saltstack/salt-bootstrap
1
0
Fork 0
mirror of https://github.com/saltstack/salt-bootstrap.git synced 2025-04-16 01:30:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge develop into stable for v2024.11.07 release

Browse source
This commit is contained in:
Salt Project Packaging 2024-11-07 21:41:51 +00:00
commit 11a924b561
23 changed files with 975 additions and 1561 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
.github/workflows/ci.yml vendored
View file

@ -27,8 +27,6 @@ jobs:
separator: ","
files: |
bootstrap-salt.*
Gemfile
kitchen*.yml
tests/**
.github/workflows/**
files_ignore: |
@ -147,21 +145,6 @@ jobs:
windows-2019:
name: Windows 2019
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-windows.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: windows-2019
display-name: Windows 2019
timeout: 20
runs-on: windows-2019
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
windows-2022:
name: Windows 2022
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -220,20 +203,6 @@ jobs:
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
arch:
name: Arch
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: arch
display-name: Arch
timeout: 20
instances: '["git-master", "latest", "default"]'
centos-stream9:
name: CentOS Stream 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -304,34 +273,6 @@ jobs:
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
gentoo:
name: Gentoo
if: github.event_name == 'push'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: gentoo
display-name: Gentoo
timeout: 90
instances: '["git-master"]'
gentoo-systemd:
name: Gentoo (systemd)
if: github.event_name == 'push'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: gentoo-systemd
display-name: Gentoo (systemd)
timeout: 90
instances: '["git-master"]'
opensuse-15:
name: Opensuse 15
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -482,19 +423,15 @@ jobs:
- generate-actions-workflow
- macos-12
- macos-13
- windows-2019
- windows-2022
- almalinux-8
- almalinux-9
- amazon-2
- arch
- centos-stream9
- debian-11
- debian-12
- fedora-39
- fedora-40
- gentoo
- gentoo-systemd
- opensuse-15
- oraclelinux-8
- oraclelinux-9

320
.github/workflows/release.yml vendored
View file

@ -52,9 +52,10 @@ jobs:
update-develop:
name: Update CHANGELOG.md and bootstrap-salt.sh
runs-on:
- self-hosted
- linux
- repo-release
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
permissions:
contents: write # To be able to publish the release
environment: release
@ -74,35 +75,35 @@ jobs:
python3 -m pip install -r requirements/release.txt
pre-commit install --install-hooks
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
@ -110,8 +111,9 @@ jobs:
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Update Repository
id: update-repo
@ -150,9 +152,10 @@ jobs:
merge-develop-into-stable:
name: Merge develop into stable
runs-on:
- self-hosted
- linux
- repo-release
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
needs:
- update-develop
environment: release
@ -166,35 +169,35 @@ jobs:
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
fetch-depth: 0
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
@ -202,8 +205,9 @@ jobs:
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Download Release Details
uses: actions/download-artifact@v4
@ -227,7 +231,7 @@ jobs:
- name: Tag The ${{ needs.update-develop.outputs.release-version }} Release
run: |
git tag -m "Release ${{ needs.update-develop.outputs.release-version }}" -as ${{ needs.update-develop.outputs.release-version }}
git tag --no-sign -m "Release ${{ needs.update-develop.outputs.release-version }}" -a ${{ needs.update-develop.outputs.release-version }}
- name: Update bootstrap-salt.sh sha256sum's
run: |
@ -247,8 +251,9 @@ jobs:
publish-release:
name: Create GitHub Release
runs-on:
- self-hosted
- linux
- ubuntu-latest
## - self-hosted
## - linux
needs:
- merge-develop-into-stable
environment: release
@ -294,73 +299,75 @@ jobs:
name: release-details
failOnError: false
update-s3-bucket:
name: Update S3 Bucket
runs-on:
- self-hosted
- linux
- repo-release
needs:
- publish-release
environment: release
## update-s3-bucket:
## name: Update S3 Bucket
## runs-on:
## - ubuntu-latest
## ## - self-hosted
## ## - linux
## ## - repo-release
## needs:
## - publish-release
## environment: release
steps:
- uses: actions/checkout@v4
with:
ref: stable
repository: ${{ github.repository }}
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
## steps:
## - uses: actions/checkout@v4
## with:
## ref: stable
## repository: ${{ github.repository }}
## ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
- name: Get Salt Project GitHub Actions Bot Environment
run: |
TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
## - name: Get Salt Project GitHub Actions Bot Environment
## run: |
## TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
## SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
## echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
## ## - name: Setup GnuPG
## ## run: |
## ## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## ## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## ## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## ## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## ## batch
## ## no-tty
## ## pinentry-mode loopback
## ## EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
## ## - name: Get Secrets
## ## id: get-secrets
## ## env:
## ## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## ## run: |
## ## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## ## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## ## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## ## --query SecretString --output text | jq .default_key -r | base64 -d \
## ## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## ## | gpg --import -
## ## sync
## ## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## ## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## ## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## ## sync
## ## rm "$SECRETS_KEY_FILE"
## ## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Install Requirements
run: |
python3 -m pip install -r requirements/release.txt
## ## - name: Install Requirements
## ## run: |
## ## python3 -m pip install -r requirements/release.txt
- name: Upload Stable Release to S3
run: |
tools release s3-publish --key-id 64CBBC8173D76B3F stable
## ## - name: Upload Stable Release to S3
## ## run: |
## ## tools release s3-publish --key-id 64CBBC8173D76B3F stable
update-develop-checksums:
name: Update Release Checksums on Develop
runs-on:
- self-hosted
- linux
- repo-release
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
needs:
- publish-release
environment: release
@ -386,35 +393,35 @@ jobs:
repository: ${{ github.repository }}
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
@ -422,8 +429,9 @@ jobs:
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Update Latest Release on README
run: |

2
.github/workflows/templates/ci.yml vendored
View file

@ -27,8 +27,6 @@ jobs:
separator: ","
files: |
bootstrap-salt.*
Gemfile
kitchen*.yml
tests/**
.github/workflows/**
files_ignore: |

51
.github/workflows/templates/generate.py vendored
View file

@ -6,20 +6,15 @@ import pathlib
os.chdir(os.path.abspath(os.path.dirname(__file__)))
## "amazon-2023",
## "opensuse-tumbleweed",
LINUX_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-8",
"oraclelinux-9",
@ -31,8 +26,8 @@ LINUX_DISTROS = [
"ubuntu-2204",
"ubuntu-2404",
]
WINDOWS = [
"windows-2019",
"windows-2022",
]
@ -41,14 +36,10 @@ OSX = [
"macos-13",
]
## "amazon-2023",
## "opensuse-tumbleweed",
STABLE_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"debian-11",
"debian-12",
@ -66,7 +57,6 @@ STABLE_DISTROS = [
"ubuntu-2404",
]
## "amazon-2023",
ONEDIR_DISTROS = [
"almalinux-8",
"almalinux-9",
@ -99,40 +89,27 @@ ONEDIR_RC_DISTROS = [
"ubuntu-2404",
]
## "opensuse-tumbleweed",
BLACKLIST_3006 = [
"arch",
"debian-12",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"ubuntu-2404",
]
## "opensuse-tumbleweed",
BLACKLIST_3007 = [
"arch",
"fedora-39",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"photon-4",
"photon-5",
]
## "amazon-2023",
## "opensuse-tumbleweed",
BLACKLIST_GIT_3006 = [
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-9",
"photon-4",
@ -143,19 +120,14 @@ BLACKLIST_GIT_3006 = [
"ubuntu-2404",
]
## "amazon-2023",
## "opensuse-tumbleweed",
BLACKLIST_GIT_3007 = [
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-9",
"photon-4",
@ -234,25 +206,17 @@ GIT_DISTRO_BLACKLIST = [
"rockylinux-8",
]
LATEST_PKG_BLACKLIST = [
"gentoo",
"gentoo-systemd",
]
LATEST_PKG_BLACKLIST = []
## "amazon-2023": "Amazon 2023",
## "opensuse-tumbleweed": "Opensuse Tumbleweed",
DISTRO_DISPLAY_NAMES = {
"almalinux-8": "AlmaLinux 8",
"almalinux-9": "AlmaLinux 9",
"amazon-2": "Amazon 2",
"arch": "Arch",
"centos-stream9": "CentOS Stream 9",
"debian-11": "Debian 11",
"debian-12": "Debian 12",
"fedora-39": "Fedora 39",
"fedora-40": "Fedora 40",
"gentoo": "Gentoo",
"gentoo-systemd": "Gentoo (systemd)",
"opensuse-15": "Opensuse 15",
"oraclelinux-8": "Oracle Linux 8",
"oraclelinux-9": "Oracle Linux 9",
@ -265,19 +229,12 @@ DISTRO_DISPLAY_NAMES = {
"ubuntu-2404": "Ubuntu 24.04",
"macos-12": "macOS 12",
"macos-13": "macOS 13",
"windows-2019": "Windows 2019",
"windows-2022": "Windows 2022",
}
TIMEOUT_DEFAULT = 20
TIMEOUT_OVERRIDES = {
"gentoo": 90,
"gentoo-systemd": 90,
}
VERSION_ONLY_OVERRIDES = [
"gentoo",
"gentoo-systemd",
]
TIMEOUT_OVERRIDES = {}
VERSION_ONLY_OVERRIDES = []
TEMPLATE = """
{distro}:

45
.github/workflows/test-linux.yml vendored
View file

@ -26,7 +26,11 @@ on:
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ubuntu-20.04
## runs-on: ubuntu-20.04
runs-on: ubuntu-latest
container:
image: ghcr.io/saltstack/salt-ci-containers/packaging:ubuntu-22.04
timeout-minutes: ${{ inputs.timeout }}
strategy:
max-parallel: 2
@ -37,39 +41,18 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python Dependencies
- name: Install Pytest
run: |
python3 -m pip install -U pip
python3 -m pip install -r tests/requirements.txt
pip install -U pytest
- name: Create Test Instance
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
(sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
sleep 2
## TBD Disabled until CI/CD is functional
## - name: Bootstrap Salt
## run: |
## sh -x ./bootstrap-salt.sh
- name: Test Bootstrap
run: |
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
## - name: Test Bootstrap
## run: |
## pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

43
.github/workflows/test-macos.yml vendored
View file

@ -28,13 +28,11 @@ on:
default: 20
description: The timeout(in minutes) for the workflow
env:
KITCHEN_LOCAL_YAML: 'kitchen.macos.yml'
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ${{ inputs.runs-on }}
## runs-on: ${{ inputs.runs-on }}
runs-on: macos-13
timeout-minutes: ${{ inputs.timeout }}
strategy:
fail-fast: false
@ -44,39 +42,18 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python Dependencies
- name: Install Pytest
run: |
pip install -U pip
pip install -r tests/requirements.txt
pip install -U pytest
- name: Create Test Instance
- name: Bootstrap Salt
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
(sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
sleep 2
sudo sh -x ./bootstrap-salt.sh
- name: Test Bootstrap
run: |
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
## TBD Disabled until CI/CD is functional
## - name: Test Bootstrap
## run: |
## pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

73
.github/workflows/test-windows.yml vendored
View file

@ -28,16 +28,10 @@ on:
default: 20
description: The timeout(in minutes) for the workflow
env:
machine_user: kitchen
machine_pass: Password1
machine_port: 5985
KITCHEN_LOCAL_YAML: 'kitchen.windows.yml'
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ${{ inputs.runs-on }}
runs-on: windows-latest
timeout-minutes: ${{ inputs.timeout }}
strategy:
fail-fast: false
@ -47,65 +41,34 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Install Chef
uses: actionshub/chef-install@1.1.0
with:
project: chef
version: 16.10.8
- name: Add Chef bindir to PATH
uses: myci-actions/export-env-var-powershell@1
with:
name: PATH
value: "C:\\opscode\\chef\\bin;C:\\opscode\\chef\\embedded\\bin;$env:PATH"
- name: Setup test user
run: |
$password = ConvertTo-SecureString $env:machine_pass -AsPlainText -Force
New-LocalUser $env:machine_user -Password $password
Add-LocalGroupMember -Group "Administrators" -Member $env:machine_user
Get-LocalUser
Get-LocalGroupMember -Group "Administrators"
- name: Set up WinRM
run: |
Set-WSManQuickConfig -Force
winrm set winrm/config/service '@{AllowUnencrypted="True"}'
env
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python Dependencies
- name: Install Pytest
run: |
pip install -U pip
pip install -r tests/requirements.txt
pip install -r tests\requirements.txt
- name: Create Test Instance
- name: Get Version
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
$instance = "${{ matrix.instance }}"
$version = $instance -split "-",2
if ( $version.Count -gt 1 ) {
$version = $version[1].Replace("-", ".")
}
Write-Output "SaltVersion=$version" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
- name: Bootstrap Salt
run: |
. .\bootstrap-salt.ps1 -RunService $false -Version $env:SaltVersion
- name: Test Bootstrap
run: |
env
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

