There are many different ways that custom polices can be organized. CFEngine does not prescribe any specific organizational layout but generally speaking keeping custom policy files under as few different paths as possible can ease policy framework upgrades.
For example, it is common to store custom policy files under services/SERVICE
or ORGINIZATION
from the root of your policy set.
Here we only describe ways to include and execute custom policies.
The autorun feature in the Masterfiles Policy Framework automatically adds
policy files found in services/autorun
to inputs and executes bundles tagged
with autorun as methods type promises in lexical order.
See Also: [services_autorun
in the Masterfiles Policy Framework][Masterfiles Policy Framework#services_autorun]
Augments uses the inputs
key to define def.augments_inputs
which is included
in inputs of body common control in promises.cf by default.
{
"inputs": [ "my_update.cf" ]
}
Alternatively you can define augments_inputs
directly.
{
"vars": {
"augments_inputs": [ "my_policy.cf" ]
}
}
To extend inputs in the update policy define update_inputs
.
{
"vars": {
"update_inputs": [ "my_update.cf" ]
}
}
See Also: [Augments][Augments], [Extend inputs for update policy in the Masterfiles Policy Framework][Masterfiles Policy Framework#Append to inputs used by update policy]
inputs in body file control
can be used to load additional policy files.
This can be very useful for loading policy files that are relative to each
other.
NOTES:
body file control
can not be used to specify bundles that should be executed.this.promise_*
variables can not be used directly in body file control
. body file control
{
inputs => { "$(this.policy_dirname)/../stdlib.cf" };
}
Bundle variables can be used to achieve relative inputs.
bundle common example_file_control
{
vars:
"policy[stdlib]"
string => "$(this.policy_dirname)/../my_other_policy.cf";
"inputs" slist => getvalues( policy );
}
body file control
{
inputs => { "$(example_file_control.inputs)" };
}
sys.policy_*
variables can be used directly in body file control
. body file control
{
inputs => { "$(sys.policy_entry_dirname)/lib/stdlib.cf" };
}
See Also: [inputs
in body file control
][file control#inputs]
body common control
is the classic way to define the list of policy files that
make up the policy set ( inputs ), and the order of the bundles to be executed
( bundlesequence ).
See Also: [inputs
in body common control
][Components and Common Control#inputs], [bundlesequence
in body common control
][Components and Common Control#bundlesequence]