Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3873

Unable to dereference variable using $(with)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Need more Info
    • Priority: Higher
    • Resolution: Unresolved
    • Affects Version/s: 3.18.1, 3.19.0
    • Fix Version/s: None
    • Component/s: cf-agent, Evaluation
    • Labels:
      None

      Description

      I am not able to get the value from a key inside a data container when I target the data container using $(with).

      I have policy that creates a variables holding output generated by a commands. I want to access the data from a key held in one of those variables by targeting the variable name using $(with).

      Policy to reproduce the issue:

        bundle agent __main__
        {
        methods:
            "inventory_ssh_host_key_fingerprints";
       }
      bundle agent inventory_ssh_host_key_fingerprints
      {
        vars:
            # Directory in which to search for public host keys
            "_key_dir" string => "/etc/ssh";
      
            # The public keys found
            "_public_keys" slist => findfiles("$(_key_dir)/*.pub");
      
            # The path to ssh-keygen
            "_ssh_keygen" string => "/usr/bin/ssh-keygen";
      
            # Parse the output of ssh-keygen -l into a variable for each key
            # "_pkey_data_$(with)"
            #   data => data_regextract(
            #                            "^(?<bits>\d+)\s(?<fingerprint>\w+:[^\s]*)\s(?<comment>[^(]*)\((?<type>[^)]*)\)$",
            #                            execresult("$(_ssh_keygen) -lf $(_public_keys)", useshell)),
            #   with => canonify( $(_public_keys) );
            # BEGIN Mock data produced by ^
            "_pkey_data__etc_ssh_ssh_host_ecdsa_key_pub"
              data => '{ "0":"256 SHA256:P1fF8SO7y7kvHwiDDIu5t+75uXX/WbfTmyMObxbzYkI no comment (ECDSA)",
                         "bits":"256",
                         "comment":"no comment ",
                         "fingerprint":"SHA256:P1fF8SO7y7kvHwiDDIu5t+75uXX/WbfTmyMObxbzYkI",
                         "type":"ECDSA" }';
      
            "_pkey_data__etc_ssh_ssh_host_ed25519_key_pub"
              data => '{ "0":"256 SHA256:gdvniERWwdc4glv7qrHVY6XNr13s80cOFpfPzJEFHO0 no comment (ED25519)",
                         "bits":"256",
                         "comment":"no comment ",
                         "fingerprint":"SHA256:gdvniERWwdc4glv7qrHVY6XNr13s80cOFpfPzJEFHO0",
                         "type":"ED25519"}';
      
            "_pkey_data__etc_ssh_ssh_host_rsa_key_pub"
              data => '{ "0":"2048 SHA256:MY5A4hYG63v3jhPb2uuPiCIeGjh1pOXa23XITA1Vewk no comment (RSA)",
                         "bits":"2048",
                         "comment":"no comment ",
                         "fingerprint":"SHA256:MY5A4hYG63v3jhPb2uuPiCIeGjh1pOXa23XITA1Vewk",
                         "type":"RSA"}';
            # END Mock data
      
      
            reports:
              "pass"
                if => strcmp( "default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ecdsa_key_pub[type] == ECDSA",
                              "$(this.namespace):$(this.bundle)._pkey_data_$(with)[type] == $($(this.namespace):$(this.bundle)._pkey_data_$(with)[type])"
                ),
                with => canonify( "$(_public_keys)" );
      
            DEBUG|EXTRA::
            "Print out key variable name and value of keys types. e.g.:$(with)"
              with => concat( "$(const.n)$(const.t)",
                              "default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ed25519_key_pub[type] == $(default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ed25519_key_pub[type]):",
                              "$(const.n)$(const.t)",
                              "default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ecdsa_key_pub[type] == $(default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ecdsa_key_pub[type])",
                              "$(const.n)$(const.t)",
                              "default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_rsa_key_pub[type] == $(default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_rsa_key_pub[type])");
      
            # BUG: These are not being emitted
            "default:inventory_ssh_host_key_fingerprints._pkey_data_$(with)[type] == $(default:inventory_ssh_host_key_fingerprints._pkey_data_$(with)[type])"
                with => canonify( "$(_public_keys)" );
      
            "$(this.namespace):$(this.bundle)._pkey_data_$(with)[type] == $($(this.namespace):$(this.bundle)._pkey_data_$(with)[type])"
                with => canonify( "$(_public_keys)" );
      }
      
      R: Print out key variable name and value of keys types. e.g.:
      	default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ed25519_key_pub[type] == ED25519:
      	default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ecdsa_key_pub[type] == ECDSA
      	default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_rsa_key_pub[type] == RSA
      Variable name                            Variable value                                               Meta tags                                Comment                                 
      default:inventory_ssh_host_key_fingerprints._key_dir /etc/ssh                                                     source=promise                                                                   
      default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ecdsa_key_pub {"0":"256 SHA256:P1fF8SO7y7kvHwiDDIu5t+75uXX/WbfTmyMObxbzYkI no comment (ECDSA)","bits":"256","comment":"no comment ","fingerprint":"SHA256:P1fF8SO7y7kvHwiDDIu5t+75uXX/WbfTmyMObxbzYkI","type":"ECDSA"} source=promise                                                                   
      default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_ed25519_key_pub {"0":"256 SHA256:gdvniERWwdc4glv7qrHVY6XNr13s80cOFpfPzJEFHO0 no comment (ED25519)","bits":"256","comment":"no comment ","fingerprint":"SHA256:gdvniERWwdc4glv7qrHVY6XNr13s80cOFpfPzJEFHO0","type":"ED25519"} source=promise                                                                   
      default:inventory_ssh_host_key_fingerprints._pkey_data__etc_ssh_ssh_host_rsa_key_pub {"0":"2048 SHA256:MY5A4hYG63v3jhPb2uuPiCIeGjh1pOXa23XITA1Vewk no comment (RSA)","bits":"2048","comment":"no comment ","fingerprint":"SHA256:MY5A4hYG63v3jhPb2uuPiCIeGjh1pOXa23XITA1Vewk","type":"RSA"} source=promise                                                                   
      default:inventory_ssh_host_key_fingerprints._public_keys  {"/etc/ssh/ssh_host_ecdsa_key.pub","/etc/ssh/ssh_host_ed25519_key.pub","/etc/ssh/ssh_host_rsa_key.pub"} source=promise                                                                   
      default:inventory_ssh_host_key_fingerprints._ssh_keygen /usr/bin/ssh-keygen                                          source=promise                                                                   
      

        Attachments

          Activity

            People

            Assignee:
            olehermanse Ole Herman Schumacher Elgesem
            Reporter:
            a10042 Nick Anderson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: