Danny Sauer Wrote:
Ø If you don't have a single path from test to production, then your testing is potentially invalid, so I don't see a benefit to promoting code to production when the unchanged part of the codebase might differ between test and prod. That seems like it could well promote instability. Treating the entire policy as a single entity seems like it would be substantially more reliable.
This is another good point.
While CFE does try to make changes convergent, and our developers try not to write incompatible/conflicting policies, what happens if a feature implemented in DC1 does not play nicely with a feature implemented in DC2, when both of those features are implemented in DC3?
Unless there’s a test/qa branch for each of the DC’s configurations (or an exponential number of test cases), a feature hasn’t been tested.
In Summary:
Go linear, use guards (DC1:: inputs => feature.cf) to protect new code, but have it pushed everywhere, loosen the guards (DC1|DC2:: inputs => feature.cf)when the policy can be rolled out to another DC, until your guard is “any::”, then you can take the guard out.
Oh, and make a post-commit hook for the Master branch to tell your developers to “git pull” into their working branches J
--Joe
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To post to this group, send email to help-c...@googlegroups.com.
--
I was working on a similar thing recently. ... we can be selective about which specific hosts get the new policy and which hosts continue to run the old policy until we have transitioned all hosts over to /var/cfengine/masterfiles again.