Skip to content

Commit

Permalink
for #2045 added oakpal config for rep:policy and config page checking (
Browse files Browse the repository at this point in the history 
…#2051)

* for #2045 added oakpal config for rep:policy and config page checking
  • Loading branch information
@adamcin @HitmanInWis
adamcin authored and HitmanInWis committed Sep 20, 2019
1 parent 4903d80 commit 866ee41
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com)

### Changed
- #2033 - Upgraded oakpal to 1.4.2; added .opear artifact for oakpal-checks module for docker-based cli scans
- #2045 added oakpal configuration to ui.content to verify that rep:policy nodes are effectively applied, and that existing config pages are not deleted

## [4.3.2] - 2019-08-29

Expand Down
84 changes: 83 additions & 1 deletion ui.content/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,8 @@
<!-- use mvn oakpal:webster -Dwebster.repositoryHome=/path/to/crx-quickstart/repository to update
nodetypes.cnd and privileges.xml in the package -->

<!-- Enforce separation of content and code (CONTENT ONLY) -->
<checks>
<!-- Enforce separation of content and code (CONTENT ONLY) -->
<check>
<name>basic/paths</name>
<config>
Expand All @@ -97,10 +97,92 @@
<type>deny</type>
</rule>
</rules>
<denyAllDeletes>true</denyAllDeletes>
</config>
</check>
<!-- check that rep:policy nodes are actually created by the package -->
<check>
<name>check-expected-policy-paths</name>
<inlineScript>
function afterExtract(packageId, session) {
var policyPaths = [
"/oak:index",
"/content",
"/content/dam",
"/etc",
"/etc/acs-commons/bulk-workflow-manager",
"/etc/acs-commons/notifications",
"/etc/acs-commons/redirect-maps",
"/etc/cloudservices/dtm",
"/etc/cloudservices/sharethis",
"/etc/cloudservices/typekit",
"/etc/packages",
"/etc/notification/email",
"/etc/workflow/instances",
"/home/groups",
"/home/users",
"/var/workflow/instances",
"/var/acs-commons",
"/var/acs-commons/httpcache",
"/var/acs-commons/mcp",
"/var/acs-commons/on-deploy-scripts-status"
];
for (var idx in policyPaths) {
var path = policyPaths[idx] + "/rep:policy";
if (!session.itemExists(path)) {
// change this to major when missing paths are resolved.
oakpal.minorViolation("expected path creation: " + path, packageId);
}
}
}
</inlineScript>
</check>
</checks>

<!-- assume that we are installing into an instance where utility pages and configs have already
been created for prior versions -->
<forcedRoots>
<forcedRoot>
<path>/etc/acs-commons/automatic-package-replication/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/bulk-workflow-manager/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/dispatcher-flush/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/exporters/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/instant-package/jcr:content/config/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/lists/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/notifications/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/packagers/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/qr-code/jcr:content/config/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/acs-commons/redirect-maps/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/cloudservices/dtm/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/cloudservices/sharethis/default</path>
</forcedRoot>
<forcedRoot>
<path>/etc/cloudservices/typekit/default</path>
</forcedRoot>
</forcedRoots>

<websterTargets>
<nodetypes />
<privileges />
Expand Down

0 comments on commit 866ee41

Please sign in to comment.