Revision fee26c9f
Added by Félix DALLIDET almost 7 years ago
maintained-techniques | ||
---|---|---|
fileDistribution/copyGitFile/2.0
|
||
fileDistribution/copyGitFile/2.1
|
||
fileDistribution/downloadFile/3.0
|
||
fileDistribution/fileTemplate/1.0
|
||
fileDistribution/manageKeyValueFile/1.0
|
||
jobScheduling/jobScheduler/1.0
|
||
jobScheduling/jobScheduler/2.0
|
techniques/fileDistribution/fileTemplate/1.0/fileTemplate.st | ||
---|---|---|
# Take a template from the policy server and expand it
|
||
# -Copy the template in /var/rudder/tmp/templates/
|
||
# -Expand the template
|
||
# -Take options in considerations(like perms)
|
||
# -Reporting
|
||
|
||
bundle agent fileTemplate {
|
||
vars:
|
||
#Tracking key
|
||
&TRACKINGKEY:{key | "trackingkey[&i&]" string => "&key&";}&
|
||
|
||
#Place to copy the template on the local node
|
||
"temp" string => "/var/rudder/tmp/templates";
|
||
"dir_perms" string => "750";
|
||
"dir_owner" string => "root";
|
||
"dir_group" string => "root";
|
||
|
||
#Place from where to take the template on the policy server
|
||
#"relative_src" string => "/var/rudder/configuration-repository/shared-files";
|
||
"relative_src" string => "&SHARED_FILES_FOLDER&";
|
||
#Root own
|
||
&FILE_TEMPLATE_OWNER: {owner|"dst_owner[&i&]" string => "&owner&";}&
|
||
&FILE_TEMPLATE_GROUP_OWNER: {group|"dst_group[&i&]" string => "&group&";}&
|
||
|
||
#Relative path of the template or name of it
|
||
&FILE_TEMPLATE_TEMPLATE: {src_path|"src[&i&]" string => "&src_path&";}&
|
||
"src[${index}]" string => "${dst_canon[${index}]}.tpl",
|
||
ifvarclass => "raw_${index}";
|
||
|
||
#Choose beetwen raw template and load from file
|
||
&FILE_TEMPLATE_RAW_OR_NOT: {rawornot|"rawOrNot[&i&]" string => "&rawornot&";}&
|
||
|
||
#Raw template text
|
||
&FILE_TEMPLATE_RAW_TEMPLATE: {txt|"rawTemplate[&i&]" string => "&txt&";}&
|
||
|
||
#Absolute path of the template expension
|
||
&FILE_TEMPLATE_AGENT_DESTINATION_PATH: {dst_path|"dst[&i&]" string => "&dst_path&";}&
|
||
|
||
#Permissions rights
|
||
&FILE_TEMPLATE_PERMISSIONS: {perms|"perms[&i&]" string => "&perms&";}&
|
||
|
||
#Type of the template
|
||
&FILE_TEMPLATE_TEMPLATE_TYPE: {type|"types[&i&]" string => "&type&";}&
|
||
|
||
#Post hook command
|
||
&FILE_TEMPLATE_TEMPLATE_POST_HOOK_COMMAND: {command |"posthook[&i&]" string => "&command&";}&
|
||
|
||
#Index
|
||
"index" slist => getindices("dst");
|
||
|
||
#Name of the template, from its location
|
||
"name[${index}]" string => lastnode("${src[${index}]}", "/");
|
||
|
||
#canonified names for reporting
|
||
"src_canon[${index}]" string => canonify("${relative_src}/${src[${index}]}");
|
||
"dst_canon[${index}]" string => canonify("${dst[${index}]}");
|
||
"temp_canon[${index}]" string => canonify("${temp}/${name[${index}]}");
|
||
"temp_dir_canon" string => canonify("${temp}");
|
||
"posthook_canon[${index}]" string => canonify("${posthook[${index}]}");
|
||
|
||
classes:
|
||
"pass3" expression => "pass2";
|
||
"pass2" expression => "pass1";
|
||
"pass1" expression => "any";
|
||
|
||
"raw_${index}" expression => strcmp("${rawOrNot[${index}]}", "Raw");
|
||
