Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove params.pp in favor of Hiera v5 lookups #10

Merged
merged 1 commit into from
Oct 26, 2018

Conversation

jorhett
Copy link

@jorhett jorhett commented Mar 1, 2018

Separate v1/v2 defaults into separate files

Create two new exposed variables for rule managements to use:

  • cis_benchmarks::script_dir: The resolved script directory, to avoid different resolutions
  • cis_benchmarks::cis_version_base: Where to find data for a given OS and cis version combination

These changes should greatly simplify adding EL6 and CIS v2.2 support
Fixes: #6 #8 #9

@jorhett jorhett force-pushed the dedup_data_parms branch 3 times, most recently from 95061c3 to 6643741 Compare March 17, 2018 00:42
Separate v1/v2 defaults into separate files
Create two new exposed variables for rule managements to use:
   cis_benchmarks::script_dir: The resolved script directory, to avoid different resolutions
   cis_benchmarks::cis_version_base: Where to find data for a given OS and cis version combination
@abuxton
Copy link
Owner

abuxton commented Mar 20, 2018

Hi, the params.pp pattern is used in this context as it is in use on servers that have no support for hiera v5.
The module supported version supports hierav4, and use of params gives support for hiera 3+ and ignores hiera.yaml.

to make this change woudl be a major version bump, to do that I would like to refactor the facter facts to be deployed with /facts.d mechanism in all cases but the rpm validation fact

I would still keep the params.pp pattern as it is not reuire dto override the data in hiera in any way if you enforce the module in strict mode and as such it should simply use clear, visible and self-contained data

A new version of the rules is now available, as such an update is needed to support changes.

@jorhett
Copy link
Author

jorhett commented Mar 22, 2018

So the problem with params.pp is that it creates a crazy mesh of data stored there which is a mixture of the different CIS versions. I am no stranger to Puppet or large modules, and I was constantly flipping back and forth trying to track down where data was coming from.

Moving the data to version-specific Hiera files greatly simplifies that.

Copy link
Owner

@abuxton abuxton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, i'm going to finally send this thank you for the patience

@abuxton abuxton merged commit f89c0fe into abuxton:master Oct 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

rule 5.2.15 is mentioned in comments but not implemented
2 participants