regent-sdk 0.7.0

Multi-paradigm configuration management system as a library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

use regent_sdk::ExpectedState;
use regent_sdk::hosts::inventory::Inventory;
use regent_sdk::secrets::{SecretProvider, SecretProvidersPool};
use tracing_subscriber;

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt().init();

    let yaml_inventory_builder = r#"---
DefaultConnectionMethod: !Ssh2
    AuthMethod: !Key
        Username: regenter
        Key:
            SecRef: ./ssh/private.key

GlobalVars:
    package_name: httpd
    service_name: bluetooth

Hosts:
  - Id: my_managed_host
    Endpoint: localhost
    HostConnectionMethod: !Ssh2
      AuthMethod: !UsernamePassword
        SecRef: ./dev/credentials.secret
"#;

    let mut inventory = Inventory::from_raw_yaml(yaml_inventory_builder).unwrap();

    // Describe the expected state
    let expected_state_description = r#"---
Attributes:
  - Name: token value set in conf file
    Privilege: !None
    Detail: !LineInFile
      FilePath: ~/my_token
      Line: "A_VERY_LONG_TOKEN"
      State: !Present
      Position: !Top

  - Name: bluetooth available
    Privilege: !None
    Detail: !Service
      Name: "{{ service_name }}"
      CurrentStatus: !Active
      AutoStart: !Enabled
"#;

    let expected_state = match ExpectedState::from_raw_yaml(expected_state_description) {
        Ok(state) => state,
        Err(error_detail) => {
            println!("Wrong yaml content : {:?}", error_detail);
            std::process::exit(1);
        }
    };

    // Build a SecretProvidersPool
    let secret_providers = SecretProvidersPool::from("env_vars", SecretProvider::files());

    // Open connections within this Inventory
    let mut living_inventory = inventory.init(Some(secret_providers)).await.unwrap();

    // Try reach compliance if not already there
    match living_inventory.reach_compliance(&expected_state).await {
        Ok(inventory_compliance) => {
            for (host_id, compliance_status) in inventory_compliance {
                if compliance_status.is_already_compliant() {
                    // Do something with that information
                } else {
                    // This host was not compliant. Actions have been taken to remedy this situation.
                    // You have access to what was done :
                    // - in realtime through tracing events created on the fly
                    // - after the fact with this :
                    for (remediation, remediation_outcome) in compliance_status.actions_taken() {
                        println!("*** {:?} -> {:?}", remediation, remediation_outcome);
                    }
                }
            }
        }
        Err(error_detail) => {
            // Something went seriously wrong and forbade from even trying to assess/reach compliance.
        }
    }
}