[
https://issues.apache.org/jira/browse/SLING-2822?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13631726#comment-13631726
]
Bertrand Delacretaz commented on SLING-2822:
--------------------------------------------
@Felix, it's a Sling servlet, that's useful to organize rules as Sling content
- with the demo content you can for example run just the
http://localhost:8080/apps/muppet/demo/admin-login.muppet.json rule, so we can
organize them in categories like security, performance etc. as a content tree.
The Muppet core OTOH is not dependent on Sling, and should even run outside of
an OSGi environment if rules are registered explicitly instead of using an OSGi
whiteboard pattern.
For security, we could require that the Resource that holds a rule is in the
search path used for scripts (so /lib /apps by default) and verify that the
current user has write permission on it. A user that has this right there is
able to execute arbitrary code anyway, so I think this would be safe, WDYT?
> Muppet - extensible system health checking tool
> -----------------------------------------------
>
> Key: SLING-2822
> URL: https://issues.apache.org/jira/browse/SLING-2822
> Project: Sling
> Issue Type: Improvement
> Components: Testing
> Reporter: Bertrand Delacretaz
> Assignee: Bertrand Delacretaz
> Priority: Minor
> Attachments: nodes.json, nodes.json, setup.bash
>
>
> I have created a prototype at https://github.com/bdelacretaz/muppet-prototype
> that we might want to move to our contrib folder.
> Muppet (it's like a Puppet, but different (*)) allows you to check the health
> of a system by defining rules that (out of the box) verify things like the
> presence of specific OSGi bundles, JMX MBeans values, correct disabling of
> default Sling credentials, etc.
> New rule types can be defined by adding RuleBuilder OSGi services, there are
> several examples in this initial code.
> I'll add a how-to for this initial version here.
> Known issues are:
> -The output does not indicate the value that causes a rule to fail
> -The servlet output is not JSON yet
> -Tags on rules would be nice to be able to run just the performance or
> security rules for example
> -A rule for checking OSGi configuration parameters would be useful.
> (*) credits to Joerg Hoh for that one, as well as inspiration in
> https://github.com/joerghoh/cq5-healthcheck
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