7
.gitignore vendored
View file

@ -2,14 +2,9 @@
*.sw?
*.un~
.vagrant
*__pycache__
tools
venv
# Pycharm
.idea
# test-kitchen
.kitchen.local.yml
kitchen.local.yml
.kitchen/
.bundle/

9
.pre-commit-config.yaml
View file

@ -37,13 +37,6 @@ repos:
args:
- requirements/release.in
## DGM - repo: https://github.com/asottile/pyupgrade
## DGM rev: v3.15.0
## DGM hooks:
## DGM - id: pyupgrade
## DGM name: Rewrite Code to be Py3.10+
## DGM args: [--py310-plus]
- repo: https://github.com/asottile/pyupgrade
rev: v3.15.0
hooks:
@ -58,7 +51,7 @@ repos:
args: [--py310-plus]
- repo: https://github.com/psf/black
rev: 24.1.0
rev: 24.10.0
hooks:
- id: black
args: []

27
CHANGELOG.md
View file

@ -1,3 +1,30 @@
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
- Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
- Fixing git tag signing issue by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2037
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
- Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.09.24
## What's Changed

11
Gemfile
View file

@ -1,11 +0,0 @@
# frozen_string_literal: true
source "https://rubygems.org"
gem 'test-kitchen', '>= 3.2.2'
gem 'kitchen-salt', '>= 0.7.2'
gem 'kitchen-docker', :git => 'https://github.com/test-kitchen/kitchen-docker.git', :branch => 'main'
group :vagrant do
gem 'kitchen-vagrant'
end

1
README.rst
View file

@ -37,6 +37,7 @@ sum** of the downloaded ``bootstrap-salt.sh`` file.
The SHA256 sum of the ``bootstrap-salt.sh`` file, per release, is:
- 2024.09.24: ``88e4e4cad4b115a7b721dd9c21d5ee5df390b5b73b63de48f99399146f43f371``
- 2024.07.23: ``7212b6b497b5c3d2bf15bfe5301625ec7bc1bf3e2949cd47d8e2073614935bf8``
- 2024.07.18: ``92a74e7ff8a9032a7713c2b3955991d66aaca08a4eb9494ce3dd66b5044f6bc3``
- 2024.07.16: ``4f76d1549c71d696a605f97645d8633b6269c4d9ae54b1fbdfedca1dcf893e7a``

119
Vagrantfile vendored
View file

@ -1,119 +0,0 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# All Vagrant configuration is done here. The most common configuration
# options are documented and commented below. For a complete reference,
# please see the online documentation at vagrantup.com.
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "ubuntu/focal64"
# The url from where the 'config.vm.box' box will be fetched if it
# doesn't already exist on the user's system.
# config.vm.box_url = "http://domain.com/path/to/above.box"
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# config.vm.network :forwarded_port, guest: 80, host: 8080
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network :private_network, ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network :public_network
# If true, then any SSH connections made will enable agent forwarding.
# Default value: false
# config.ssh.forward_agent = true
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
config.vm.synced_folder ".", "/salt_bootstrap"
config.vm.provision "shell", path: "bootstrap-salt.sh"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider :virtualbox do |vb|
# # Don't boot with headless mode
# vb.gui = true
#
# # Use VBoxManage to customize the VM. For example to change memory:
# vb.customize ["modifyvm", :id, "--memory", "1024"]
# end
#
# View the documentation for the provider you're using for more
# information on available options.
# Enable provisioning with Puppet stand alone. Puppet manifests
# are contained in a directory path relative to this Vagrantfile.
# You will need to create the manifests directory and a manifest in
# the file precise64.pp in the manifests_path directory.
#
# An example Puppet manifest to provision the message of the day:
#
# # group { "puppet":
# # ensure => "present",
# # }
# #
# # File { owner => 0, group => 0, mode => 0644 }
# #
# # file { '/etc/motd':
# # content => "Welcome to your Vagrant-built virtual machine!
# # Managed by Puppet.\n"
# # }
#
# config.vm.provision :puppet do |puppet|
# puppet.manifests_path = "manifests"
# puppet.manifest_file = "site.pp"
# end
# Enable provisioning with chef solo, specifying a cookbooks path, roles
# path, and data_bags path (all relative to this Vagrantfile), and adding
# some recipes and/or roles.
#
# config.vm.provision :chef_solo do |chef|
# chef.cookbooks_path = "../my-recipes/cookbooks"
# chef.roles_path = "../my-recipes/roles"
# chef.data_bags_path = "../my-recipes/data_bags"
# chef.add_recipe "mysql"
# chef.add_role "web"
#
# # You may also specify custom JSON attributes:
# chef.json = { :mysql_password => "foo" }
# end
# Enable provisioning with chef server, specifying the chef server URL,
# and the path to the validation key (relative to this Vagrantfile).
#
# The Opscode Platform uses HTTPS. Substitute your organization for
# ORGNAME in the URL and validation key.
#
# If you have your own Chef Server, use the appropriate URL, which may be
# HTTP instead of HTTPS depending on your configuration. Also change the
# validation key to validation.pem.
#
# config.vm.provision :chef_client do |chef|
# chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
# chef.validation_key_path = "ORGNAME-validator.pem"
# end
#
# If you're using the Opscode platform, your validator client is
# ORGNAME-validator, replacing ORGNAME with your organization name.
#
# If you have your own Chef Server, the default validation client name is
# chef-validator, unless you changed the configuration.
#
# chef.validation_client_name = "ORGNAME-validator"
end

