cf-promises - validate and analyze CFEngine policy code
cf-promises [OPTION]... [FILE]
cf-promises is a tool for checking CFEngine policy code. It
operates by first parsing policy code checing for syntax errors. Second, it
validates the integrity of policy consisting of multiple files. Third, it
checks for semantic errors, e.g. specific attribute set rules. Finally,
cf-promises attempts to expose errors by partially evaluating the policy,
resolving as many variable and classes promise statements as possible. At no
point does cf-promises make any changes to the system.
- --workdir, -w
value
- Override the work directory for testing (same as setting
CFENGINE_TEST_OVERRIDE_WORKDIR)
- --eval-functions,
-? value
- Evaluate functions during syntax checking (may catch more run-time
errors). Possible values: 'yes', 'no'. Default is 'yes'
- --show-classes,
-? value
- Show discovered classes, including those defined in common bundles in
policy. Optionally can take a regular expression.
- --show-vars, -?
value
- Show discovered variables, including those defined without dependency to
user-defined classes in policy. Optionally can take a regular
expression.
- --help, -h
- Print the help message
- --bundlesequence,
-b value
- Use the specified bundlesequence for verification
- --debug, -d
- Enable debugging output
- --verbose, -v
- Output verbose information about the behaviour of cf-promises
- --log-level, -g
value
- Specify how detailed logs should be. Possible values: 'error', 'warning',
'notice', 'info', 'verbose', 'debug'
- --dry-run, -n
- All talk and no action mode - make no changes, only inform of promises not
kept
- --version, -V
- Output the version of the software
- --file, -f value
- Specify an alternative input file than the default. This option is
overridden by FILE if supplied as argument.
- --define, -D
value
- Define a list of comma separated classes to be defined at the start of
execution
- --negate, -N
value
- Define a list of comma separated classes to be undefined at the start of
execution
- --inform, -I
- Print basic information about changes made to the system, i.e. promises
repaired
- --diagnostic,
-x
- Activate internal diagnostics (developers only)
- --policy-output-format,
-p value
- Output the parsed policy. Possible values: 'none', 'cf', 'json' (this file
only), 'cf-full', 'json-full' (all parsed promises). Default is 'none'.
(experimental)
- --syntax-description,
-s value
- Output a document describing the available syntax elements of CFEngine.
Possible values: 'none', 'json'. Default is 'none'.
- --full-check,
-c
- Ensure full policy integrity checks
- --warn, -W value
- Pass comma-separated <warnings>|all to enable non-default warnings,
or error=<warnings>|all
- --color, -C value
- Enable colorized output. Possible values: 'always', 'auto', 'never'. If
option is used, the default value is 'auto'
- --tag-release,
-T value
- Tag a directory with promises.cf with cf_promises_validated and
cf_promises_release_id
- --timestamp,
-l
- Log timestamps on each line of log output
- --ignore-preferred-augments,
-?
- Ignore def_preferred.json file in favor of def.json
- --log-modules,
-? value
- Enable even more detailed debug logging for specific areas of the
implementation. Use together with '-d'. Use --log-modules=help for a list
of available modules
CFEngine provides automated configuration management of
large-scale computer systems. A system administrator describes the desired
state of a system using CFEngine policy code. The program cf-agent
reads policy code and attempts to bring the current system state to the
desired state described. Policy code is downloaded by cf-agent from a
cf-serverd daemon. The daemon cf-execd is responsible for
running cf-agent periodically.
Documentation for CFEngine is available at https://docs.cfengine.com/.
CFEngine is built on principles from promise theory, proposed by
Mark Burgess in 2004. Promise theory is a model of voluntary cooperation
between individual, autonomous actors or agents who publish their intentions
to one another in the form of promises. A promise is a declaration of intent
whose purpose is to increase the recipient's certainty about a claim of
past, present or future behaviour. For a promise to increase certainty, the
recipient needs to trust the promiser, but trust can also be built on the
verification that previous promises have been kept, thus trust plays a
symbiotic relationship with promises.
For an introduction to promise theory, please see
http://arxiv.org/abs/0810.3294/
cf-promises is part of CFEngine.
Binary packages may be downloaded from https://cfengine.com/download/.
The source code is available at https://github.com/cfengine/
Please see the public bug-tracker at
https://tracker.mender.io/projects/CFE/.
GitHub pull-requests may be submitted to
https://github.com/cfengine/core/.
cf-promises(8), cf-agent(8), cf-serverd(8),
cf-execd(8), cf-monitord(8), cf-runagent(8),
cf-key(8)
Mark Burgess and Northern.tech AS