From f1df9517b943145002960b0538159678d08dfa36 Mon Sep 17 00:00:00 2001 From: Mikita Pilinka Date: Thu, 4 Jan 2024 11:05:50 +0100 Subject: [PATCH] new file and command component usage across markdown files Ticket: ENT-10940 Changelog: None Signed-off-by: Mikita Pilinka --- getting-started/developing-modules.markdown | 19 +++++----- .../general-installation.markdown | 16 +++++--- .../installation-coreos.markdown | 12 +++--- ...allation-enterprise-free-aws-rhel.markdown | 8 ++-- .../installation-enterprise-free.markdown | 20 +++++----- ...lation-enterprise-generic-tarball.markdown | 6 +-- .../installation-enterprise-vagrant.markdown | 38 ++++++++++++------- .../installation-enterprise.markdown | 18 ++++----- .../local-virtual-machine.markdown | 15 ++++---- .../verify-signatures.markdown | 22 +++++++---- .../vi-quick-start-guide.markdown | 2 +- .../installation/version-control.markdown | 6 ++- .../modules-from-cfengine-build.markdown | 26 ++++++------- getting-started/writing-policy.markdown | 24 +++++++----- 14 files changed, 130 insertions(+), 102 deletions(-) diff --git a/getting-started/developing-modules.markdown b/getting-started/developing-modules.markdown index 35f52a66a..a5084c5f4 100644 --- a/getting-started/developing-modules.markdown +++ b/getting-started/developing-modules.markdown @@ -26,7 +26,7 @@ https://github.com/cfengine/promise-type-template We can add it to our project with the full URL: -``` +```command cfbs add https://github.com/cfengine/promise-type-template ``` @@ -34,6 +34,7 @@ From that repo, we have now added a new promise type, it is called `git_example` Then, we should edit our policy example, `my_policy.cf` to use this module: ```cfengine3 +[file=my_policy.cf] bundle agent hello_world { meta: @@ -48,19 +49,19 @@ bundle agent hello_world That's it, you can now build and deploy: -``` +```command cfbs build && cf-remote deploy ``` And to test it, we can delete the folder and run the agent again: -``` +```command cf-remote sudo -H hub "rm -rf /tmp/hugo && cf-agent -KI | grep hugo" ``` The output printed from that remote machine shows that `cf-agent` cloned the repository again, after we deleted it: -``` +```output root@192.168.56.2: 'rm -rf /tmp/hugo && cf-agent -KI | grep hugo' -> ' info: Cloning 'https://github.com/gohugoio/hugo.git' -> '/tmp/hugo'...' root@192.168.56.2: ' info: Successfully cloned 'https://github.com/gohugoio/hugo.git' -> '/tmp/hugo'' ``` @@ -83,7 +84,7 @@ Start by editing `cfbs.json`, at least changing the `repo` and `by` URLs. To test your changes, make sure they are pushed to GitHub, and re-add your module, for example: -``` +```command cfbs remove promise-type-git-example && cfbs add https://github.com/cfengine/promise-type-template ``` @@ -91,13 +92,13 @@ cfbs remove promise-type-git-example && cfbs add https://github.com/cfengine/pro Then, build and deploy the project again: -``` +```command cfbs build && cf-remote deploy ``` And just like before, you can run manual agent runs to test: -``` +```command cf-remote sudo -H hub "rm -rf /tmp/hugo && cf-agent -KI" ``` @@ -106,7 +107,7 @@ cf-remote sudo -H hub "rm -rf /tmp/hugo && cf-agent -KI" As you've changed the high level things, like file name, promise type name, URLs, etc. and deployed that, the only thing you need to edit is the contents of the python file. So, to test your changes to the python file, a full build is not really necessary, you can just copy over that one file: -``` +```command cf-remote scp -H hub git_example.py /var/cfengine/masterfiles/modules/promises/git_example.py ``` @@ -114,7 +115,7 @@ cf-remote scp -H hub git_example.py /var/cfengine/masterfiles/modules/promises/g And then you can test it: -``` +```command cf-remote sudo -H hub "cf-agent -KIf update.cf && cf-agent -KI" ``` diff --git a/getting-started/installation/general-installation.markdown b/getting-started/installation/general-installation.markdown index 98d41e668..0cafd8f3a 100644 --- a/getting-started/installation/general-installation.markdown +++ b/getting-started/installation/general-installation.markdown @@ -48,13 +48,16 @@ Run the bootstrap command, **first** on the policy server: 1. Find the IP address of your Policy Server: - $ ifconfig +```command +ifconfig +``` 2. Run the bootstrap command: - - $ sudo /var/cfengine/bin/cf-agent --bootstrap +```command +sudo /var/cfengine/bin/cf-agent --bootstrap +``` The bootstrap command must then be run on any client attaching itself to this server, using