354
bootstrap-salt.ps1
View file

@ -18,7 +18,7 @@
Specifies a particular version of the installer.
.EXAMPLE
./bootstrap-salt.ps1 -RunService false
./bootstrap-salt.ps1 -RunService $false
Specifies the salt-minion service to stop and be set to manual. Useful for
testing locally from the command line with the --local switch
@ -28,7 +28,7 @@
installer values of host name for the minion id and "salt" for the master.
.EXAMPLE
./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService false
./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService $false
Specifies all the optional parameters in no particular order.
.NOTES
@ -56,12 +56,11 @@ param(
[String]$Version = "latest",
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[ValidateSet("true","false")]
[Alias("s")]
# Boolean flag to start or stop the minion service. True will start the
# minion service. False will stop the minion service and set it to "manual".
# Boolean flag to start or stop the minion service. $true will start the
# minion service. $false will stop the minion service and set it to "manual".
# The installer starts it by default.
[String]$RunService = "true",
[Bool]$RunService = $true,
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("m")]
@ -76,12 +75,11 @@ param(
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("r")]
# URL to the windows packages. Will look for a file named repo.json at the
# root of the URL. This file is used to determine the name and location of
# the installer in the repo. If repo.json is not found, it will look for the
# file under the minor directory.
# Default is "https://repo.saltproject.io/salt/py3/windows"
[String]$RepoUrl = "https://repo.saltproject.io/salt/py3/windows",
# URL to the windows packages. Will look for the installer at the root of
# the URL/Version. Place a folder for each version of Salt in this directory
# and place the installer binary for each version in its folder.
# Default is "https://packages.broadcom.com/artifactory/saltproject-generic/windows/"
[String]$RepoUrl = "https://packages.broadcom.com/artifactory/saltproject-generic/windows/",
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("c")]
@ -110,7 +108,7 @@ if ($help) {
exit 0
}
$__ScriptVersion = "2024.09.24"
$__ScriptVersion = "2024.11.07"
$ScriptName = $myInvocation.MyCommand.Name
# We'll check for the Version next, because it also has no requirements
@ -301,16 +299,29 @@ if (!(Get-IsAdministrator)) {
}
#===============================================================================
# Change RepoUrl for older versions
# Check for older versions
#===============================================================================
$defaultUrl = "https://repo.saltproject.io/salt/py3/windows"
$oldRepoUrl = "https://repo.saltproject.io/windows"
$majorVersion = Get-MajorVersion -Version $Version
if ( [Uri]($RepoUrl).AbsoluteUri -eq $defaultUrl ) {
# No customURL passed, let's check for a pre 3006 version
if ($majorVersion -lt "3006") {
# This is an older version, use the old URL
$RepoUrl = $oldRepoUrl
if ($majorVersion -lt "3006") {
# This is an older version, use the old URL
Write-Host "Versions older than 3006 are not available" -ForegroundColor Red
exit 1
}
#===============================================================================
# Declare variables
#===============================================================================
$ConfDir = "$RootDir\conf"
$PkiDir = "$ConfDir\pki\minion"
$RootDir = "$env:ProgramData\Salt Project\Salt"
$DfltUrl = "https://packages.broadcom.com/artifactory/saltproject-generic/windows/"
$ApiUrl = "https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/windows"
# Check for existing installation where RootDir is stored in the registry
$SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
if (Test-Path -Path $SaltRegKey) {
if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
$RootDir = (Get-ItemProperty $SaltRegKey).root_dir
}
}
@ -325,48 +336,24 @@ Write-Verbose "runservice: $RunService"
Write-Verbose "master: $Master"
Write-Verbose "minion: $Minion"
Write-Verbose "repourl: $RepoUrl"
Write-Verbose "apiurl: $ApiUrl"
Write-Verbose "ConfDir: $ConfDir"
Write-Verbose "RootDir: $RootDir"
if ($RunService.ToLower() -eq "true") {
if ($RunService) {
Write-Verbose "Windows service will be set to run"
[bool]$RunService = $True
} elseif ($RunService.ToLower() -eq "false") {
} else {
Write-Verbose "Windows service will be stopped and set to manual"
[bool]$RunService = $False
} else {
# Param passed in wasn't clear so defaulting to true.
Write-Verbose "Windows service defaulting to run automatically"
[bool]$RunService = $True
}
#===============================================================================
# Ensure Directories are present, copy Vagrant Configs if found
#===============================================================================
$ConfiguredAnything = $False
# Detect older version of Salt to determing default RootDir
if ($majorVersion -lt 3004) {
$RootDir = "$env:SystemDrive`:\salt"
} else {
$RootDir = "$env:ProgramData\Salt Project\Salt"
}
# Check for existing installation where RootDir is stored in the registry
$SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
if (Test-Path -Path $SaltRegKey) {
if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
$RootDir = (Get-ItemProperty $SaltRegKey).root_dir
}
}
$ConfDir = "$RootDir\conf"
$PkiDir = "$ConfDir\pki\minion"
Write-Verbose "ConfDir: $ConfDir"
#===============================================================================
# Copy Vagrant Files to their proper location.
#===============================================================================
$ConfiguredAnything = $False
# Vagrant files will be placed in C:\tmp
# Check if minion keys have been uploaded, copy to correct location
if (Test-Path C:\tmp\minion.pem) {
@ -413,146 +400,83 @@ if ([IntPtr]::Size -eq 4) {
}
#===============================================================================
# Get file name to download
# Getting version information from the repo
#===============================================================================
$saltFileName = ""
$saltVersion = ""
$saltSha512= ""
$saltFileUrl = ""
# Look for a repo.json file
try {
Write-Verbose "Looking for $RepoUrl/repo.json"
$response = Invoke-WebRequest "$RepoUrl/repo.json" `
-DisableKeepAlive `
-UseBasicParsing `
-Method Head
if ( $response.StatusCode -eq "200" ) {
Write-Verbose "Found $RepoUrl/repo.json"
# This URL contains a repo.json file, let's use it
$use_repo_json = $true
} else {
Write-Verbose "Did not find $RepoUrl/repo.json"
# No repo.json file found at the default location
$use_repo_json = $false
}
} catch {
Write-Verbose "There was an error looking up $RepoUrl/repo.json"
Write-Verbose "ERROR: $_"
$use_repo_json = $false
}
if ( $use_repo_json ) {
# We will use the json file to get the name of the installer
$enc = [System.Text.Encoding]::UTF8
try {
Write-Verbose "Downloading $RepoUrl/repo.json"
$response = Invoke-WebRequest -Uri "$RepoUrl/repo.json" -UseBasicParsing
if ($response.Content.GetType().Name -eq "Byte[]") {
$psobj = $enc.GetString($response.Content) | ConvertFrom-Json
} else {
$psobj = $response.Content | ConvertFrom-Json
}
$hash = Convert-PSObjectToHashtable $psobj
} catch {
Write-Verbose "repo.json not found at: $RepoUrl"
Write-Host "ERROR: $_"
$hash = @{}
if ( $RepoUrl -eq $DfltUrl ) {
Write-Verbose "Getting version information from Artifactory"
$response = Invoke-WebRequest $ApiUrl -UseBasicParsing
# Convert the output to a powershell object
$psobj = $response.ToString() | ConvertFrom-Json
# Filter the object for folders
$filtered = $psobj.children | Where-Object -Property folder -EQ $true
# Get each uri and add it to the list of versions
$available_versions = [System.Collections.ArrayList]@()
$filtered | Select-Object -Property uri | ForEach-Object {
$available_versions.Add($_.uri.Trim("/")) | Out-Null
}
$searchVersion = $Version.ToLower()
if ( $hash.Contains($searchVersion)) {
Write-Verbose "Found $searchVersion in $RepoUrl/repo.json"
foreach ($item in $hash.($searchVersion).Keys) {
if ( $item.ToLower().EndsWith(".exe") ) {
if ( $item.ToLower().Contains($arch.ToLower()) ) {
$saltFileName = $hash.($searchVersion).($item).name
$saltVersion = $hash.($searchVersion).($item).version
$saltSha512 = $hash.($searchVersion).($item).SHA512
}
}
}
} else {
try {
Write-Verbose "Searching for $searchVersion in $RepoUrl/minor/repo.json"
$response = Invoke-WebRequest -Uri "$RepoUrl/minor/repo.json" -UseBasicParsing
if ($response.Content.GetType().Name -eq "Byte[]") {
$psobj = $enc.GetString($response.Content) | ConvertFrom-Json
} else {
$psobj = $response.Content | ConvertFrom-Json
}
$hash = Convert-PSObjectToHashtable $psobj
} catch {
Write-Verbose "repo.json not found at: $RepoUrl/minor/repo.json"
Write-Verbose "ERROR: $_"
$hash = @{}
}
if ( $hash.Contains($searchVersion)) {
Write-Verbose "Found $searchVersion in $RepoUrl/minor/repo.json"
foreach ($item in $hash.($searchVersion).Keys) {
if ( $item.ToLower().EndsWith(".exe") ) {
if ( $item.ToLower().Contains($arch.ToLower()) ) {
$saltFileName = $hash.($searchVersion).($item).name
$saltVersion = $hash.($searchVersion).($item).version
$saltSha512 = $hash.($searchVersion).($item).SHA512
}
}
}
} else {
Write-Verbose "Version not found in $RepoUrl/minor/repo.json"
}
}
}
# Create a versions table, similar to repo.json
# This will have the latest version available, the latest version available for
# each major version, and every version available. This makes the version
# lookup logic easier. You can view the contents of the versions table by
# passing the -Verbose command
$latest = $available_versions | Select-Object -Last 1
$versions_table = [ordered]@{"latest"=$latest}
if ( $saltFileName -and $saltVersion -and $saltSha512 ) {
Write-Verbose "Found Name, Version, and Sha"
} else {
# We will guess the name of the installer
Write-Verbose "Failed to get Name, Version, and Sha from repo.json"
Write-Verbose "We'll try to find the file in standard paths"
$available_versions | ForEach-Object {
$versions_table[$(Get-MajorVersion $_)] = $_
$versions_table[$_.ToLower()] = $_.ToLower()
}
Write-Verbose "Available versions:"
$available_versions | ForEach-Object {
Write-Verbose "- $_"
}
Write-Verbose "Versions Table:"
$versions_table | Sort-Object Name | Out-String | Write-Verbose
#===============================================================================
# Validate passed version
#===============================================================================
if ( $versions_table.Contains($Version.ToLower()) ) {
$Version = $versions_table[$Version.ToLower()]
} else {
Write-Host "Version $Version is not available" -ForegroundColor Red
Write-Host "Available versions are:" -ForegroundColor Yellow
$available_versions | ForEach-Object { Write-Host "- $_" -ForegroundColor Yellow }
exit 1
}
#===============================================================================
# Get file url and sha256
#===============================================================================
$saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
$response = Invoke-WebRequest "$ApiUrl/$Version/$saltFileName" -UseBasicParsing
$psobj = $response.ToString() | ConvertFrom-Json
$saltFileUrl = $psobj.downloadUri
$saltSha256 = $psobj.checksums.sha256
if ( $saltFileName -and $saltVersion -and $saltSha256) {
Write-Verbose "Found Name, Version, and Sha"
} else {
# We will guess the name of the installer
Write-Verbose "Failed to get Name, Version, and Sha from Artifactory API"
Write-Verbose "We'll try to find the file in standard paths"
$saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
$saltVersion = $Version
}
} else {
# If we're using a custom RepoUrl, we're going to assum that the binary is
# in the reoot of the RepoUrl/Version. We will not check the sha on custom
# repos
$saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
$saltFileUrl = "$RepoUrl/$Version/$saltFileName"
$saltVersion = $Version
$saltSha256 = ""
}
Write-Verbose "Creating list of urls using the following:"
Write-Verbose "RepoUrl: $RepoUrl"
Write-Verbose "Version: $saltVersion"
Write-Verbose "File Name: $saltFileName"
$urls = $(@($RepoUrl, $saltVersion, $saltFileName) -join "/"),
$(@($RepoUrl, "minor", $saltVersion, $saltFileName) -join "/"),
$(@($RepoUrl, $saltFileName) -join "/"),
$(@($oldRepoUrl, $saltFileName) -join "/")
$saltFileUrl = $null
foreach ($url in $urls) {
try {
Write-Verbose "Looking for installer at: $url"
$response = Invoke-WebRequest "$url" `
-DisableKeepAlive `
-UseBasicParsing `
-Method Head
if ( $response.StatusCode -eq "200" ) {
Write-Verbose "Found installer"
# This URL contains a repo.json file, let's use it
$saltFileUrl = $url
break
} else {
Write-Verbose "Installer not found: $url"
}
} catch {
Write-Verbose "ERROR: $url"
}
}
if ( !$saltFileUrl ) {
Write-Host "Could not find an installer:"
Write-Verbose "Here are the urls searched:"
foreach ($url in $urls) {
Write-Verbose $url
}
exit 1
}
#===============================================================================
# Download minion setup file
#===============================================================================
@ -561,6 +485,7 @@ Write-Host " Bootstrapping Salt Minion" -ForegroundColor Green
Write-Host " - version: $Version"
Write-Host " - file name: $saltFileName"
Write-Host " - file url: $saltFileUrl"
Write-Host " - file hash: $saltSha256"
Write-Host " - master: $Master"
Write-Host " - minion id: $Minion"
Write-Host " - start service: $RunService"
@ -573,22 +498,23 @@ Write-Verbose ""
Write-Verbose "Salt File URL: $saltFileUrl"
Write-Verbose "Local File: $localFile"
$webclient = New-Object System.Net.WebClient
$webclient.DownloadFile($saltFileUrl, $localFile)
if ( Test-Path -Path $localFile ) {Remove-Item -Path $localFile -Force}
Invoke-WebRequest -Uri $saltFileUrl -OutFile $localFile
if ( Test-Path -Path $localFile ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
if ( $saltSha512 ) {
$localSha512 = (Get-FileHash -Path $localFile -Algorithm SHA512).Hash
if ( $saltSha256 ) {
$localSha256 = (Get-FileHash -Path $localFile -Algorithm SHA256).Hash
Write-Host "Comparing Hash: " -NoNewline
Write-Verbose ""
Write-Verbose "Local Hash: $localSha512"
Write-Verbose "Remote Hash: $saltSha512"
if ( $localSha512 -eq $saltSha512 ) {
Write-Verbose "Local Hash: $localSha256"
Write-Verbose "Remote Hash: $saltSha256"
if ( $localSha256 -eq $saltSha256 ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
@ -626,7 +552,7 @@ $process | Wait-Process -Timeout 300 -ErrorAction SilentlyContinue
$process.Refresh()
if ( !$process.HasExited ) {
Write-Host "Timedout" -ForegroundColor Yellow
Write-Host "Installer Timeout" -ForegroundColor Yellow
Write-Host "Killing hung installer: " -NoNewline
$process | Stop-Process
$process.Refresh()
@ -636,8 +562,6 @@ if ( !$process.HasExited ) {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "Checking installed service: " -NoNewline
}
# Wait for salt-minion service to be registered to verify successful
@ -658,7 +582,7 @@ while ( ! $service ) {
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to be installed"
Write-Host "Timeout waiting for the salt-minion service to be installed"
exit 1
}
}
@ -676,27 +600,31 @@ if( $RunService ) {
# We'll try for 2 minutes, sometimes the minion takes that long to start as
# it compiles python code for the first time
$max_tries = 60
while ( $service.Status -ne "Running" ) {
if ( $service.Status -eq "Stopped" ) {
Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
}
Start-Sleep -Seconds 2
Write-Verbose "Checking the service status"
$service.Refresh()
if ( $service.Status -eq "Running" ) {
Write-Host "Success" -ForegroundColor Green
} else {
if ( $tries -le $max_tries ) {
$tries += 1
if ( $service.Status -ne "Running" ) {
while ( $service.Status -ne "Running" ) {
if ( $service.Status -eq "Stopped" ) {
Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
}
Start-Sleep -Seconds 2
Write-Verbose "Checking the service status"
$service.Refresh()
if ( $service.Status -eq "Running" ) {
Write-Host "Success" -ForegroundColor Green
} else {
# If the salt-minion service is still not running, something
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to start"
exit 1
if ( $tries -le $max_tries ) {
$tries += 1
} else {
# If the salt-minion service is still not running, something
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to start"
exit 1
}
}
}
} else {
Write-Host "Success" -ForegroundColor Green
}
} else {
# Set the service to manual start

876
bootstrap-salt.sh
View file

File diff suppressed because it is too large Load diff

42
kitchen.macos.yml
View file

@ -1,42 +0,0 @@
---
driver:
name: exec
provisioner:
sudo: true
salt_bootstrap_options: -MP stable %s
init_environment: |
echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
sudo mkdir -p /etc/salt/master.d
sudo mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
brew install coreutils
sh -c 't=$(gshuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
platforms:
- name: macos-12
- name: macos-13
suites:
- name: stable-3006
provisioner:
salt_version: 3006
salt_call_command: /opt/salt/salt-call
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_call_command: /opt/salt/salt-call
- name: stable-3007
provisioner:
salt_version: 3007
salt_call_command: /opt/salt/salt-call
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_call_command: /opt/salt/salt-call
- name: latest
provisioner:
salt_version: latest
salt_call_command: /opt/salt/salt-call
verifier:
command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/

42
kitchen.windows.yml
View file

@ -1,42 +0,0 @@
---
driver:
name: proxy
host: localhost
reset_command: "exit 0"
port: 5985
username: kitchen
password: Password1
provisioner:
salt_bootstrap_url: D:/a/salt-bootstrap/salt-bootstrap/bootstrap-salt.ps1
salt_bootstrap_options: -Version %s -Verbose
init_environment: ''
platforms:
- name: windows-2022
- name: windows-2019
suites:
- name: stable-3006
provisioner:
salt_version: 3006
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3007
provisioner:
salt_version: 3007
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: latest
provisioner:
salt_version: latest
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
verifier:
command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/

