[augeas-devel] Introduction Config::Augeas::Validator
Raphaël Pinson
raphink at gmail.com
Mon Sep 5 16:21:13 UTC 2011
Hi all,
This mail is to introduce a new Perl module based on Augeas and named
Config::Augeas::Validator [0].
Why this module?
==============
Many sysadmins today keep a repository of configuration files from which
they deploy to their servers. To prevent configuration breakage, it could be
useful to parse and check these configuration files before they get
deployed.
The goal of Config::Augeas::Validator is to run unit tests on config files
using Augeas as a backend. For example, the module can be plugged to a VCS
to be used as a precommit script in order to prevent users from committing
broken or bad configurations.
How it works
==========
Config::Augeas::Validator can work in two ways: with a single configuration
file or with a directory of configuration files.
Configuration files for Config::Augeas::Validator are INI files. Each of
these INI files describes a series of tests to be run on a specific pattern
with a specific lens. Config::Augeas::Validator runs each test on the given
files and returns errors when tests fail.
A very simple example
==================
Here is a very simple example, using no rules:
[DEFAULT]
rules=
lens=Hosts
pattern=.*/hosts
What will this do? When Config::Augeas::Validator is called on a file named
"hosts", it will try to parse it using the "Hosts" lens. If the parsing
fails, Config::Augeas::Validator will return an error.
Making it a bit more complex
======================
[DEFAULT]
rules=localhost
lens=Hosts
pattern=.*/hosts
[localhost]
name=Localhost
explanation=IPv4 must be set for localhost
type=count
expr=$file/*[ipaddr = "127.0.0.1"][canonical = "localhost"]
value=1
Here, I've added a very simple rule checking that the given file contains
one and only one entry matching both "localhost" and "127.0.0.1". If this
condition is not met, the test will fail.
What does the output look like?
========================
Here is an example running the augeas-validator tool.
$ augeas-validator -r validator-rules
configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC
W: File configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC
W: Assertion 'noatime for logs' of type count returned 1 for file
configurations/default/generic/disk_config/V_ENCOM_SPUP_FILER_REC, expected
0:
Log partitions should be set to noatime.
To infinity and beyond
================
Augeas already supports a lot of lenses, so the possibilities are endless.
The main problem I'm facing is simplifying the expr interface for complex
tests. An example of a complex test is the following:
[bootable_flag]
name=Bootable flag
explanation=At least one partition must be bootable
type=count
expr=$file/disk_config[. != "lvm"][. != "raid"][. !=
"tmpfs"][count(raw-disk) = 0][count(../disk_config/bootable) = 0]
value=0
level=warning
Paths can easily get complex when conditions accumulate, and I'm open to
suggestions to simplify this.
If you wish to clone the repository and play with it, you will find the code
on github [1]
Cheers,
Raphaël
[0] http://search.cpan.org/~raphink/Config-Augeas-Validator-0.103/
[1] https://github.com/raphink/config-augeas-validator
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/augeas-devel/attachments/20110905/203e5ce9/attachment.htm>
More information about the augeas-devel
mailing list