the ip address of the policy server (i.e. exactly the same as the command run on the policy server itself). @@ -78,7 +81,9 @@ together. The preferred way of setting `def.mailfrom` is from the [augments file][Augments]. -``` +```json +[file=def.json] + { "vars": { "mailfrom": "sender@your.domain.here", @@ -102,7 +107,8 @@ ensure they have taken effect. The preferred way to disable the agent from sending emails is to define `cfengine_internal_disable_agent_email` from the [augments file][Augments]. -``` +```json +[file=def.json] { "classes": { "cfengine_internal_disable_agent_email": [ "any" ] diff --git a/getting-started/installation/general-installation/installation-coreos.markdown b/getting-started/installation/general-installation/installation-coreos.markdown index b7fe97ad9..ff8dfcc87 100644 --- a/getting-started/installation/general-installation/installation-coreos.markdown +++ b/getting-started/installation/general-installation/installation-coreos.markdown @@ -17,14 +17,14 @@ Download the file-system image package for CoreOS from the [Enterprise Downloads 1. On the CoreOS Host, extract the `fs-img-pkg.tar.gz` archive: - ```console - core@coreos ~ $ tar xvf cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.x86_64.fs-img.pkg.tar.gz + ```command + tar xvf cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.x86_64.fs-img.pkg.tar.gz ``` 2. On the CoreOS Host, run the install script: - ```console - core@coreos ~ $ sudo ./cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.x86_64.fs-img.pkg/install.sh + ```command + sudo ./cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.x86_64.fs-img.pkg/install.sh ``` Note: Install actions logged to `/var/log/CFEngine-Install.log`. @@ -33,8 +33,8 @@ Note: Install actions logged to `/var/log/CFEngine-Install.log`. Run the bootstrap command: -```console -core@coreos ~ $ sudo /var/cfengine/bin/cf-agent --bootstrap +```commmand +sudo /var/cfengine/bin/cf-agent --bootstrap ``` ## Next steps diff --git a/getting-started/installation/general-installation/installation-enterprise-free-aws-rhel.markdown b/getting-started/installation/general-installation/installation-enterprise-free-aws-rhel.markdown index 49418f84b..c72199321 100644 --- a/getting-started/installation/general-installation/installation-enterprise-free-aws-rhel.markdown +++ b/getting-started/installation/general-installation/installation-enterprise-free-aws-rhel.markdown @@ -127,8 +127,8 @@ We ready now ready to install the CFEngine software on both the server and clien Run the following script on your designated Policy Server (hub), the virtual machine with the configured firewall from earlier steps: -```console -$ wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh hub +```command +wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh hub ``` This script installs the latest CFEngine Enterprise Policy Server on your server machine. @@ -156,8 +156,8 @@ Upon successful completion, a confirmation message appears: "Bootstrap to '172.3 * Ensure you are logged into the host machine setup earlier. * Install CFEngine client version using the following: -```console -$ wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh agent +```command +wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh agent ``` Note: The installation will work on 64-bit and 32-bit client machines (the host requires a 64-bit machine). diff --git a/getting-started/installation/general-installation/installation-enterprise-free.markdown b/getting-started/installation/general-installation/installation-enterprise-free.markdown index 5dedc0d08..209408dba 100644 --- a/getting-started/installation/general-installation/installation-enterprise-free.markdown +++ b/getting-started/installation/general-installation/installation-enterprise-free.markdown @@ -40,8 +40,8 @@ Please Note: Internet access is required from the host if you wish to use the qu Run the following script on your designated Policy Server (hub) 64-bit machine (32-bit is not supported on the Policy Server): -```console -$ wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh hub +```command +wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh hub ``` This script installs the latest CFEngine Enterprise Policy Server on your machine. @@ -52,8 +52,8 @@ The Policy Server must be bootstrapped to itself. Find the IP address of your Po Run the bootstrap command: -```console -$ sudo /var/cfengine/bin/cf-agent --bootstrap +```command +sudo /var/cfengine/bin/cf-agent --bootstrap ``` **Example: $ sudo /var/cfengine/bin/cf-agent --bootstrap 192.168.1.12** @@ -62,8 +62,8 @@ Upon successful completion, a confirmation message appears: "Bootstrap to '192.1 Type the following to check which version of CFEngine your are running: -```console -$ /var/cfengine/bin/cf-promises --version +```command +/var/cfengine/bin/cf-promises --version ``` The Policy Server is installed. @@ -74,8 +74,8 @@ Install Enterprise on your designated Host(s) by running the script below. Per t install Enterprise on 25 Hosts. Note that the Hosts must be on the same network as the Policy Server that you just installed in Step 2. -```console -$ wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh agent +```command +wget https://s3.amazonaws.com/cfengine.packages/quick-install-cfengine-enterprise.sh && sudo bash ./quick-install-cfengine-enterprise.sh agent ``` Note that this installation works on 64- and 32-bit machines. @@ -85,8 +85,8 @@ Note that this installation works on 64- and 32-bit machines. All Hosts must be bootstrapped to the Policy Server in order to establish a connection between the Host and the Policy Server. Run the same commands that you ran in Step 3. -```console -$ sudo /var/cfengine/bin/cf-agent --bootstrap +```command +sudo /var/cfengine/bin/cf-agent --bootstrap ``` **Example: $ sudo /var/cfengine/bin/cf-agent --bootstrap 192.168.1.12** diff --git a/getting-started/installation/general-installation/installation-enterprise-generic-tarball.markdown b/getting-started/installation/general-installation/installation-enterprise-generic-tarball.markdown index daae7e783..f17b3b13a 100644 --- a/getting-started/installation/general-installation/installation-enterprise-generic-tarball.markdown +++ b/getting-started/installation/general-installation/installation-enterprise-generic-tarball.markdown @@ -12,19 +12,19 @@ First download the binary onto the host. Next unpack the archive. For the 64 bit tarball use: -```sh +```command tar --gunzip --extract --directory / --file ./cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.x86_64.pkg.tar.gz ``` Otherwise, for 32 bit tarball, use: -```sh +```command tar --gunzip --extract --directory / --file ./cfengine-nova-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}.i386.pkg.tar.gz ``` Generate a keypair for the client: -```sh +```command /var/cfengine/bin/cf-key ``` diff --git a/getting-started/installation/general-installation/installation-enterprise-vagrant.markdown b/getting-started/installation/general-installation/installation-enterprise-vagrant.markdown index 7201dcf79..2669ff6bf 100644 --- a/getting-started/installation/general-installation/installation-enterprise-vagrant.markdown +++ b/getting-started/installation/general-installation/installation-enterprise-vagrant.markdown @@ -66,8 +66,8 @@ creates a Vagrant Project directory. Step 3. Open a terminal and navigate to the Vagrant Project directory (e.g. `/home/user/CFEngine_Enterprise_vagrant_quickstart-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}`, or `C:\CFEngine_Enterprise_vagrant_quickstart-{{site.cfengine.branch}}.{{site.cfengine.latest_patch_release}}-{{site.cfengine.latest_package_build}}`) and enter the following command: -```console -$ vagrant up +```command +vagrant up ``` Vagrant performs the following processes: @@ -112,8 +112,10 @@ status` output. Both the 'root' and 'vagrant' users passwords are set to **Example:** -```console -$ vagrant ssh hub +```command +vagrant ssh hub +``` +```output Last login: Fri Jun 13 18:58:10 2014 from 10.0.2.2 ``` @@ -130,8 +132,10 @@ for the clients. Running `vagrant status` from the vagrant project directroy will produce output like this. -```console -$ vagrant status +```command +vagrant status +``` +```output Current machine states: hub not created (virtualbox) @@ -147,8 +151,8 @@ VM, run `vagrant status NAME`. To start or resume a halted environment simply run `vagrant up` from within the vagrant project directory. -```console -$ vagrant up +```command +vagrant up ``` ### Stop the environment (halt/suspend/destroy) @@ -156,8 +160,10 @@ $ vagrant up To shut down the vms run `vagrant halt`. This will preserve the vms and any changes made inside. -```console -$ vagrant suspend +```command +vagrant suspend +``` +```output ==> hub: Saving VM state and suspending execution... ==> host001: Saving VM state and suspending execution... ``` @@ -165,8 +171,10 @@ $ vagrant suspend