296
kitchen.yml
View file

@ -1,296 +0,0 @@
---
driver:
name: docker
use_sudo: false
hostname: salt
privileged: true
username: root
cap_add:
- sys_admin
disable_upstart: false
use_internal_docker_network: false
run_command: /usr/lib/systemd/systemd
provisioner:
name: salt_solo
salt_install: bootstrap
salt_bootstrap_url: bootstrap-salt.sh
salt_bootstrap_options: -MPfq git %s
install_after_init_environment: true
log_level: info
sudo: false
require_chef: false
formula: tests
run_salt_call: false
init_environment: |
echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
mkdir -p /etc/salt/master.d
mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
sh -c 't=$(shuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
## - name: amazon-2023
## driver:
## image: amazonlinux:2023
## provision_command:
## - yum -y install --allowerasing procps-ng curl
## - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
## - name: opensuse-tumbleweed
## driver:
## image: opensuse/tumbleweed:latest
## provision_command:
## - *opensuse_provision_command_01
## - *opensuse_provision_command_02
## - *opensuse_provision_command_03
## - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
platforms:
- name: almalinux-9
driver:
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: almalinux-8
- name: amazon-2
driver:
image: amazonlinux:2
platform: rhel
provision_command:
- yum -y install procps-ng
- name: arch
driver:
image: archlinux/archlinux
provision_command:
- pacman -Syu --noconfirm --needed systemd grep awk procps which
- systemctl enable sshd
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: centos-stream9
driver:
platform: centosstream
image: quay.io/centos/centos:stream9
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: debian-11
driver:
image: debian:bullseye
run_command: /lib/systemd/systemd
- name: debian-12
driver:
image: debian:bookworm
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: fedora-39
driver:
provision_command: &fedora_provision_command
- dnf -y install procps-ng crypto-policies-scripts
- update-crypto-policies --set LEGACY
- name: fedora-40
driver:
provision_command: *fedora_provision_command
- name: gentoo
driver:
image: gentoo/stage3:latest
run_command: /sbin/init
provision_command:
- rc-update add sshd default
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: gentoo-systemd
driver:
image: gentoo/stage3:systemd
run_command: /lib/systemd/systemd
provision_command:
- systemctl enable sshd.service
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: opensuse-15
driver:
image: opensuse/leap:15.4
provision_command:
- &opensuse_provision_command_01 zypper --non-interactive install --auto-agree-with-licenses dbus-1
- &opensuse_provision_command_02 zypper --non-interactive install --auto-agree-with-licenses sudo openssh which curl systemd
- &opensuse_provision_command_03 systemctl enable sshd.service
- name: rockylinux-9
driver:
platform: centosstream
run_command: /usr/lib/systemd/systemd
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: oraclelinux-9
driver:
run_command: /usr/lib/systemd/systemd
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: rockylinux-8
- name: oraclelinux-8
- name: ubuntu-24.04
driver:
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: ubuntu-22.04
driver:
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: ubuntu-20.04
driver:
run_command: /lib/systemd/systemd
- name: photon-4
driver:
image: photon:4.0
provision_command:
- tdnf -y install rpm procps-ng coreutils gawk systemd
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
- sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
- systemctl enable sshd.service
- name: photon-5
driver:
image: photon:5.0
provision_command:
- tdnf -y install rpm procps-ng coreutils gawk systemd
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
- sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
- systemctl enable sshd.service
suites:
- name: git-3006
provisioner:
salt_version: v3006
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- debian-12
- arch
- gentoo
- gentoo-systemd
- name: git-3006x
provisioner:
salt_version: 3006.x
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- debian-12
- arch
- gentoo
- gentoo-systemd
- name: git-3007
provisioner:
salt_version: v3007
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- arch
- gentoo
- gentoo-systemd
- name: git-3007x
provisioner:
salt_version: 3007.x
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- arch
- gentoo
- gentoo-systemd
- name: stable-3006
provisioner:
salt_version: 3006
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3007
provisioner:
salt_version: 3007
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: git-master
provisioner:
salt_version: master
salt_bootstrap_options: -x python3 -MPfq -D git %s
- name: latest
provisioner:
salt_version: latest
salt_bootstrap_options: -MP stable %s
- name: default
provisioner:
salt_version: latest
salt_bootstrap_options: -MP
- name: onedir-nightly
provisioner:
salt_version: nightly
salt_bootstrap_options: -MP onedir %s
- name: onedir-latest
provisioner:
salt_version: latest
salt_bootstrap_options: -MP onedir %s
- name: onedir-3006
provisioner:
salt_version: 3006
salt_bootstrap_options: -MP onedir %s
- name: onedir-3007
provisioner:
salt_version: 3007
salt_bootstrap_options: -MP onedir %s
- name: onedir-rc-3008-0rc1
provisioner:
salt_version: 3008.0rc1
salt_bootstrap_options: -R staging.repo.saltproject.io -MP onedir_rc %s
excludes:
- arch
- gentoo
- opensuse-15
- opensuse-tumbleweed
- ubuntu-2004
- ubuntu-2204
- name: quickstart
provisioner:
salt_bootstrap_options: -Q
verifier:
name: shell
remote_exec: false
command: pytest --cache-clear -v -s -ra --log-cli-level=info tests/integration/

20
salt-quick-start.sh
View file

@ -1,7 +1,7 @@
#!/bin/sh
__ScriptName="salt-quick-start.sh"
SALT_REPO_URL="https://repo.saltproject.io/salt/py3/onedir"
SALT_REPO_URL="https://packages.broadcom.com/artifactory/salt-project-generic/onedir"
_COLORS=${QS_COLORS:-$(tput colors 2>/dev/null || echo 0)}
_LOCAL=0
@ -89,8 +89,20 @@ if [[ "$_LOCAL" == "1" && "$_FULL" == "1" ]]; then
fi
__parse_repo_json_jq() {
_JSON_FILE="${SALT_REPO_URL}/repo.json"
_JSON_VERSION=$(curl -s ${_JSON_FILE} | jq -sr ".[].latest[] | select(.os == \"$1\") | select(.arch == \"$2\").version")
# $1 is OS_NAME
# $2 is ARCH
# get dir listing from url, sort and pick highest
onedir_versions_tmpf=$(mktemp)
curr_pwd=$(pwd)
cd ${onedir_versions_tmpf} || return 1
wget -r -np -nH --exclude-directories=onedir,relenv,windows -x -l 1 "$SALT_REPO_URL/"
# shellcheck disable=SC2010
LATEST_VERSION=$(ls artifactory/saltproject-generic/onedir/ | grep -v 'index.html' | sort -V -u | tail -n 1)
cd ${curr_pwd} || return "${LATEST_VERSION}"
rm -fR ${onedir_versions_tmpf}
_JSON_VERSION="${LATEST_VERSION}"
}
__fetch_url() {
@ -146,7 +158,7 @@ fi
__parse_repo_json_jq ${OS_NAME} ${CPU_ARCH_L}
FILE="salt-${_JSON_VERSION}-onedir-${OS_NAME_L}-${CPU_ARCH_L}.tar.xz"
URL="${SALT_REPO_URL}/latest/${FILE}"
URL="${SALT_REPO_URL}/${_JSON_VERSION}/${FILE}"
if [[ ! -f ${FILE} ]]; then
echoinfo "Downloading Salt"

