Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3865

Ability to prevent certain classes from ever being defined

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Open
    • Priority: Medium
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Evaluation
    • Labels:

      Description

      It would be useful for both testing (ci, testing policy edge cases that are unlikely to arise) and safety in production to have the ability to prevent some classes from being defined. The N/-negate options to cf-agent will undefine a class at the start of an agent run (this targets persistent classes that were defined from a previous agent run), but it does not prevent policy from defining that class as it's executing which is what this issue is about.

      Small example:

      body common control
      {
      bundlesequence => { "main" };
      class_block_reg_list => { "^BusinessUnit.*", "test" }; # Prevent any classes starting with BusinessUnit and any class named test from being defined
      }
      
      bundle agent main
      {
        classes:
          "test"
            handle => "my_promise",
            expression => "any"; # proiduce a Warning, tried to define class `test` matching class_block_reg_list ["^BusinessUnit.*", "test" ]
      
        reports:
         test::
          "test class set";
         !test::
          "no test class set";
      }
      

      Expected Output:

      Warning: `my_promise` tried to define class `test` which matches class_block_reg_list class_block_reg_list ["^BusinessUnit.*", "test" ]. Class definition suppressed.
      R: no test class set
      

        Attachments

          Release management

            Issue Links

              Activity

                People

                Assignee:
                Unassigned Unassigned
                Reporter:
                a10042 Nick Anderson
                Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                  Dates

                  Created:
                  Updated: