Revision d9c2d014
Added by Alexis Mousset over 6 years ago
maintained-techniques | ||
---|---|---|
applications/aptPackageManagerSettings/3.1
|
||
applications/openvpnClient/3.0
|
||
applications/packageManagement/1.0
|
||
applications/packageManagement/1.1applications/repoGpgKeyManagement/1.0
|
||
applications/packageManagement/1.1
|
||
applications/repoGpgKeyManagement/1.0
|
||
applications/rpmPackageInstallation/7.0
|
||
applications/zmdPackageManagerSettings/3.0
|
||
applications/zypperPackageManagerRepositories/1.0
|
techniques/applications/packageManagement/1.1/metadata.xml | ||
---|---|---|
<!--
|
||
Copyright 2016 Normation SAS
|
||
Copyright 2017 Normation SAS
|
||
|
||
This program is free software: you can redistribute it and/or modify
|
||
it under the terms of the GNU General Public License as published by
|
||
... | ... | |
<DEFAULT>default</DEFAULT>
|
||
</CONSTRAINT>
|
||
</SELECT1>
|
||
<INPUT>
|
||
<NAME>PACKAGE_MANAGER_ALLOW_UNTRUSTED</NAME>
|
||
<DESCRIPTION>Allow untrusted packages (only with apt for now)</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<TYPE>boolean</TYPE>
|
||
<DEFAULT>false</DEFAULT>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
<INPUT>
|
||
<NAME>PACKAGE_MANAGER_OPTIONS</NAME>
|
||
<DESCRIPTION>Specify options to pass to the package manager (only with apt for now)</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>true</MAYBEEMPTY>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
</SECTION>
|
||
<SECTION name="Post-modification script" component="true" componentKey="PACKAGE_LIST">
|
||
<INPUT>
|
techniques/applications/packageManagement/1.1/packageManagement.st | ||
---|---|---|
#####################################################################################
|
||
# Copyright 2016 Normation SAS
|
||
# Copyright 2017 Normation SAS
|
||
#####################################################################################
|
||
#
|
||
# This program is free software: you can redistribute it and/or modify
|
||
... | ... | |
&PACKAGE_MANAGER:{manager |"manager[&i0&]" string => "&manager&";
|
||
}&
|
||
|
||
&PACKAGE_MANAGER_ALLOW_UNTRUSTED:{allow_untrusted |"allow_untrusted[&i0&]" string => "&allow_untrusted&";
|
||
}&
|
||
|
||
&PACKAGE_MANAGER_OPTIONS:{manager_options |"manager_options[&i0&]" string => "&manager_options&";
|
||
}&
|
||
|
||
&PACKAGE_MANAGER_ALLOW_UNTRUSTED:{manager_allow_untrusted |"manager_allow_untrusted[&i0&]" string => "&manager_allow_untrusted&";
|
||
}&
|
||
|
||
&PACKAGE_POST_HOOK_COMMAND:{command |"posthook[&i0&]" string => "&command&";
|
||
}&
|
||
|
||
... | ... | |
"version_description[${index_pkg}]" string => "in version ${version[${index_pkg}]}",
|
||
ifvarclass => "version_specified_${index_pkg}";
|
||
|
||
# Allow untrusted
|
||
"manager_final_options[${index_pkg}]" string => "-o Apt::Get::AllowUnauthenticated=true ${manager_options[${index_pkg}]}",
|
||
ifvarclass => "apt_allow_untrusted_${index_pkg}";
|
||
"manager_final_options[${index_pkg}]" string => "${manager_options[${index_pkg}]}",
|
||
ifvarclass => "!apt_allow_untrusted_${index_pkg}";
|
||
|
||
# Message for old agents
|
||
"incompatible_error" string => "This technique is not compatible with Rudder 3.1 or older. Skipping.";
|
||
|
||
# Name of the ncf bundle. We use a variable to avoid breaking the syntax if the bundle does not exist.
|
||
"bundle_name" string => "package_state";
|
||
"bundle_name" string => "package_state_options";
|
||
|
||
classes:
|
||
# This class is different from the one in ncf (where a version number and latest are considered "specified")
|
||
"version_specified_${index_pkg}" expression => strcmp("${version[${index_pkg}]}", "specific");
|
||
"architecture_specified_${index_pkg}" expression => strcmp("${architecture[${index_pkg}]}", "specific");
|
||
"posthook_specified_${index_pkg}" not => strcmp("${posthook[${index_pkg}]}", "");
|
||
"manager_specified_${index_pkg}" not => strcmp("${manager[${index_pkg}]}", "default");
|
||
"state_present_${index_pkg}" expression => strcmp("${state[${index_pkg}]}", "present");
|
||
"version_latest_${index_pkg}" expression => strcmp("${version[${index_pkg}]}", "latest");
|
||
"allow_unstrusted_${index_pkg}" expression => strcmp("${manager_allow_untrusted[${index_pkg}]}", "true");
|
||
"manager_apt_${index_pkg}" expression => strcmp("${manager[${index_pkg}]}", "apt");
|
||
"apt_allow_untrusted_${index_pkg}" expression => "allow_unstrusted_${index_pkg}.((debian.!manager_specified_${index_pkg})|manager_apt_${index_pkg})";
|
||
|
||
"pass3" expression => "pass2";
|
||
"pass2" expression => "pass1";
|
||
... | ... | |
# The pass2 is not strictly necessary but prevent future issues if the behavior of pre-evaluation changes (because the evaluation of vars + classes takes 2 passes)
|
||
pass2.!cfengine_3_6::
|
||
# Package
|
||
"package_${index_pkg}" usebundle => ${bundle_name}("${package[${index_pkg}]}", "${version[${index_pkg}]}", "${architecture[${index_pkg}]}", "${manager[${index_pkg}]}", "${state[${index_pkg}]}");
|
||
"package_${index_pkg}" usebundle => ${bundle_name}("${package[${index_pkg}]}", "${version[${index_pkg}]}", "${architecture[${index_pkg}]}", "${manager[${index_pkg}]}", "${state[${index_pkg}]}", "${manager_final_options[${index_pkg}]}");
|
||
|
||
"report_${index_pkg}" usebundle => rudder_common_reports_generic_index("packageManagement", "${class_prefix_package[${index_pkg}]}", "${trackingkey[${index_pkg}]}", "Package", "${package[${index_pkg}]}", "${state_description[${index_pkg}]} of package ${package[${index_pkg}]}${architecture_description[${index_pkg}]}${version_description[${index_pkg}]}", "${index_pkg}");
|
||
|
||
... | ... | |
|
||
"report_${index_pkg}" usebundle => rudder_common_report("packageManagement", "result_na", "${trackingkey[${index_pkg}]}", "Post-modification script", "${package[${index_pkg}]}", "No post-modification script was set to run"),
|
||
ifvarclass => "!${class_prefix_script[${index_pkg}]}_reached";
|
||
}
|
||
|
||
}
|
||
|
Also available in: Unified diff
Fixes #10241: \"Package management\" technique missing \"allow untrusted\" switch