Merge remote-tracking branch 'upstream/develop' into shallow_clone

Fixed to use GIT_REV_ADJ
2025-04-17 10:10:25 +00:00 · 2024-12-21 22:24:37 +00:00 · 2024-12-21 22:24:37 +00:00 · 82faed1938
commit 82faed1938
parent 699ade0c04 2058991403
25 changed files with 2088 additions and 2241 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -27,8 +27,6 @@ jobs:
          separator: ","
          files: |
            bootstrap-salt.*
            Gemfile
            kitchen*.yml
            tests/**
            .github/workflows/**
          files_ignore: |
@ -126,6 +124,7 @@ jobs:
    with:
      distro-slug: macos-12
      display-name: macOS 12
      container-slug: macos-12
      timeout: 20
      runs-on: macos-12
      instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
@ -141,27 +140,29 @@ jobs:
    with:
      distro-slug: macos-13
      display-name: macOS 13
      container-slug: macos-13
      timeout: 20
      runs-on: macos-13
      instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
-
+  macos-14:
-  windows-2019:
+    name: macOS 14
    name: Windows 2019
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
-    uses: ./.github/workflows/test-windows.yml
+    uses: ./.github/workflows/test-macos.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
-      distro-slug: windows-2019
+      distro-slug: macos-14
-      display-name: Windows 2019
+      display-name: macOS 14
      container-slug: macOS 14
      timeout: 20
-      runs-on: windows-2019
+      runs-on: macos-14
      instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
  windows-2022:
    name: Windows 2022
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -172,82 +173,28 @@ jobs:
    with:
      distro-slug: windows-2022
      display-name: Windows 2022
      container-slug: windows-2022
      timeout: 20
      runs-on: windows-2022
      instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
-  almalinux-8:
+  amazonlinux-2023:
-    name: AlmaLinux 8
+    name: Amazon 2023
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
-      distro-slug: almalinux-8
+      distro-slug: amazonlinux-2023
-      display-name: AlmaLinux 8
+      display-name: Amazon 2023
      container-slug: amazonlinux-2023
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  almalinux-9:
    name: AlmaLinux 9
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: almalinux-9
      display-name: AlmaLinux 9
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  amazon-2:
    name: Amazon 2
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: amazon-2
      display-name: Amazon 2
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  arch:
    name: Arch
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: arch
      display-name: Arch
      timeout: 20
      instances: '["git-master", "latest", "default"]'
  centos-stream9:
    name: CentOS Stream 9
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: centos-stream9
      display-name: CentOS Stream 9
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  debian-11:
    name: Debian 11
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -258,8 +205,9 @@ jobs:
    with:
      distro-slug: debian-11
      display-name: Debian 11
      container-slug: debian-11
      timeout: 20
-      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
+      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  debian-12:
@ -272,120 +220,9 @@ jobs:
    with:
      distro-slug: debian-12
      display-name: Debian 12
      container-slug: debian-12
      timeout: 20
-      instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
+      instances: '["stable-3007", "git-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  fedora-39:
    name: Fedora 39
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: fedora-39
      display-name: Fedora 39
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
  fedora-40:
    name: Fedora 40
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: fedora-40
      display-name: Fedora 40
      timeout: 20
      instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  gentoo:
    name: Gentoo
    if: github.event_name == 'push'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: gentoo
      display-name: Gentoo
      timeout: 90
      instances: '["git-master"]'
  gentoo-systemd:
    name: Gentoo (systemd)
    if: github.event_name == 'push'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: gentoo-systemd
      display-name: Gentoo (systemd)
      timeout: 90
      instances: '["git-master"]'
  opensuse-15:
    name: Opensuse 15
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: opensuse-15
      display-name: Opensuse 15
      timeout: 20
      instances: '["latest", "default"]'
  oraclelinux-8:
    name: Oracle Linux 8
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: oraclelinux-8
      display-name: Oracle Linux 8
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  oraclelinux-9:
    name: Oracle Linux 9
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: oraclelinux-9
      display-name: Oracle Linux 9
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  photon-4:
    name: Photon OS 4
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: photon-4
      display-name: Photon OS 4
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
  photon-5:
@ -398,8 +235,9 @@ jobs:
    with:
      distro-slug: photon-5
      display-name: Photon OS 5
      container-slug: photon-5
      timeout: 20
-      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
+      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  rockylinux-8:
@ -412,6 +250,7 @@ jobs:
    with:
      distro-slug: rockylinux-8
      display-name: Rocky Linux 8
      container-slug: rockylinux-8
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
@ -426,22 +265,9 @@ jobs:
    with:
      distro-slug: rockylinux-9
      display-name: Rocky Linux 9
      container-slug: rockylinux-9
      timeout: 20
-      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
+      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
  ubuntu-2004:
    name: Ubuntu 20.04
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: ubuntu-2004
      display-name: Ubuntu 20.04
      timeout: 20
      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  ubuntu-2204:
@ -454,22 +280,9 @@ jobs:
    with:
      distro-slug: ubuntu-2204
      display-name: Ubuntu 22.04
      container-slug: ubuntu-22.04
      timeout: 20
-      instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
+      instances: '["stable-3006", "git-3006", "onedir-3006", "stable-3006-8", "stable-3007", "git-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  ubuntu-2404:
    name: Ubuntu 24.04
    if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
    uses: ./.github/workflows/test-linux.yml
    needs:
      - lint
      - generate-actions-workflow
    with:
      distro-slug: ubuntu-2404
      display-name: Ubuntu 24.04
      timeout: 20
      instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
  set-pipeline-exit-status:
@ -482,29 +295,15 @@ jobs:
      - generate-actions-workflow
      - macos-12
      - macos-13
-      - windows-2019
+      - macos-14
      - windows-2022
-      - almalinux-8
+      - amazonlinux-2023
      - almalinux-9
      - amazon-2
      - arch
      - centos-stream9
      - debian-11
      - debian-12
      - fedora-39
      - fedora-40
      - gentoo
      - gentoo-systemd
      - opensuse-15
      - oraclelinux-8
      - oraclelinux-9
      - photon-4
      - photon-5
      - rockylinux-8
      - rockylinux-9
      - ubuntu-2004
      - ubuntu-2204
      - ubuntu-2404
    if: always()
    steps:
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@ -41,61 +41,3 @@ jobs:
            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
            echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
          fi
  update-s3-bucket:
    name: Update S3 Bucket
    if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
    runs-on:
      - self-hosted
      - linux
      - repo-release
    needs:
      - workflow-requirements
    environment: release
    steps:
      - uses: actions/checkout@v4
      - name: Get Salt Project GitHub Actions Bot Environment
        run: |
          TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
          SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
          echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
      - name: Setup GnuPG
        run: |
          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
          GNUPGHOME="$(mktemp -d -p /run/gpg)"
          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
          cat <<EOF > "${GNUPGHOME}/gpg.conf"
          batch
          no-tty
          pinentry-mode loopback
          EOF
      - name: Get Secrets
        id: get-secrets
        env:
          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
        run: |
          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text | jq .default_key -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
            | gpg --import -
          sync
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
          sync
          rm "$SECRETS_KEY_FILE"
          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
      - name: Install Requirements
        run: |
          python3 -m pip install -r requirements/release.txt
      - name: Upload Develop to S3
        run: |
          tools release s3-publish --key-id 64CBBC8173D76B3F develop
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -51,10 +51,7 @@ jobs:
  update-develop:
    name: Update CHANGELOG.md and bootstrap-salt.sh
-    runs-on:
+    runs-on: ubuntu-latest
      - self-hosted
      - linux
      - repo-release
    permissions:
      contents: write  # To be able to publish the release
    environment: release
@ -74,44 +71,13 @@ jobs:
          python3 -m pip install -r requirements/release.txt
          pre-commit install --install-hooks
      - name: Setup GnuPG
        run: |
          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
          GNUPGHOME="$(mktemp -d -p /run/gpg)"
          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
          cat <<EOF > "${GNUPGHOME}/gpg.conf"
          batch
          no-tty
          pinentry-mode loopback
          EOF
      - name: Get Secrets
        id: get-secrets
        env:
          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
        run: |
          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text | jq .default_key -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
            | gpg --import -
          sync
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
          sync
          rm "$SECRETS_KEY_FILE"
          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
      - name: Configure Git
        shell: bash
        run: |
          git config --global --add safe.directory "$(pwd)"
          git config --global user.name "Salt Project Packaging"
          git config --global user.email saltproject-packaging@vmware.com
-          git config --global user.signingkey 64CBBC8173D76B3F
+          git config --global commit.gpgsign false
          git config --global commit.gpgsign true
      - name: Update Repository
        id: update-repo
@ -149,10 +115,7 @@ jobs:
  merge-develop-into-stable:
    name: Merge develop into stable
-    runs-on:
+    runs-on: ubuntu-latest
      - self-hosted
      - linux
      - repo-release
    needs:
      - update-develop
    environment: release
@ -166,44 +129,13 @@ jobs:
          ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
          fetch-depth: 0
      - name: Setup GnuPG
        run: |
          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
          GNUPGHOME="$(mktemp -d -p /run/gpg)"
          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
          cat <<EOF > "${GNUPGHOME}/gpg.conf"
          batch
          no-tty
          pinentry-mode loopback
          EOF
      - name: Get Secrets
        id: get-secrets
        env:
          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
        run: |
          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text | jq .default_key -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
            | gpg --import -
          sync
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
          sync
          rm "$SECRETS_KEY_FILE"
          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
      - name: Configure Git
        shell: bash
        run: |
          git config --global --add safe.directory "$(pwd)"
          git config --global user.name "Salt Project Packaging"
          git config --global user.email saltproject-packaging@vmware.com
-          git config --global user.signingkey 64CBBC8173D76B3F
+          git config --global commit.gpgsign false
          git config --global commit.gpgsign true
      - name: Download Release Details
        uses: actions/download-artifact@v4
@ -227,7 +159,7 @@ jobs:
      - name: Tag The ${{ needs.update-develop.outputs.release-version }} Release
        run: |
-          git tag -m "Release ${{ needs.update-develop.outputs.release-version }}" -as ${{ needs.update-develop.outputs.release-version }}
+          git tag --no-sign -m "Release ${{ needs.update-develop.outputs.release-version }}" -a ${{ needs.update-develop.outputs.release-version }}
      - name: Update bootstrap-salt.sh sha256sum's
        run: |
@ -246,9 +178,7 @@ jobs:
  publish-release:
    name: Create GitHub Release
-    runs-on:
+    runs-on: ubuntu-latest
      - self-hosted
      - linux
    needs:
      - merge-develop-into-stable
    environment: release
@ -294,73 +224,9 @@ jobs:
          name: release-details
          failOnError: false
  update-s3-bucket:
    name: Update S3 Bucket
    runs-on:
      - self-hosted
      - linux
      - repo-release
    needs:
      - publish-release
    environment: release
    steps:
      - uses: actions/checkout@v4
        with:
          ref: stable
          repository: ${{ github.repository }}
          ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
      - name: Get Salt Project GitHub Actions Bot Environment
        run: |
          TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
          SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
          echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
      - name: Setup GnuPG
        run: |
          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
          GNUPGHOME="$(mktemp -d -p /run/gpg)"
          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
          cat <<EOF > "${GNUPGHOME}/gpg.conf"
          batch
          no-tty
          pinentry-mode loopback
          EOF
      - name: Get Secrets
        id: get-secrets
        env:
          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
        run: |
          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text | jq .default_key -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
            | gpg --import -
          sync
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
          sync
          rm "$SECRETS_KEY_FILE"
          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
      - name: Install Requirements
        run: |
          python3 -m pip install -r requirements/release.txt
      - name: Upload Stable Release to S3
        run: |
          tools release s3-publish --key-id 64CBBC8173D76B3F stable
  update-develop-checksums:
    name: Update Release Checksums on Develop
-    runs-on:
+    runs-on: ubuntu-latest
      - self-hosted
      - linux
      - repo-release
    needs:
      - publish-release
    environment: release
@ -386,44 +252,13 @@ jobs:
          repository: ${{ github.repository }}
          ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
      - name: Setup GnuPG
        run: |
          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
          GNUPGHOME="$(mktemp -d -p /run/gpg)"
          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
          cat <<EOF > "${GNUPGHOME}/gpg.conf"
          batch
          no-tty
          pinentry-mode loopback
          EOF
      - name: Get Secrets
        id: get-secrets
        env:
          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
        run: |
          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text | jq .default_key -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
            | gpg --import -
          sync
          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
          sync
          rm "$SECRETS_KEY_FILE"
          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
      - name: Configure Git
        shell: bash
        run: |
          git config --global --add safe.directory "$(pwd)"
          git config --global user.name "Salt Project Packaging"
          git config --global user.email saltproject-packaging@vmware.com
-          git config --global user.signingkey 64CBBC8173D76B3F
+          git config --global commit.gpgsign false
          git config --global commit.gpgsign true
      - name: Update Latest Release on README
        run: |
--- a/.github/workflows/templates/ci.yml
+++ b/.github/workflows/templates/ci.yml
@ -27,8 +27,6 @@ jobs:
          separator: ","
          files: |
            bootstrap-salt.*
            Gemfile
            kitchen*.yml
            tests/**
            .github/workflows/**
          files_ignore: |
--- a/.github/workflows/templates/generate.py
+++ b/.github/workflows/templates/generate.py
@ -6,171 +6,128 @@ import pathlib
 os.chdir(os.path.abspath(os.path.dirname(__file__)))
-##    "amazon-2023",
+#    "amazonlinux-2",
-##    "opensuse-tumbleweed",
+#    "debian-13",
 #    "fedora-40",
 #    "photon-4",
 #    "ubuntu-2004",
 #    "ubuntu-2404",
 LINUX_DISTROS = [
-    "almalinux-8",
+    "amazonlinux-2023",
    "almalinux-9",
    "amazon-2",
    "arch",
    "centos-stream9",
    "debian-11",
    "debian-12",
    "fedora-39",
    "fedora-40",
    "gentoo",
    "gentoo-systemd",
    "opensuse-15",
    "oraclelinux-8",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-8",
    "rockylinux-9",
    "ubuntu-2004",
    "ubuntu-2204",
    "ubuntu-2404",
 ]
 WINDOWS = [
    "windows-2019",
    "windows-2022",
 ]
 OSX = [
    "macos-12",
    "macos-13",
    "macos-14",
 ]
-
+#    "amazonlinux-2",
-##    "amazon-2023",
+#    "debian-13",
-##    "opensuse-tumbleweed",
+#    "fedora-40",
 #    "photon-4",
 #    "ubuntu-2004",
 #    "ubuntu-2404",
 STABLE_DISTROS = [
-    "almalinux-8",
+    "amazonlinux-2023",
    "almalinux-9",
    "amazon-2",
    "arch",
    "centos-stream9",
    "debian-11",
    "debian-12",
    "fedora-39",
    "fedora-40",
    "opensuse-15",
    "oraclelinux-8",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-8",
    "rockylinux-9",
    "ubuntu-2004",
    "ubuntu-2204",
    "ubuntu-2404",
 ]
-##    "amazon-2023",
+#    "amazonlinux-2",
 #    "debian-13",
 #    "fedora-40",
 #    "photon-4",
 #    "ubuntu-2004",
 #    "ubuntu-2404",
 ONEDIR_DISTROS = [
-    "almalinux-8",
+    "amazonlinux-2023",
    "almalinux-9",
    "amazon-2",
    "centos-stream9",
    "debian-11",
    "debian-12",
    "fedora-39",
    "fedora-40",
    "oraclelinux-8",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-8",
    "rockylinux-9",
    "ubuntu-2004",
    "ubuntu-2204",
    "ubuntu-2404",
 ]
 #    "amazonlinux-2",
 #    "amazonlinux-2023",
 #    "photon-4",
 #    "photon-5",
 #    "rockylinux-8",
 #    "ubuntu-2404",
 ONEDIR_RC_DISTROS = [
    "almalinux-9",
    "amazon-2",
    "centos-stream9",
    "debian-12",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-9",
-    "ubuntu-2404",
+    "ubuntu-2204",
 ]
 ##    "opensuse-tumbleweed",
 BLACKLIST_3006 = [
    "arch",
    "debian-12",
    "fedora-40",
    "gentoo",
    "gentoo-systemd",
    "opensuse-15",
    "ubuntu-2404",
 ]
-##    "opensuse-tumbleweed",
+#    "photon-5",
 BLACKLIST_3007 = [
    "arch",
    "fedora-39",
    "gentoo",
    "gentoo-systemd",
    "opensuse-15",
    "photon-4",
    "photon-5",
 ]
-##    "amazon-2023",
+#    "ubuntu-2204",
 ##    "opensuse-tumbleweed",
 BLACKLIST_GIT_3006 = [
-    "almalinux-9",
+    "amazonlinux-2",
-    "amazon-2",
+    "amazonlinux-2023",
    "arch",
    "centos-stream9",
    "debian-11",
    "debian-12",
    "debian-13",
    "fedora-40",
    "gentoo",
    "gentoo-systemd",
    "opensuse-15",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-9",
    "ubuntu-2004",
    "ubuntu-2204",
    "ubuntu-2404",
 ]
-##    "amazon-2023",
+#    "debian-12",
-##    "opensuse-tumbleweed",
+#    "ubuntu-2204",
 BLACKLIST_GIT_3007 = [
-    "almalinux-9",
+    "amazonlinux-2",
-    "amazon-2",
+    "amazonlinux-2023",
    "arch",
    "centos-stream9",
    "debian-11",
-    "debian-12",
+    "debian-13",
    "fedora-39",
    "fedora-40",
    "gentoo",
    "gentoo-systemd",
    "opensuse-15",
    "oraclelinux-9",
    "photon-4",
    "photon-5",
    "rockylinux-9",
    "ubuntu-2004",
    "ubuntu-2204",
    "ubuntu-2404",
 ]
 #    "debian-12",
 BLACKLIST_GIT_MASTER = [
-    "amazon-2",
+    "amazonlinux-2",
-    "fedora-39",
+    "amazonlinux-2023",
    "debian-11",
    "debian-13",
    "fedora-40",
    "photon-4",
    "photon-5",
    "rockylinux-9",
 ]
 SALT_VERSIONS = [
@ -227,35 +184,18 @@ GIT_VERSION_BLACKLIST = [
 #           Use build and pip and other standards-based tools.
 #
 GIT_DISTRO_BLACKLIST = [
    "almalinux-8",
    "fedora-39",
    "opensuse-15",
    "oraclelinux-8",
    "rockylinux-8",
 ]
-LATEST_PKG_BLACKLIST = [
+LATEST_PKG_BLACKLIST = []
    "gentoo",
    "gentoo-systemd",
 ]
 ##    "amazon-2023": "Amazon 2023",
 ##    "opensuse-tumbleweed": "Opensuse Tumbleweed",
 DISTRO_DISPLAY_NAMES = {
-    "almalinux-8": "AlmaLinux 8",
+    "amazonlinux-2": "Amazon 2",
-    "almalinux-9": "AlmaLinux 9",
+    "amazonlinux-2023": "Amazon 2023",
    "amazon-2": "Amazon 2",
    "arch": "Arch",
    "centos-stream9": "CentOS Stream 9",
    "debian-11": "Debian 11",
    "debian-12": "Debian 12",
-    "fedora-39": "Fedora 39",
+    "debian-13": "Debian 13",
    "fedora-40": "Fedora 40",
    "gentoo": "Gentoo",
    "gentoo-systemd": "Gentoo (systemd)",
    "opensuse-15": "Opensuse 15",
    "oraclelinux-8": "Oracle Linux 8",
    "oraclelinux-9": "Oracle Linux 9",
    "photon-4": "Photon OS 4",
    "photon-5": "Photon OS 5",
    "rockylinux-8": "Rocky Linux 8",
@ -265,19 +205,33 @@ DISTRO_DISPLAY_NAMES = {
    "ubuntu-2404": "Ubuntu 24.04",
    "macos-12": "macOS 12",
    "macos-13": "macOS 13",
-    "windows-2019": "Windows 2019",
+    "macos-14": "macOS 14",
    "windows-2022": "Windows 2022",
 }
-TIMEOUT_DEFAULT = 20
+CONTAINER_SLUG_NAMES = {
-TIMEOUT_OVERRIDES = {
+    "amazonlinux-2": "amazonlinux-2",
-    "gentoo": 90,
+    "amazonlinux-2023": "amazonlinux-2023",
-    "gentoo-systemd": 90,
+    "debian-11": "debian-11",
    "debian-12": "debian-12",
    "debian-13": "debian-13",
    "fedora-40": "fedora-40",
    "photon-4": "photon-4",
    "photon-5": "photon-5",
    "rockylinux-8": "rockylinux-8",
    "rockylinux-9": "rockylinux-9",
    "ubuntu-2004": "ubuntu-20.04",
    "ubuntu-2204": "ubuntu-22.04",
    "ubuntu-2404": "ubuntu-24.04",
    "macos-12": "macos-12",
    "macos-13": "macos-13",
    "macos-14": "macOS 14",
    "windows-2022": "windows-2022",
 }
-VERSION_ONLY_OVERRIDES = [
+
-    "gentoo",
+TIMEOUT_DEFAULT = 20
-    "gentoo-systemd",
+TIMEOUT_OVERRIDES = {}
-]
+VERSION_ONLY_OVERRIDES = []
 TEMPLATE = """
  {distro}:
@ -289,6 +243,7 @@ TEMPLATE = """
    with:
      distro-slug: {distro}
      display-name: {display_name}
      container-slug: {container_name}
      timeout: {timeout_minutes}{runs_on}
      instances: '{instances}'
 """
@ -339,6 +294,7 @@ def generate_test_jobs():
                ifcheck=ifcheck,
                instances=json.dumps(instances),
                display_name=DISTRO_DISPLAY_NAMES[distro],
                container_name=CONTAINER_SLUG_NAMES[distro],
                timeout_minutes=timeout_minutes,
            )
@ -384,6 +340,7 @@ def generate_test_jobs():
                ifcheck=ifcheck,
                instances=json.dumps(instances),
                display_name=DISTRO_DISPLAY_NAMES[distro],
                container_name=CONTAINER_SLUG_NAMES[distro],
                timeout_minutes=timeout_minutes,
            )
@ -483,6 +440,7 @@ def generate_test_jobs():
                ifcheck=ifcheck,
                instances=json.dumps(instances),
                display_name=DISTRO_DISPLAY_NAMES[distro],
                container_name=CONTAINER_SLUG_NAMES[distro],
                timeout_minutes=timeout_minutes,
            )
--- a/.github/workflows/test-linux.yml
+++ b/.github/workflows/test-linux.yml
@ -17,6 +17,11 @@ on:
        required: true
        description: The Instances To Test
      container-slug:
        type: string
        required: true
        description: The Container Slug
      timeout:
        type: number
        required: false
@ -26,7 +31,7 @@ on:
 jobs:
  Test:
    name: ${{ matrix.instance }}
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
    timeout-minutes: ${{ inputs.timeout }}
    strategy:
      max-parallel: 2
@ -37,39 +42,48 @@ jobs:
    steps:
      - uses: actions/checkout@v4
-      - name: Setup Ruby
+      - name: Get Version
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 2.6.10
          ## ruby-version: 3.3.4
          bundler-cache: true
      - name: Set up Python 3.10
        uses: actions/setup-python@v5
        with:
          python-version: "3.10"
      - name: Install Python Dependencies
        run: |
-          python3 -m pip install -U pip
+          # We need to get the version here and make it an environment variable
-          python3 -m pip install -r tests/requirements.txt
+          # It is used to install via bootstrap and in the test
          # The version is in the instance name
          # sed 1st - becomes space, 2nd - becomes dot
          vt_parm_ver=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
          echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
-      - name: Create Test Instance
+      - name: "Pull container ${{ inputs.container-slug }}"
        run: |
-          bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
+          docker pull ghcr.io/saltstack/salt-ci-containers/testing:${{ inputs.container-slug }}
-          (sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
+
-          sleep 2
+      - name: "Create container ${{ inputs.container-slug }}"
        run: |
          /usr/bin/docker create --name ${{ github.run_id }}_salt-test --workdir /_w/ --privileged -e "HOME=/github/home" -e GITHUB_ACTIONS=true -e CI=true -e $GITHUB_ENV -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work":"/__w" -v "/home/runner/work/_temp":"/__w/_temp" -v "/home/runner/work/_actions":"/__w/_actions" -v "/opt/hostedtoolcache":"/__t" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/salt-bootstrap/salt-bootstrap":"/_w/btstrap"  --entrypoint "/usr/lib/systemd/systemd" ghcr.io/saltstack/salt-ci-containers/testing:${{ inputs.container-slug }} --systemd --unit rescue.target
      - name: "Start container ${{ inputs.container-slug }}"
        run: |
          /usr/bin/docker start ${{ github.run_id }}_salt-test
      - name: "Install Python Dependencies with pip breakage in container ${{ inputs.container-slug }}"
        if: ${{ ( inputs.distro-slug == 'debian-12' ) || ( inputs.distro-slug == 'debian-13' ) || ( inputs.distro-slug == 'ubuntu-2404' ) }}
        run: |
          docker exec ${{ github.run_id}}_salt-test python3 -m pip install --break-system-packages -r /_w/btstrap/tests/requirements.txt
      - name: "Install Python Dependencies without pip breakage in container ${{ inputs.container-slug }}"
        if: ${{ ( inputs.distro-slug != 'debian-12' ) && ( inputs.distro-slug != 'debian-13' ) && ( inputs.distro-slug != 'ubuntu-2404' ) }}
        run: |
          docker exec ${{ github.run_id}}_salt-test python3 -m pip install -r /_w/btstrap/tests/requirements.txt
      - name: Bootstrap Salt
        run: |
          # sed 1st - becomes space, 2nd - becomes dot
          bt_arg1=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $1}')
          bt_arg2=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
          echo "bt parms ,$bt_parms, bt_arg1 ,$bt_arg1, bt_arg2 ,$bt_arg2,"
          docker exec ${{ github.run_id}}_salt-test sh -x /_w/btstrap/bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
      - name: Test Bootstrap
        run: |
-          bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
+          docker exec ${{ github.run_id}}_salt-test pytest --cache-clear -v -s -ra --log-cli-level=debug /_w/btstrap/tests/integration/
          sleep 2
      - name: Destroy Test Instance
        if: always()
        run: |
          bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
          sleep 2
      - name: Set Exit Status
        if: always()
--- a/.github/workflows/test-macos.yml
+++ b/.github/workflows/test-macos.yml
@ -22,19 +22,22 @@ on:
        required: true
        description: The Instances To Test
      container-slug:
        type: string
        required: true
        description: The Container Slug
      timeout:
        type: number
        required: false
        default: 20
        description: The timeout(in minutes) for the workflow
 env:
  KITCHEN_LOCAL_YAML: 'kitchen.macos.yml'
 jobs:
  Test:
    name: ${{ matrix.instance }}
    runs-on: ${{ inputs.runs-on }}
    ## runs-on: macos-13
    timeout-minutes: ${{ inputs.timeout }}
    strategy:
      fail-fast: false
@ -44,39 +47,37 @@ jobs:
    steps:
      - uses: actions/checkout@v4
-      - name: Setup Ruby
+      - name: Install Python Dependencies with pip breakage
-        uses: ruby/setup-ruby@v1
+        if: ${{ ( inputs.distro-slug != 'macos-12' ) && ( inputs.distro-slug != 'macos-13' ) }}
        with:
          ruby-version: 2.6.10
          ## ruby-version: 3.3.4
          bundler-cache: true
      - name: Set up Python 3.10
        uses: actions/setup-python@v5
        with:
          python-version: "3.10"
      - name: Install Python Dependencies
        run: |
-          pip install -U pip
+          python3 -m pip install --break-system-packages -r tests/requirements.txt
          pip install -r tests/requirements.txt
-      - name: Create Test Instance
+      - name: Install Python Dependencies without pip breakage
        if: ${{ ( inputs.distro-slug == 'macos-12' ) || ( inputs.distro-slug == 'macos-13' ) }}
        run: |
-          bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }} || \
+          python3 -m pip install -r tests/requirements.txt
-            (sleep 10 && bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }})
+
-          sleep 2
+      - name: Get Version
        run: |
          # We need to get the version here and make it an environment variable
          # It is used to install via bootstrap and in the test
          # The version is in the instance name
          # sed 1st - becomes space, 2nd - becomes dot
          vt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
          vt_parm_ver=$(echo "$vt_parms" | awk -F ' ' '{print $2}')
          echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
      - name: Bootstrap Salt
        run: |
          # sed 1st - becomes space, 2nd - becomes dot
          bt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
          bt_arg1=$(echo "$bt_parms" | awk -F ' ' '{print $1}')
          bt_arg2=$(echo "$bt_parms" | awk -F ' ' '{print $2}')
          sudo sh ./bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
      - name: Test Bootstrap
        run: |
-          bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
+          pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
          sleep 2
      - name: Destroy Test Instance
        if: always()
        run: |
          bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
          sleep 2
      - name: Set Exit Status
        if: always()
--- a/.github/workflows/test-windows.yml
+++ b/.github/workflows/test-windows.yml
@ -22,22 +22,21 @@ on:
        required: true
        description: The Instances To Test
      container-slug:
        type: string
        required: true
        description: The Container Slug
      timeout:
        type: number
        required: false
        default: 20
        description: The timeout(in minutes) for the workflow
 env:
  machine_user: kitchen
  machine_pass: Password1
  machine_port: 5985
  KITCHEN_LOCAL_YAML: 'kitchen.windows.yml'
 jobs:
  Test:
    name: ${{ matrix.instance }}
-    runs-on: ${{ inputs.runs-on }}
+    runs-on: windows-latest
    timeout-minutes: ${{ inputs.timeout }}
    strategy:
      fail-fast: false
@ -47,39 +46,6 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - name: Setup Ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: 2.6.10
          ## ruby-version: 3.3.4
          bundler-cache: true
      - name: Install Chef
        uses: actionshub/chef-install@1.1.0
        with:
          project: chef
          version: 16.10.8
      - name: Add Chef bindir to PATH
        uses: myci-actions/export-env-var-powershell@1
        with:
          name: PATH
          value: "C:\\opscode\\chef\\bin;C:\\opscode\\chef\\embedded\\bin;$env:PATH"
      - name: Setup test user
        run: |
          $password = ConvertTo-SecureString $env:machine_pass -AsPlainText -Force
          New-LocalUser $env:machine_user -Password $password
          Add-LocalGroupMember -Group "Administrators" -Member $env:machine_user
          Get-LocalUser
          Get-LocalGroupMember -Group "Administrators"
      - name: Set up WinRM
        run: |
          Set-WSManQuickConfig -Force
          winrm set winrm/config/service '@{AllowUnencrypted="True"}'
          env
      - name: Set up Python 3.10
        uses: actions/setup-python@v5
        with:
@ -87,25 +53,27 @@ jobs:
      - name: Install Python Dependencies
        run: |
-          pip install -U pip
+          python3 -m pip install -r tests/requirements.txt
          pip install -r tests/requirements.txt
-      - name: Create Test Instance
+      - name: Get Version
        run: |
-          bundle exec kitchen create ${{ matrix.instance }}-${{ inputs.distro-slug }}
+          # We need to get the version here and make it an environment variable
-          sleep 2
+          # It is used to install via bootstrap and in the test
          # The version is in the instance name
          $instance = "${{ matrix.instance }}"
          $version = $instance -split "-",2
          if ( $version.Count -gt 1 ) {
            $version = $version[1].Replace("-", ".")