68
tests/conftest.py
View file

@ -1,43 +1,12 @@
import logging
import json
import os
import pprint
import pytest
import testinfra
import requests
log = logging.getLogger(__name__)
@pytest.fixture(scope="session")
def host():
if (
os.environ.get("RUNNER_OS", "") == "macOS"
and os.environ.get("KITCHEN_LOCAL_YAML", "") == "kitchen.macos.yml"
):
# Adjust the `PATH` so that the `salt-call` executable can be found
os.environ["PATH"] = "/opt/salt/bin{}{}".format(os.pathsep, os.environ["PATH"])
return testinfra.get_host("local://", sudo=True)
if os.environ.get("KITCHEN_USERNAME") == "vagrant" or "windows" in os.environ.get(
"KITCHEN_INSTANCE"
):
if "windows" in os.environ.get("KITCHEN_INSTANCE"):
_url = "winrm://{KITCHEN_USERNAME}:{KITCHEN_PASSWORD}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
**os.environ
)
return testinfra.get_host(
_url,
no_ssl=True,
)
return testinfra.get_host(
"paramiko://{KITCHEN_USERNAME}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
**os.environ
),
ssh_identity_file=os.environ.get("KITCHEN_SSH_KEY"),
)
return testinfra.get_host(
"docker://{KITCHEN_USERNAME}@{KITCHEN_CONTAINER_ID}".format(**os.environ)
)
API_URL = (
"https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/windows"
)
@pytest.fixture(scope="session")
@ -47,21 +16,26 @@ def target_python_version():
@pytest.fixture(scope="session")
def target_salt_version():
bootstrap_types = ("git", "stable", "onedir", "onedir_rc")
# filter out any bootstrap types and then join
target_salt = ".".join(
[
item
for item in os.environ["KITCHEN_SUITE"].split("-")
if item not in bootstrap_types
]
)
target_salt = os.environ.get("SaltVersion", "")
# target_salt = os.environ["KITCHEN_SUITE"].split("-", 1)[-1].replace("-", ".")
html_response = requests.get(API_URL)
content = json.loads(html_response.text)
folders = content["children"]
versions = {}
for folder in folders:
if folder["folder"]:
version = folder["uri"].strip("/")
versions[version] = version
# We're trying to get the latest major version and latest overall
maj_version = version.split(".")[0]
versions[maj_version] = version
versions["latest"] = version
if target_salt.startswith("v"):
target_salt = target_salt[1:]
if target_salt not in versions:
pytest.skip(f"Invalid testing version: {target_salt}")
if target_salt in ("default", "latest", "master", "nightly"):
pytest.skip("Don't have a specific salt version to test against")
return target_salt
return versions[target_salt]

1
tests/integration/__init__.py
View file

@ -1 +0,0 @@
# -*- coding: utf-8 -*-

59
tests/integration/test_installation.py
View file

@ -1,31 +1,52 @@
import json
import logging
import os
from contextlib import nullcontext
import platform
import subprocess
import pytest
log = logging.getLogger(__name__)
def selected_context_manager(host):
if "windows" in os.environ.get("KITCHEN_INSTANCE"):
return nullcontext()
return host.sudo()
@pytest.fixture
def path():
if platform.system() == "Windows":
salt_path = "C:\\Program Files\\Salt Project\\Salt"
if salt_path not in os.environ["path"]:
os.environ["path"] = f'{os.environ["path"]};{salt_path}'
yield os.environ["path"]
def test_ping(host):
with selected_context_manager(host):
assert host.salt("test.ping", "--timeout=120")
def run_salt_call(cmd):
"""
Runs salt call command and returns a dictionary
Accepts cmd as a list
"""
cmd.append("--out=json")
result = subprocess.run(cmd, capture_output=True, text=True)
json_data = json.loads(result.stdout)
return json_data["local"]
def test_target_python_version(host, target_python_version):
with selected_context_manager(host):
ret = host.salt("grains.item", "pythonversion", "--timeout=120")
assert ret["pythonversion"][0] == target_python_version
def test_ping(path):
cmd = ["salt-call", "--local", "test.ping"]
result = run_salt_call(cmd)
assert result == True
def test_target_salt_version(host, target_salt_version):
with selected_context_manager(host):
ret = host.salt("grains.item", "saltversion", "--timeout=120")
if target_salt_version.endswith(".0") or target_salt_version.endswith(".x"):
assert ret["saltversion"] == ".".join(target_salt_version.split(".")[:-1])
else:
assert ret["saltversion"].startswith(target_salt_version)
def test_target_python_version(path, target_python_version):
cmd = ["salt-call", "--local", "grains.item", "pythonversion", "--timeout=120"]
result = run_salt_call(cmd)
# Returns: {'pythonversion': [3, 10, 11, 'final', 0]}
py_maj_ver = result["pythonversion"][0]
assert py_maj_ver == target_python_version
def test_target_salt_version(path, target_salt_version):
if not target_salt_version:
pytest.skip(f"No target version specified")
cmd = ["salt-call", "--local", "grains.item", "saltversion", "--timeout=120"]
result = run_salt_call(cmd)
# Returns: {'saltversion': '3006.9+217.g53cfa53040'}
assert result["saltversion"] == target_salt_version

7
tests/requirements.txt
View file

@ -1,5 +1,2 @@
pytest-testinfra
paramiko
requests-ntlm==1.1.0; sys.platform == 'win32'
pywinrm; sys.platform == 'win32'
six>=1.10.0
pytest
requests