"posthook_specified_${index}" not => strcmp("${posthook[${index}]}", "");
|
||
"file_modified_${index}" expression =>"permissions_${dst_canon[${index}]}_repaired|file_from_template_${dst_canon[${index}]}_repaired";
|
||
"posthook_launch_${index}" expression =>"posthook_specified_${index}.file_modified_${index}";
|
||
"posthook_not_launch_${index}" expression =>"posthook_specified_${index}.!(file_modified_${index})";
|
||
|
||
methods:
|
||
#Ensure the templates are in a safe place
|
||
"create_${temp}"
|
||
usebundle => directory_create(
|
||
"${temp}"
|
||
);
|
||
|
||
"perms_${temp}"
|
||
usebundle => permissions_dirs(
|
||
"${temp}",
|
||
"${dir_perms}",
|
||
"${dir_owner}",
|
||
"${dir_group}"
|
||
);
|
||
|
||
#Copy the raw template text to /var/rudder/tmp/templates
|
||
"create_${src[${index}]}"
|
||
usebundle => file_enforce_content(
|
||
"${temp}/${name[${index}]}",
|
||
"${rawTemplate[${index}]}",
|
||
"true"
|
||
),
|
||
ifvarclass => "raw_${index}";
|
||
|
||
#Copy the template from the root server to /var/rudder/tmp/templates
|
||
"copy_${src[${index}]}"
|
||
usebundle => file_copy_from_remote_source(
|
||
"${relative_src}/${src[${index}]}",
|
||
"${temp}/${name[${index}]}"
|
||
),
|
||
ifvarclass => "!raw_${index}.!rudder_server_root";
|
||
|
||
#Not needed, but due to the bug #11116 if you want to
|
||
#apply the technique on your policy server you have to
|
||
#uncomment the lines belows.
|
||
#See https://www.rudder-project.org/redmine/issues/11116
|
||
|
||
#"copy_${src[${index}]}"
|
||
# usebundle => file_copy_from_local_source(
|
||
# "${relative_src}/${src[${index}]}",
|
||
# "${temp}/${name[${index}]}"
|
||
# ),
|
||
# ifvarclass => "!raw_${index}.rudder_server_root";
|
||
|
||
#Expand the template on the given location
|
||
"expand_${src[${index}]}"
|
||
usebundle => file_from_template_type(
|
||
"${temp}/${name[${index}]}",
|
||
"${dst[${index}]}",
|
||
"${types[${index}]}"
|
||
);
|
||
|
||
#Check permissions
|
||
"perms_${dst[${index}]}"
|
||
usebundle => permissions(
|
||
"${dst[${index}]}",
|
||
"${perms[${index}]}",
|
||
"${dst_owner[${index}]}",
|
||
"${dst_group[${index}]}"
|
||
);
|
||
|
||
#Post-Hook command
|
||
"post_hook_${index}"
|
||
usebundle => command_execution(
|
||
"${posthook[${index}]}"
|
||
),
|
||
ifvarclass => "posthook_launch_${index}";
|
||
|
||
################################################################################
|
||
# REPORTING #
|
||
################################################################################
|
||
|
||
pass3::
|
||
#Creation of the directory containing the templates
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "directory_create_${temp_dir_canon}", "${trackingkey[${index}]}", "Templates location", "${dst[${index}]}", "The presence of the directory ${temp}/ containing the templates ");
|
||
|
||
|
||
#permissions of the directory containing the templates
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "permissions_${temp_dir_canon}", "${trackingkey[${index}]}", "Templates directory permissions", "${dst[${index}]}", "The permissions ${dir_perms}, owner=${dir_owner}, group=${dir_group} on the directory ${temp}/");
|
||
|
