Details
-
Type:
Task
-
Status: Done
-
Priority:
High
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 3.7.3
-
Component/s: None
-
Labels:None
Description
The augments_file was introduced into the Masterfiles Policy Framework in 3.7.0.
It was introduced with the intention of making Masterfiles Policy Framework upgrades easier by allowing users to integrate their own policy without making any changes to the files that are shipped as part of the framework itself eg. promises.cf, def.cf, cf_execd.cf etc ...
The kind of things that people need to do in order to integrate custom policy:
- Define variables
- define addition inputs
- Define classes
This currently works for some things, but there are areas where it does not work well.
For example, the variables defined during policy evaluation that come from the augments_file (def.json) are not resolved early enough to be useful for cf-execd, so none of the mail settings can be set without directly modifying the policy.
Currently, the augments_file has the following structure:
{
"classes":
# Because of parse order these classmatch conditions are
# effectively limited to hard classes
{
"class_to_define_if": [ "one", "of", "these", "matches_classmatch" ],
"my_other_example": [ "server[34]", "debian.*" ],
},
# Really, this is just a special variable
"inputs": [ "$(sys.libdir)/bundles.cf" ],
# There is special policy in place to figure out if the
# values are strings or vars and do the appropriate acrobatics.
"vars": {
"list_variable_like": [ ".*$(def.domain)", "$(sys.policy_hub)/16" ],
"list_variable": [ ".*\\.cf",".*\\.dat",".*\\.txt", ".*\\.conf", ".*\\.mustache" ]
}
}
This proposal is to implement the parsing of the aguments_file (def.json) in C after all other system discovery.
Additional related discussion can be found in #7453. This proposal was moved out so as to not be confused with other discussion related to multiple augments_files.
Attachments
Issue Links
- blocks
-
-
- Done
-