To suspend the vms run `vagrant suspend`. This will freeze the state of each vm and allows for latter resuming of the environment. -```console -$ vagrant halt +```command +vagrant halt +``` +```output ==> host001: Attempting graceful shutdown of VM... ==> hub: Attempting graceful shutdown of VM... ``` @@ -174,8 +182,10 @@ $ vagrant halt At any time you can run `vagrant destroy` to remove the provisioned vms. This will delete the vms and any modifications made to the environment will be lost. -```console -$ vagrant destroy +```command +vagrant destroy +``` +```output host001: Are you sure you want to destroy the 'host001' VM? [y/N] y ==> host001: Forcing shutdown of VM... ==> host001: Destroying VM and associated drives... diff --git a/getting-started/installation/general-installation/installation-enterprise.markdown b/getting-started/installation/general-installation/installation-enterprise.markdown index 4ca7e4e9d..a123d1091 100644 --- a/getting-started/installation/general-installation/installation-enterprise.markdown +++ b/getting-started/installation/general-installation/installation-enterprise.markdown @@ -182,7 +182,7 @@ hard nofile 4000 Not sure what your open file limits for `cf-serverd` are? Inspect the current limits with this command: -``` +```command cat /proc/$(pgrep cf-serverd)/limits ``` @@ -223,14 +223,14 @@ Note: Install actions logged to `/var/logs/cfengine-install.log`. Run the bootstrap command, **first** on the policy server and then on each host: -```console -# /var/cfengine/bin/cf-agent --bootstrap +```command +/var/cfengine/bin/cf-agent --bootstrap ``` After bootstrapping the hub run the policy to complete the hub configuration. -```console -# /var/cfengine/bin/cf-agent -Kf update.cf; /var/cfengine/bin/cf-agent -K +```command +/var/cfengine/bin/cf-agent -Kf update.cf; /var/cfengine/bin/cf-agent -K ``` ## Licensed installations @@ -245,15 +245,15 @@ to CFEngine support to obtain a license. It's best to pack the public key into an archive so that it does not get corrupt in transit. -```console -# tar --create --gzip --directory /var/cfengine --file $(hostname)-ppkeys.tar.gz ppkeys/localhost.pub +```command +tar --create --gzip --directory /var/cfengine --file $(hostname)-ppkeys.tar.gz ppkeys/localhost.pub ``` CFEngine will send you a `license.dat` file. Install the obtained license with `cf-key`. -```console -# cf-key --install-license ./license.dat +```command +cf-key --install-license ./license.dat ``` ## Next steps diff --git a/getting-started/installation/local-virtual-machine.markdown b/getting-started/installation/local-virtual-machine.markdown index 8db32e083..384eb42e2 100644 --- a/getting-started/installation/local-virtual-machine.markdown +++ b/getting-started/installation/local-virtual-machine.markdown @@ -28,20 +28,20 @@ VirtualBox is used for virtualization, and vagrant is a nice way of interacting If you've never used SSH before, you need to generate a new SSH key: -``` +```command ssh-keygen ``` You can use the defaults, just press enter instead of typing things. After running the commands or if you already have been using SSH, you should be able to find your public key: -``` +```command ls ~/.ssh/ ``` The output should look like this: -``` +```output id_rsa id_rsa.pub known_hosts ``` @@ -53,13 +53,13 @@ id_rsa id_rsa.pub known_hosts We need a project folder where we will place the file(s) needed for both vagrant and later CFEngine: -``` +```command mkdir -p ~/cfengine_project && cd ~/cfengine_project ``` Now, inside the folder, we can create and edit the `Vagrantfile`: -``` +```command touch Vagrantfile && code Vagrantfile ``` @@ -68,6 +68,7 @@ touch Vagrantfile && code Vagrantfile Put this in your `Vagrantfile`: ```ruby +[file=Vagrantfile] # -*- mode: ruby -*- # vi: set ft=ruby : @@ -110,7 +111,7 @@ These 3 names do not have to match, but it is easier to remember To start our VM, make sure you've saved the file above, with the filename `Vagrantfile` and run this command in the same folder: -``` +```command vagrant up hub ``` @@ -118,7 +119,7 @@ At this point, the VM should work like any Linux VM, similar to if you spawned i **Note:** Later, when you are done working with the Virtual Machine and want to get rid of it, run the following command: -``` +```command vagrant destroy hub ``` diff --git a/getting-started/installation/pre-installation-checklist/verify-signatures.markdown b/getting-started/installation/pre-installation-checklist/verify-signatures.markdown