saltstack/salt-bootstrap
1
0
Fork 0
mirror of https://github.com/saltstack/salt-bootstrap.git synced 2025-04-09 22:31:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/develop' into shallow_clone

Browse source 
Fixed to use GIT_REV_ADJ
This commit is contained in:
Matthew Richardson 2024-12-21 22:24:37 +00:00
commit 82faed1938
No known key found for this signature in database
GPG key ID: 456A62D5660241D2
25 changed files with 2088 additions and 2241 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

259
.github/workflows/ci.yml vendored
View file

@ -27,8 +27,6 @@ jobs:
separator: ","
files: |
bootstrap-salt.*
Gemfile
kitchen*.yml
tests/**
.github/workflows/**
files_ignore: |
@ -126,6 +124,7 @@ jobs:
with:
distro-slug: macos-12
display-name: macOS 12
container-slug: macos-12
timeout: 20
runs-on: macos-12
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
@ -141,27 +140,29 @@ jobs:
with:
distro-slug: macos-13
display-name: macOS 13
container-slug: macos-13
timeout: 20
runs-on: macos-13
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
windows-2019:
name: Windows 2019
macos-14:
name: macOS 14
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-windows.yml
uses: ./.github/workflows/test-macos.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: windows-2019
display-name: Windows 2019
distro-slug: macos-14
display-name: macOS 14
container-slug: macOS 14
timeout: 20
runs-on: windows-2019
runs-on: macos-14
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
windows-2022:
name: Windows 2022
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -172,82 +173,28 @@ jobs:
with:
distro-slug: windows-2022
display-name: Windows 2022
container-slug: windows-2022
timeout: 20
runs-on: windows-2022
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
almalinux-8:
name: AlmaLinux 8
amazonlinux-2023:
name: Amazon 2023
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: almalinux-8
display-name: AlmaLinux 8
distro-slug: amazonlinux-2023
display-name: Amazon 2023
container-slug: amazonlinux-2023
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
almalinux-9:
name: AlmaLinux 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: almalinux-9
display-name: AlmaLinux 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
amazon-2:
name: Amazon 2
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: amazon-2
display-name: Amazon 2
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
arch:
name: Arch
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: arch
display-name: Arch
timeout: 20
instances: '["git-master", "latest", "default"]'
centos-stream9:
name: CentOS Stream 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: centos-stream9
display-name: CentOS Stream 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
debian-11:
name: Debian 11
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -258,8 +205,9 @@ jobs:
with:
distro-slug: debian-11
display-name: Debian 11
container-slug: debian-11
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
debian-12:
@ -272,120 +220,9 @@ jobs:
with:
distro-slug: debian-12
display-name: Debian 12
container-slug: debian-12
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
fedora-39:
name: Fedora 39
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: fedora-39
display-name: Fedora 39
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
fedora-40:
name: Fedora 40
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: fedora-40
display-name: Fedora 40
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
gentoo:
name: Gentoo
if: github.event_name == 'push'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: gentoo
display-name: Gentoo
timeout: 90
instances: '["git-master"]'
gentoo-systemd:
name: Gentoo (systemd)
if: github.event_name == 'push'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: gentoo-systemd
display-name: Gentoo (systemd)
timeout: 90
instances: '["git-master"]'
opensuse-15:
name: Opensuse 15
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: opensuse-15
display-name: Opensuse 15
timeout: 20
instances: '["latest", "default"]'
oraclelinux-8:
name: Oracle Linux 8
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: oraclelinux-8
display-name: Oracle Linux 8
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
oraclelinux-9:
name: Oracle Linux 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: oraclelinux-9
display-name: Oracle Linux 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
photon-4:
name: Photon OS 4
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: photon-4
display-name: Photon OS 4
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
instances: '["stable-3007", "git-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
photon-5:
@ -398,8 +235,9 @@ jobs:
with:
distro-slug: photon-5
display-name: Photon OS 5
container-slug: photon-5
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
rockylinux-8:
@ -412,6 +250,7 @@ jobs:
with:
distro-slug: rockylinux-8
display-name: Rocky Linux 8
container-slug: rockylinux-8
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
@ -426,22 +265,9 @@ jobs:
with:
distro-slug: rockylinux-9
display-name: Rocky Linux 9
container-slug: rockylinux-9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
ubuntu-2004:
name: Ubuntu 20.04
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: ubuntu-2004
display-name: Ubuntu 20.04
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
ubuntu-2204:
@ -454,22 +280,9 @@ jobs:
with:
distro-slug: ubuntu-2204
display-name: Ubuntu 22.04
container-slug: ubuntu-22.04
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
ubuntu-2404:
name: Ubuntu 24.04
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: ubuntu-2404
display-name: Ubuntu 24.04
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
instances: '["stable-3006", "git-3006", "onedir-3006", "stable-3006-8", "stable-3007", "git-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
set-pipeline-exit-status:
@ -482,29 +295,15 @@ jobs:
- generate-actions-workflow
- macos-12
- macos-13
- windows-2019
- macos-14
- windows-2022
- almalinux-8
- almalinux-9
- amazon-2
- arch
- centos-stream9
- amazonlinux-2023
- debian-11
- debian-12
- fedora-39
- fedora-40
- gentoo
- gentoo-systemd
- opensuse-15
- oraclelinux-8
- oraclelinux-9
- photon-4
- photon-5
- rockylinux-8
- rockylinux-9
- ubuntu-2004
- ubuntu-2204
- ubuntu-2404
if: always()
steps:

58
.github/workflows/nightly.yml vendored
View file

@ -41,61 +41,3 @@ jobs:
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
fi
update-s3-bucket:
name: Update S3 Bucket
if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
runs-on:
- self-hosted
- linux
- repo-release
needs:
- workflow-requirements
environment: release
steps:
- uses: actions/checkout@v4
- name: Get Salt Project GitHub Actions Bot Environment
run: |
TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Install Requirements
run: |
python3 -m pip install -r requirements/release.txt
- name: Upload Develop to S3
run: |
tools release s3-publish --key-id 64CBBC8173D76B3F develop

181
.github/workflows/release.yml vendored
View file

@ -51,10 +51,7 @@ jobs:
update-develop:
name: Update CHANGELOG.md and bootstrap-salt.sh
runs-on:
- self-hosted
- linux
- repo-release
runs-on: ubuntu-latest
permissions:
contents: write # To be able to publish the release
environment: release
@ -74,44 +71,13 @@ jobs:
python3 -m pip install -r requirements/release.txt
pre-commit install --install-hooks
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
- name: Update Repository
id: update-repo
@ -149,10 +115,7 @@ jobs:
merge-develop-into-stable:
name: Merge develop into stable
runs-on:
- self-hosted
- linux
- repo-release
runs-on: ubuntu-latest
needs:
- update-develop
environment: release
@ -166,44 +129,13 @@ jobs:
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
fetch-depth: 0
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
- name: Download Release Details
uses: actions/download-artifact@v4
@ -227,7 +159,7 @@ jobs:
- name: Tag The ${{ needs.update-develop.outputs.release-version }} Release
run: |
git tag -m "Release ${{ needs.update-develop.outputs.release-version }}" -as ${{ needs.update-develop.outputs.release-version }}
git tag --no-sign -m "Release ${{ needs.update-develop.outputs.release-version }}" -a ${{ needs.update-develop.outputs.release-version }}
- name: Update bootstrap-salt.sh sha256sum's
run: |
@ -246,9 +178,7 @@ jobs:
publish-release:
name: Create GitHub Release
runs-on:
- self-hosted
- linux
runs-on: ubuntu-latest
needs:
- merge-develop-into-stable
environment: release
@ -294,73 +224,9 @@ jobs:
name: release-details
failOnError: false
update-s3-bucket:
name: Update S3 Bucket
runs-on:
- self-hosted
- linux
- repo-release
needs:
- publish-release
environment: release
steps:
- uses: actions/checkout@v4
with:
ref: stable
repository: ${{ github.repository }}
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
- name: Get Salt Project GitHub Actions Bot Environment
run: |
TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Install Requirements
run: |
python3 -m pip install -r requirements/release.txt
- name: Upload Stable Release to S3
run: |
tools release s3-publish --key-id 64CBBC8173D76B3F stable
update-develop-checksums:
name: Update Release Checksums on Develop
runs-on:
- self-hosted
- linux
- repo-release
runs-on: ubuntu-latest
needs:
- publish-release
environment: release
@ -386,44 +252,13 @@ jobs:
repository: ${{ github.repository }}
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
git config --global --add safe.directory "$(pwd)"
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global user.signingkey 64CBBC8173D76B3F
git config --global commit.gpgsign true
git config --global commit.gpgsign false
- name: Update Latest Release on README
run: |

2
.github/workflows/templates/ci.yml vendored
View file

@ -27,8 +27,6 @@ jobs:
separator: ","
files: |
bootstrap-salt.*
Gemfile
kitchen*.yml
tests/**
.github/workflows/**
files_ignore: |

198
.github/workflows/templates/generate.py vendored
View file

@ -6,171 +6,128 @@ import pathlib
os.chdir(os.path.abspath(os.path.dirname(__file__)))
## "amazon-2023",
## "opensuse-tumbleweed",
# "amazonlinux-2",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
LINUX_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
WINDOWS = [
"windows-2019",
"windows-2022",
]
OSX = [
"macos-12",
"macos-13",
"macos-14",
]
## "amazon-2023",
## "opensuse-tumbleweed",
# "amazonlinux-2",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
STABLE_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"opensuse-15",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
## "amazon-2023",
# "amazonlinux-2",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
ONEDIR_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"centos-stream9",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
# "amazonlinux-2",
# "amazonlinux-2023",
# "photon-4",
# "photon-5",
# "rockylinux-8",
# "ubuntu-2404",
ONEDIR_RC_DISTROS = [
"almalinux-9",
"amazon-2",
"centos-stream9",
"debian-12",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
"ubuntu-2404",
"ubuntu-2204",
]
## "opensuse-tumbleweed",
BLACKLIST_3006 = [
"arch",
"debian-12",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"ubuntu-2404",
]
## "opensuse-tumbleweed",
# "photon-5",
BLACKLIST_3007 = [
"arch",
"fedora-39",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"photon-4",
"photon-5",
]
## "amazon-2023",
## "opensuse-tumbleweed",
# "ubuntu-2204",
BLACKLIST_GIT_3006 = [
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"amazonlinux-2",
"amazonlinux-2023",
"debian-11",
"debian-12",
"debian-13",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
## "amazon-2023",
## "opensuse-tumbleweed",
# "debian-12",
# "ubuntu-2204",
BLACKLIST_GIT_3007 = [
"almalinux-9",
"amazon-2",
"arch",
"centos-stream9",
"amazonlinux-2",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-39",
"debian-13",
"fedora-40",
"gentoo",
"gentoo-systemd",
"opensuse-15",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
# "debian-12",
BLACKLIST_GIT_MASTER = [
"amazon-2",
"fedora-39",
"amazonlinux-2",
"amazonlinux-2023",
"debian-11",
"debian-13",
"fedora-40",
"photon-4",
"photon-5",
"rockylinux-9",
]
SALT_VERSIONS = [
@ -227,35 +184,18 @@ GIT_VERSION_BLACKLIST = [
# Use build and pip and other standards-based tools.
#
GIT_DISTRO_BLACKLIST = [
"almalinux-8",
"fedora-39",
"opensuse-15",
"oraclelinux-8",
"rockylinux-8",
]
LATEST_PKG_BLACKLIST = [
"gentoo",
"gentoo-systemd",
]
LATEST_PKG_BLACKLIST = []
## "amazon-2023": "Amazon 2023",
## "opensuse-tumbleweed": "Opensuse Tumbleweed",
DISTRO_DISPLAY_NAMES = {
"almalinux-8": "AlmaLinux 8",
"almalinux-9": "AlmaLinux 9",
"amazon-2": "Amazon 2",
"arch": "Arch",
"centos-stream9": "CentOS Stream 9",
"amazonlinux-2": "Amazon 2",
"amazonlinux-2023": "Amazon 2023",
"debian-11": "Debian 11",
"debian-12": "Debian 12",
"fedora-39": "Fedora 39",
"debian-13": "Debian 13",
"fedora-40": "Fedora 40",
"gentoo": "Gentoo",
"gentoo-systemd": "Gentoo (systemd)",
"opensuse-15": "Opensuse 15",
"oraclelinux-8": "Oracle Linux 8",
"oraclelinux-9": "Oracle Linux 9",
"photon-4": "Photon OS 4",
"photon-5": "Photon OS 5",
"rockylinux-8": "Rocky Linux 8",
@ -265,19 +205,33 @@ DISTRO_DISPLAY_NAMES = {
"ubuntu-2404": "Ubuntu 24.04",
"macos-12": "macOS 12",
"macos-13": "macOS 13",
"windows-2019": "Windows 2019",
"macos-14": "macOS 14",
"windows-2022": "Windows 2022",
}
TIMEOUT_DEFAULT = 20
TIMEOUT_OVERRIDES = {
"gentoo": 90,
"gentoo-systemd": 90,
CONTAINER_SLUG_NAMES = {
"amazonlinux-2": "amazonlinux-2",
"amazonlinux-2023": "amazonlinux-2023",
"debian-11": "debian-11",
"debian-12": "debian-12",
"debian-13": "debian-13",
"fedora-40": "fedora-40",
"photon-4": "photon-4",
"photon-5": "photon-5",
"rockylinux-8": "rockylinux-8",
"rockylinux-9": "rockylinux-9",
"ubuntu-2004": "ubuntu-20.04",
"ubuntu-2204": "ubuntu-22.04",
"ubuntu-2404": "ubuntu-24.04",
"macos-12": "macos-12",
"macos-13": "macos-13",
"macos-14": "macOS 14",
"windows-2022": "windows-2022",
}
VERSION_ONLY_OVERRIDES = [
"gentoo",
"gentoo-systemd",
]
TIMEOUT_DEFAULT = 20
TIMEOUT_OVERRIDES = {}
VERSION_ONLY_OVERRIDES = []
TEMPLATE = """
{distro}:
@ -289,6 +243,7 @@ TEMPLATE = """
with:
distro-slug: {distro}
display-name: {display_name}
container-slug: {container_name}
timeout: {timeout_minutes}{runs_on}
instances: '{instances}'
"""
@ -339,6 +294,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)
@ -384,6 +340,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)
@ -483,6 +440,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)

70
.github/workflows/test-linux.yml vendored
View file

@ -17,6 +17,11 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
@ -26,7 +31,7 @@ on:
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ubuntu-20.04
runs-on: ubuntu-latest
timeout-minutes: ${{ inputs.timeout }}
strategy:
max-parallel: 2
@ -37,39 +42,48 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python Dependencies
- name: Get Version
run: |
python3 -m pip install -U pip
python3 -m pip install -r tests/requirements.txt
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
# sed 1st - becomes space, 2nd - becomes dot
vt_parm_ver=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
- name: Create Test Instance
- name: "Pull container ${{ inputs.container-slug }}"
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
(sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
sleep 2
docker pull ghcr.io/saltstack/salt-ci-containers/testing:${{ inputs.container-slug }}
- name: "Create container ${{ inputs.container-slug }}"
run: |
/usr/bin/docker create --name ${{ github.run_id }}_salt-test --workdir /_w/ --privileged -e "HOME=/github/home" -e GITHUB_ACTIONS=true -e CI=true -e $GITHUB_ENV -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work":"/__w" -v "/home/runner/work/_temp":"/__w/_temp" -v "/home/runner/work/_actions":"/__w/_actions" -v "/opt/hostedtoolcache":"/__t" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/salt-bootstrap/salt-bootstrap":"/_w/btstrap" --entrypoint "/usr/lib/systemd/systemd" ghcr.io/saltstack/salt-ci-containers/testing:${{ inputs.container-slug }} --systemd --unit rescue.target
- name: "Start container ${{ inputs.container-slug }}"
run: |
/usr/bin/docker start ${{ github.run_id }}_salt-test
- name: "Install Python Dependencies with pip breakage in container ${{ inputs.container-slug }}"
if: ${{ ( inputs.distro-slug == 'debian-12' ) || ( inputs.distro-slug == 'debian-13' ) || ( inputs.distro-slug == 'ubuntu-2404' ) }}
run: |
docker exec ${{ github.run_id}}_salt-test python3 -m pip install --break-system-packages -r /_w/btstrap/tests/requirements.txt
- name: "Install Python Dependencies without pip breakage in container ${{ inputs.container-slug }}"
if: ${{ ( inputs.distro-slug != 'debian-12' ) && ( inputs.distro-slug != 'debian-13' ) && ( inputs.distro-slug != 'ubuntu-2404' ) }}
run: |
docker exec ${{ github.run_id}}_salt-test python3 -m pip install -r /_w/btstrap/tests/requirements.txt
- name: Bootstrap Salt
run: |
# sed 1st - becomes space, 2nd - becomes dot
bt_arg1=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $1}')
bt_arg2=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
echo "bt parms ,$bt_parms, bt_arg1 ,$bt_arg1, bt_arg2 ,$bt_arg2,"
docker exec ${{ github.run_id}}_salt-test sh -x /_w/btstrap/bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
- name: Test Bootstrap
run: |
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
docker exec ${{ github.run_id}}_salt-test pytest --cache-clear -v -s -ra --log-cli-level=debug /_w/btstrap/tests/integration/
- name: Set Exit Status
if: always()

61
.github/workflows/test-macos.yml vendored
View file

@ -22,19 +22,22 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
default: 20
description: The timeout(in minutes) for the workflow
env:
KITCHEN_LOCAL_YAML: 'kitchen.macos.yml'
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ${{ inputs.runs-on }}
## runs-on: macos-13
timeout-minutes: ${{ inputs.timeout }}
strategy:
fail-fast: false
@ -44,39 +47,37 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install Python Dependencies
- name: Install Python Dependencies with pip breakage
if: ${{ ( inputs.distro-slug != 'macos-12' ) && ( inputs.distro-slug != 'macos-13' ) }}
run: |
pip install -U pip
pip install -r tests/requirements.txt
python3 -m pip install --break-system-packages -r tests/requirements.txt
- name: Create Test Instance
- name: Install Python Dependencies without pip breakage
if: ${{ ( inputs.distro-slug == 'macos-12' ) || ( inputs.distro-slug == 'macos-13' ) }}
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
(sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
sleep 2
python3 -m pip install -r tests/requirements.txt
- name: Get Version
run: |
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
# sed 1st - becomes space, 2nd - becomes dot
vt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
vt_parm_ver=$(echo "$vt_parms" | awk -F ' ' '{print $2}')
echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
- name: Bootstrap Salt
run: |
# sed 1st - becomes space, 2nd - becomes dot
bt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
bt_arg1=$(echo "$bt_parms" | awk -F ' ' '{print $1}')
bt_arg2=$(echo "$bt_parms" | awk -F ' ' '{print $2}')
sudo sh ./bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
- name: Test Bootstrap
run: |
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

76
.github/workflows/test-windows.yml vendored
View file

@ -22,22 +22,21 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
default: 20
description: The timeout(in minutes) for the workflow
env:
machine_user: kitchen
machine_pass: Password1
machine_port: 5985
KITCHEN_LOCAL_YAML: 'kitchen.windows.yml'
jobs:
Test:
name: ${{ matrix.instance }}
runs-on: ${{ inputs.runs-on }}
runs-on: windows-latest
timeout-minutes: ${{ inputs.timeout }}
strategy:
fail-fast: false
@ -47,39 +46,6 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.6.10
## ruby-version: 3.3.4
bundler-cache: true
- name: Install Chef
uses: actionshub/chef-install@1.1.0
with:
project: chef
version: 16.10.8
- name: Add Chef bindir to PATH
uses: myci-actions/export-env-var-powershell@1
with:
name: PATH
value: "C:\\opscode\\chef\\bin;C:\\opscode\\chef\\embedded\\bin;$env:PATH"
- name: Setup test user
run: |
$password = ConvertTo-SecureString $env:machine_pass -AsPlainText -Force
New-LocalUser $env:machine_user -Password $password
Add-LocalGroupMember -Group "Administrators" -Member $env:machine_user
Get-LocalUser
Get-LocalGroupMember -Group "Administrators"
- name: Set up WinRM
run: |
Set-WSManQuickConfig -Force
winrm set winrm/config/service '@{AllowUnencrypted="True"}'
env
- name: Set up Python 3.10
uses: actions/setup-python@v5
with:
@ -87,25 +53,27 @@ jobs:
- name: Install Python Dependencies
run: |
pip install -U pip
pip install -r tests/requirements.txt
python3 -m pip install -r tests/requirements.txt
- name: Create Test Instance
- name: Get Version
run: |
bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
$instance = "${{ matrix.instance }}"
$version = $instance -split "-",2
if ( $version.Count -gt 1 ) {
$version = $version[1].Replace("-", ".")
}
Write-Output "SaltVersion=$version" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
- name: Bootstrap Salt
run: |
. .\bootstrap-salt.ps1 -RunService $false -Version $env:SaltVersion
- name: Test Bootstrap
run: |
env
bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
- name: Destroy Test Instance
if: always()
run: |
bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
sleep 2
pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

7
.gitignore vendored
View file

@ -2,14 +2,9 @@
*.sw?
*.un~
.vagrant
*__pycache__
tools
venv
# Pycharm
.idea
# test-kitchen
.kitchen.local.yml
kitchen.local.yml
.kitchen/
.bundle/

15
.pre-commit-config.yaml
View file

@ -37,19 +37,14 @@ repos:
args:
- requirements/release.in
## DGM - repo: https://github.com/asottile/pyupgrade
## DGM rev: v3.15.0
## DGM hooks:
## DGM - id: pyupgrade
## DGM name: Rewrite Code to be Py3.10+
## DGM args: [--py310-plus]
- repo: https://github.com/asottile/pyupgrade
rev: v3.15.0
hooks:
- id: pyupgrade
name: Rewrite Code to be Py3.9+
args: [--py39-plus]
name: Rewrite Code to be Py3.6+
args: [--py36-plus]
## DGM name: Rewrite Code to be Py3.9+
## DGM args: [--py39-plus]
- repo: https://github.com/asottile/reorder_python_imports
rev: v3.12.0
@ -58,7 +53,7 @@ repos:
args: [--py310-plus]
- repo: https://github.com/psf/black
rev: 24.1.0
rev: 24.10.0
hooks:
- id: black
args: []

103
CHANGELOG.md
View file

@ -1,3 +1,106 @@
# v2024.12.12
## What's Changed
- Restrict use of dnf to Fedora only, otherwise use yum when dealing with RedHat family by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2070
- Updating container usage to that used in new Salt pipelines for CI/CD, fix Amazon Linux by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2071
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.12.09...v2024.12.12
# v2024.12.09
## What's Changed
- Fix quickstart for Windows with new repo by @twangboy in https://github.com/saltstack/salt-bootstrap/pull/2065
- Utilize salt-project packages with SUSE by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2066
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.29...v2024.12.09
# v2024.11.29
## What's Changed
- Updated date to overcome issue with existing tag for 2024.11.27 by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2058
- Fix date tag by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2059
- Revert forcing git tag, other issues with check sums calculated, easiest solution is wait a day to release by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2060
- Updated date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2061
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.29
# v2024.11.27
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.27
# v2024.11.27
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.27
# v2024.11.27
## What's Changed
- Testing git install methods by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2057
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.26...v2024.11.27
# v2024.11.27
## What's Changed
- Testing git install methods by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2057
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.26...v2024.11.27
# v2024.11.26
## What's Changed
- Updated URLs in README, and fix deps download issue on RedHat family by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2052
- Update README script help output and scriptversions by @ScriptAutomate in https://github.com/saltstack/salt-bootstrap/pull/2056
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.21...v2024.11.26
# v2024.11.21
## What's Changed
- Make universal repo url by @twangboy in https://github.com/saltstack/salt-bootstrap/pull/2045
- Update bootstrap shell CI/CD to utilize containers and clean up by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2039
- \[WIP\] hwclock check missing additional condition on major version by @ruslantum in https://github.com/saltstack/salt-bootstrap/pull/2048
## New Contributors
- @ruslantum made their first contribution in https://github.com/saltstack/salt-bootstrap/pull/2048
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.07...v2024.11.21
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
- Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
- Fixing git tag signing issue by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2037
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
- Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.11.07
## What's Changed
- Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
**Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
# v2024.09.24
## What's Changed

11
Gemfile
View file

@ -1,11 +0,0 @@
# frozen_string_literal: true
source "https://rubygems.org"
gem 'test-kitchen', '>= 3.2.2'
gem 'kitchen-salt', '>= 0.7.2'
gem 'kitchen-docker', :git => 'https://github.com/test-kitchen/kitchen-docker.git', :branch => 'main'
group :vagrant do
gem 'kitchen-vagrant'
end