          }
          Write-Output "SaltVersion=$version" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
      - name: Bootstrap Salt
        run: |
          . .\bootstrap-salt.ps1 -RunService $false -Version $env:SaltVersion
      - name: Test Bootstrap
        run: |
-          env
+          pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
          bundle exec kitchen verify ${{ matrix.instance }}-${{ inputs.distro-slug }}
          sleep 2
      - name: Destroy Test Instance
        if: always()
        run: |
          bundle exec kitchen destroy ${{ matrix.instance }}-${{ inputs.distro-slug }}
          sleep 2
      - name: Set Exit Status
        if: always()
--- a/.gitignore
+++ b/.gitignore
@ -2,14 +2,9 @@
 *.sw?
 *.un~
 .vagrant
 *__pycache__
 tools
 venv
 # Pycharm
 .idea
 # test-kitchen
 .kitchen.local.yml
 kitchen.local.yml
 .kitchen/
 .bundle/
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -37,19 +37,14 @@ repos:
        args:
          - requirements/release.in
 ## DGM   - repo: https://github.com/asottile/pyupgrade
 ## DGM     rev: v3.15.0
 ## DGM     hooks:
 ## DGM       - id: pyupgrade
 ## DGM         name: Rewrite Code to be Py3.10+
 ## DGM         args: [--py310-plus]
  - repo: https://github.com/asottile/pyupgrade
    rev: v3.15.0
    hooks:
      - id: pyupgrade
-        name: Rewrite Code to be Py3.9+
+        name: Rewrite Code to be Py3.6+
-        args: [--py39-plus]
+        args: [--py36-plus]
        ## DGM name: Rewrite Code to be Py3.9+
        ## DGM args: [--py39-plus]
  - repo: https://github.com/asottile/reorder_python_imports
    rev: v3.12.0
@ -58,7 +53,7 @@ repos:
        args: [--py310-plus]
  - repo: https://github.com/psf/black
-    rev: 24.1.0
+    rev: 24.10.0
    hooks:
      - id: black
        args: []
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,106 @@
 # v2024.12.12
 ## What's Changed
 - Restrict use of dnf to Fedora only, otherwise use yum when dealing with RedHat family by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2070
 - Updating container usage to that used in new Salt pipelines for CI/CD, fix Amazon Linux by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2071
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.12.09...v2024.12.12
 # v2024.12.09
 ## What's Changed
 - Fix quickstart for Windows with new repo by @twangboy in https://github.com/saltstack/salt-bootstrap/pull/2065
 - Utilize salt-project packages with SUSE by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2066
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.29...v2024.12.09
 # v2024.11.29
 ## What's Changed
 - Updated date to overcome issue with existing tag for 2024.11.27 by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2058
 - Fix date tag by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2059
 - Revert forcing git tag, other issues with check sums calculated, easiest solution is wait a day to release by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2060
 - Updated date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2061
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.29
 # v2024.11.27
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.27
 # v2024.11.27
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.27...v2024.11.27
 # v2024.11.27
 ## What's Changed
 - Testing git install methods by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2057
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.26...v2024.11.27
 # v2024.11.27
 ## What's Changed
 - Testing git install methods by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2057
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.26...v2024.11.27
 # v2024.11.26
 ## What's Changed
 - Updated URLs in README, and fix deps download issue on RedHat family by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2052
 - Update README script help output and scriptversions by @ScriptAutomate in https://github.com/saltstack/salt-bootstrap/pull/2056
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.21...v2024.11.26
 # v2024.11.21
 ## What's Changed
 - Make universal repo url by @twangboy in https://github.com/saltstack/salt-bootstrap/pull/2045
 - Update bootstrap shell CI/CD to utilize containers and clean up by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2039
 - \[WIP\] hwclock check missing additional condition on major version by @ruslantum in https://github.com/saltstack/salt-bootstrap/pull/2048
 ## New Contributors
 - @ruslantum made their first contribution in https://github.com/saltstack/salt-bootstrap/pull/2048
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.07...v2024.11.21
 # v2024.11.07
 ## What's Changed
 - Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
 - Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
 - Fixing git tag signing issue by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2037
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
 # v2024.11.07
 ## What's Changed
 - Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
 - Forcing git tag to not sign by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2036
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
 # v2024.11.07
 ## What's Changed
 - Changed release runners and shell script date by @dmurphy18 in https://github.com/saltstack/salt-bootstrap/pull/2035
 **Full Changelog**: https://github.com/saltstack/salt-bootstrap/compare/v2024.11.06...v2024.11.07
 # v2024.09.24
 ## What's Changed
--- a/11
+++ b/11
@ -1,11 +0,0 @@
 # frozen_string_literal: true
 source "https://rubygems.org"
 gem 'test-kitchen', '>= 3.2.2'
 gem 'kitchen-salt', '>= 0.7.2'
 gem 'kitchen-docker', :git => 'https://github.com/test-kitchen/kitchen-docker.git', :branch => 'main'
 group :vagrant do
  gem 'kitchen-vagrant'
 end
--- a/README.rst
+++ b/README.rst
@ -37,6 +37,13 @@ sum** of the downloaded ``bootstrap-salt.sh`` file.
 The SHA256 sum of the ``bootstrap-salt.sh`` file, per release, is:
 - 2024.12.12: ``7cc91adfa5a15ff57d203dc2b79608c773efc639d4e9bf03861198903e11becd``
 - 2024.12.09: ``44f9405a6d9622ad8fa7c93e83a52e01ca328f27e4e9dea4a52268c6a22dbe6d``
 - 2024.11.29: ``0ac87384dee051aceded69704485a5de0e4a308551a462b10c262111b57acff0``
 - 2024.11.27: ``e972bd1ef01d09cd1d9294374ef974c9e3dd9a2aee37cf3859144585fd8bf1d0``
 - 2024.11.26: ``832c7a20b96e1df171d715323df9afff8a11aef42d15598c007f240bc89d723c``
 - 2024.11.21: ``ddf624c3a94d721da3f7629402a6c7ecc9dd96d13c1ead2a626314e97cee982a``
 - 2024.11.07: ``70a9783649e129985563d1a86cf28b8984499643e62ae1dc47dc008bd204fcbb``
 - 2024.09.24: ``88e4e4cad4b115a7b721dd9c21d5ee5df390b5b73b63de48f99399146f43f371``
 - 2024.07.23: ``7212b6b497b5c3d2bf15bfe5301625ec7bc1bf3e2949cd47d8e2073614935bf8``
 - 2024.07.18: ``92a74e7ff8a9032a7713c2b3955991d66aaca08a4eb9494ce3dd66b5044f6bc3``
@ -57,8 +64,9 @@ If you're looking for a *one-liner* to install Salt, please scroll to the bottom
 instructions for `Installing via an Insecure One-Liner`_.
 There are also .sha256 files for verifying against in the repo for the stable branch.  You can also
-get the correct sha256 sum for the stable release from https://bootstrap.saltproject.io/sha256 and
+get the correct sha256 sum for the stable release from
-https://winbootstrap.saltproject.io/sha256
+https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh.sha256 and
 https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1.sha256
 Contributing
 ------------
@ -81,112 +89,123 @@ To view the latest options and descriptions for ``salt-bootstrap``, use ``-h`` a
  Usage :  bootstrap-salt.sh [options] <install-type> [install-type-args]
  Installation types:
-    - stable              Install latest stable release. This is the default
+    - stable               Install latest stable release. This is the default
-                          install type
+                           install type
-    - stable [branch]     Install latest version on a branch. Only supported
+    - stable [branch]      Install latest version on a branch. Only supported
-                          for packages available at repo.saltproject.io
+                           for packages available at packages.broadcom.com
-    - stable [version]    Install a specific version. Only supported for
+    - stable [version]     Install a specific version. Only supported for
-                          packages available at repo.saltproject.io
+                           packages available at packages.broadcom.com
-                          To pin a 3xxx minor version, specify it as 3xxx.0
+                           To pin a 3xxx minor version, specify it as 3xxx.0
-    - testing             RHEL-family specific: configure EPEL testing repo
+    - testing              RHEL-family specific: configure EPEL testing repo
-    - git                 Install from the head of the master branch
+    - git                  Install from the head of the master branch
-    - git [ref]           Install from any git ref (such as a branch, tag, or
+    - git [ref]            Install from any git ref (such as a branch, tag, or
-                          commit)
+                           commit)
    - onedir               Install latest onedir release.
    - onedir [version]     Install a specific version. Only supported for
                           onedir packages available at packages.broadcom.com
    - onedir_rc            Install latest onedir RC release.