||
|
||
#File copy in /var/rudder/tmp/
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "file_copy_from_remote_source_${temp_canon[${index}]}", "${trackingkey[${index}]}", "Load Template from a file or text input", "${dst[${index}]}", "The copy of the file ${relative_src}/${src[${index}]} from the policy server to ${temp}/${name[${index}]}"),
|
||
ifvarclass => "!rudder_server_root";
|
||
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "file_copy_from_local_source_${temp_canon[${index}]}", "${trackingkey[${index}]}", "Load Template from a file or text input", "${dst[${index}]}", "The copy of the file ${relative_src}/${src[${index}]} from the policy server to ${temp}/${name[${index}]}"),
|
||
ifvarclass => "rudder_server_root";
|
||
|
||
#Creation of the file from a raw input template
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "file_ensure_lines_present_${temp_canon[${index}]}", "${trackingkey[${index}]}", "Load Template from a file or text input", "${dst[${index}]}", "The creation of the template ${temp}/${src[${index}]}");
|
||
|
||
|
||
#Expand the template
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "file_from_template_${dst_canon[${index}]}", "${trackingkey[${index}]}", "Expand template", "${dst[${index}]}", "The expension of the template ${temp}/${name[${index}]} in ${dst[${index}]}");
|
||
|
||
|
||
#Permmissions on the generated conf file
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "permissions_${dst_canon[${index}]}", "${trackingkey[${index}]}", "Put permissions", "${dst[${index}]}", "The application of the rights ${perms[${index}]} on the file ${dst[${index}]}, owner=${dst_owner[${index}]} group=${dst_group[${index}]}");
|
||
|
||
|
||
#Posthook condition
|
||
#Case with execution
|
||
|
||
"any" usebundle => rudder_common_reports_generic("fileTemplate", "command_execution_${posthook_canon[${index}]}", "${trackingkey[${index}]}", "Posthook", "${dst[${index}]}", "The command ${posthook[${index}]} from postHook execution "),
|
||
ifvarclass => "posthook_launch_${index}";
|
||
|
||
|
||
#Case without execution
|
||
|
||
"report_${index}" usebundle => rudder_common_report("fileTemplate", "result_na", "${trackingkey[${index}]}", "Posthook", "${dst[${index}]}", "No post-modification needed to run"),
|
||
ifvarclass => "!file_modified_${index}.posthook_specified_${index}";
|
||
|
||
|
||
#Case where no posthook set
|
||
|
||
"report_hook_${index}" usebundle => rudder_common_report("fileTemplate", "result_na", "${trackingkey[${index}]}", "Posthook", "${dst[${index}]}", "No post-modification set to run"),
|
||
ifvarclass => "!posthook_specified_${index}";
|
||
}
|
techniques/fileDistribution/fileTemplate/1.0/metadata.xml | ||
---|---|---|
<TECHNIQUE name="File content (from remote template)">
|
||
|
||
<DESCRIPTION>This technique load a mustache/jinja template from the server's shared-files or a text input and expand it on the given location. Variables needed to expand the templates must already be loaded.
|
||
For jinja2 template type, python must also be installed on the agent.
|
||
A limit of 16.383 characters is set for the "template from text" case.
