Class: Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::ExecResource

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb

Overview

A resource that allows executing scripts on the VM.

The ExecResource has 2 stages: validate and enforce and both stages accept a script as an argument to execute.

When the ExecResource is applied by the agent, it first executes the script in the validate stage. The validate stage can signal that the ExecResource is already in the desired state by returning an exit code of 100. If the ExecResource is not in the desired state, it should return an exit code of 101. Any other exit code returned by this stage is considered an error.

If the ExecResource is not in the desired state based on the exit code from the validate stage, the agent proceeds to execute the script from the enforce stage. If the ExecResource is already in the desired state, the enforce stage will not be run. Similar to validate stage, the enforce stage should return an exit code of 100 to indicate that the resource in now in its desired state. Any other exit code is considered an error.

NOTE: An exit code of 100 was chosen over 0 (and 101 vs 1) to have an explicit indicator of in desired state, not in desired state and errors. Because, for example, Powershell will always return an exit code of 0 unless an exit statement is provided in the script. So, for reasons of consistency and being explicit, exit codes 100 and 101 were chosen.

Defined Under Namespace

Classes: Exec

Instance Attribute Summary collapse

Instance Attribute Details

#enforce::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::ExecResource::Exec 



497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
 
# File 'proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb', line 497

class ExecResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A file or script to execute.
  # @!attribute [rw] file
  #   @return [::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::File]
  #     A remote or local file.
  #
  #     Note: The following fields are mutually exclusive: `file`, `script`. If a field in that set is populated, all other fields in the set will automatically be cleared.
  # @!attribute [rw] script
  #   @return [::String]
  #     An inline script.
  #     The size of the script is limited to 1024 characters.
  #
  #     Note: The following fields are mutually exclusive: `script`, `file`. If a field in that set is populated, all other fields in the set will automatically be cleared.
  # @!attribute [rw] args
  #   @return [::Array<::String>]
  #     Optional arguments to pass to the source during execution.
  # @!attribute [rw] interpreter
  #   @return [::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::ExecResource::Exec::Interpreter]
  #     Required. The script interpreter to use.
  # @!attribute [rw] output_file_path
  #   @return [::String]
  #     Only recorded for enforce Exec.
  #     Path to an output file (that is created by this Exec) whose
  #     content will be recorded in OSPolicyResourceCompliance after a
  #     successful run. Absence or failure to read this file will result in
  #     this ExecResource being non-compliant. Output file size is limited to
  #     100K bytes.
  class Exec
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The interpreter to use.
    module Interpreter
      # Invalid value, the request will return validation error.
      INTERPRETER_UNSPECIFIED = 0

      # If an interpreter is not specified, the
      # source is executed directly. This execution, without an
      # interpreter, only succeeds for executables and scripts that have <a
      # href="https://en.wikipedia.org/wiki/Shebang_(Unix)"
      # class="external">shebang lines</a>.
      NONE = 1

      # Indicates that the script runs with `/bin/sh` on Linux and
      # `cmd.exe` on Windows.
      SHELL = 2

      # Indicates that the script runs with PowerShell.
      POWERSHELL = 3
    end
  end
end

#validate::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::ExecResource::Exec 



497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
 
# File 'proto_docs/google/cloud/osconfig/v1alpha/os_policy.rb', line 497

class ExecResource
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A file or script to execute.
  # @!attribute [rw] file
  #   @return [::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::File]
  #     A remote or local file.
  #
  #     Note: The following fields are mutually exclusive: `file`, `script`. If a field in that set is populated, all other fields in the set will automatically be cleared.
  # @!attribute [rw] script
  #   @return [::String]
  #     An inline script.
  #     The size of the script is limited to 1024 characters.
  #
  #     Note: The following fields are mutually exclusive: `script`, `file`. If a field in that set is populated, all other fields in the set will automatically be cleared.
  # @!attribute [rw] args
  #   @return [::Array<::String>]
  #     Optional arguments to pass to the source during execution.
  # @!attribute [rw] interpreter
  #   @return [::Google::Cloud::OsConfig::V1alpha::OSPolicy::Resource::ExecResource::Exec::Interpreter]
  #     Required. The script interpreter to use.
  # @!attribute [rw] output_file_path
  #   @return [::String]
  #     Only recorded for enforce Exec.
  #     Path to an output file (that is created by this Exec) whose
  #     content will be recorded in OSPolicyResourceCompliance after a
  #     successful run. Absence or failure to read this file will result in
  #     this ExecResource being non-compliant. Output file size is limited to
  #     100K bytes.
  class Exec
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The interpreter to use.
    module Interpreter
      # Invalid value, the request will return validation error.
      INTERPRETER_UNSPECIFIED = 0

      # If an interpreter is not specified, the
      # source is executed directly. This execution, without an
      # interpreter, only succeeds for executables and scripts that have <a
      # href="https://en.wikipedia.org/wiki/Shebang_(Unix)"
      # class="external">shebang lines</a>.
      NONE = 1

      # Indicates that the script runs with `/bin/sh` on Linux and
      # `cmd.exe` on Windows.
      SHELL = 2

      # Indicates that the script runs with PowerShell.
      POWERSHELL = 3
    end
  end
end