    - onedir_rc [version]  Install a specific version. Only supported for
                           onedir RC packages available at packages.broadcom.com
  Examples:
    - bootstrap-salt.sh
    - bootstrap-salt.sh stable
-    - bootstrap-salt.sh stable 3006.7
+    - bootstrap-salt.sh stable 3006
-    - bootstrap-salt.sh stable v3006.8
+    - bootstrap-salt.sh stable 3006.1
    - bootstrap-salt.sh testing
    - bootstrap-salt.sh git
    - bootstrap-salt.sh git 3006.7
    - bootstrap-salt.sh git v3006.8
    - bootstrap-salt.sh git 3007.1
    - bootstrap-salt.sh git v3007.1
    - bootstrap-salt.sh git 06f249901a2e2f1ed310d58ea3921a129f214358
    - bootstrap-salt.sh onedir
    - bootstrap-salt.sh onedir 3006
    - bootstrap-salt.sh onedir_rc
    - bootstrap-salt.sh onedir_rc 3008
  Options:
-    -h  Display this message
+    -a  Pip install all Python pkg dependencies for Salt. Requires -V to install
-    -v  Display script version
+        all pip pkgs into the virtualenv.
-    -n  No colours
+        (Only available for Ubuntu based distributions)
-    -D  Show debug output
+    -A  Pass the salt-master DNS name or IP. This will be stored under
        \${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf
    -b  Assume that dependencies are already installed and software sources are
        set up. If git is selected, git tree is still checked out as dependency
        step.
    -c  Temporary configuration directory
-    -g  Salt Git repository URL. Default: https://github.com/saltstack/salt.git
+    -C  Only run the configuration function. Implies -F (forced overwrite).
-    -w  Install packages from downstream package repository rather than
+        To overwrite Master, Syndic or Api configs, -M,-S or -W, respectively, must
-        upstream, saltstack package repository. This is currently only
+        also be specified. Salt installation will be ommitted, but some of the
-        implemented for SUSE.
+        dependencies could be installed to write configuration with -j or -J.
    -k  Temporary directory holding the minion keys which will pre-seed
        the master.
    -s  Sleep time used when waiting for daemons to start, restart and when
        checking for the services running. Default: 3
    -L  Also install salt-cloud and required python-libcloud package
    -M  Also install salt-master
    -S  Also install salt-syndic
    -W  Also install salt-api
    -N  Do not install salt-minion
    -X  Do not start daemons after installation
    -d  Disables checking if Salt services are enabled to start on system boot.
        You can also do this by touching /tmp/disable_salt_checks on the target
-        host. Default: ${BS_FALSE}
+        host. Default: \${BS_FALSE}
-    -P  Allow pip based installations. On some distributions the required salt
+    -D  Show debug output
-        packages or its dependencies are not available as a package for that
+    -f  Force shallow cloning for git installations.
-        distribution. Using this flag allows the script to use pip as a last
+        This may result in an "n/a" in the version number.
-        resort method. NOTE: This only works for functions which actually
+    -F  Allow copied files to overwrite existing (config, init.d, etc)
-        implement pip based installations.
+    -g  Salt Git repository URL. Default: https://github.com/saltstack/salt.git
-    -U  If set, fully upgrade the system prior to bootstrapping Salt
+    -h  Display this message
    -H  Use the specified HTTP proxy for all download URLs (including https://).
        For example: http://myproxy.example.com:3128
    -i  Pass the salt-minion id. This will be stored under
        \${BS_SALT_ETC_DIR}/minion_id
    -I  If set, allow insecure connections while downloading any files. For
        example, pass '--no-check-certificate' to 'wget' or '--insecure' to
        'curl'. On Debian and Ubuntu, using this option with -U allows obtaining
        GnuPG archive keys insecurely if distro has changed release signatures.
    -F  Allow copied files to overwrite existing (config, init.d, etc)
    -K  If set, keep the temporary files in the temporary directories specified
        with -c and -k
    -C  Only run the configuration function. Implies -F (forced overwrite).
        To overwrite Master or Syndic configs, -M or -S, respectively, must
        also be specified. Salt installation will be ommitted, but some of the
        dependencies could be installed to write configuration with -j or -J.
    -A  Pass the salt-master DNS name or IP. This will be stored under
        ${BS_SALT_ETC_DIR}/minion.d/99-master-address.conf
    -i  Pass the salt-minion id. This will be stored under
        ${BS_SALT_ETC_DIR}/minion_id
    -p  Extra-package to install while installing Salt dependencies. One package
        per -p flag. You are responsible for providing the proper package name.
    -H  Use the specified HTTP proxy for all download URLs (including https://).
        For example: http://myproxy.example.com:3128
    -b  Assume that dependencies are already installed and software sources are
        set up. If git is selected, git tree is still checked out as dependency
        step.
    -f  Force shallow cloning for git installations.
        This may result in an "n/a" in the version number.
    -l  Disable ssl checks. When passed, switches "https" calls to "http" where
        possible.
    -V  Install Salt into virtualenv
        (only available for Ubuntu based distributions)
    -a  Pip install all Python pkg dependencies for Salt. Requires -V to install
        all pip pkgs into the virtualenv.
        (Only available for Ubuntu based distributions)
    -r  Disable all repository configuration performed by this script. This
        option assumes all necessary repository configuration is already present
        on the system.
    -R  Specify a custom repository URL. Assumes the custom repository URL
        points to a repository that mirrors Salt packages located at
        repo.saltproject.io. The option passed with -R replaces the
        "repo.saltproject.io". If -R is passed, -r is also set. Currently only
        works on CentOS/RHEL and Debian based distributions.
    -J  Replace the Master config file with data passed in as a JSON string. If
        a Master config file is found, a reasonable effort will be made to save
        the file with a ".bak" extension. If used in conjunction with -C or -F,
        no ".bak" file will be created as either of those options will force
        a complete overwrite of the file.
    -j  Replace the Minion config file with data passed in as a JSON string. If
        a Minion config file is found, a reasonable effort will be made to save
        the file with a ".bak" extension. If used in conjunction with -C or -F,
        no ".bak" file will be created as either of those options will force
        a complete overwrite of the file.
    -J  Replace the Master config file with data passed in as a JSON string. If
        a Master config file is found, a reasonable effort will be made to save
        the file with a ".bak" extension. If used in conjunction with -C or -F,
        no ".bak" file will be created as either of those options will force
        a complete overwrite of the file.
    -k  Temporary directory holding the minion keys which will pre-seed
        the master.
    -K  If set, keep the temporary files in the temporary directories specified
        with -c and -k
    -l  Disable ssl checks. When passed, switches "https" calls to "http" where
        possible.
    -L  Also install salt-cloud and required python-libcloud package
    -M  Also install salt-master
    -n  No colours
    -N  Do not install salt-minion
    -p  Extra-package to install while installing Salt dependencies. One package
        per -p flag. You are responsible for providing the proper package name.
    -P  Allow pip based installations. On some distributions the required salt
        packages or its dependencies are not available as a package for that
        distribution. Using this flag allows the script to use pip as a last
        resort method. NOTE: This only works for functions which actually
        implement pip based installations.
    -q  Quiet salt installation from git (setup.py install -q)
    -x  Changes the Python version used to install Salt (default: Python 3)
        Python 2.7 is not longer supported.
    -Q  Quickstart, install the Salt master and the Salt minion.
        And automatically accept the minion key.
    -R  Specify a custom repository URL. Assumes the custom repository URL
        points to a repository that mirrors Salt packages located at
        packages.broadcom.com. The option passed with -R replaces the
        "packages.broadcom.com". If -R is passed, -r is also set. Currently only
        works on CentOS/RHEL and Debian based distributions and macOS.
    -s  Sleep time used when waiting for daemons to start, restart and when
        checking for the services running. Default: 3
    -S  Also install salt-syndic
    -r  Disable all repository configuration performed by this script. This
        option assumes all necessary repository configuration is already present
        on the system.
    -U  If set, fully upgrade the system prior to bootstrapping Salt
    -v  Display script version
    -V  Install Salt into virtualenv
        (only available for Ubuntu based distributions)
    -W  Also install salt-api
    -x  Changes the Python version used to install Salt (default: Python 3).
        Python 2.7 is no longer supported.
    -X  Do not start daemons after installation
 The Salt Bootstrap script has a wide variety of options that can be passed as
 well as several ways of obtaining the bootstrap script itself. Note that the use of ``sudo``
@ -206,35 +225,35 @@ If you want to install a package of a specific release version, from the Salt Pr
 .. code:: console
-  curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -P stable 3006.1
 If you want to install a specific release version, based on the Git tags:
 .. code:: console
-  curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh git v3006.1
 Using ``curl`` to install latest development version from GitHub:
 .. code:: console
-  curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh git master
 To install a specific branch from a Git fork:
 .. code:: console
-  curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -g https://github.com/myuser/salt.git git mybranch
 If all you want is to install a ``salt-master`` using latest Git:
 .. code:: console
-  curl -o bootstrap-salt.sh -L https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -M -N git master
 If your host has Internet access only via HTTP proxy, from the Salt Project repo:
@ -242,7 +261,7 @@ If your host has Internet access only via HTTP proxy, from the Salt Project repo
 .. code:: console
  PROXY='http://user:password@myproxy.example.com:3128'
-  curl -o bootstrap-salt.sh -L -x "$PROXY" https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L -x "$PROXY" https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -P -H "$PROXY" stable
 If your host has Internet access only via HTTP proxy, installing via Git:
@ -250,7 +269,7 @@ If your host has Internet access only via HTTP proxy, installing via Git:
 .. code:: console
  PROXY='http://user:password@myproxy.example.com:3128'
-  curl -o bootstrap-salt.sh -L -x "$PROXY" https://bootstrap.saltproject.io
+  curl -o bootstrap-salt.sh -L -x "$PROXY" https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -H "$PROXY" git
@ -261,22 +280,22 @@ Using ``wget`` to install your distribution's stable packages:
 .. code:: console
-  wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
+  wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
  sudo sh bootstrap-salt.sh
 Installing a specific version from git using ``wget``:
 .. code:: console
-  wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
+  wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
-  sudo sh bootstrap-salt.sh git v3004.1
+  sudo sh bootstrap-salt.sh git v3006.8
 Installing a specific version package from the Salt Project repo using ``wget``:
 .. code:: console
-  wget -O bootstrap-salt.sh https://bootstrap.saltproject.io
+  wget -O bootstrap-salt.sh https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh
-  sudo sh bootstrap-salt.sh -P stable 3006.1
+  sudo sh bootstrap-salt.sh -P stable 3006.8
 **NOTE**
@ -291,14 +310,14 @@ If you already have Python installed, ``python 3.10``, then it's as easy as:
 .. code:: console
-  python -m urllib "https://bootstrap.saltproject.io" > bootstrap-salt.sh
+  python -m urllib "https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh" > bootstrap-salt.sh
  sudo sh bootstrap-salt.sh -P stable 3006.1
 With python version 3:
 .. code:: console
-  python3 -c 'import urllib.request; print(urllib.request.urlopen("https://bootstrap.saltproject.io").read().decode("ascii"))' > bootstrap-salt.sh
+  python3 -c 'import urllib.request; print(urllib.request.urlopen("https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh").read().decode("ascii"))' > bootstrap-salt.sh
  sudo sh bootstrap-salt.sh git v3006.1
 Note: Python 2.x is no longer supported given it reached it's End-Of-Life Jan. 1st, 2020
@ -321,25 +340,25 @@ Installing the latest stable release of Salt (default):
 .. code:: console
-  curl -L https://bootstrap.saltproject.io | sudo sh
+  curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh
 Using ``wget`` to install your distribution's stable packages:
 .. code:: console
-  wget -O - https://bootstrap.saltproject.io | sudo sh
+  wget -O - https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh
 Installing a target version package of Salt from the Salt Project repo:
 .. code:: console
-  curl -L https://bootstrap.saltproject.io | sudo sh -s -- stable 3006.8
+  curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh -s -- stable 3006.8
 Installing the latest master branch of Salt from git:
 .. code:: console
-  curl -L https://bootstrap.saltproject.io | sudo sh -s -- git master
+  curl -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.sh | sudo sh -s -- git master
 Note: use of git is recommended for development environments, for example: testing new features of
 Salt which have not yet been released.