index 22b8c0ca8..f143cc360 100644 --- a/getting-started/installation/pre-installation-checklist/verify-signatures.markdown +++ b/getting-started/installation/pre-installation-checklist/verify-signatures.markdown @@ -19,21 +19,25 @@ NOTE: AIX rpms currently are NOT signed because it's not supported on older vers 1. Import the public GPG key. -```console -# rpm --import https://cfengine-package-repos.s3.amazonaws.com/pub/gpg.key +```command +rpm --import https://cfengine-package-repos.s3.amazonaws.com/pub/gpg.key ``` 2. Validate the signature. -```console -# rpm -K ./cfengine-nova-hub-3.12.2-2.x86_64.rpm +```command +rpm -K ./cfengine-nova-hub-3.12.2-2.x86_64.rpm +``` +```output ./cfengine-nova-hub-3.12.2-2.x86_64.rpm: rsa sha1 (md5) pgp md5 OK ``` NOTE: If you don't import the public key first, you will get an error about the key missing: -```console -# rpm -K ./cfengine-nova-hub-3.12.2-2.x86_64.rpm +```command +rpm -K ./cfengine-nova-hub-3.12.2-2.x86_64.rpm +``` +```output ./cfengine-nova-hub-3.12.2-2.x86_64.rpm: RSA sha1 ((MD5) PGP) md5 NOT OK (MISSING KEYS: (MD5) PGP#a86e7afa) ``` @@ -68,7 +72,9 @@ NOTE: If you don't import the public key first, you will get an error about the 3. Validate the signature. -```console -# debsig-verify cfengine-nova-hub_3.12.2-2_amd64.deb +```command +debsig-verify cfengine-nova-hub_3.12.2-2_amd64.deb +``` +```output debsig: Verified package from 'CFEngine 3' (cfengine3) ``` diff --git a/getting-started/installation/pre-installation-checklist/vi-quick-start-guide.markdown b/getting-started/installation/pre-installation-checklist/vi-quick-start-guide.markdown index c5483e3fc..fefccee6b 100644 --- a/getting-started/installation/pre-installation-checklist/vi-quick-start-guide.markdown +++ b/getting-started/installation/pre-installation-checklist/vi-quick-start-guide.markdown @@ -34,7 +34,7 @@ Now press "Enter" to go to the next line and type "My name is Gary, and it's nic The output will look like this: -``` +```output Hello World My name is Gary, and it's nice to meet you ``` diff --git a/getting-started/installation/version-control.markdown b/getting-started/installation/version-control.markdown index 6be9c1936..51a9c59c4 100644 --- a/getting-started/installation/version-control.markdown +++ b/getting-started/installation/version-control.markdown @@ -35,7 +35,8 @@ We can use a Git update hook to prevent a change from being made unless it passes syntax checking. The idea is to check out the revision in a temporary directory and run `cf-promises` on it. Here is an example hook. -``` +```shell +[file=update] #!/bin/sh # --- Command line @@ -81,7 +82,8 @@ For subversion, the principle is essentially the same. Note that for a post-commit hook the check is run after update, so the repository may be left with a syntax error, but the committer is notified. -``` +```shell +[file=post-commit] #!/bin/sh REPOS="$1" diff --git a/getting-started/modules-from-cfengine-build.markdown b/getting-started/modules-from-cfengine-build.markdown index 31245bdea..81766b72d 100644 --- a/getting-started/modules-from-cfengine-build.markdown +++ b/getting-started/modules-from-cfengine-build.markdown @@ -20,13 +20,13 @@ There is a video version of this tutorial available on YouTube: Create a folder for you project, for example in your home directory: -``` +```command mkdir -p ~/cfengine_project ``` Initialize it: -``` +```command cd ~/cfengine_project && cfbs init ``` @@ -42,7 +42,7 @@ This is the default policy which is included in the CFEngine packages, so it is It is needed for various features of CFEngine and CFEngine Enterprise to work correctly. If you didn't add it as part of the previous `cfbs init`, add it now: -``` +```command cfbs add masterfiles ``` @@ -50,19 +50,19 @@ At this point, you can go to [build.cfengine.com](https://build.cfengine.com) an The command to add them is the same as above. For the purposes of this tutorial, let's add the git module so we can work with git repositories later: -``` +```command cfbs add git ``` Additionally, let's add a module to make CFEngine run policy and report collection every minute instead of the default 5 minute interval: -``` +```command cfbs add every-minute ``` Finally, let's add a report for whether the OS is supported by the OS vendor: -``` +```command cfbs add compliance-report-os-is-vendor-supported ``` @@ -70,13 +70,11 @@ cfbs add compliance-report-os-is-vendor-supported Once we are