250
README.rst
View file

@ -37,6 +37,13 @@ sum** of the downloaded ``bootstrap-salt.sh`` file.
The SHA256 sum of the ``bootstrap-salt.sh`` file, per release, is:
- 2024.12.12: ``7cc91adfa5a15ff57d203dc2b79608c773efc639d4e9bf03861198903e11becd``
- 2024.12.09: ``44f9405a6d9622ad8fa7c93e83a52e01ca328f27e4e9dea4a52268c6a22dbe6d``
- 2024.11.29: ``0ac87384dee051aceded69704485a5de0e4a308551a462b10c262111b57acff0``
- 2024.11.27: ``e972bd1ef01d09cd1d9294374ef974c9e3dd9a2aee37cf3859144585fd8bf1d0``
- 2024.11.26: ``832c7a20b96e1df171d715323df9afff8a11aef42d15598c007f240bc89d723c``
- 2024.11.21: ``ddf624c3a94d721da3f7629402a6c7ecc9dd96d13c1ead2a626314e97cee982a``
- 2024.11.07: ``70a9783649e129985563d1a86cf28b8984499643e62ae1dc47dc008bd204fcbb``
- 2024.09.24: ``88e4e4cad4b115a7b721dd9c21d5ee5df390b5b73b63de48f99399146f43f371``
- 2024.07.23: ``7212b6b497b5c3d2bf15bfe5301625ec7bc1bf3e2949cd47d8e2073614935bf8``
- 2024.07.18: ``92a74e7ff8a9032a7713c2b3955991d66aaca08a4eb9494ce3dd66b5044f6bc3``
@ -57,8 +64,9 @@ If you're looking for a *one-liner* to install Salt, please scroll to the bottom
instructions for `Installing via an Insecure One-Liner`_.
There are also .sha256 files for verifying against in the repo for the stable branch. You can also
get the correct sha256 sum for the stable release from https://bootstrap.saltproject.io/sha256 and
https://winbootstrap.saltproject.io/sha256
get the correct sha256 sum for the stable release from
https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh.sha256 and
https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1.sha256
Contributing
------------
@ -81,112 +89,123 @@ To view the latest options and descriptions for ``salt-bootstrap``, use ``-h`` a
Usage : bootstrap-salt.sh [options] <install-type> [install-type-args]
Installation types:
- stable Install latest stable release. This is the default
install type
- stable [branch] Install latest version on a branch. Only supported
for packages available at repo.saltproject.io
- stable [version] Install a specific version. Only supported for
packages available at repo.saltproject.io
To pin a 3xxx minor version, specify it as 3xxx.0
- testing RHEL-family specific: configure EPEL testing repo
- git Install from the head of the master branch
- git [ref] Install from any git ref (such as a branch, tag, or
commit)
- stable Install latest stable release. This is the default
install type
- stable [branch] Install latest version on a branch. Only supported
for packages available at packages.broadcom.com
- stable [version] Install a specific version. Only supported for
packages available at packages.broadcom.com
To pin a 3xxx minor version, specify it as 3xxx.0
- testing RHEL-family specific: configure EPEL testing repo
- git Install from the head of the master branch
- git [ref] Install from any git ref (such as a branch, tag, or
commit)
- onedir Install latest onedir release.
- onedir [version] Install a specific version. Only supported for
onedir packages available at packages.broadcom.com
- onedir_rc Install latest onedir RC release.
- onedir_rc [version] Install a specific version. Only supported for
onedir RC packages available at packages.broadcom.com
Examples:
- bootstrap-salt.sh
- bootstrap-salt.sh stable
- bootstrap-salt.sh stable 3006.7
- bootstrap-salt.sh stable v3006.8
- bootstrap-salt.sh stable 3006
- bootstrap-salt.sh stable 3006.1
- bootstrap-salt.sh testing
- bootstrap-salt.sh git
- bootstrap-salt.sh git 3006.7
- bootstrap-salt.sh git v3006.8
- bootstrap-salt.sh git 3007.1
- bootstrap-salt.sh git v3007.1
- bootstrap-salt.sh git 06f249901a2e2f1ed310d58ea3921a129f214358
- bootstrap-salt.sh onedir
- bootstrap-salt.sh onedir 3006
- bootstrap-salt.sh onedir_rc
- bootstrap-salt.sh onedir_rc 3008
Options:
-h Display this message
-v Display script version
-n No colours
-D Show debug output
-a Pip install all Python pkg dependencies for Salt. Requires -V to install
all pip pkgs into the virtualenv.
(Only available for Ubuntu based distributions)
-A Pass the salt-master DNS name or IP. This will be stored under
\${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf
-b Assume that dependencies are already installed and software sources are
set up. If git is selected, git tree is still checked out as dependency
step.
-c Temporary configuration directory
-g Salt Git repository URL. Default: https://github.com/saltstack/salt.git
-w Install packages from downstream package repository rather than
upstream, saltstack package repository. This is currently only
implemented for SUSE.
-k Temporary directory holding the minion keys which will pre-seed
the master.
-s Sleep time used when waiting for daemons to start, restart and when
checking for the services running. Default: 3
-L Also install salt-cloud and required python-libcloud package
-M Also install salt-master
-S Also install salt-syndic
-W Also install salt-api
-N Do not install salt-minion
-X Do not start daemons after installation
-C Only run the configuration function. Implies -F (forced overwrite).
To overwrite Master, Syndic or Api configs, -M,-S or -W, respectively, must
also be specified. Salt installation will be ommitted, but some of the
dependencies could be installed to write configuration with -j or -J.
-d Disables checking if Salt services are enabled to start on system boot.
You can also do this by touching /tmp/disable_salt_checks on the target
host. Default: ${BS_FALSE}
-P Allow pip based installations. On some distributions the required salt
packages or its dependencies are not available as a package for that
distribution. Using this flag allows the script to use pip as a last
resort method. NOTE: This only works for functions which actually
implement pip based installations.
-U If set, fully upgrade the system prior to bootstrapping Salt
host. Default: \${BS_FALSE}
-D Show debug output
-f Force shallow cloning for git installations.
This may result in an "n/a" in the version number.
-F Allow copied files to overwrite existing (config, init.d, etc)
-g Salt Git repository URL. Default: https://github.com/saltstack/salt.git
-h Display this message
-H Use the specified HTTP proxy for all download URLs (including https://).
For example: http://myproxy.example.com:3128
-i Pass the salt-minion id. This will be stored under
\${BS_SALT_ETC_DIR}/minion_id
-I If set, allow insecure connections while downloading any files. For
example, pass '--no-check-certificate' to 'wget' or '--insecure' to
'curl'. On Debian and Ubuntu, using this option with -U allows obtaining
GnuPG archive keys insecurely if distro has changed release signatures.
-F Allow copied files to overwrite existing (config, init.d, etc)
-K If set, keep the temporary files in the temporary directories specified
with -c and -k
-C Only run the configuration function. Implies -F (forced overwrite).
To overwrite Master or Syndic configs, -M or -S, respectively, must
also be specified. Salt installation will be ommitted, but some of the
dependencies could be installed to write configuration with -j or -J.
-A Pass the salt-master DNS name or IP. This will be stored under
${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf
-i Pass the salt-minion id. This will be stored under
${BS_SALT_ETC_DIR}/minion_id
-p Extra-package to install while installing Salt dependencies. One package
per -p flag. You are responsible for providing the proper package name.
-H Use the specified HTTP proxy for all download URLs (including https://).
For example: http://myproxy.example.com:3128
-b Assume that dependencies are already installed and software sources are
set up. If git is selected, git tree is still checked out as dependency
step.
-f Force shallow cloning for git installations.
This may result in an "n/a" in the version number.
-l Disable ssl checks. When passed, switches "https" calls to "http" where
possible.
-V Install Salt into virtualenv
(only available for Ubuntu based distributions)
-a Pip install all Python pkg dependencies for Salt. Requires -V to install
all pip pkgs into the virtualenv.
(Only available for Ubuntu based distributions)
-r Disable all repository configuration performed by this script. This
option assumes all necessary repository configuration is already present
on the system.
-R Specify a custom repository URL. Assumes the custom repository URL
points to a repository that mirrors Salt packages located at
repo.saltproject.io. The option passed with -R replaces the
"repo.saltproject.io". If -R is passed, -r is also set. Currently only
works on CentOS/RHEL and Debian based distributions.
-J Replace the Master config file with data passed in as a JSON string. If
a Master config file is found, a reasonable effort will be made to save
the file with a ".bak" extension. If used in conjunction with -C or -F,
no ".bak" file will be created as either of those options will force
a complete overwrite of the file.
-j Replace the Minion config file with data passed in as a JSON string. If
a Minion config file is found, a reasonable effort will be made to save
the file with a ".bak" extension. If used in conjunction with -C or -F,
no ".bak" file will be created as either of those options will force
a complete overwrite of the file.
-J Replace the Master config file with data passed in as a JSON string. If
a Master config file is found, a reasonable effort will be made to save
the file with a ".bak" extension. If used in conjunction with -C or -F,
no ".bak" file will be created as either of those options will force
a complete overwrite of the file.
-k Temporary directory holding the minion keys which will pre-seed
the master.
-K If set, keep the temporary files in the temporary directories specified
with -c and -k
-l Disable ssl checks. When passed, switches "https" calls to "http" where
possible.
-L Also install salt-cloud and required python-libcloud package
-M Also install salt-master
-n No colours
-N Do not install salt-minion
-p Extra-package to install while installing Salt dependencies. One package
per -p flag. You are responsible for providing the proper package name.
-P Allow pip based installations. On some distributions the required salt
packages or its dependencies are not available as a package for that
distribution. Using this flag allows the script to use pip as a last
resort method. NOTE: This only works for functions which actually
implement pip based installations.
-q Quiet salt installation from git (setup.py install -q)
-x Changes the Python version used to install Salt (default: Python 3)
Python 2.7 is not longer supported.
-Q Quickstart, install the Salt master and the Salt minion.
And automatically accept the minion key.
-R Specify a custom repository URL. Assumes the custom repository URL
points to a repository that mirrors Salt packages located at
packages.broadcom.com. The option passed with -R replaces the
"packages.broadcom.com". If -R is passed, -r is also set. Currently only
works on CentOS/RHEL and Debian based distributions and macOS.
-s Sleep time used when waiting for daemons to start, restart and when
checking for the services running. Default: 3
-S Also install salt-syndic
-r Disable all repository configuration performed by this script. This
option assumes all necessary repository configuration is already present
on the system.
-U If set, fully upgrade the system prior to bootstrapping Salt
-v Display script version
-V Install Salt into virtualenv
(only available for Ubuntu based distributions)
-W Also install salt-api
-x Changes the Python version used to install Salt (default: Python 3).
Python 2.7 is no longer supported.
-X Do not start daemons after installation
The Salt Bootstrap script has a wide variety of options that can be passed as
well as several ways of obtaining the bootstrap script itself. Note that the use of ``sudo``
@ -206,35 +225,35 @@ If you want to install a package of a specific release version, from the Salt Pr
.. code:: console
curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -P stable 3006.1
If you want to install a specific release version, based on the Git tags:
.. code:: console
curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh git v3006.1
Using ``curl`` to install latest development version from GitHub:
.. code:: console
curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh git master
To install a specific branch from a Git fork:
.. code:: console
curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -g https://github.com/myuser/salt.git git mybranch
If all you want is to install a ``salt-master`` using latest Git:
.. code:: console
curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -M -N git master
If your host has Internet access only via HTTP proxy, from the Salt Project repo:
@ -242,7 +261,7 @@ If your host has Internet access only via HTTP proxy, from the Salt Project repo
.. code:: console
PROXY='http://user:password@myproxy.example.com:3128'
curl -o bootstrap-salt.sh -L -x "$PROXY" https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L -x "$PROXY" https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -P -H "$PROXY" stable
If your host has Internet access only via HTTP proxy, installing via Git:
@ -250,7 +269,7 @@ If your host has Internet access only via HTTP proxy, installing via Git:
.. code:: console
PROXY='http://user:password@myproxy.example.com:3128'
curl -o bootstrap-salt.sh -L -x "$PROXY" https://bootstrap.saltproject.io
curl -o bootstrap-salt.sh -L -x "$PROXY" https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -H "$PROXY" git
@ -261,22 +280,22 @@ Using ``wget`` to install your distribution's stable packages:
.. code:: console
wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh
Installing a specific version from git using ``wget``:
.. code:: console
wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
sudo sh bootstrap-salt.sh git v3004.1
wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh git v3006.8
Installing a specific version package from the Salt Project repo using ``wget``:
.. code:: console
wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
sudo sh bootstrap-salt.sh -P stable 3006.1
wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
sudo sh bootstrap-salt.sh -P stable 3006.8
**NOTE**
@ -291,14 +310,14 @@ If you already have Python installed, ``python 3.10``, then it's as easy as:
.. code:: console
python -m urllib "https://bootstrap.saltproject.io" > bootstrap-salt.sh
python -m urllib "https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh" > bootstrap-salt.sh
sudo sh bootstrap-salt.sh -P stable 3006.1
With python version 3:
.. code:: console
python3 -c 'import urllib.request; print(urllib.request.urlopen("https://bootstrap.saltproject.io").read().decode("ascii"))' > bootstrap-salt.sh
python3 -c 'import urllib.request; print(urllib.request.urlopen("https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh").read().decode("ascii"))' > bootstrap-salt.sh
sudo sh bootstrap-salt.sh git v3006.1
Note: Python 2.x is no longer supported given it reached it's End-Of-Life Jan. 1st, 2020
@ -321,25 +340,25 @@ Installing the latest stable release of Salt (default):
.. code:: console
curl -L https://bootstrap.saltproject.io | sudo sh
curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh
Using ``wget`` to install your distribution's stable packages:
.. code:: console
wget -O - https://bootstrap.saltproject.io | sudo sh
wget -O - https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh
Installing a target version package of Salt from the Salt Project repo:
.. code:: console
curl -L https://bootstrap.saltproject.io | sudo sh -s -- stable 3006.8
curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh -s -- stable 3006.8
Installing the latest master branch of Salt from git:
.. code:: console
curl -L https://bootstrap.saltproject.io | sudo sh -s -- git master
curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh -s -- git master
Note: use of git is recommended for development environments, for example: testing new features of
Salt which have not yet been released.
@ -354,9 +373,8 @@ Using ``PowerShell`` to install latest stable version:
.. code:: powershell
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
Invoke-WebRequest -Uri https://winbootstrap.saltproject.io -OutFile "$env:TEMP\bootstrap-salt.ps1"
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
& "$env:TEMP\bootstrap-salt.ps1"
Invoke-WebRequest -Uri https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1 -OutFile "$env:TEMP\bootstrap-salt.ps1"
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser & "$env:TEMP\bootstrap-salt.ps1"
Display information about the install script parameters:
@ -368,7 +386,7 @@ Using ``cygwin`` to install latest stable version:
.. code:: console
curl -o bootstrap-salt.ps1 -L https://winbootstrap.saltproject.io
curl -o bootstrap-salt.ps1 -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1
"/cygdrive/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "[System.Net.ServicePointManager]::SecurityProtocol = 3072; iex ./bootstrap-salt.ps1"
@ -378,13 +396,13 @@ Supported Operating Systems
The salt-bootstrap script officially supports the distributions outlined in
`Salt's Supported Operating Systems
<https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_
document, (BSD-based OSs, Solaris and AIX are no longer
supported). The operating systems listed below should reflect this document but may become out of
date. If an operating system is listed below, but is not listed on the official supported operating
document, (BSD-based OSs, Solaris and AIX are no longer supported).
The operating systems listed below should reflect this document but may become out of date.
If an operating system is listed below, but is not listed on the official supported operating
systems document, the level of support is "best-effort".
Since Salt is written in Python, the packages available from the `Salt Project's repository
<https://repo.saltproject.io/salt/py3>`_ are
<packages.broadcom.com>`_ are
CPU architecture independent and could be installed on any hardware supported by Linux kernel.
However, the Salt Project does package Salt's binary dependencies only for ``x86_64`` (``amd64``)
and ``AArch64`` (``arm64``).
@ -413,21 +431,19 @@ Debian and derivatives
- Devuan GNU/Linux 1/2/3/4/5
- Kali Linux 1.0 (based on Debian 7)
- Linux Mint Debian Edition 1 (based on Debian 8)
- Raspbian 8 (``armhf`` packages) and 9 (using ``git`` installation mode only)
Red Hat family
~~~~~~~~~~~~~~
- Amazon Linux 2012.3 and later
- Amazon Linux 2
- Amazon Linux 2023
- CentOS 7/8/9
- CentOS 8/9
- Cloud Linux 6/7
- Fedora 38/39/40 (install latest stable from standard repositories)
- Oracle Linux 7/8/9
- Red Hat Enterprise Linux 7/8/9
- Scientific Linux 7/8/9
- Fedora 40 (install latest stable from standard repositories)
- Oracle Linux 8/9
- Red Hat Enterprise Linux 8/9
- Scientific Linux 8/9
SUSE family
@ -460,8 +476,8 @@ repositories are not provided on the `Salt Project's Ubuntu repository`_ for the
the bootstrap script will attempt to install the packages for the most closely related LTS Ubuntu
release instead.
For example, when installing Salt on Ubuntu 21.10, the bootstrap script will setup the repository
for Ubuntu 20.04 from the `Salt Project's Ubuntu repository`_ and install the 20.04 packages.
For example, when installing Salt on Ubuntu 24.10, the bootstrap script will setup the repository
for Ubuntu 24.04 from the `Salt Project's Ubuntu repository`_ and install the 24.04 packages.
Non-LTS Ubuntu releases are not supported once the release reaches End-of-Life as defined by
`Ubuntu's release schedule`_.

119
Vagrantfile vendored
View file

@ -1,119 +0,0 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# All Vagrant configuration is done here. The most common configuration
# options are documented and commented below. For a complete reference,
# please see the online documentation at vagrantup.com.
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "ubuntu/focal64"
# The url from where the 'config.vm.box' box will be fetched if it
# doesn't already exist on the user's system.
# config.vm.box_url = "http://domain.com/path/to/above.box"
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# config.vm.network :forwarded_port, guest: 80, host: 8080
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network :private_network, ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network :public_network
# If true, then any SSH connections made will enable agent forwarding.
# Default value: false
# config.ssh.forward_agent = true
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
config.vm.synced_folder ".", "/salt_bootstrap"
config.vm.provision "shell", path: "bootstrap-salt.sh"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider :virtualbox do |vb|
# # Don't boot with headless mode
# vb.gui = true
#
# # Use VBoxManage to customize the VM. For example to change memory:
# vb.customize ["modifyvm", :id, "--memory", "1024"]
# end
#
# View the documentation for the provider you're using for more
# information on available options.
# Enable provisioning with Puppet stand alone. Puppet manifests
# are contained in a directory path relative to this Vagrantfile.
# You will need to create the manifests directory and a manifest in
# the file precise64.pp in the manifests_path directory.
#
# An example Puppet manifest to provision the message of the day:
#
# # group { "puppet":
# # ensure => "present",
# # }
# #
# # File { owner => 0, group => 0, mode => 0644 }
# #
# # file { '/etc/motd':
# # content => "Welcome to your Vagrant-built virtual machine!
# # Managed by Puppet.\n"
# # }
#
# config.vm.provision :puppet do |puppet|
# puppet.manifests_path = "manifests"
# puppet.manifest_file = "site.pp"
# end
# Enable provisioning with chef solo, specifying a cookbooks path, roles
# path, and data_bags path (all relative to this Vagrantfile), and adding
# some recipes and/or roles.
#
# config.vm.provision :chef_solo do |chef|
# chef.cookbooks_path = "../my-recipes/cookbooks"
# chef.roles_path = "../my-recipes/roles"
# chef.data_bags_path = "../my-recipes/data_bags"
# chef.add_recipe "mysql"
# chef.add_role "web"
#
# # You may also specify custom JSON attributes:
# chef.json = { :mysql_password => "foo" }
# end
# Enable provisioning with chef server, specifying the chef server URL,
# and the path to the validation key (relative to this Vagrantfile).
#
# The Opscode Platform uses HTTPS. Substitute your organization for
# ORGNAME in the URL and validation key.
#
# If you have your own Chef Server, use the appropriate URL, which may be
# HTTP instead of HTTPS depending on your configuration. Also change the
# validation key to validation.pem.
#
# config.vm.provision :chef_client do |chef|
# chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
# chef.validation_key_path = "ORGNAME-validator.pem"
# end
#
# If you're using the Opscode platform, your validator client is
# ORGNAME-validator, replacing ORGNAME with your organization name.
#
# If you have your own Chef Server, the default validation client name is
# chef-validator, unless you changed the configuration.
#
# chef.validation_client_name = "ORGNAME-validator"
end

459
bootstrap-salt.ps1
View file

@ -18,7 +18,7 @@
Specifies a particular version of the installer.
.EXAMPLE
./bootstrap-salt.ps1 -RunService false
./bootstrap-salt.ps1 -RunService $false
Specifies the salt-minion service to stop and be set to manual. Useful for
testing locally from the command line with the --local switch
@ -28,7 +28,7 @@
installer values of host name for the minion id and "salt" for the master.
.EXAMPLE
./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService false
./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService $false
Specifies all the optional parameters in no particular order.
.NOTES
@ -39,7 +39,8 @@
Salt Bootstrap GitHub Project (script home) - https://github.com/saltstack/salt-bootstrap
Original Vagrant Provisioner Project - https://github.com/saltstack/salty-vagrant
Vagrant Project (utilizes this script) - https://github.com/mitchellh/vagrant
Salt Download Location - https://repo.saltproject.io/salt/py3/windows
Salt Download Location - https://packages.broadcom.com/artifactory/saltproject-generic/windows/
Salt Manual Install Directions (Windows) - https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/windows.html
#>
#===============================================================================
@ -48,7 +49,6 @@
[CmdletBinding()]
param(
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[ValidatePattern('^(\d{4}(\.\d{1,2}){0,2}(\-\d{1})?)|(latest)$', Options=1)]
[Alias("v")]
# The version of the Salt minion to install. Default is "latest" which will
# install the latest version of Salt minion available. Doesn't support
@ -56,12 +56,11 @@ param(
[String]$Version = "latest",
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[ValidateSet("true","false")]
[Alias("s")]
# Boolean flag to start or stop the minion service. True will start the
# minion service. False will stop the minion service and set it to "manual".
# Boolean flag to start or stop the minion service. $true will start the
# minion service. $false will stop the minion service and set it to "manual".
# The installer starts it by default.
[String]$RunService = "true",
[Bool]$RunService = $true,
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("m")]
@ -76,12 +75,11 @@ param(
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("r")]
# URL to the windows packages. Will look for a file named repo.json at the
# root of the URL. This file is used to determine the name and location of
# the installer in the repo. If repo.json is not found, it will look for the
# file under the minor directory.
# Default is "https://repo.saltproject.io/salt/py3/windows"
[String]$RepoUrl = "https://repo.saltproject.io/salt/py3/windows",
# URL to the windows packages. Will look for the installer at the root of
# the URL/Version. Place a folder for each version of Salt in this directory
# and place the installer binary for each version in its folder.
# Default is "https://packages.broadcom.com/artifactory/saltproject-generic/windows/"
[String]$RepoUrl = "https://packages.broadcom.com/artifactory/saltproject-generic/windows/",
[Parameter(Mandatory=$false, ValueFromPipeline=$True)]
[Alias("c")]
@ -110,7 +108,7 @@ if ($help) {
exit 0
}
$__ScriptVersion = "2024.09.24"
$__ScriptVersion = "2024.12.12"
$ScriptName = $myInvocation.MyCommand.Name
# We'll check for the Version next, because it also has no requirements
@ -155,34 +153,116 @@ function Get-MajorVersion {
return ( $Version -split "\." )[0]
}
function Convert-PSObjectToHashtable {
param (
[Parameter(ValueFromPipeline)]
$InputObject
)
if ($null -eq $InputObject) { return $null }
function Get-AvailableVersions {
# Get available versions from a remote location specified in the Source
# Parameter
Write-Verbose "Getting version information from the repo"
Write-Verbose "base_url: $base_url"
$is_enum = $InputObject -is [System.Collections.IEnumerable]
$not_string = $InputObject -isnot [string]
if ($is_enum -and $not_string) {
$collection = @(
foreach ($object in $InputObject) {
Convert-PSObjectToHashtable $object
}
)
$available_versions = [System.Collections.ArrayList]@()
Write-Host -NoEnumerate $collection
