NAME

       cf-promises - validate and analyze CFEngine policy code

SYNOPSIS

       cf-promises [OPTION]...  [FILE]

DESCRIPTION

       cf-promises is a tool for checking CFEngine policy code. It operates by first parsing policy code checing
       for  syntax  errors. Second, it validates the integrity of policy consisting of multiple files. Third, it
       checks for semantic errors, e.g. specific attribute set rules. Finally, cf-promises  attempts  to  expose
       errors  by  partially evaluating the policy, resolving as many variable and classes promise statements as
       possible. At no point does cf-promises make any changes to the system.

OPTIONS

       --workdir, -w value
              Override the work directory for testing (same as setting CFENGINE_TEST_OVERRIDE_WORKDIR)

       --eval-functions, - value
              Evaluate functions during syntax checking (may  catch  more  run-time  errors).  Possible  values:
              'yes', 'no'. Default is 'yes'

       --show-classes, -... value
              Show  discovered classes, including those defined in common bundles in policy. Optionally can take
              a regular expression.

       --show-vars, - value
              Show discovered variables, including those defined without dependency to user-defined  classes  in
              policy. Optionally can take a regular expression.

       --help, -h
              Print the help message

       --bundlesequence, -b value
              Use the specified bundlesequence for verification

       --debug, -d
              Enable debugging output

       --verbose, -v
              Output verbose information about the behaviour of cf-promises

       --log-level, -g value
              Specify  how  detailed  logs  should  be.  Possible  values: 'error', 'warning', 'notice', 'info',
              'verbose', 'debug'

       --dry-run, -n
              All talk and no action mode - make no changes, only inform of promises not kept

       --version, -V
              Output the version of the software

       --file, -f value
              Specify an alternative input file than the default. This option is overridden by FILE if  supplied
              as argument.

       --define, -D value
              Define a list of comma separated classes to be defined at the start of execution

       --negate, -N value
              Define a list of comma separated classes to be undefined at the start of execution

       --inform, -I
              Print basic information about changes made to the system, i.e. promises repaired

       --diagnostic, -x
              Activate internal diagnostics (developers only)

       --policy-output-format, -p value
              Output  the  parsed  policy.  Possible  values:  'none', 'cf', 'json' (this file only), 'cf-full',
              'json-full' (all parsed promises). Default is 'none'. (experimental)

       --syntax-description, -s value
              Output a document describing the available syntax elements of CFEngine. Possible  values:  'none',
              'json'. Default is 'none'.

       --full-check, -c
              Ensure full policy integrity checks

       --warn, -W value
              Pass comma-separated <warnings>|all to enable non-default warnings, or error=<warnings>|all

       --color, -C value
              Enable  colorized  output.  Possible  values:  'always',  'auto',  'never'. If option is used, the
              default value is 'auto'

       --tag-release, -T value
              Tag a directory with promises.cf with cf_promises_validated and cf_promises_release_id

       --timestamp, -l
              Log timestamps on each line of log output

       --ignore-preferred-augments, -
              Ignore def_preferred.json file in favor of def.json

       --log-modules, - value
              Enable even more detailed debug logging for specific areas of  the  implementation.  Use  together
              with '-d'. Use --log-modules=help for a list of available modules

CFENGINE

       CFEngine   provides  automated  configuration  management  of  large-scale  computer  systems.  A  system
       administrator describes the desired state of a system using CFEngine policy code.  The  program  cf-agent
       reads  policy  code and attempts to bring the current system state to the desired state described. Policy
       code is downloaded by cf-agent from a cf-serverd daemon. The daemon cf-execd is responsible  for  running
       cf-agent periodically.
       Documentation for CFEngine is available at https://docs.cfengine.com/.

PROMISE THEORY

       CFEngine  is built on principles from promise theory, proposed by Mark Burgess in 2004. Promise theory is
       a model of voluntary cooperation between individual,  autonomous  actors  or  agents  who  publish  their
       intentions  to one another in the form of promises. A promise is a declaration of intent whose purpose is
       to increase the recipient's certainty about a claim of past, present or future behaviour. For  a  promise
       to  increase  certainty,  the  recipient  needs to trust the promiser, but trust can also be built on the
       verification that previous promises have been kept,  thus  trust  plays  a  symbiotic  relationship  with
       promises.
       For an introduction to promise theory, please see http://arxiv.org/abs/0810.3294/

AVAILABILITY

       cf-promises is part of CFEngine.
       Binary packages may be downloaded from https://cfengine.com/download/.
       The source code is available at https://github.com/cfengine/

BUGS

       Please see the public bug-tracker at https://northerntech.atlassian.net/projects/CFE/.
       GitHub pull-requests may be submitted to https://github.com/cfengine/core/.

SEE ALSO

       cf-promises(8), cf-agent(8), cf-serverd(8), cf-execd(8), cf-monitord(8), cf-runagent(8), cf-key(8)

AUTHOR

       Mark Burgess and Northern.tech AS

System Administration                               CFEngine                                      CF-PROMISES(8)