done adding modules, it is time to build them, combining it all into the policy set which will be deployed to our hub: -``` +```command cfbs build ``` -Output: - -``` +```output Modules: 001 masterfiles @ a87b7fea6f7a88808b327730a4ba784a3dc664eb (Downloaded) 002 library-for-promise-types-in-python @ c3b7329b240cf7ad062a0a64ee8b607af2cb912a (Downloaded) @@ -116,14 +114,14 @@ Feel free to look at some of the files in `out/masterfiles/`, if you want to und Now, let's deploy what we built to the hub: -``` +```command cf-remote deploy ``` **Note:** This assumes your hub is saved in `cf-remote`, with the group name _hub_. We did this in the first part of the series, while installing CFEngine, but if you haven't you can do it like this: -``` +```command cf-remote save -H root@192.168.56.2 --role hub --name hub ``` @@ -156,13 +154,13 @@ Here are some examples of modules you might be interested in: To add more modules, just repeat the commands from steps 1-3. For example, add the `inventory-sudoers` module to your project: -``` +```command cfbs add inventory-sudoers ``` Then, as usual, build and deploy: -``` +```command cfbs build && cf-remote deploy ``` diff --git a/getting-started/writing-policy.markdown b/getting-started/writing-policy.markdown index 588c7c81e..8db80a6ea 100644 --- a/getting-started/writing-policy.markdown +++ b/getting-started/writing-policy.markdown @@ -10,13 +10,13 @@ CFEngine policy language is a flexible, declarative language for describing the To start, create a new file and open it, or the folder, in your editor: -``` +```command cd ~/cfengine_project && touch my_policy.cf ``` Open the project folder (or just the policy file) in your editor: -``` +```command code . ``` @@ -27,6 +27,7 @@ code . Let's take a look at the traditional "Hello, world!" example: ```cfengine3 +[file=my_policy.cf] bundle agent hello_world { files: @@ -49,7 +50,7 @@ With `files` promises you can manipulate file permissions, edit lines, render te Put the code snippet above in a file called `my_policy.cf`, and add it to the project: -``` +```command cfbs add ./my_policy.cf ``` @@ -58,20 +59,20 @@ The default is the first bundle, `hello_world`, which is what we want. Now, build and deploy again: -``` +```command cfbs build && cf-remote deploy ``` The policy has been deployed and that `/tmp/hello` file should be ready. You can log in with SSH to check this, or use `cf-remote`: -``` +```command cf-remote sudo -H hub "cat /tmp/hello" ``` The output should look like this: -``` +```output root@192.168.56.2: 'cat /tmp/hello' -> 'Hello, world!' ``` @@ -80,7 +81,7 @@ root@192.168.56.2: 'cat /tmp/hello' -> 'Hello, world!' In CFEngine, the program which runs all your policy / modules and makes changes to the system is called `cf-agent`, or _the agent_. Just like above, we can use `cf-remote sudo` to run the agent on the hub: -``` +```command cf-remote sudo -H hub "cf-agent --no-lock --info" ``` @@ -91,7 +92,7 @@ This is similar to triggering an agent run with the buttons in Mission Portal, o To test that our policy works, let's delete the `/tmp/hello` file and watch CFEngine create it: -``` +```command cf-remote sudo -H hub "rm /tmp/hello && cf-agent -KI" ``` @@ -101,6 +102,7 @@ Earlier in this tutorial series, we added the `promise-type-git` module to our p This means that we can just start using the new promise type in policy: ```cfengine3 +[file=my_policy.cf] bundle agent hello_world { git: @@ -113,7 +115,7 @@ bundle agent hello_world This policy uses the `git` promise type to clone the Hugo project's source code from GitHub. Again, put the code snippet above in the `my_policy.cf` file, build, and deploy: -``` +```command cfbs build && cf-remote deploy ``` @@ -132,6 +134,7 @@ This has several benefits: Here is a simple example: ```cfengine3 +[file=my_policy.cf] bundle agent hello_world { vars: @@ -158,7 +161,7 @@ We might want to have some version information on which hugo we are using. Since we clone and track the `master` branch, there isn't necessarily a version number available, but there is always a commit SHA, so let's look for that. From the command line, you could find this by: -``` +```command git log -1 --format="%H" ``` @@ -166,6 +169,7 @@ We want to put this in a variable and include it in our reports we can see in Mi To take the output of a command and put it in a variable, we will use the `execresult()` function: ```cfengine3 +[file=my_policy.cf] bundle agent hello_world { vars: