Class: Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource

Inherits:

Object

• Object
• Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/osconfig/v1/os_policy.rb

Overview

A resource that allows executing scripts on the VM.

The ExecResource has 2 stages: validate and enforce and both stages accept a script as an argument to execute.

When the ExecResource is applied by the agent, it first executes the script in the validate stage. The validate stage can signal that the ExecResource is already in the desired state by returning an exit code of 100. If the ExecResource is not in the desired state, it should return an exit code of 101. Any other exit code returned by this stage is considered an error.

If the ExecResource is not in the desired state based on the exit code from the validate stage, the agent proceeds to execute the script from the enforce stage. If the ExecResource is already in the desired state, the enforce stage will not be run. Similar to validate stage, the enforce stage should return an exit code of 100 to indicate that the resource in now in its desired state. Any other exit code is considered an error.

NOTE: An exit code of 100 was chosen over 0 (and 101 vs 1) to have an explicit indicator of in desired state, not in desired state and errors. Because, for example, Powershell will always return an exit code of 0 unless an exit statement is provided in the script. So, for reasons of consistency and being explicit, exit codes 100 and 101 were chosen.

Defined Under Namespace

Classes: Exec

Instance Attribute Summary

• #enforce ⇒ ::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec

  What to run to bring this resource into the desired state.

• #validate ⇒ ::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec

  Required.

Instance Attribute Details

#enforce ⇒ ::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec

Returns What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce.

Returns:

• (::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec) —

  What to run to bring this resource into the desired state. An exit code of 100 indicates "success", any other exit code indicates a failure running enforce.

# File 'proto_docs/google/cloud/osconfig/v1/os_policy.rb', line 444

class ExecResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A file or script to execute.
  # @!attribute [rw] file
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicy::Resource::File]
  #     A remote or local file.
  # @!attribute [rw] script
  #   @return [::String]
  #     An inline script.
  #     The size of the script is limited to 1024 characters.
  # @!attribute [rw] args
  #   @return [::Array<::String>]
  #     Optional arguments to pass to the source during execution.
  # @!attribute [rw] interpreter
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec::Interpreter]
  #     Required. The script interpreter to use.
  # @!attribute [rw] output_file_path
  #   @return [::String]
  #     Only recorded for enforce Exec.
  #     Path to an output file (that is created by this Exec) whose
  #     content will be recorded in OSPolicyResourceCompliance after a
  #     successful run. Absence or failure to read this file will result in
  #     this ExecResource being non-compliant. Output file size is limited to
  #     100K bytes.
  class Exec
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The interpreter to use.
    module Interpreter
      # Invalid value, the request will return validation error.
      INTERPRETER_UNSPECIFIED = 0

      # If an interpreter is not specified, the
      # source is executed directly. This execution, without an
      # interpreter, only succeeds for executables and scripts that have <a
      # href="https://en.wikipedia.org/wiki/Shebang_(Unix)"
      # class="external">shebang lines</a>.
      NONE = 1

      # Indicates that the script runs with `/bin/sh` on Linux and
      # `cmd.exe` on Windows.
      SHELL = 2

      # Indicates that the script runs with PowerShell.
      POWERSHELL = 3
    end
  end
end

#validate ⇒ ::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec

Returns Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate.

Returns:

• (::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec) —

  Required. What to run to validate this resource is in the desired state. An exit code of 100 indicates "in desired state", and exit code of 101 indicates "not in desired state". Any other exit code indicates a failure running validate.

# File 'proto_docs/google/cloud/osconfig/v1/os_policy.rb', line 444

class ExecResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A file or script to execute.
  # @!attribute [rw] file
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicy::Resource::File]
  #     A remote or local file.
  # @!attribute [rw] script
  #   @return [::String]
  #     An inline script.
  #     The size of the script is limited to 1024 characters.
  # @!attribute [rw] args
  #   @return [::Array<::String>]
  #     Optional arguments to pass to the source during execution.
  # @!attribute [rw] interpreter
  #   @return [::Google::Cloud::OsConfig::V1::OSPolicy::Resource::ExecResource::Exec::Interpreter]
  #     Required. The script interpreter to use.
  # @!attribute [rw] output_file_path
  #   @return [::String]
  #     Only recorded for enforce Exec.
  #     Path to an output file (that is created by this Exec) whose
  #     content will be recorded in OSPolicyResourceCompliance after a
  #     successful run. Absence or failure to read this file will result in
  #     this ExecResource being non-compliant. Output file size is limited to
  #     100K bytes.
  class Exec
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The interpreter to use.
    module Interpreter
      # Invalid value, the request will return validation error.
      INTERPRETER_UNSPECIFIED = 0

      # If an interpreter is not specified, the
      # source is executed directly. This execution, without an
      # interpreter, only succeeds for executables and scripts that have <a
      # href="https://en.wikipedia.org/wiki/Shebang_(Unix)"
      # class="external">shebang lines</a>.
      NONE = 1

      # Indicates that the script runs with `/bin/sh` on Linux and
      # `cmd.exe` on Windows.
      SHELL = 2

      # Indicates that the script runs with PowerShell.
      POWERSHELL = 3
    end
  end
end