It's very likely that EFL for CFEngine 3.6 will be able to read both CSV and JSON parameter files. Some EFL users are looking forward to this because some CSV files have very long lines and are hard to read. On the other hand some CSV files are short and less cluttered than an equivalent JSON file would be. At first I tried to transition completely to JSON files, but upon further consideration EFL will be able to use both. Here's how.
Above is a screenshot from Evolve's production Delta Reporting service. These hosts are safe from Shell shock. Thanks to Delta Reporting, EFL, and CFEngine our journey to a safe harbour was not long. First we had to design a test for the vulnerability.
I've added a new bundle to the 3.5 branch of EFL. This bundle efl_test_count allows you to count the classes matching a regular expression and test if that count matches your expected count. Consider the efl_service bundle, it promises that services are configured and running. My SSH parameters for this bundle include a template file for configuration. I promise that /etc/ssh/sshd_config is built from the sshd_config.tmp, a template.
After 2 productive days at Devopsdays Toronto I've been thinking more about how to test CFEngine policy. Not just prototype, but production tests too. The ideal situation is that a machine tests your would-be production policy and then deploys it fully if the test suite passes. This is completely automatic. How do we get there?
It was nice meeting everyone last night. Here is the slide deck.