There are several ways to approach authoring promises and ensuring they are copied into and then deployed properly from the masterfiles
directory:
masterfiles
directory.masterfiles
directory (e.g. local file copy using cp
, scp
over ssh
).masterfiles
directory.git
repository and remote to a clone hosted on GitHub.masterfiles
that tells CFEngine to check that git
repository for changes, and if there are any to merge them into masterfiles
.masterfiles
repository.git commit
.masterfiles
, and then afterwards will be deployed to CFEngine hosts that are bootstrapped to the hub.There are two methods possible with GitHub: one is to use the web interface at GitHub.com; the second is to use the GitHub application.
Method One: Create Masterfiles Repository Using GitHub Web Interface
1a. In the GitHub web interface, click on the New repository
button.
1b. Or from the +
drop down menu on the top right hand side of the screen select New repository
.
Repository name
text entry (e.g. cfengine-masterfiles).private
for the type of privacy desired (public
is also possible, but is not recommended in most situations).Initialize this repository with a README
box. (not required):””Method Two: Create Masterfiles Repository Using the GitHub Application
Repository name
text entry (e.g. cfengine-masterfiles).private
for the type of privacy desired (public
is also possible, but is not recommended in most situations).> cd /var/cfengine/masterfiles
> git init
> git commit -m "First commit"
> git remote add origin https://github.com/GitUserName/cfengine-masterfiles.git
> git push -u origin master
Using the above steps on a private repository will fail with a 403 error. There are different approaches to deal with this:
A) Generate a key pair and add it to GitHub
ssh-keygen -t rsa
.Enter file in which to save the key (/root/.ssh/id_rsa):
.Enter passphrase (empty for no passphrase):
.ssh-agent bash
and then the enter key.ssh-add /root/.ssh/id_rsa
.exit
to leave ssh-agent bash
.ssh -T git@github.com
.vi /root/.ssh/id_rsa.pub
).SSH keys
.Add SSH key
on the next screen.Title
for the label (e.g. CFEngine).Key
textarea.Add key
.Confirm
button.B) Or, change the remote url to https://GitUserName@password:github.com/GitUserName/cfengine-masterfiles.git
. This is not safe in a production environment and should only be used for basic testing purposes (if at all).
masterfiles
directory, if not already there:
> cd /var/cfengine/masterfiles
> git remote add upstream ssh://git@github.com/GitUserName/cfengine-masterfiles.git
.git remote -v
and pressing enter.
/var/cfengine/masterfiles
with a unique filename (e.g. vcs_update.cf
)vcs_update.cf
file:bundle agent vcs_update
{
commands:
"/usr/bin/git"
args => "pull --ff-only upstream master",
contain => masterfiles_contain;
}
body contain masterfiles_contain
{
chdir => "/var/cfengine/masterfiles";
}
/var/cfengine/masterfiles/promises.cf
. Example (where ...
represents existing text in the file, omitted for clarity):body common control
{
bundlesequence => {
...
vcs_update,
};
inputs => {
...
"vcs_update.cf",
};