diff --git a/doc/configuration.txt b/doc/configuration.txt index 8347e8a4d..cf521483a 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -711,6 +711,7 @@ The following keywords are supported in the "global" section : * Debugging - debug - quiet + - zero-warning 3.1. Process management and security @@ -2170,6 +2171,14 @@ quiet Do not display any message during startup. It is equivalent to the command- line argument "-q". +zero-warning + When this option is set, haproxy will refuse to start if any warning was + emitted while processing the configuration. It is highly recommended to set + this option on configurations that are not changed often, as it helps detect + subtle mistakes and keep the configuration clean and forward-compatible. Note + that "haproxy -c" will also report errors in such a case. This option is + equivalent to command line argument "-dW". + 3.4. Userlists -------------- diff --git a/doc/management.txt b/doc/management.txt index a1d8c9c91..181dcf904 100644 --- a/doc/management.txt +++ b/doc/management.txt @@ -228,6 +228,15 @@ list of options is : environment. Never use this in an init script as it degrades SSL security to the servers. + -dW : if set, haproxy will refuse to start if any warning was emitted while + processing the configuration. This helps detect subtle mistakes and keep the + configuration clean and portable across versions. It is recommended to set + this option in service scripts when configurations are managed by humans, + but it is recommended not to use it with generated configurations, which + tend to emit more warnings. It may be combined with "-c" to cause warnings + in checked configurations to fail. This is equivalent to global option + "zero-warning". + -db : disable background mode and multi-process mode. The process remains in foreground. It is mainly used during development or during small tests, as Ctrl-C is enough to stop the process. Never use it in an init script. diff --git a/include/types/global.h b/include/types/global.h index 718cfd814..407fbff60 100644 --- a/include/types/global.h +++ b/include/types/global.h @@ -48,6 +48,7 @@ #define MODE_FOREGROUND 0x40 #define MODE_MWORKER 0x80 /* Master Worker */ #define MODE_MWORKER_WAIT 0x100 /* Master Worker wait mode */ +#define MODE_ZERO_WARNING 0x200 /* warnings cause a failure */ /* list of last checks to perform, depending on config options */ #define LSTCHK_CAP_BIND 0x00000001 /* check that we can bind to any port */ diff --git a/src/cfgparse-global.c b/src/cfgparse-global.c index 0e6905976..2b3249758 100644 --- a/src/cfgparse-global.c +++ b/src/cfgparse-global.c @@ -133,6 +133,11 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm) goto out; global.mode |= MODE_QUIET; } + else if (!strcmp(args[0], "zero-warning")) { + if (alertif_too_many_args(0, file, linenum, args, &err_code)) + goto out; + global.mode |= MODE_ZERO_WARNING; + } else if (!strcmp(args[0], "tune.runqueue-depth")) { if (alertif_too_many_args(1, file, linenum, args, &err_code)) goto out; diff --git a/src/haproxy.c b/src/haproxy.c index 359b97093..b06a78004 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -658,6 +658,7 @@ static void usage(char *name) #endif " -dr ignores server address resolution failures\n" " -dV disables SSL verify on servers side\n" + " -dW fails if any warning is emitted\n" " -sf/-st [pid ]* finishes/terminates old pids.\n" " -x get listening sockets from a unix socket\n" " -S [,...] new master CLI\n" @@ -1762,6 +1763,8 @@ static void init(int argc, char **argv) arg_mode |= MODE_VERBOSE; else if (*flag == 'd' && flag[1] == 'b') arg_mode |= MODE_FOREGROUND; + else if (*flag == 'd' && flag[1] == 'W') + arg_mode |= MODE_ZERO_WARNING; else if (*flag == 'd' && flag[1] == 'M') mem_poison_byte = flag[2] ? strtol(flag + 2, NULL, 0) : 'P'; else if (*flag == 'd' && flag[1] == 'r') @@ -1895,7 +1898,7 @@ static void init(int argc, char **argv) } global.mode |= (arg_mode & (MODE_DAEMON | MODE_MWORKER | MODE_FOREGROUND | MODE_VERBOSE - | MODE_QUIET | MODE_CHECK | MODE_DEBUG)); + | MODE_QUIET | MODE_CHECK | MODE_DEBUG | MODE_ZERO_WARNING)); if (getenv("HAPROXY_MWORKER_WAIT_ONLY")) { unsetenv("HAPROXY_MWORKER_WAIT_ONLY"); @@ -2097,6 +2100,11 @@ static void init(int argc, char **argv) exit(1); } + if (warned & WARN_ANY && global.mode & MODE_ZERO_WARNING) { + ha_alert("Some warnings were found and 'zero-warning' is set. Aborting.\n"); + exit(1); + } + if (global.mode & MODE_CHECK) { struct peers *pr; struct proxy *px;