Looking for a tool to help you format your CFEngine policy? Have you heard of cffmt? You might recall that we had a chat with the author, Miek Gieben in The agent is in - Episode 24.1 In case you missed it, cffmt is a command line tool for formatting CFEngine policy files, like gofmt for.cf files.2 Let’s take a look. Consistent formatting can really ease reading of policy, but sometimes editors are configured differently and you can end up with inconsistently formatted policy.

Have you seen the new Groups feature in CFEngine Enterprise Mission Portal? It was first released in 3.23.0 and it’s part of the 3.24 LTS series released earlier this year, let’s check it out. Groups in Mission Portal can be based on any host reported data. They can be dynamic (hosts can come and go from a group) or they can be static and tied to specific hosts by hostname, mac address, IP or CFEngine’s public key.

Did you know CFEngine can self-organize hosts into different groups? Say you have a few hosts that you want to reboot once a month. You don’t care when, but you want the hosts to self-organize and pick a date. The select_class attribute for classes type promises might be what you’re looking for. Let’s take a look.

What’s the difference between an associative array and a data container in CFEngine? CFEngine has two ways in which structured data can be used, associative arrays (sometimes called classic arrays) and data containers. Let’s take a look at a simple data structure. Here we have two data structures, a_email an associative array and d_email a data container. The policy emits the JSON representation of each.

Ever need to do some math during policy evaluation? Sometimes configuration settings are based on available resources. For example, what if you want to calculate the size of shared buffers to be 25% of your available memory? Let’s write some policy. First, we need to figure out how much memory we have. Let’s parse this out from /proc/meminfo: So, we have 65505464 kB of memory in total. Knowing that we can use eval() to calculate what 25% is. eval() can also be used to test truthfulness.

Within the configuration management space, people often distinguish between agent-based and agent-less approaches. In short, an agent-based solution means that you install a software agent to run in the background / periodically on the system. That software agent then makes changes to the system as desired, and also commonly communicates over the network to send and receive updates, policy, commands, scripts, data, etc.

Ever need to visualize the data your working with? storejson() to the rescue! Let’s re-visit our example for sys.os_release from Feature Friday: Special variables: So, we saw the value of a single key, but if we don’t know what keys are available it can be useful to render the JSON representation. The with attribute in combination with storejson() provides a convenient way to visualize the JSON representation of structured data in CFEngine.

I promised more Build modules in my previous monthly Monday module blog post: package-method-winget. And here they are: windows-capability and windows-optional-feature.

Ever want a custom CFEngine Agent logo? Check out agentsvg. You can find agentsvg in core/contrib/ it’s a python script that can generate CFEngine agent logos. In addition to customizing the head and body colors you can customize the arm positions to be up, down, out or angled and the legs can be straight or out Happy Friday!