/**
* @brief Writes the policy validation file and release ID to a directory
* @return True if successful.
*/
bool GenericAgentTagReleaseDirectory(const GenericAgentConfig *config, const char *dirname, bool write_validated, bool write_release)
{
char local_dirname[PATH_MAX + 1];
if (NULL == dirname)
{
GetAutotagDir(local_dirname, PATH_MAX, NULL);
dirname = local_dirname;
}
char filename[CF_MAXVARSIZE];
char git_checksum[GENERIC_AGENT_CHECKSUM_SIZE];
bool have_git_checksum = GeneratePolicyReleaseIDFromGit(git_checksum, sizeof(git_checksum), dirname);
Log(LOG_LEVEL_DEBUG, "Tagging directory %s for release (write_validated: %s, write_release: %s)",
dirname,
write_validated ? "yes" : "no",
write_release ? "yes" : "no");
if (write_release)
{
// first, tag the release ID
GetReleaseIdFile(dirname, filename, sizeof(filename));
char *id = ReadReleaseIdFromReleaseIdFileMasterfiles(dirname);
if (NULL == id
|| (have_git_checksum && 0 != strcmp(id, git_checksum)))
{
if (NULL == id)
{
Log(LOG_LEVEL_DEBUG, "The release_id of %s was missing", dirname);
}
else
{
Log(LOG_LEVEL_DEBUG, "The release_id of %s needs to be updated", dirname);
}
bool wrote_release = WriteReleaseIdFile(filename, dirname);
if (!wrote_release)
{
Log(LOG_LEVEL_VERBOSE, "The release_id file %s was NOT updated", filename);
free(id);
return false;
}
else
{
Log(LOG_LEVEL_DEBUG, "The release_id file %s was updated", filename);
}
}
free(id);
}
// now, tag the promises_validated
if (write_validated)
{
Log(LOG_LEVEL_DEBUG, "Tagging directory %s for validation", dirname);
GetPromisesValidatedFile(filename, sizeof(filename), config, dirname);
bool wrote_validated = WritePolicyValidatedFile(config, filename);
if (!wrote_validated)
{
Log(LOG_LEVEL_VERBOSE, "The promises_validated file %s was NOT updated", filename);
return false;
}
Log(LOG_LEVEL_DEBUG, "The promises_validated file %s was updated", filename);
return true;
}
return true;
}
bool GenericAgentCheckPromises(const GenericAgentConfig *config)
{
char cmd[CF_BUFSIZE];
Log(LOG_LEVEL_VERBOSE, "Verifying the syntax of the inputs...");
{
char cfpromises[CF_MAXVARSIZE];
snprintf(cfpromises, sizeof(cfpromises), "%s%cbin%ccf-promises%s", CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR,
EXEC_SUFFIX);
struct stat sb;
if (stat(cfpromises, &sb) == -1)
{
Log(LOG_LEVEL_ERR, "cf-promises%s needs to be installed in %s%cbin for pre-validation of full configuration",
EXEC_SUFFIX, CFWORKDIR, FILE_SEPARATOR);
return false;
}
if (config->bundlesequence)
{
snprintf(cmd, sizeof(cmd), "\"%s\" \"", cfpromises);
}
else
{
snprintf(cmd, sizeof(cmd), "\"%s\" -c \"", cfpromises);
}
}
strlcat(cmd, config->input_file, CF_BUFSIZE);
strlcat(cmd, "\"", CF_BUFSIZE);
if (config->bundlesequence)
{
strlcat(cmd, " -b \"", CF_BUFSIZE);
for (const Rlist *rp = config->bundlesequence; rp; rp = rp->next)
{
const char *bundle_ref = rp->item;
strlcat(cmd, bundle_ref, CF_BUFSIZE);
if (rp->next)
{
strlcat(cmd, ",", CF_BUFSIZE);
}
}
strlcat(cmd, "\"", CF_BUFSIZE);
}
if (config->agent_specific.agent.bootstrap_policy_server)
{
// avoids license complains from commercial cf-promises during bootstrap - see Nova_CheckLicensePromise
strlcat(cmd, " -D bootstrap_mode", CF_BUFSIZE);
}
Log(LOG_LEVEL_VERBOSE, "Checking policy with command '%s'", cmd);
if (!ShellCommandReturnsZero(cmd, true))
{
Log(LOG_LEVEL_ERR, "Policy failed validation with command '%s'", cmd);
return false;
}
if (!IsFileOutsideDefaultRepository(config->original_input_file))
{
WritePolicyValidatedFile(config);
}
return true;
}