|
||
</DESCRIPTION>
|
||
<MULTIINSTANCE>true</MULTIINSTANCE>
|
||
|
||
|
||
<TMLS>
|
||
<TML name="fileTemplate"/>
|
||
</TMLS>
|
||
|
||
<BUNDLES>
|
||
<NAME>fileTemplate</NAME>
|
||
</BUNDLES>
|
||
|
||
<TRACKINGVARIABLE>
|
||
<SAMESIZEAS>FILE_TEMPLATE_AGENT_DESTINATION_PATH</SAMESIZEAS>
|
||
</TRACKINGVARIABLE>
|
||
|
||
<SYSTEMVARS>
|
||
<NAME>SHARED_FILES_FOLDER</NAME>
|
||
</SYSTEMVARS>
|
||
|
||
<SECTIONS>
|
||
<SECTION name="Apply template" multivalued="true" component="false">
|
||
<SECTION name="Load Template from a file or text input" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
<SELECT1>
|
||
<NAME>FILE_TEMPLATE_RAW_OR_NOT</NAME>
|
||
<DESCRIPTION>Template source</DESCRIPTION>
|
||
<ITEM>
|
||
<VALUE>Raw</VALUE>
|
||
<LABEL>From Text</LABEL>
|
||
</ITEM>
|
||
<ITEM>
|
||
<VALUE>File</VALUE>
|
||
<LABEL>From a File</LABEL>
|
||
</ITEM>
|
||
|
||
<CONSTRAINT>
|
||
<DEFAULT>File</DEFAULT>
|
||
</CONSTRAINT>
|
||
</SELECT1>
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_TEMPLATE</NAME>
|
||
<DESCRIPTION>Relative template file path</DESCRIPTION>
|
||
<LONGDESCRIPTION>Relative to /var/rudder/configuration-repository/repository/shared-files/</LONGDESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>true</MAYBEEMPTY>
|
||
<TYPE>string</TYPE>
|
||
<DEFAULT>myTemplateName</DEFAULT>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_RAW_TEMPLATE</NAME>
|
||
<DESCRIPTION>Raw text of your template</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>true</MAYBEEMPTY>
|
||
<TYPE>textarea</TYPE>
|
||
<REGEX error="You can't exceed 16.383 chars, please load your template from a remote file!">^.{1,16383}$</REGEX>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_AGENT_DESTINATION_PATH</NAME>
|
||
<DESCRIPTION>Destination file full path</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>false</MAYBEEMPTY>
|
||
<TYPE>string</TYPE>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
<SELECT1>
|
||
<NAME>FILE_TEMPLATE_TEMPLATE_TYPE</NAME>
|
||
<DESCRIPTION>Template type</DESCRIPTION>
|
||
<ITEM>
|
||
<VALUE>mustache</VALUE>
|
||
<LABEL>mustache</LABEL>
|
||
</ITEM>
|
||
<ITEM>
|
||
<VALUE>jinja2</VALUE>
|
||
<LABEL>jinja2</LABEL>
|
||
</ITEM>
|
||
|
||
<CONSTRAINT>
|
||
<DEFAULT>mustache</DEFAULT>
|
||
</CONSTRAINT>
|
||
</SELECT1>
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_OWNER</NAME>
|
||
<DESCRIPTION>File owner</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<DEFAULT>root</DEFAULT>
|
||
<MAYBEEMPTY>false</MAYBEEMPTY>
|
||
<TYPE>string</TYPE>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_GROUP_OWNER</NAME>
|
||
<DESCRIPTION>File group</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<DEFAULT>root</DEFAULT>
|
||
<MAYBEEMPTY>false</MAYBEEMPTY>
|
||
<TYPE>string</TYPE>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_PERMISSIONS</NAME>
|
||
<DESCRIPTION>File mode</DESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>false</MAYBEEMPTY>
|
||
<DEFAULT>700</DEFAULT>
|
||
<TYPE>perm</TYPE>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
<INPUT>
|
||
<NAME>FILE_TEMPLATE_TEMPLATE_POST_HOOK_COMMAND</NAME>
|
||
<DESCRIPTION>Command(s) to run after any modification made on the destination file</DESCRIPTION>
|
||
<LONGDESCRIPTION>List of shell-compatible statements to be executed. Multiple commands may be specified on separate lines.</LONGDESCRIPTION>
|
||
<CONSTRAINT>
|
||
<MAYBEEMPTY>true</MAYBEEMPTY>
|
||
<TYPE>string</TYPE>
|
||
</CONSTRAINT>
|
||
</INPUT>
|
||
|
||
<SECTION name="Expand template" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
</SECTION>
|
||
|
||
<SECTION name="Put permissions" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
</SECTION>
|
||
|
||
<SECTION name="Posthook" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
</SECTION>
|
||
|
||
<SECTION name="Templates location" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
</SECTION>
|
||
|
||
<SECTION name="Templates directory permissions" multivalued="false" component="true" componentKey="FILE_TEMPLATE_AGENT_DESTINATION_PATH">
|
||
</SECTION>
|
||
</SECTION>
|
||
</SECTION>
|
||
</SECTIONS>
|
||
</TECHNIQUE>
|
Also available in: Unified diff
Fixes #9078: Create a file template technique