} elseif ($InputObject -is [PSObject]) {
$hash = @{}
foreach ($property in $InputObject.PSObject.Properties) {
$hash[$property.Name] = Convert-PSObjectToHashtable $property.Value
if ( $base_url.StartsWith("http") -or $base_url.StartsWith("ftp") ) {
# We're dealing with HTTP, HTTPS, or FTP
$response = Invoke-WebRequest "$base_url" -UseBasicParsing
try {
$response = Invoke-WebRequest "$base_url" -UseBasicParsing
} catch {
Write-Host "Failed to get version information" -ForegroundColor Red
exit 1
}
$hash
if ( $response.StatusCode -ne 200 ) {
Write-Host "There was an error getting version information" -ForegroundColor Red
Write-Host "Error: $($response.StatusCode)" -ForegroundColor red
exit 1
}
$response.links | ForEach-Object {
if ( $_.href.Length -gt 8) {
Write-Host "The content at this location is unexpected" -ForegroundColor Red
Write-Host "Should be a list of directories where the name is a version of Salt" -ForegroundColor Red
exit 1
}
}
# Getting available versions from response
Write-Verbose "Getting available versions from response"
$filtered = $response.Links | Where-Object -Property href -NE "../"
$filtered | Select-Object -Property href | ForEach-Object {
$available_versions.Add($_.href.Trim("/")) | Out-Null
}
} elseif ( $base_url.StartsWith("\\") -or $base_url -match "^[A-Za-z]:\\" ) {
# We're dealing with a local directory or SMB source
Get-ChildItem -Path $base_url -Directory | ForEach-Object {
$available_versions.Add($_.Name) | Out-Null
}
} else {
$InputObject
Write-Host "Unknown Source Type" -ForegroundColor Red
Write-Host "Must be one of HTTP, HTTPS, FTP, SMB Share, Local Directory" -ForegroundColor Red
exit 1
}
Write-Verbose "Available versions:"
$available_versions | ForEach-Object {
Write-Verbose "- $_"
}
# Get the latest version, should be the last in the list
Write-Verbose "Getting latest available version"
$latest = $available_versions | Select-Object -Last 1
Write-Verbose "Latest available version: $latest"
# Create a versions table
# This will have the latest version available, the latest version available
# for each major version, and every version available. This makes the
# version lookup logic easier. The contents of the versions table can be
# found by running -Verbose
Write-Verbose "Populating the versions table"
$versions_table = [ordered]@{"latest"=$latest}
$available_versions | ForEach-Object {
$versions_table[$(Get-MajorVersion $_)] = $_
$versions_table[$_.ToLower()] = $_.ToLower()
}
Write-Verbose "Versions Table:"
$versions_table | Sort-Object Name | Out-String | ForEach-Object {
Write-Verbose "$_"
}
return $versions_table
}
function Get-HashFromArtifactory {
# This function uses the artifactory API to get the SHA265 Hash for the file
# If Source is NOT artifactory, the sha will not be checked
[CmdletBinding()]
param(
[Parameter(Mandatory=$true)]
[String] $SaltVersion,
[Parameter(Mandatory=$true)]
[String] $SaltFileName
)
if ( $api_url ) {
$full_url = "$api_url/$SaltVersion/$SaltFileName"
Write-Verbose "Querying Artifactory API for hash:"
Write-Verbose $full_url
try {
$response = Invoke-RestMethod $full_url -UseBasicParsing
return $response.checksums.sha256
} catch {
Write-Verbose "Artifactory API Not available or file not"
Write-Verbose "available at specified location"
Write-Verbose "Hash will not be checked"
return ""
}
Write-Verbose "No hash found for this file: $SaltFileName"
Write-Verbose "Hash will not be checked"
return ""
}
Write-Verbose "No artifactory API defined"
Write-Verbose "Hash will not be checked"
return ""
}
function Get-FileHash {
@ -301,19 +381,42 @@ if (!(Get-IsAdministrator)) {
}
#===============================================================================
# Change RepoUrl for older versions
# Check for older versions
#===============================================================================
$defaultUrl = "https://repo.saltproject.io/salt/py3/windows"
$oldRepoUrl = "https://repo.saltproject.io/windows"
$majorVersion = Get-MajorVersion -Version $Version
if ( [Uri]($RepoUrl).AbsoluteUri -eq $defaultUrl ) {
# No customURL passed, let's check for a pre 3006 version
if ($majorVersion -lt "3006") {
# This is an older version, use the old URL
$RepoUrl = $oldRepoUrl
if ($majorVersion -lt "3006") {
# This is an older version, use the old URL
Write-Host "Versions older than 3006 are not available" -ForegroundColor Red
exit 1
}
#===============================================================================
# Declare variables
#===============================================================================
$ConfDir = "$RootDir\conf"
$PkiDir = "$ConfDir\pki\minion"
$RootDir = "$env:ProgramData\Salt Project\Salt"
# Check for existing installation where RootDir is stored in the registry
$SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
if (Test-Path -Path $SaltRegKey) {
if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
$RootDir = (Get-ItemProperty $SaltRegKey).root_dir
}
}
# Get repo and api URLs. An artifactory URL will have "artifactory" in it
$domain, $target = $RepoUrl -split "/artifactory/"
if ( $target ) {
# Create $base_url and $api_url
$base_url = "$domain/artifactory/$target"
$api_url = "$domain/artifactory/api/storage/$target"
} else {
# This is a non-artifactory url, there is no api
$base_url = $domain
$api_url = ""
}
#===============================================================================
# Verify Parameters
#===============================================================================
@ -324,49 +427,25 @@ Write-Verbose "version: $Version"
Write-Verbose "runservice: $RunService"
Write-Verbose "master: $Master"
Write-Verbose "minion: $Minion"
Write-Verbose "repourl: $RepoUrl"
Write-Verbose "repourl: $base_url"
Write-Verbose "apiurl: $api_url"
Write-Verbose "ConfDir: $ConfDir"
Write-Verbose "RootDir: $RootDir"
if ($RunService.ToLower() -eq "true") {
if ($RunService) {
Write-Verbose "Windows service will be set to run"
[bool]$RunService = $True
} elseif ($RunService.ToLower() -eq "false") {
} else {
Write-Verbose "Windows service will be stopped and set to manual"
[bool]$RunService = $False
} else {
# Param passed in wasn't clear so defaulting to true.
Write-Verbose "Windows service defaulting to run automatically"
[bool]$RunService = $True
}
#===============================================================================
# Ensure Directories are present, copy Vagrant Configs if found
#===============================================================================
$ConfiguredAnything = $False
# Detect older version of Salt to determing default RootDir
if ($majorVersion -lt 3004) {
$RootDir = "$env:SystemDrive`:\salt"
} else {
$RootDir = "$env:ProgramData\Salt Project\Salt"
}
# Check for existing installation where RootDir is stored in the registry
$SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
if (Test-Path -Path $SaltRegKey) {
if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
$RootDir = (Get-ItemProperty $SaltRegKey).root_dir
}
}
$ConfDir = "$RootDir\conf"
$PkiDir = "$ConfDir\pki\minion"
Write-Verbose "ConfDir: $ConfDir"
#===============================================================================
# Copy Vagrant Files to their proper location.
#===============================================================================
$ConfiguredAnything = $False
# Vagrant files will be placed in C:\tmp
# Check if minion keys have been uploaded, copy to correct location
if (Test-Path C:\tmp\minion.pem) {
@ -406,152 +485,33 @@ if ( $ConfigureOnly ) {
#===============================================================================
# Detect architecture
#===============================================================================
if ([IntPtr]::Size -eq 4) {
$arch = "x86"
} else {
$arch = "AMD64"
}
if ([IntPtr]::Size -eq 4) { $arch = "x86" } else { $arch = "AMD64" }
#===============================================================================
# Get file name to download
# Getting version information from the repo
#===============================================================================
$saltFileName = ""
$saltVersion = ""
$saltSha512= ""
$saltFileUrl = ""
# Look for a repo.json file
try {
Write-Verbose "Looking for $RepoUrl/repo.json"
$response = Invoke-WebRequest "$RepoUrl/repo.json" `
-DisableKeepAlive `
-UseBasicParsing `
-Method Head
if ( $response.StatusCode -eq "200" ) {
Write-Verbose "Found $RepoUrl/repo.json"
# This URL contains a repo.json file, let's use it
$use_repo_json = $true
} else {
Write-Verbose "Did not find $RepoUrl/repo.json"
# No repo.json file found at the default location
$use_repo_json = $false
}
} catch {
Write-Verbose "There was an error looking up $RepoUrl/repo.json"
Write-Verbose "ERROR: $_"
$use_repo_json = $false
}
if ( $use_repo_json ) {
# We will use the json file to get the name of the installer
$enc = [System.Text.Encoding]::UTF8
try {
Write-Verbose "Downloading $RepoUrl/repo.json"
$response = Invoke-WebRequest -Uri "$RepoUrl/repo.json" -UseBasicParsing
if ($response.Content.GetType().Name -eq "Byte[]") {
$psobj = $enc.GetString($response.Content) | ConvertFrom-Json
} else {
$psobj = $response.Content | ConvertFrom-Json
}
$hash = Convert-PSObjectToHashtable $psobj
} catch {
Write-Verbose "repo.json not found at: $RepoUrl"
Write-Host "ERROR: $_"
$hash = @{}
}
$versions = Get-AvailableVersions
$searchVersion = $Version.ToLower()
if ( $hash.Contains($searchVersion)) {
Write-Verbose "Found $searchVersion in $RepoUrl/repo.json"
foreach ($item in $hash.($searchVersion).Keys) {
if ( $item.ToLower().EndsWith(".exe") ) {
if ( $item.ToLower().Contains($arch.ToLower()) ) {
$saltFileName = $hash.($searchVersion).($item).name
$saltVersion = $hash.($searchVersion).($item).version
$saltSha512 = $hash.($searchVersion).($item).SHA512
}
}
}
} else {
try {
Write-Verbose "Searching for $searchVersion in $RepoUrl/minor/repo.json"
$response = Invoke-WebRequest -Uri "$RepoUrl/minor/repo.json" -UseBasicParsing
if ($response.Content.GetType().Name -eq "Byte[]") {
$psobj = $enc.GetString($response.Content) | ConvertFrom-Json
} else {
$psobj = $response.Content | ConvertFrom-Json
}
$hash = Convert-PSObjectToHashtable $psobj
} catch {
Write-Verbose "repo.json not found at: $RepoUrl/minor/repo.json"
Write-Verbose "ERROR: $_"
$hash = @{}
}
if ( $hash.Contains($searchVersion)) {
Write-Verbose "Found $searchVersion in $RepoUrl/minor/repo.json"
foreach ($item in $hash.($searchVersion).Keys) {
if ( $item.ToLower().EndsWith(".exe") ) {
if ( $item.ToLower().Contains($arch.ToLower()) ) {
$saltFileName = $hash.($searchVersion).($item).name
$saltVersion = $hash.($searchVersion).($item).version
$saltSha512 = $hash.($searchVersion).($item).SHA512
}
}
}
} else {
Write-Verbose "Version not found in $RepoUrl/minor/repo.json"
}
}
}
if ( $saltFileName -and $saltVersion -and $saltSha512 ) {
Write-Verbose "Found Name, Version, and Sha"
#===============================================================================
# Validate passed version
#===============================================================================
Write-Verbose "Looking up version: $Version"
if ( $versions.Contains($Version.ToLower()) ) {
$Version = $versions[$Version.ToLower()]
Write-Verbose "Found version: $Version"
} else {
# We will guess the name of the installer
Write-Verbose "Failed to get Name, Version, and Sha from repo.json"
Write-Verbose "We'll try to find the file in standard paths"
$saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
$saltVersion = $Version
}
Write-Verbose "Creating list of urls using the following:"
Write-Verbose "RepoUrl: $RepoUrl"
Write-Verbose "Version: $saltVersion"
Write-Verbose "File Name: $saltFileName"
$urls = $(@($RepoUrl, $saltVersion, $saltFileName) -join "/"),
$(@($RepoUrl, "minor", $saltVersion, $saltFileName) -join "/"),
$(@($RepoUrl, $saltFileName) -join "/"),
$(@($oldRepoUrl, $saltFileName) -join "/")
$saltFileUrl = $null
foreach ($url in $urls) {
try {
Write-Verbose "Looking for installer at: $url"
$response = Invoke-WebRequest "$url" `
-DisableKeepAlive `
-UseBasicParsing `
-Method Head
if ( $response.StatusCode -eq "200" ) {
Write-Verbose "Found installer"
# This URL contains a repo.json file, let's use it
$saltFileUrl = $url
break
} else {
Write-Verbose "Installer not found: $url"
}
} catch {
Write-Verbose "ERROR: $url"
}
}
if ( !$saltFileUrl ) {
Write-Host "Could not find an installer:"
Write-Verbose "Here are the urls searched:"
foreach ($url in $urls) {
Write-Verbose $url
}
Write-Host "Version $Version is not available" -ForegroundColor Red
Write-Host "Available versions are:" -ForegroundColor Yellow
$versions
exit 1
}
#===============================================================================
# Get file url and sha256
#===============================================================================
$saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
$saltFileUrl = "$base_url/$Version/$saltFileName"
$saltSha256 = Get-HashFromArtifactory -SaltVersion $Version -SaltFileName $saltFileName
#===============================================================================
# Download minion setup file
@ -560,7 +520,8 @@ Write-Host "====================================================================
Write-Host " Bootstrapping Salt Minion" -ForegroundColor Green
Write-Host " - version: $Version"
Write-Host " - file name: $saltFileName"
Write-Host " - file url: $saltFileUrl"
Write-Host " - file url : $saltFileUrl"
Write-Host " - file hash: $saltSha256"
Write-Host " - master: $Master"
Write-Host " - minion id: $Minion"
Write-Host " - start service: $RunService"
@ -573,22 +534,26 @@ Write-Verbose ""
Write-Verbose "Salt File URL: $saltFileUrl"
Write-Verbose "Local File: $localFile"
