Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixing interval issues #104

Merged
merged 1 commit into from
Oct 17, 2016
Merged

fixing interval issues #104

merged 1 commit into from
Oct 17, 2016

Conversation

jeremymv2
Copy link
Contributor

@jeremymv2 jeremymv2 commented Oct 10, 2016
edited
Loading

Description

There were some problems when using interval:

  1. profiles fetched but not executed
  2. report always sent, even if profile not executed

Issues Resolved

This fixes: #101 and #102

Check List

Signed-off-by: Jeremy J. Miller jm@chef.io

@jeremymv2
fixing interval issues
7652f2f 
Signed-off-by: Jeremy J. Miller <jm@chef.io>
@jeremymv2
Copy link
Contributor Author

@jeremiahsnapp Want to take a look? I've tested and this seems to be a reasonable fix.

@jeremiahsnapp
Copy link
Contributor

@jeremymv2 This looks good to me. My understanding is the notifies :execute, "compliance_report[#{report_collector}]", :delayed notification effectively gets called twice. One for the compliance_profile's fetch action and one for its execute action. But since the notification is :delayed only one compliance_report :execute notification should really be created. As long as this is what your testing shows then I'm 👍

Nice work!

@jeremymv2
Copy link
Contributor Author

@jeremiahsnapp correct. So you can see the results, with attributes in a wrapper set as such (1 minute interval):

default['audit']['server'] = 'https://compliance-server.test/api'
default['audit']['collector'] = 'chef-compliance'
default['audit']['token'] = nil
default['audit']['refresh_token'] = '1/HmQqLjgyQah7H_lCvsbPfSC8YBrLyL9l35VHPh_PmG7SRaB00w22xPVfzy4WcLKyls_YeCcm2ygkgNbjBXGc6Q=='
default['audit']['profiles'] = { 'base/linux' => true }
default['audit']['insecure'] = true
default['audit']['interval']['enabled'] = true
default['audit']['interval']['time'] = 1

1st time:

Synchronizing Cookbooks:
  - audit_wrapper (0.1.0)
  - audit (1.0.1)
Installing Cookbook Gems:
Compiling Cookbooks...
Converging 6 resources
Recipe: audit::_inspec
  * inspec[inspec] action install
    * chef_gem[inspec] action install (up to date)
    - install/update inspec[2016-10-11T15:09:44+00:00] WARN: Using inspec version: (1.1.0)

    - verifies the inspec version
    * chef_gem[inspec] action install (up to date)

Recipe: audit::default
  * compliance_token[Compliance Token] action create[2016-10-11T15:09:44+00:00] INFO: Using refresh_token to exchange for an access token.

    - compliance server auth token setup
  * directory[/var/chef/cache/compliance] action create (up to date)
  * file[/var/chef/cache/compliance/linux] action nothing (skipped due to action :nothing)
  * compliance_profile[linux] action fetch
    - load required inspec modules
    * directory[/var/chef/cache/compliance] action create (up to date)
    - create cache directory[2016-10-11T15:09:44+00:00] INFO: Fetch compliance profile base/linux
[2016-10-11T15:09:44+00:00] INFO: Load profile from: https://compliance-server.test/api/owners/base/compliance/linux/tar

    - fetch compliance profile
    * directory[/var/chef/cache/compliance] action create (up to date)

  * compliance_profile[linux] action execute
    - load required inspec modules
    * directory[/var/chef/cache/compliance] action create (up to date)
    - create/verify cache directory[2016-10-11T15:09:44+00:00] INFO: Executing: /var/chef/cache/compliance/base_linux.tgz

    - execute compliance profile
    * directory[/var/chef/cache/compliance] action create (up to date)
    * file[/var/chef/cache/compliance/base_linux_report.json] action create[2016-10-11T15:09:45+00:00] INFO: file[/var/chef/cache/compliance/base_linux_report.json] updated file contents /var/chef/cache/compliance/base_linux_report.json