@ -354,9 +373,8 @@ Using ``PowerShell`` to install latest stable version:
 .. code:: powershell
  [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
-  Invoke-WebRequest -Uri https://winbootstrap.saltproject.io -OutFile "$env:TEMP\bootstrap-salt.ps1"
+  Invoke-WebRequest -Uri https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1 -OutFile "$env:TEMP\bootstrap-salt.ps1"
-  Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
+  Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser & "$env:TEMP\bootstrap-salt.ps1"
  & "$env:TEMP\bootstrap-salt.ps1"
 Display information about the install script parameters:
@ -368,7 +386,7 @@ Using ``cygwin`` to install latest stable version:
 .. code:: console
-  curl -o bootstrap-salt.ps1 -L https://winbootstrap.saltproject.io
+  curl -o bootstrap-salt.ps1 -L https://github.com/saltstack/salt-bootstrap/releases/latest/download/bootstrap-salt.ps1
  "/cygdrive/c/WINDOWS/System32/WindowsPowerShell/v1.0/powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "[System.Net.ServicePointManager]::SecurityProtocol = 3072; iex ./bootstrap-salt.ps1"
@ -378,13 +396,13 @@ Supported Operating Systems
 The salt-bootstrap script officially supports the distributions outlined in
 `Salt's Supported Operating Systems
 <https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_
-document, (BSD-based OSs, Solaris and AIX are no longer
+document, (BSD-based OSs, Solaris and AIX are no longer supported).
-supported).  The operating systems listed below should reflect this document but may become out of
+The operating systems listed below should reflect this document but may become out of date.
-date. If an operating system is listed below, but is not listed on the official supported operating
+If an operating system is listed below, but is not listed on the official supported operating
 systems document, the level of support is "best-effort".
 Since Salt is written in Python, the packages available from the `Salt Project's repository
-<https://repo.saltproject.io/salt/py3>`_ are
+<packages.broadcom.com>`_ are
 CPU architecture independent and could be installed on any hardware supported by Linux kernel.
 However, the Salt Project does package Salt's binary dependencies only for ``x86_64`` (``amd64``)
 and ``AArch64`` (``arm64``).
@ -413,21 +431,19 @@ Debian and derivatives
 - Devuan GNU/Linux 1/2/3/4/5
 - Kali Linux 1.0 (based on Debian 7)
 - Linux Mint Debian Edition 1 (based on Debian 8)
 - Raspbian 8 (``armhf`` packages) and 9 (using ``git`` installation mode only)
 Red Hat family
 ~~~~~~~~~~~~~~
 - Amazon Linux 2012.3 and later
 - Amazon Linux 2
 - Amazon Linux 2023
- CentOS 7/8/9
+- CentOS 8/9
 - Cloud Linux 6/7
- Fedora 38/39/40 (install latest stable from standard repositories)
+- Fedora 40 (install latest stable from standard repositories)
- Oracle Linux 7/8/9
+- Oracle Linux 8/9
- Red Hat Enterprise Linux 7/8/9
+- Red Hat Enterprise Linux 8/9
- Scientific Linux 7/8/9
+- Scientific Linux 8/9
 SUSE family
@ -460,8 +476,8 @@ repositories are not provided on the `Salt Project's Ubuntu repository`_ for the
 the bootstrap script will attempt to install the packages for the most closely related LTS Ubuntu
 release instead.
-For example, when installing Salt on Ubuntu 21.10, the bootstrap script will setup the repository
+For example, when installing Salt on Ubuntu 24.10, the bootstrap script will setup the repository
-for Ubuntu 20.04 from the `Salt Project's Ubuntu repository`_ and install the 20.04 packages.
+for Ubuntu 24.04 from the `Salt Project's Ubuntu repository`_ and install the 24.04 packages.
 Non-LTS Ubuntu releases are not supported once the release reaches End-of-Life as defined by
 `Ubuntu's release schedule`_.
--- a/119
+++ b/119
@ -1,119 +0,0 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
 # Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
 VAGRANTFILE_API_VERSION = "2"
 Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  # All Vagrant configuration is done here. The most common configuration
  # options are documented and commented below. For a complete reference,
  # please see the online documentation at vagrantup.com.
  # Every Vagrant virtual environment requires a box to build off of.
  config.vm.box = "ubuntu/focal64"
  # The url from where the 'config.vm.box' box will be fetched if it
  # doesn't already exist on the user's system.
  # config.vm.box_url = "http://domain.com/path/to/above.box"
  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # config.vm.network :forwarded_port, guest: 80, host: 8080
  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  # config.vm.network :private_network, ip: "192.168.33.10"
  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network :public_network
  # If true, then any SSH connections made will enable agent forwarding.
  # Default value: false
  # config.ssh.forward_agent = true
  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  config.vm.synced_folder ".", "/salt_bootstrap"
  config.vm.provision "shell", path: "bootstrap-salt.sh"
  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  # config.vm.provider :virtualbox do |vb|
  #   # Don't boot with headless mode
  #   vb.gui = true
  #
  #   # Use VBoxManage to customize the VM. For example to change memory:
  #   vb.customize ["modifyvm", :id, "--memory", "1024"]
  # end
  #
  # View the documentation for the provider you're using for more
  # information on available options.
  # Enable provisioning with Puppet stand alone.  Puppet manifests
  # are contained in a directory path relative to this Vagrantfile.
  # You will need to create the manifests directory and a manifest in
  # the file precise64.pp in the manifests_path directory.
  #
  # An example Puppet manifest to provision the message of the day:
  #
  # # group { "puppet":
  # #   ensure => "present",
  # # }
  # #
  # # File { owner => 0, group => 0, mode => 0644 }
  # #
  # # file { '/etc/motd':
  # #   content => "Welcome to your Vagrant-built virtual machine!
  # #               Managed by Puppet.\n"
  # # }
  #
  # config.vm.provision :puppet do |puppet|
  #   puppet.manifests_path = "manifests"
  #   puppet.manifest_file  = "site.pp"
  # end
  # Enable provisioning with chef solo, specifying a cookbooks path, roles
  # path, and data_bags path (all relative to this Vagrantfile), and adding
  # some recipes and/or roles.
  #
  # config.vm.provision :chef_solo do |chef|
  #   chef.cookbooks_path = "../my-recipes/cookbooks"
  #   chef.roles_path = "../my-recipes/roles"
  #   chef.data_bags_path = "../my-recipes/data_bags"
  #   chef.add_recipe "mysql"
  #   chef.add_role "web"
  #
  #   # You may also specify custom JSON attributes:
  #   chef.json = { :mysql_password => "foo" }
  # end
  # Enable provisioning with chef server, specifying the chef server URL,
  # and the path to the validation key (relative to this Vagrantfile).
  #
  # The Opscode Platform uses HTTPS. Substitute your organization for
  # ORGNAME in the URL and validation key.
  #
  # If you have your own Chef Server, use the appropriate URL, which may be
  # HTTP instead of HTTPS depending on your configuration. Also change the
  # validation key to validation.pem.
  #
  # config.vm.provision :chef_client do |chef|
  #   chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
  #   chef.validation_key_path = "ORGNAME-validator.pem"
  # end
  #
  # If you're using the Opscode platform, your validator client is
  # ORGNAME-validator, replacing ORGNAME with your organization name.
  #
  # If you have your own Chef Server, the default validation client name is
  # chef-validator, unless you changed the configuration.
  #
  #   chef.validation_client_name = "ORGNAME-validator"
 end
--- a/bootstrap-salt.ps1
+++ b/bootstrap-salt.ps1
@ -18,7 +18,7 @@
    Specifies a particular version of the installer.
 .EXAMPLE
-    ./bootstrap-salt.ps1 -RunService false
+    ./bootstrap-salt.ps1 -RunService $false
    Specifies the salt-minion service to stop and be set to manual. Useful for
    testing locally from the command line with the --local switch
@ -28,7 +28,7 @@
    installer values of host name for the minion id and "salt" for the master.
 .EXAMPLE
-    ./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService false
+    ./bootstrap-salt.ps1 -Minion minion-box -Master master-box -Version 3006.7 -RunService $false
    Specifies all the optional parameters in no particular order.
 .NOTES
@ -39,7 +39,8 @@
    Salt Bootstrap GitHub Project (script home) - https://github.com/saltstack/salt-bootstrap
    Original Vagrant Provisioner Project - https://github.com/saltstack/salty-vagrant
    Vagrant Project (utilizes this script) - https://github.com/mitchellh/vagrant
-    Salt Download Location - https://repo.saltproject.io/salt/py3/windows
+    Salt Download Location - https://packages.broadcom.com/artifactory/saltproject-generic/windows/
    Salt Manual Install Directions (Windows) - https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/windows.html
 #>
 #===============================================================================
@ -48,7 +49,6 @@
 [CmdletBinding()]
 param(
    [Parameter(Mandatory=$false, ValueFromPipeline=$True)]
    [ValidatePattern('^(\d{4}(\.\d{1,2}){0,2}(\-\d{1})?)|(latest)$', Options=1)]
    [Alias("v")]
    # The version of the Salt minion to install. Default is "latest" which will
    # install the latest version of Salt minion available. Doesn't support
@ -56,12 +56,11 @@ param(
    [String]$Version = "latest",
    [Parameter(Mandatory=$false, ValueFromPipeline=$True)]
    [ValidateSet("true","false")]
    [Alias("s")]
-    # Boolean flag to start or stop the minion service. True will start the
+    # Boolean flag to start or stop the minion service. $true will start the
-    # minion service. False will stop the minion service and set it to "manual".
+    # minion service. $false will stop the minion service and set it to "manual".
    # The installer starts it by default.
-    [String]$RunService = "true",
+    [Bool]$RunService = $true,
    [Parameter(Mandatory=$false, ValueFromPipeline=$True)]
    [Alias("m")]
@ -76,12 +75,11 @@ param(
    [Parameter(Mandatory=$false, ValueFromPipeline=$True)]
    [Alias("r")]
-    # URL to the windows packages. Will look for a file named repo.json at the
+    # URL to the windows packages. Will look for the installer at the root of
-    # root of the URL. This file is used to determine the name and location of
+    # the URL/Version. Place a folder for each version of Salt in this directory
-    # the installer in the repo. If repo.json is not found, it will look for the
+    # and place the installer binary for each version in its folder.
-    # file under the minor directory.
+    # Default is "https://packages.broadcom.com/artifactory/saltproject-generic/windows/"
-    # Default is "https://repo.saltproject.io/salt/py3/windows"
+    [String]$RepoUrl = "https://packages.broadcom.com/artifactory/saltproject-generic/windows/",
    [String]$RepoUrl = "https://repo.saltproject.io/salt/py3/windows",
    [Parameter(Mandatory=$false, ValueFromPipeline=$True)]
    [Alias("c")]
@ -110,7 +108,7 @@ if ($help) {
    exit 0
 }
-$__ScriptVersion = "2024.09.24"
+$__ScriptVersion = "2024.12.12"
 $ScriptName = $myInvocation.MyCommand.Name
 # We'll check for the Version next, because it also has no requirements
@ -155,34 +153,116 @@ function Get-MajorVersion {
    return ( $Version -split "\." )[0]
 }
-function Convert-PSObjectToHashtable {
+function Get-AvailableVersions {
-    param (
+    # Get available versions from a remote location specified in the Source
-        [Parameter(ValueFromPipeline)]
+    # Parameter
-        $InputObject
+    Write-Verbose "Getting version information from the repo"
-    )
+    Write-Verbose "base_url: $base_url"
    if ($null -eq $InputObject) { return $null }
-    $is_enum = $InputObject -is [System.Collections.IEnumerable]
+    $available_versions = [System.Collections.ArrayList]@()
    $not_string = $InputObject -isnot [string]
    if ($is_enum -and $not_string) {
        $collection = @(
            foreach ($object in $InputObject) {
                Convert-PSObjectToHashtable $object
            }
        )
-        Write-Host -NoEnumerate $collection
+    if ( $base_url.StartsWith("http") -or $base_url.StartsWith("ftp") ) {
-    } elseif ($InputObject -is [PSObject]) {
+        # We're dealing with HTTP, HTTPS, or FTP
-        $hash = @{}
+        $response = Invoke-WebRequest "$base_url" -UseBasicParsing
-
+        try {
-        foreach ($property in $InputObject.PSObject.Properties) {
+            $response = Invoke-WebRequest "$base_url" -UseBasicParsing
-            $hash[$property.Name] = Convert-PSObjectToHashtable $property.Value
+        } catch {
            Write-Host "Failed to get version information" -ForegroundColor Red
            exit 1
        }
-        $hash
+        if ( $response.StatusCode -ne 200 ) {
            Write-Host "There was an error getting version information" -ForegroundColor Red
            Write-Host "Error: $($response.StatusCode)" -ForegroundColor red
            exit 1
        }
        $response.links | ForEach-Object {
            if ( $_.href.Length -gt 8) {
                Write-Host "The content at this location is unexpected" -ForegroundColor Red
                Write-Host "Should be a list of directories where the name is a version of Salt" -ForegroundColor Red
                exit 1
            }
        }
        # Getting available versions from response
        Write-Verbose "Getting available versions from response"
        $filtered = $response.Links | Where-Object -Property href -NE "../"
        $filtered | Select-Object -Property href | ForEach-Object {
            $available_versions.Add($_.href.Trim("/")) | Out-Null
        }
    } elseif ( $base_url.StartsWith("\\") -or $base_url -match "^[A-Za-z]:\\" ) {
        # We're dealing with a local directory or SMB source
        Get-ChildItem -Path $base_url -Directory | ForEach-Object {
            $available_versions.Add($_.Name) | Out-Null
        }
    } else {
-        $InputObject
+        Write-Host "Unknown Source Type" -ForegroundColor Red
        Write-Host "Must be one of HTTP, HTTPS, FTP, SMB Share, Local Directory" -ForegroundColor Red
        exit 1
    }
    Write-Verbose "Available versions:"
    $available_versions | ForEach-Object {
        Write-Verbose "- $_"
    }
    # Get the latest version, should be the last in the list
    Write-Verbose "Getting latest available version"
    $latest = $available_versions | Select-Object -Last 1
    Write-Verbose "Latest available version: $latest"
    # Create a versions table
    # This will have the latest version available, the latest version available
    # for each major version, and every version available. This makes the
    # version lookup logic easier. The contents of the versions table can be
    # found by running -Verbose
    Write-Verbose "Populating the versions table"
    $versions_table = [ordered]@{"latest"=$latest}
    $available_versions | ForEach-Object {
        $versions_table[$(Get-MajorVersion $_)] = $_
        $versions_table[$_.ToLower()] = $_.ToLower()
    }
    Write-Verbose "Versions Table:"
    $versions_table | Sort-Object Name | Out-String | ForEach-Object {
        Write-Verbose "$_"
    }
    return $versions_table
 }
 function Get-HashFromArtifactory {
    # This function uses the artifactory API to get the SHA265 Hash for the file
    # If Source is NOT artifactory, the sha will not be checked
    [CmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [String] $SaltVersion,
        [Parameter(Mandatory=$true)]
        [String] $SaltFileName
    )
    if ( $api_url ) {
        $full_url = "$api_url/$SaltVersion/$SaltFileName"
        Write-Verbose "Querying Artifactory API for hash:"
        Write-Verbose $full_url
        try {
            $response = Invoke-RestMethod $full_url -UseBasicParsing
            return $response.checksums.sha256
        } catch {
            Write-Verbose "Artifactory API Not available or file not"
            Write-Verbose "available at specified location"
            Write-Verbose "Hash will not be checked"
            return ""
        }
        Write-Verbose "No hash found for this file: $SaltFileName"
        Write-Verbose "Hash will not be checked"
        return ""
    }
    Write-Verbose "No artifactory API defined"
    Write-Verbose "Hash will not be checked"
    return ""
 }
 function Get-FileHash {
@ -301,19 +381,42 @@ if (!(Get-IsAdministrator)) {
 }
 #===============================================================================
-# Change RepoUrl for older versions
+# Check for older versions
 #===============================================================================
 $defaultUrl = "https://repo.saltproject.io/salt/py3/windows"
 $oldRepoUrl = "https://repo.saltproject.io/windows"
 $majorVersion = Get-MajorVersion -Version $Version
-if ( [Uri]($RepoUrl).AbsoluteUri -eq $defaultUrl ) {
+if ($majorVersion -lt "3006") {
-    # No customURL passed, let's check for a pre 3006 version
+    # This is an older version, use the old URL
-    if ($majorVersion -lt "3006") {
+    Write-Host "Versions older than 3006 are not available" -ForegroundColor Red
-        # This is an older version, use the old URL
+    exit 1
-        $RepoUrl = $oldRepoUrl
+}
 #===============================================================================
 # Declare variables
 #===============================================================================
 $ConfDir = "$RootDir\conf"
 $PkiDir  = "$ConfDir\pki\minion"
 $RootDir = "$env:ProgramData\Salt Project\Salt"
 # Check for existing installation where RootDir is stored in the registry
 $SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
 if (Test-Path -Path $SaltRegKey) {
    if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
        $RootDir = (Get-ItemProperty $SaltRegKey).root_dir
    }
 }
 # Get repo and api URLs. An artifactory URL will have "artifactory" in it
 $domain, $target = $RepoUrl -split "/artifactory/"
 if ( $target ) {
    # Create $base_url and $api_url
    $base_url = "$domain/artifactory/$target"
    $api_url = "$domain/artifactory/api/storage/$target"
 } else {
    # This is a non-artifactory url, there is no api
    $base_url = $domain
    $api_url = ""
 }
 #===============================================================================
 # Verify Parameters
 #===============================================================================
@ -324,49 +427,25 @@ Write-Verbose "version: $Version"
 Write-Verbose "runservice: $RunService"
 Write-Verbose "master: $Master"
 Write-Verbose "minion: $Minion"
-Write-Verbose "repourl: $RepoUrl"
+Write-Verbose "repourl: $base_url"
 Write-Verbose "apiurl: $api_url"
 Write-Verbose "ConfDir: $ConfDir"
 Write-Verbose "RootDir: $RootDir"
-if ($RunService.ToLower() -eq "true") {
+if ($RunService) {
    Write-Verbose "Windows service will be set to run"
    [bool]$RunService = $True
-} elseif ($RunService.ToLower() -eq "false") {
+} else {
    Write-Verbose "Windows service will be stopped and set to manual"