$webclient = New-Object System.Net.WebClient
$webclient.DownloadFile($saltFileUrl, $localFile)
# Remove existing local file
if ( Test-Path -Path $localFile ) { Remove-Item -Path $localFile -Force }
# Download the file
Invoke-WebRequest -Uri $saltFileUrl -OutFile $localFile
if ( Test-Path -Path $localFile ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
if ( $saltSha512 ) {
$localSha512 = (Get-FileHash -Path $localFile -Algorithm SHA512).Hash
# Compare the hash if there is a hash to compare
if ( $saltSha256 ) {
$localSha256 = (Get-FileHash -Path $localFile -Algorithm SHA256).Hash
Write-Host "Comparing Hash: " -NoNewline
Write-Verbose ""
Write-Verbose "Local Hash: $localSha512"
Write-Verbose "Remote Hash: $saltSha512"
if ( $localSha512 -eq $saltSha512 ) {
Write-Verbose "Local Hash: $localSha256"
Write-Verbose "Remote Hash: $saltSha256"
if ( $localSha256 -eq $saltSha256 ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
@ -620,13 +585,13 @@ $process = Start-Process $localFile `
-NoNewWindow -PassThru
# Sometimes the installer hangs... we'll wait 5 minutes and then kill it
Write-Verbose ""
Write-Verbose "Waiting for installer to finish"
$process | Wait-Process -Timeout 300 -ErrorAction SilentlyContinue
$process.Refresh()
if ( !$process.HasExited ) {
Write-Host "Timedout" -ForegroundColor Yellow
Write-Verbose "Installer Timeout"
Write-Host ""
Write-Host "Killing hung installer: " -NoNewline
$process | Stop-Process
$process.Refresh()
@ -636,8 +601,6 @@ if ( !$process.HasExited ) {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "Checking installed service: " -NoNewline
}
# Wait for salt-minion service to be registered to verify successful
@ -658,7 +621,7 @@ while ( ! $service ) {
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to be installed"
Write-Host "Timeout waiting for the salt-minion service to be installed"
exit 1
}
}
@ -676,27 +639,31 @@ if( $RunService ) {
# We'll try for 2 minutes, sometimes the minion takes that long to start as
# it compiles python code for the first time
$max_tries = 60
while ( $service.Status -ne "Running" ) {
if ( $service.Status -eq "Stopped" ) {
Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
}
Start-Sleep -Seconds 2
Write-Verbose "Checking the service status"
$service.Refresh()
if ( $service.Status -eq "Running" ) {
Write-Host "Success" -ForegroundColor Green
} else {
if ( $tries -le $max_tries ) {
$tries += 1
if ( $service.Status -ne "Running" ) {
while ( $service.Status -ne "Running" ) {
if ( $service.Status -eq "Stopped" ) {
Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
}
Start-Sleep -Seconds 2
Write-Verbose "Checking the service status"
$service.Refresh()
if ( $service.Status -eq "Running" ) {
Write-Host "Success" -ForegroundColor Green
} else {
# If the salt-minion service is still not running, something
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to start"
exit 1
if ( $tries -le $max_tries ) {
$tries += 1
} else {
# If the salt-minion service is still not running, something
# probably went wrong and user intervention is required - report
# failure.
Write-Host "Failed" -ForegroundColor Red
Write-Host "Timed out waiting for the salt-minion service to start"
exit 1
}
}
}
} else {
Write-Host "Success" -ForegroundColor Green
}
} else {
# Set the service to manual start

1621
bootstrap-salt.sh
View file

File diff suppressed because it is too large Load diff

42
kitchen.macos.yml
View file

@ -1,42 +0,0 @@
---
driver:
name: exec
provisioner:
sudo: true
salt_bootstrap_options: -MP stable %s
init_environment: |
echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
sudo mkdir -p /etc/salt/master.d
sudo mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
brew install coreutils
sh -c 't=$(gshuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
platforms:
- name: macos-12
- name: macos-13
suites:
- name: stable-3006
provisioner:
salt_version: 3006
salt_call_command: /opt/salt/salt-call
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_call_command: /opt/salt/salt-call
- name: stable-3007
provisioner:
salt_version: 3007
salt_call_command: /opt/salt/salt-call
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_call_command: /opt/salt/salt-call
- name: latest
provisioner:
salt_version: latest
salt_call_command: /opt/salt/salt-call
verifier:
command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/

42
kitchen.windows.yml
View file

@ -1,42 +0,0 @@
---
driver:
name: proxy
host: localhost
reset_command: "exit 0"
port: 5985
username: kitchen
password: Password1
provisioner:
salt_bootstrap_url: D:/a/salt-bootstrap/salt-bootstrap/bootstrap-salt.ps1
salt_bootstrap_options: -Version %s -Verbose
init_environment: ''
platforms:
- name: windows-2022
- name: windows-2019
suites:
- name: stable-3006
provisioner:
salt_version: 3006
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3007
provisioner:
salt_version: 3007
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
- name: latest
provisioner:
salt_version: latest
salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
verifier:
command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/

296
kitchen.yml
View file

@ -1,296 +0,0 @@
---
driver:
name: docker
use_sudo: false
hostname: salt
privileged: true
username: root
cap_add:
- sys_admin
disable_upstart: false
use_internal_docker_network: false
run_command: /usr/lib/systemd/systemd
provisioner:
name: salt_solo
salt_install: bootstrap
salt_bootstrap_url: bootstrap-salt.sh
salt_bootstrap_options: -MPfq git %s
install_after_init_environment: true
log_level: info
sudo: false
require_chef: false
formula: tests
run_salt_call: false
init_environment: |
echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
mkdir -p /etc/salt/master.d
mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
sh -c 't=$(shuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
## - name: amazon-2023
## driver:
## image: amazonlinux:2023
## provision_command:
## - yum -y install --allowerasing procps-ng curl
## - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
## - name: opensuse-tumbleweed
## driver:
## image: opensuse/tumbleweed:latest
## provision_command:
## - *opensuse_provision_command_01
## - *opensuse_provision_command_02
## - *opensuse_provision_command_03
## - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
platforms:
- name: almalinux-9
driver:
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: almalinux-8
- name: amazon-2
driver:
image: amazonlinux:2
platform: rhel
provision_command:
- yum -y install procps-ng
- name: arch
driver:
image: archlinux/archlinux
provision_command:
- pacman -Syu --noconfirm --needed systemd grep awk procps which
- systemctl enable sshd
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: centos-stream9
driver:
platform: centosstream
image: quay.io/centos/centos:stream9
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: debian-11
driver:
image: debian:bullseye
run_command: /lib/systemd/systemd
- name: debian-12
driver:
image: debian:bookworm
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: fedora-39
driver:
provision_command: &fedora_provision_command
- dnf -y install procps-ng crypto-policies-scripts
- update-crypto-policies --set LEGACY
- name: fedora-40
driver:
provision_command: *fedora_provision_command
- name: gentoo
driver:
image: gentoo/stage3:latest
run_command: /sbin/init
provision_command:
- rc-update add sshd default
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: gentoo-systemd
driver:
image: gentoo/stage3:systemd
run_command: /lib/systemd/systemd
provision_command:
- systemctl enable sshd.service
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: opensuse-15
driver:
image: opensuse/leap:15.4
provision_command:
- &opensuse_provision_command_01 zypper --non-interactive install --auto-agree-with-licenses dbus-1
- &opensuse_provision_command_02 zypper --non-interactive install --auto-agree-with-licenses sudo openssh which curl systemd
- &opensuse_provision_command_03 systemctl enable sshd.service
- name: rockylinux-9
driver:
platform: centosstream
run_command: /usr/lib/systemd/systemd
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: oraclelinux-9
driver:
run_command: /usr/lib/systemd/systemd
provision_command:
- dnf -y install crypto-policies-scripts procps-ng
- update-crypto-policies --set DEFAULT:SHA1
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: rockylinux-8
- name: oraclelinux-8
- name: ubuntu-24.04
driver:
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: ubuntu-22.04
driver:
run_command: /lib/systemd/systemd
provision_command:
- echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
- name: ubuntu-20.04
driver:
run_command: /lib/systemd/systemd
- name: photon-4
driver:
image: photon:4.0
provision_command:
- tdnf -y install rpm procps-ng coreutils gawk systemd
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
- sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
- systemctl enable sshd.service
- name: photon-5
driver:
image: photon:5.0
provision_command:
- tdnf -y install rpm procps-ng coreutils gawk systemd
- echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
- sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
- systemctl enable sshd.service
suites:
- name: git-3006
provisioner:
salt_version: v3006
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- debian-12
- arch
- gentoo
- gentoo-systemd
- name: git-3006x
provisioner:
salt_version: 3006.x
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- debian-12
- arch
- gentoo
- gentoo-systemd
- name: git-3007
provisioner:
salt_version: v3007
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- arch
- gentoo
- gentoo-systemd
- name: git-3007x
provisioner:
salt_version: 3007.x
salt_bootstrap_options: -x python3 -MPfq git %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- debian-11
- arch
- gentoo
- gentoo-systemd
- name: stable-3006
provisioner:
salt_version: 3006
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3006-8
provisioner:
salt_version: 3006.8
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3007
provisioner:
salt_version: 3007
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: stable-3007-1
provisioner:
salt_version: 3007.1
salt_bootstrap_options: -x python3 -MP stable %s
excludes:
- opensuse-15
- opensuse-tumbleweed
- arch
- name: git-master
provisioner:
salt_version: master
salt_bootstrap_options: -x python3 -MPfq -D git %s
- name: latest
provisioner:
salt_version: latest
salt_bootstrap_options: -MP stable %s
- name: default
provisioner:
salt_version: latest
salt_bootstrap_options: -MP
- name: onedir-nightly
provisioner:
salt_version: nightly
salt_bootstrap_options: -MP onedir %s
- name: onedir-latest
provisioner:
salt_version: latest
salt_bootstrap_options: -MP onedir %s
- name: onedir-3006
provisioner:
salt_version: 3006
salt_bootstrap_options: -MP onedir %s
- name: onedir-3007
provisioner:
salt_version: 3007
salt_bootstrap_options: -MP onedir %s
- name: onedir-rc-3008-0rc1
provisioner:
salt_version: 3008.0rc1
salt_bootstrap_options: -R staging.repo.saltproject.io -MP onedir_rc %s
excludes:
- arch
- gentoo
- opensuse-15
- opensuse-tumbleweed
- ubuntu-2004
- ubuntu-2204
- name: quickstart
provisioner:
salt_bootstrap_options: -Q
verifier:
name: shell
remote_exec: false
command: pytest --cache-clear -v -s -ra --log-cli-level=info tests/integration/

257
salt-quick-start.ps1
View file

@ -1,39 +1,31 @@
function Convert-PSObjectToHashtable {
param (
[Parameter(ValueFromPipeline)]
$InputObject
)
if ($null -eq $InputObject) { return $null }
<#
.SYNOPSIS
A simple Powershell script to quickly start using Salt.
$is_enum = $InputObject -is [System.Collections.IEnumerable]
$not_string = $InputObject -isnot [string]
if ($is_enum -and $not_string) {
$collection = @(
foreach ($object in $InputObject) {
Convert-PSObjectToHashtable $object
}
)
.DESCRIPTION
This script will download the latest onedir version of Salt and extract it
into the same directory where the script is run. The script sets up an
environment that will allow you to run salt-call commands. To remove, just
delete the `salt` directory. The environment variables will only be set for
the current powershell session.
Write-Host -NoEnumerate $collection
} elseif ($InputObject -is [PSObject]) {
$hash = @{}
.EXAMPLE
./salt-quick-start.ps1
foreach ($property in $InputObject.PSObject.Properties) {
$hash[$property.Name] = Convert-PSObjectToHashtable $property.Value
}
.LINK
Salt Bootstrap GitHub Project (script home) - https://github.com/saltstack/salt-bootstrap
Original Vagrant Provisioner Project - https://github.com/saltstack/salty-vagrant
Vagrant Project (utilizes this script) - https://github.com/mitchellh/vagrant
Salt Download Location - https://packages.broadcom.com/artifactory/saltproject-generic/windows/
Salt Manual Install Directions (Windows) - https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/windows.html
#>
$hash
} else {
$InputObject
}
}
# This is so the -Verbose parameter will work
[CmdletBinding()] param()
function Expand-ZipFile {
# Extract a zip file
#
# Used by:
# - Install-SaltMinion
#
# Args:
# ZipFile (string): The file to extract
# Destination (string): The location to extract to
@ -81,60 +73,151 @@ function Expand-ZipFile {
Write-Debug "Finished unzipping '$ZipFile' to '$Destination'"
}
function Get-FileHash {
# Get-FileHash is a built-in cmdlet in powershell 5+ but we need to support
# powershell 3. This will overwrite the powershell 5 commandlet only for
# this script. But it will provide the missing cmdlet for powershell 3
[CmdletBinding()]
param(
[Parameter(Mandatory=$true)]
[String] $Path,
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
