Puppet Function: ora_secured::lookup_setting

Defined in:
lib/puppet/functions/ora_secured/lookup_setting.rb
Function type:
Ruby 4.x API

Summary

This function uses its current scope te infer what CIS rule is called on what SID.

Overview

ora_secured::lookup_setting(String $key, Any $default_value)Any

Based on this information a hiera key is constructed. First we look up the most specfic key. Then we lookup the more global key. As an example the following puppet code:

define ora_secured::rules::r_1_2(

Array   $ignore = lookup_setting('ignore', []),
...

beeing called as:

ora_secured::rules::r_1_2 { 'DB02':}

will result in a first lookup of the most specific key

ora_secured::rules::r_1_2::db02::ignore

when this key is not found, it will lookup the more global key beeing:

ora_secured::rules::r_1_2::ignore

If this is also not found, we return the specfied default value

See the file “LICENSE” for the full license governing this code.

Parameters:

  • key (String)
  • default_value (Any)

Returns:

  • (Any) 


28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/puppet/functions/ora_secured/lookup_setting.rb', line 28

Puppet::Functions.create_function('ora_secured::lookup_setting', Puppet::Functions::InternalFunction) do
  dispatch :lookup_setting do
    scope_param
    param 'String', :key
    param 'Any',    :default_value
  end

  def lookup_setting(scope, key, default_value = nil)
    rule, sid = scope.to_s.scan(/Scope\((.*)\[(.*)\]\)/).first
    default_name = "#{rule}::#{key}".downcase
    specific_name = "#{rule}::#{sid}::#{key}".downcase
    lookup_invocation = Puppet::Pops::Lookup::Invocation.new(scope, {}, {}, nil)
    begin
      return Puppet::Pops::Lookup.lookup(specific_name, nil, nil, false, nil, lookup_invocation)
    rescue Puppet::DataBinding::LookupError
      return Puppet::Pops::Lookup.lookup(default_name, nil, default_value, true, nil, lookup_invocation)
    end
  end

end