of terminal. * `ps -axwwo`: displays the full length of the command and args Without this patch cf-agent --bootstrap fails with 80 column terminals, and success with wider terminals. Error message: ``` cf-agent[29746]: CFEngine(agent) Bootstrapping failed, cf-execd is not running ``` From the `man ps` page of NetBSD (https://netbsd.gw.com/cgi-bin/man-cgi?ps+1): ``` -w Use 132 columns to display information instead of the default, which is your window size. If the -w option is specified more than once, ps will use as many columns as necessary without regard to your window size. ``` Reading the ps man page of OpenBSD seems to have the same problem: https://man.openbsd.org/ps Changelog: Title Ticket: None Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech> (cherry picked from commit 0ce7132)
(cherry picked from commit 38e1e0c)
Use file.io instead of transfer.sh (3.12)
Fixed bug in ps parsing on OpenBSD / NetBSD causing bootstrap to fail (3.12)
ENT-4921: Removed stime_range and ttime_range constraints from promise hash (3.12)
Instead of relying on them being zeroes. Having random values in the 'start' and 'len' fields can result in issues. (cherry picked from commit 697f84c)
It's useful for all the cf-check commands that support options. (cherry picked from commit ddf7b6c)
All cf-check commands working with LMDB have to deal with its error codes. (cherry picked from commit 17075e9)
Try to backup all files and report how many failed to be backed up. (cherry picked from commit e636426)
Backing up an LMDB file can be done in two ways: 1) Copy the contents of the LMDB file to a new place. 2) Read the contents of the LMDB file and write them into a new LMDB file. While option 1) copies over all the potential inconsistencies in the LMDB file, option 2) only copies the readable data and the new copy should be in a consistent state. Changelog: --dump option was added to the 'cf-check backup' command (cherry picked from commit a701645)
'cf-check repair' should try to preserve the data that can be preserved. So if an LMDB file is corrupted, it should try to read as much as it can from it and write it into a new file and then replace the original file with the new copy. Hence `replicate_lmdb_file()` and then `rename(orig, new_copy)`. Also, add a new '--force' option to 'cf-check repair' to repair all the files no matter if they are reported as corrupted or not. Ticket: CFE-3127 Changelog: 'cf-check repair' now preserves readable data in corrupted LMDB files (cherry picked from commit 192e930)
These rules should not be needed because only processes forked from the agent should access the folder, but pre-evaluation causes all our processes accessing the folder. Ticket: CFE-3240 Changelog: AVCs are no longer produced for CFEngine processes accessing /proc/net (cherry picked from commit a4f3aae)
[3.12.x] Add SELinux rules for accessing /proc/xen
(cherry picked from commit 1a55637)
ENT-6200 Disable flaky test on whole Solaris and older suse, also - 3.12.x
Adjusted to more reliable list of servers (3.12.x)
CFE-3470: Added acceptance test for not() (3.12)
CFE-3471: Extensive test of or() function (3.12)
CFE-3471: Extensive test of and() function (3.12)
[3.12.x] Call cleanup functions in binaries' main()
…_37_04_569359 Changelog for 3.12.x
Signed-off-by: Ole Herman Schumacher Elgesem <ole@northern.tech>
The best place to report issues is in the CFE project on tracker.mender.io. I copied this comment into a new ticket: https://tracker.mender.io/browse/CFE-3497 |
Hi @favoritelotus, FYI, it's working for me to render using non default namespace classes and variables, see the ticket for an example. |
Hi Nick.
Thank you for giving the working example. It turned out I used a wrong
syntax in mustache templates, referring to variables and classes defined in
policy files.
Following your example, I have rewritten templates, and now the decision
logic is working correctly based on defined classes with correctly
expanding variables.
Thank you.
Regards,
Pavel.
…On Thu, 19 Nov 2020 at 02:53, Nick Anderson ***@***.***> wrote:
Hi @favoritelotus <https://github.com/favoritelotus>, FYI, it's working
for me to render using non default namespace classes and variables, see the
ticket for an example.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#4400 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHY3D2RBBPMCKC3IKTPYPATSQQX3XANCNFSM4T2F2TTQ>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello,
I don't know where to contact developers. So I'm writing about my problem here. Variables and classes are not evaluated in mustache templates from namespaces other than default. For example, I have a policy file for creating autofs map file, which looks as follows:
`body file control
{
namespace => "autofs";
}
bundle agent autofs
{
vars:
linux::
"template" string => "$(default:sys.workdir)/inputs/templates/ws/autofs.mustache";
"hyperbeam_nodes" slist => expandrange("hyper[001-020]", 1);
classes:
linux::
"hyperbeam_workstation" expression => "alm_test";
...
files:
linux::
"/etc/autofs.map"
create => "true",
perms => set_perms("0644"),
edit_template => "$(template)",
handle => "restart_autofs",
template_method => "mustache";
}
And the template file autofs.mustache:
{{#classes.hyperbeam_workstation}}{{#vars.autofs:autofs.hyperbeam_nodes}}
{{.}}
{{/vars.autofs:autofs.hyperbeam_nodes}}
{{/classes.hyperbeam_workstation}}
`
So the class hyperbeam is not triggered form the namespace autofs when cf-agent is running. The variable hyperbeam_nodes is also not expanding from autofs namespace, using the syntax vars.autofs:autofs.hyperbeam_nodes.
I have read the Cfengine documentation and did not find anything about accessing variables and classes from different namespases in mustache templates.