[Parameter(Mandatory=$false)]
[ValidateSet(
"SHA1",
"SHA256",
"SHA384",
"SHA512",
# https://serverfault.com/questions/820300/
# why-isnt-mactripledes-algorithm-output-in-powershell-stable
"MACTripleDES", # don't use
"MD5",
"RIPEMD160",
IgnoreCase=$true)]
[String] $Algorithm = "SHA256"
)
$global:ProgressPreference = 'SilentlyContinue'
$RepoUrl = "https://repo.saltproject.io/salt/py3/onedir"
if ([IntPtr]::Size -eq 4) {
$arch = "x86"
} else {
$arch = "amd64"
}
$enc = [System.Text.Encoding]::UTF8
try {
$response = Invoke-WebRequest -Uri "$RepoUrl/repo.json" -UseBasicParsing
if ($response.Content.GetType().Name -eq "Byte[]") {
$psobj = $enc.GetString($response.Content) | ConvertFrom-Json
} else {
$psobj = $response.Content | ConvertFrom-Json
if ( !(Test-Path $Path) ) {
Write-Verbose "Invalid path for hashing: $Path"
return @{}
}
$hash = Convert-PSObjectToHashtable $psobj
} catch {
Write-Host "repo.json not found at: $RepoUrl"
$hash = @{}
}
$searchVersion = "latest"
if ( $hash.Contains($searchVersion)) {
foreach ($item in $hash.($searchVersion).Keys) {
if ( $item.EndsWith(".zip") ) {
if ( $item.Contains($arch) ) {
$saltFileName = $hash.($searchVersion).($item).name
$saltVersion = $hash.($searchVersion).($item).version
$saltSha512 = $hash.($searchVersion).($item).SHA512
}
if ( (Get-Item -Path $Path) -isnot [System.IO.FileInfo]) {
Write-Verbose "Not a file for hashing: $Path"
return @{}
}
$Path = Resolve-Path -Path $Path
Switch ($Algorithm) {
SHA1 {
$hasher = [System.Security.Cryptography.SHA1CryptoServiceProvider]::Create()
}
SHA256 {
$hasher = [System.Security.Cryptography.SHA256]::Create()
}
SHA384 {
$hasher = [System.Security.Cryptography.SHA384]::Create()
}
SHA512 {
$hasher = [System.Security.Cryptography.SHA512]::Create()
}
MACTripleDES {
$hasher = [System.Security.Cryptography.MACTripleDES]::Create()
}
MD5 {
$hasher = [System.Security.Cryptography.MD5]::Create()
}
RIPEMD160 {
$hasher = [System.Security.Cryptography.RIPEMD160]::Create()
}
}
Write-Verbose "Hashing using $Algorithm algorithm"
try {
$data = [System.IO.File]::OpenRead($Path)
$hash = $hasher.ComputeHash($data)
$hash = [System.BitConverter]::ToString($hash) -replace "-",""
return @{
Path = $Path;
Algorithm = $Algorithm.ToUpper();
Hash = $hash
}
} catch {
Write-Verbose "Error hashing: $Path"
Write-Verbose "ERROR: $_"
return @{}
} finally {
if ($null -ne $data) {
$data.Close()
}
}
}
if ( $saltFileName -and $saltVersion -and $saltSha512 ) {
if ( $RepoUrl.Contains("minor") ) {
$saltFileUrl = @($RepoUrl, $saltVersion, $saltFileName) -join "/"
} else {
$saltFileUrl = @($RepoUrl, "minor", $saltVersion, $saltFileName) -join "/"
}
#===============================================================================
# Script settings
#===============================================================================
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
$global:ProgressPreference = 'SilentlyContinue'
#===============================================================================
# Declare Variables
#===============================================================================
$ApiUrl = "https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/onedir"
# Detect architecture ($arch)
if ([IntPtr]::Size -eq 4) { $arch = "x86" } else { $arch = "amd64" }
#===============================================================================
# Setting up quickstart environment
#===============================================================================
Write-Host ""
Write-Host "Setting up quickstart environment for Salt" -ForegroundColor Cyan
Write-Verbose "Getting version information from Artifactory"
$response = Invoke-WebRequest $ApiUrl -UseBasicParsing
# Convert the output to a powershell object
$psobj = $response.ToString() | ConvertFrom-Json
$Version = $psobj.children[-1].uri.Trim("/")
Write-Verbose "Getting sha256 hash and download url from Artifactory"
$saltFileName = "salt-$Version-onedir-windows-$arch.zip"
$response = Invoke-WebRequest "$ApiUrl/$Version/$saltFileName" -UseBasicParsing
$psobj = $response.ToString() | ConvertFrom-Json
$saltFileUrl = $psobj.downloadUri
$saltSha256 = $psobj.checksums.sha256
Write-Verbose "URL: $saltFileUrl"
Write-Host "* INFO: Downloading Salt: " -NoNewline
Invoke-WebRequest -Uri $saltFileUrl -OutFile .\salt.zip
if ( Test-Path -Path .\salt.zip ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
$localSha256 = (Get-FileHash -Path .\salt.zip -Algorithm SHA256).Hash
Write-Verbose "Local Hash: $localSha256"
Write-Verbose "Remote Hash: $saltSha256"
Write-Host "* INFO: Comparing Hash: " -NoNewline
if ( $localSha256 -eq $saltSha256 ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "* INFO: Downloading Salt"
Invoke-WebRequest -Uri $saltFileUrl -OutFile .\salt.zip
Write-Host "* INFO: Extracting Salt"
Write-Host "* INFO: Extracting Salt: " -NoNewline
Expand-ZipFile -ZipFile .\salt.zip -Destination .
if ( Test-Path -Path .\salt\Scripts\python.exe ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "* INFO: Creating Saltfile: " -NoNewline
$PATH = $(Get-Location).Path
$saltfile_contents = @"
salt-call:
local: True
@ -143,20 +226,42 @@ salt-call:
cachedir: $PATH\salt\var\cache\salt
file_root: $PATH\salt\srv\salt
"@
Set-Content -Path .\salt\Saltfile -Value $saltfile_contents
if ( Test-Path -Path .\salt\Saltfile ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
New-Item -Path "$PATH\salt\var\log\salt" -Type Directory -Force | Out-Null
New-Item -Path "$PATH\salt\conf" -Type Directory -Force | Out-Null
New-Item -Path "$PATH\salt\var\cache\salt" -Type Directory -Force | Out-Null
New-Item -Path "$PATH\salt\srv\salt" -Type Directory -Force | Out-Null
Write-Host "* INFO: Adding Salt to current path"
Write-Host "* INFO: $PATH\salt"
Write-Host "* INFO: Adding Salt to current path: " -NoNewline
$env:Path = "$PATH\salt;$env:PATH"
Write-Verbose $env:Path
if ( $env:PATH -Like "*$PATH\salt*" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "* INFO: $PATH\salt"
Write-Host "* INFO: Setting the SALT_SALTFILE environment variable"
Write-Host "* INFO: $PATH\salt\Saltfile"
Write-Host "* INFO: Setting the SALT_SALTFILE environment variable: "-NoNewline
$env:SALT_SALTFILE="$PATH\salt\Saltfile"
if ( Test-Path -Path $env:SALT_SALTFILE ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "* INFO: $PATH\salt\Saltfile"
Write-Host ""
Write-Host "You can now run simple salt-call commands" -ForegroundColor Cyan
Write-Host "* INFO: Create Salt states in $PATH\salt\srv\salt"
Write-Host "* INFO: Try running salt-call test.ping"
Write-Host ""

20
salt-quick-start.sh
View file

@ -1,7 +1,7 @@
#!/bin/sh
__ScriptName="salt-quick-start.sh"
SALT_REPO_URL="https://repo.saltproject.io/salt/py3/onedir"
SALT_REPO_URL="https://packages.broadcom.com/artifactory/salt-project-generic/onedir"
_COLORS=${QS_COLORS:-$(tput colors 2>/dev/null || echo 0)}
_LOCAL=0
@ -89,8 +89,20 @@ if [[ "$_LOCAL" == "1" && "$_FULL" == "1" ]]; then
fi
__parse_repo_json_jq() {
_JSON_FILE="${SALT_REPO_URL}/repo.json"
_JSON_VERSION=$(curl -s ${_JSON_FILE} | jq -sr ".[].latest[] | select(.os == \"$1\") | select(.arch == \"$2\").version")
# $1 is OS_NAME
# $2 is ARCH
# get dir listing from url, sort and pick highest
onedir_versions_tmpf=$(mktemp)
curr_pwd=$(pwd)
cd ${onedir_versions_tmpf} || return 1
wget -r -np -nH --exclude-directories=onedir,relenv,windows -x -l 1 "$SALT_REPO_URL/"
# shellcheck disable=SC2010
LATEST_VERSION=$(ls artifactory/saltproject-generic/onedir/ | grep -v 'index.html' | sort -V -u | tail -n 1)
cd ${curr_pwd} || return "${LATEST_VERSION}"
rm -fR ${onedir_versions_tmpf}
_JSON_VERSION="${LATEST_VERSION}"
}
__fetch_url() {
@ -146,7 +158,7 @@ fi
__parse_repo_json_jq ${OS_NAME} ${CPU_ARCH_L}
FILE="salt-${_JSON_VERSION}-onedir-${OS_NAME_L}-${CPU_ARCH_L}.tar.xz"
URL="${SALT_REPO_URL}/latest/${FILE}"
URL="${SALT_REPO_URL}/${_JSON_VERSION}/${FILE}"
if [[ ! -f ${FILE} ]]; then
echoinfo "Downloading Salt"

79
tests/conftest.py
View file

@ -1,43 +1,12 @@
import logging
import json
import os
import pprint
import pytest
import testinfra
import requests
log = logging.getLogger(__name__)
@pytest.fixture(scope="session")
def host():
if (
os.environ.get("RUNNER_OS", "") == "macOS"
and os.environ.get("KITCHEN_LOCAL_YAML", "") == "kitchen.macos.yml"
):
# Adjust the `PATH` so that the `salt-call` executable can be found
os.environ["PATH"] = "/opt/salt/bin{}{}".format(os.pathsep, os.environ["PATH"])
return testinfra.get_host("local://", sudo=True)
if os.environ.get("KITCHEN_USERNAME") == "vagrant" or "windows" in os.environ.get(
"KITCHEN_INSTANCE"
):
if "windows" in os.environ.get("KITCHEN_INSTANCE"):
_url = "winrm://{KITCHEN_USERNAME}:{KITCHEN_PASSWORD}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
**os.environ
)
return testinfra.get_host(
_url,
no_ssl=True,
)
return testinfra.get_host(
"paramiko://{KITCHEN_USERNAME}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
**os.environ
),
ssh_identity_file=os.environ.get("KITCHEN_SSH_KEY"),
)
return testinfra.get_host(
"docker://{KITCHEN_USERNAME}@{KITCHEN_CONTAINER_ID}".format(**os.environ)
)
API_URL = (
"https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/windows"
)
@pytest.fixture(scope="session")
@ -47,21 +16,33 @@ def target_python_version():
@pytest.fixture(scope="session")
def target_salt_version():
bootstrap_types = ("git", "stable", "onedir", "onedir_rc")
# filter out any bootstrap types and then join
target_salt = ".".join(
[
item
for item in os.environ["KITCHEN_SUITE"].split("-")
if item not in bootstrap_types
]
)
# target_salt = os.environ["KITCHEN_SUITE"].split("-", 1)[-1].replace("-", ".")
target_salt = os.environ.get("SaltVersion", "")
html_response = requests.get(API_URL)
content = json.loads(html_response.text)
folders = content["children"]
versions = {}
for folder in folders:
if folder["folder"]:
version = folder["uri"].strip("/")
versions[version] = version
# We're trying to get the latest major version and latest overall
maj_version = version.split(".")[0]
versions[maj_version] = version
versions["latest"] = version
if target_salt.startswith("v"):
target_salt = target_salt[1:]
if target_salt in ("default", "latest", "master", "nightly"):
if target_salt not in versions:
pytest.skip(f"Invalid testing version: {target_salt}")
if target_salt in (
"default",
"latest",
"master",
"nightly",
"stable",
"onedir",
"git",
):
pytest.skip("Don't have a specific salt version to test against")
return target_salt
return versions[target_salt]

1
tests/integration/__init__.py
View file

@ -1 +0,0 @@
# -*- coding: utf-8 -*-

95
tests/integration/test_installation.py
View file

@ -1,31 +1,82 @@
import json
import logging
import os
from contextlib import nullcontext
import platform
import subprocess
import pytest
log = logging.getLogger(__name__)
def selected_context_manager(host):
if "windows" in os.environ.get("KITCHEN_INSTANCE"):
return nullcontext()
return host.sudo()
@pytest.fixture
def path():
if platform.system() == "Windows":
salt_path = "C:\\Program Files\\Salt Project\\Salt"
if salt_path not in os.environ["path"]:
os.environ["path"] = f'{os.environ["path"]};{salt_path}'
yield os.environ["path"]
else:
yield ""
def test_ping(host):
with selected_context_manager(host):
assert host.salt("test.ping", "--timeout=120")
def test_target_python_version(host, target_python_version):
with selected_context_manager(host):
ret = host.salt("grains.item", "pythonversion", "--timeout=120")
assert ret["pythonversion"][0] == target_python_version
def test_target_salt_version(host, target_salt_version):
with selected_context_manager(host):
ret = host.salt("grains.item", "saltversion", "--timeout=120")
if target_salt_version.endswith(".0") or target_salt_version.endswith(".x"):
assert ret["saltversion"] == ".".join(target_salt_version.split(".")[:-1])
def run_salt_call(cmd):
"""
Runs salt call command and returns a dictionary
Accepts cmd as a list
"""
json_data = {"local": {}}
if platform.system() == "Windows":
cmd.append("--out=json")
result = subprocess.run(cmd, capture_output=True, text=True)
if 0 == result.returncode:
json_data = json.loads(result.stdout)
else:
assert ret["saltversion"].startswith(target_salt_version)
log.error(f"failed to produce output result, '{result}'")
else:
if platform.system() == "Darwin":
cmdl = ["sudo"]
else:
cmdl = []
cmdl.extend(cmd)
cmdl.append("--out=json")
try:
result = subprocess.run(cmdl, capture_output=True, text=True)
except TypeError:
result = subprocess.run(
cmdl,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
universal_newlines=True,
)
if 0 == result.returncode:
json_data = json.loads(result.stdout)
else:
log.error(f"failed to produce output result, '{result}'")
return json_data["local"]
def test_ping(path):
cmd = ["salt-call", "--local", "test.ping"]
result = run_salt_call(cmd)
assert result == True
def test_target_python_version(path, target_python_version):
cmd = ["salt-call", "--local", "grains.item", "pythonversion", "--timeout=120"]
result = run_salt_call(cmd)
# Returns: {'pythonversion': [3, 10, 11, 'final', 0]}
py_maj_ver = result["pythonversion"][0]
assert py_maj_ver == target_python_version
def test_target_salt_version(path, target_salt_version):
if not target_salt_version:
pytest.skip(f"No target version specified")
cmd = ["salt-call", "--local", "grains.item", "saltversion", "--timeout=120"]
result = run_salt_call(cmd)
# Returns: {'saltversion': '3006.9+217.g53cfa53040'}
adj_saltversion = result["saltversion"].split("+")[0]
assert adj_saltversion == target_salt_version

7
tests/requirements.txt
View file

@ -1,5 +1,2 @@
pytest-testinfra
paramiko
requests-ntlm==1.1.0; sys.platform == 'win32'
pywinrm; sys.platform == 'win32'
six>=1.10.0
pytest
requests