      - update content in file /var/chef/cache/compliance/base_linux_report.json from cd704a to 9b0f7c
      - suppressed sensitive resource

[2016-10-11T15:09:45+00:00] INFO: compliance_profile[linux] not queuing delayed action touch on file[/var/chef/cache/compliance/linux] (delayed), as it's already been queued
[2016-10-11T15:09:45+00:00] INFO: compliance_profile[linux] not queuing delayed action execute on compliance_report[chef-compliance] (delayed), as it's already been queued
  * compliance_report[chef-compliance] action nothing (skipped due to action :nothing)
[2016-10-11T15:09:45+00:00] INFO: compliance_profile[linux] sending touch action to file[/var/chef/cache/compliance/linux] (delayed)
  * file[/var/chef/cache/compliance/linux] action touch[2016-10-11T15:09:45+00:00] INFO: file[/var/chef/cache/compliance/linux] updated atime and mtime to 2016-10-11 15:09:45 +0000

    - update utime on file /var/chef/cache/compliance/linux
[2016-10-11T15:09:45+00:00] INFO: compliance_profile[linux] sending execute action to compliance_report[chef-compliance] (delayed)
  * compliance_report[chef-compliance] action execute[2016-10-11T15:09:45+00:00] INFO: Total number of failed controls: 28
[2016-10-11T15:09:45+00:00] INFO: Report to Chef Compliance: https://compliance-server.test/api/owners/brewinc/inspec

    - report compliance profiles' results
[2016-10-11T15:09:45+00:00] INFO: Chef Run complete in 1.735402839 seconds

Running handlers:
[2016-10-11T15:09:45+00:00] INFO: Running report handlers
Running handlers complete
[2016-10-11T15:09:45+00:00] INFO: Report handlers complete
Chef Client finished, 7/16 resources updated in 03 seconds

2nd converge, < 1 minute later

Synchronizing Cookbooks:
  - audit_wrapper (0.1.0)
  - audit (1.0.1)
Installing Cookbook Gems:
Compiling Cookbooks...
Converging 6 resources
Recipe: audit::_inspec
  * inspec[inspec] action install
    * chef_gem[inspec] action install (up to date)
    - install/update inspec[2016-10-11T15:10:23+00:00] WARN: Using inspec version: (1.1.0)

    - verifies the inspec version
    * chef_gem[inspec] action install (up to date)

Recipe: audit::default
  * compliance_token[Compliance Token] action create[2016-10-11T15:10:23+00:00] INFO: Using refresh_token to exchange for an access token.

    - compliance server auth token setup
  * directory[/var/chef/cache/compliance] action create (up to date)
  * file[/var/chef/cache/compliance/linux] action nothing (skipped due to action :nothing)
  * compliance_profile[linux] action fetch (skipped due to only_if)
  * compliance_profile[linux] action execute (skipped due to only_if)
  * compliance_report[chef-compliance] action nothing (skipped due to action :nothing)
[2016-10-11T15:10:23+00:00] INFO: Chef Run complete in 0.888075551 seconds

Running handlers:
[2016-10-11T15:10:23+00:00] INFO: Running report handlers
Running handlers complete
[2016-10-11T15:10:23+00:00] INFO: Report handlers complete
Chef Client finished, 2/9 resources updated in 02 seconds

3rd converge, this time after waiting > 1 minute (same result as 1st converge)

Synchronizing Cookbooks:
  - audit_wrapper (0.1.0)
  - audit (1.0.1)
Installing Cookbook Gems:
Compiling Cookbooks...
Converging 6 resources
Recipe: audit::_inspec
  * inspec[inspec] action install
    * chef_gem[inspec] action install (up to date)
    - install/update inspec[2016-10-11T15:13:23+00:00] WARN: Using inspec version: (1.1.0)

    - verifies the inspec version
    * chef_gem[inspec] action install (up to date)

Recipe: audit::default
  * compliance_token[Compliance Token] action create[2016-10-11T15:13:23+00:00] INFO: Using refresh_token to exchange for an access token.

    - compliance server auth token setup
  * directory[/var/chef/cache/compliance] action create (up to date)
  * file[/var/chef/cache/compliance/linux] action nothing (skipped due to action :nothing)
  * compliance_profile[linux] action fetch
    - load required inspec modules
    * directory[/var/chef/cache/compliance] action create (up to date)
    - create cache directory[2016-10-11T15:13:23+00:00] INFO: Fetch compliance profile base/linux
[2016-10-11T15:13:23+00:00] INFO: Load profile from: https://compliance-server.test/api/owners/base/compliance/linux/tar

    - fetch compliance profile
    * directory[/var/chef/cache/compliance] action create (up to date)

  * compliance_profile[linux] action execute
    - load required inspec modules
    * directory[/var/chef/cache/compliance] action create (up to date)
    - create/verify cache directory[2016-10-11T15:13:23+00:00] INFO: Executing: /var/chef/cache/compliance/base_linux.tgz

    - execute compliance profile
    * directory[/var/chef/cache/compliance] action create (up to date)
    * file[/var/chef/cache/compliance/base_linux_report.json] action create[2016-10-11T15:13:24+00:00] INFO: file[/var/chef/cache/compliance/base_linux_report.json] updated file contents /var/chef/cache/compliance/base_linux_report.json

      - update content in file /var/chef/cache/compliance/base_linux_report.json from 9b0f7c to c8174d
      - suppressed sensitive resource

[2016-10-11T15:13:24+00:00] INFO: compliance_profile[linux] not queuing delayed action touch on file[/var/chef/cache/compliance/linux] (delayed), as it's already been queued
[2016-10-11T15:13:24+00:00] INFO: compliance_profile[linux] not queuing delayed action execute on compliance_report[chef-compliance] (delayed), as it's already been queued
  * compliance_report[chef-compliance] action nothing (skipped due to action :nothing)
[2016-10-11T15:13:24+00:00] INFO: compliance_profile[linux] sending touch action to file[/var/chef/cache/compliance/linux] (delayed)
  * file[/var/chef/cache/compliance/linux] action touch[2016-10-11T15:13:24+00:00] INFO: file[/var/chef/cache/compliance/linux] updated atime and mtime to 2016-10-11 15:13:24 +0000

    - update utime on file /var/chef/cache/compliance/linux
[2016-10-11T15:13:24+00:00] INFO: compliance_profile[linux] sending execute action to compliance_report[chef-compliance] (delayed)
  * compliance_report[chef-compliance] action execute[2016-10-11T15:13:24+00:00] INFO: Total number of failed controls: 28
[2016-10-11T15:13:24+00:00] INFO: Report to Chef Compliance: https://compliance-server.test/api/owners/brewinc/inspec

    - report compliance profiles' results
[2016-10-11T15:13:24+00:00] INFO: Chef Run complete in 1.718283005 seconds

Running handlers:
[2016-10-11T15:13:24+00:00] INFO: Running report handlers
Running handlers complete
[2016-10-11T15:13:24+00:00] INFO: Report handlers complete
Chef Client finished, 7/16 resources updated in 03 seconds

@jeremiahsnapp
Copy link
Contributor

@jeremymv2 I like your style. Thanks for your thoroughness. This PR totally solves the issue. Do you need anything else from me to merge it?

@chris-rock chris-rock merged commit 2b9d8b0 into chef-boneyard:master Oct 17, 2016
@chris-rock
Copy link
Contributor

Thanks @jeremymv2 and @jeremiahsnapp for this improvement

@jeremymv2 jeremymv2 deleted the interval_fixes branch October 17, 2016 16:49
@jeremiahsnapp jeremiahsnapp mentioned this pull request Oct 18, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Interval setting is not working properly
4 participants
@jeremymv2 @jeremiahsnapp @chris-rock @binamov