    [bool]$RunService = $False
 } else {
    # Param passed in wasn't clear so defaulting to true.
    Write-Verbose "Windows service defaulting to run automatically"
    [bool]$RunService = $True
 }
 #===============================================================================
 # Ensure Directories are present, copy Vagrant Configs if found
 #===============================================================================
 $ConfiguredAnything = $False
 # Detect older version of Salt to determing default RootDir
 if ($majorVersion -lt 3004) {
    $RootDir = "$env:SystemDrive`:\salt"
 } else {
    $RootDir = "$env:ProgramData\Salt Project\Salt"
 }
 # Check for existing installation where RootDir is stored in the registry
 $SaltRegKey = "HKLM:\SOFTWARE\Salt Project\Salt"
 if (Test-Path -Path $SaltRegKey) {
    if ($null -ne (Get-ItemProperty $SaltRegKey).root_dir) {
        $RootDir = (Get-ItemProperty $SaltRegKey).root_dir
    }
 }
 $ConfDir = "$RootDir\conf"
 $PkiDir = "$ConfDir\pki\minion"
 Write-Verbose "ConfDir: $ConfDir"
 #===============================================================================
 # Copy Vagrant Files to their proper location.
 #===============================================================================
 $ConfiguredAnything = $False
 # Vagrant files will be placed in C:\tmp
 # Check if minion keys have been uploaded, copy to correct location
 if (Test-Path C:\tmp\minion.pem) {
@ -406,152 +485,33 @@ if ( $ConfigureOnly ) {
 #===============================================================================
 # Detect architecture
 #===============================================================================
-if ([IntPtr]::Size -eq 4) {
+if ([IntPtr]::Size -eq 4) { $arch = "x86" } else { $arch = "AMD64" }
    $arch = "x86"
 } else {
    $arch = "AMD64"
 }
 #===============================================================================
-# Get file name to download
+# Getting version information from the repo
 #===============================================================================
-$saltFileName = ""
+$versions = Get-AvailableVersions
 $saltVersion = ""
 $saltSha512= ""
 $saltFileUrl = ""
 # Look for a repo.json file
 try {
    Write-Verbose "Looking for $RepoUrl/repo.json"
    $response = Invoke-WebRequest "$RepoUrl/repo.json" `
    -DisableKeepAlive `
    -UseBasicParsing `
    -Method Head
    if ( $response.StatusCode -eq "200" ) {
        Write-Verbose "Found $RepoUrl/repo.json"
        # This URL contains a repo.json file, let's use it
        $use_repo_json = $true
    } else {
        Write-Verbose "Did not find $RepoUrl/repo.json"
        # No repo.json file found at the default location
        $use_repo_json = $false
    }
 } catch {
    Write-Verbose "There was an error looking up $RepoUrl/repo.json"
    Write-Verbose "ERROR: $_"
    $use_repo_json = $false
 }
 if ( $use_repo_json ) {
    # We will use the json file to get the name of the installer
    $enc = [System.Text.Encoding]::UTF8
    try {
        Write-Verbose "Downloading $RepoUrl/repo.json"
        $response = Invoke-WebRequest -Uri "$RepoUrl/repo.json" -UseBasicParsing
        if ($response.Content.GetType().Name -eq "Byte[]") {
            $psobj = $enc.GetString($response.Content) | ConvertFrom-Json
        } else {
            $psobj = $response.Content | ConvertFrom-Json
        }
        $hash = Convert-PSObjectToHashtable $psobj
    } catch {
        Write-Verbose "repo.json not found at: $RepoUrl"
        Write-Host "ERROR: $_"
        $hash = @{}
    }
-    $searchVersion = $Version.ToLower()
+#===============================================================================
-    if ( $hash.Contains($searchVersion)) {
+# Validate passed version
-        Write-Verbose "Found $searchVersion in $RepoUrl/repo.json"
+#===============================================================================
-        foreach ($item in $hash.($searchVersion).Keys) {
+Write-Verbose "Looking up version: $Version"
-            if ( $item.ToLower().EndsWith(".exe") ) {
+if ( $versions.Contains($Version.ToLower()) ) {
-                if ( $item.ToLower().Contains($arch.ToLower()) ) {
+    $Version = $versions[$Version.ToLower()]
-                    $saltFileName = $hash.($searchVersion).($item).name
+    Write-Verbose "Found version: $Version"
                    $saltVersion = $hash.($searchVersion).($item).version
                    $saltSha512 = $hash.($searchVersion).($item).SHA512
                }
            }
        }
    } else {
        try {
            Write-Verbose "Searching for $searchVersion in $RepoUrl/minor/repo.json"
            $response = Invoke-WebRequest -Uri "$RepoUrl/minor/repo.json" -UseBasicParsing
            if ($response.Content.GetType().Name -eq "Byte[]") {
                $psobj = $enc.GetString($response.Content) | ConvertFrom-Json
            } else {
                $psobj = $response.Content | ConvertFrom-Json
            }
            $hash = Convert-PSObjectToHashtable $psobj
        } catch {
            Write-Verbose "repo.json not found at: $RepoUrl/minor/repo.json"
            Write-Verbose "ERROR: $_"
            $hash = @{}
        }
        if ( $hash.Contains($searchVersion)) {
            Write-Verbose "Found $searchVersion in $RepoUrl/minor/repo.json"
            foreach ($item in $hash.($searchVersion).Keys) {
                if ( $item.ToLower().EndsWith(".exe") ) {
                    if ( $item.ToLower().Contains($arch.ToLower()) ) {
                        $saltFileName = $hash.($searchVersion).($item).name
                        $saltVersion = $hash.($searchVersion).($item).version
                        $saltSha512 = $hash.($searchVersion).($item).SHA512
                    }
                }
            }
        } else {
            Write-Verbose "Version not found in $RepoUrl/minor/repo.json"
        }
    }
 }
 if ( $saltFileName -and $saltVersion -and $saltSha512 ) {
    Write-Verbose "Found Name, Version, and Sha"
 } else {
-    # We will guess the name of the installer
+    Write-Host "Version $Version is not available" -ForegroundColor Red
-    Write-Verbose "Failed to get Name, Version, and Sha from repo.json"
+    Write-Host "Available versions are:" -ForegroundColor Yellow
-    Write-Verbose "We'll try to find the file in standard paths"
+    $versions
    $saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
    $saltVersion = $Version
 }
 Write-Verbose "Creating list of urls using the following:"
 Write-Verbose "RepoUrl: $RepoUrl"
 Write-Verbose "Version: $saltVersion"
 Write-Verbose "File Name: $saltFileName"
 $urls = $(@($RepoUrl, $saltVersion, $saltFileName) -join "/"),
        $(@($RepoUrl, "minor", $saltVersion, $saltFileName) -join "/"),
        $(@($RepoUrl, $saltFileName) -join "/"),
        $(@($oldRepoUrl, $saltFileName) -join "/")
 $saltFileUrl = $null
 foreach ($url in $urls) {
    try {
        Write-Verbose "Looking for installer at: $url"
        $response = Invoke-WebRequest "$url" `
                    -DisableKeepAlive `
                    -UseBasicParsing `
                    -Method Head
        if ( $response.StatusCode -eq "200" ) {
            Write-Verbose "Found installer"
            # This URL contains a repo.json file, let's use it
            $saltFileUrl = $url
            break
        } else {
            Write-Verbose "Installer not found: $url"
        }
    } catch {
        Write-Verbose "ERROR: $url"
    }
 }
 if ( !$saltFileUrl ) {
    Write-Host "Could not find an installer:"
    Write-Verbose "Here are the urls searched:"
    foreach ($url in $urls) {
        Write-Verbose $url
    }
    exit 1
 }
 #===============================================================================
 # Get file url and sha256
 #===============================================================================
 $saltFileName = "Salt-Minion-$Version-Py3-$arch-Setup.exe"
 $saltFileUrl = "$base_url/$Version/$saltFileName"
 $saltSha256 = Get-HashFromArtifactory -SaltVersion $Version -SaltFileName $saltFileName
 #===============================================================================
 # Download minion setup file
@ -560,7 +520,8 @@ Write-Host "====================================================================
 Write-Host " Bootstrapping Salt Minion" -ForegroundColor Green
 Write-Host " - version: $Version"
 Write-Host " - file name: $saltFileName"
-Write-Host " - file url: $saltFileUrl"
+Write-Host " - file url : $saltFileUrl"
 Write-Host " - file hash: $saltSha256"
 Write-Host " - master: $Master"
 Write-Host " - minion id: $Minion"
 Write-Host " - start service: $RunService"
@ -573,22 +534,26 @@ Write-Verbose ""
 Write-Verbose "Salt File URL: $saltFileUrl"
 Write-Verbose "Local File: $localFile"
-$webclient = New-Object System.Net.WebClient
+# Remove existing local file
-$webclient.DownloadFile($saltFileUrl, $localFile)
+if ( Test-Path -Path $localFile ) { Remove-Item -Path $localFile -Force }
 # Download the file
 Invoke-WebRequest -Uri $saltFileUrl -OutFile $localFile
 if ( Test-Path -Path $localFile ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
-if ( $saltSha512 ) {
+# Compare the hash if there is a hash to compare
-    $localSha512 = (Get-FileHash -Path $localFile -Algorithm SHA512).Hash
+if ( $saltSha256 ) {
    $localSha256 = (Get-FileHash -Path $localFile -Algorithm SHA256).Hash
    Write-Host "Comparing Hash: " -NoNewline
    Write-Verbose ""
-    Write-Verbose "Local Hash: $localSha512"
+    Write-Verbose "Local Hash: $localSha256"
-    Write-Verbose "Remote Hash: $saltSha512"
+    Write-Verbose "Remote Hash: $saltSha256"
-    if ( $localSha512 -eq $saltSha512 ) {
+    if ( $localSha256 -eq $saltSha256 ) {
        Write-Host "Success" -ForegroundColor Green
    } else {
        Write-Host "Failed" -ForegroundColor Red
@ -620,13 +585,13 @@ $process = Start-Process $localFile `
    -NoNewWindow -PassThru
 # Sometimes the installer hangs... we'll wait 5 minutes and then kill it
 Write-Verbose ""
 Write-Verbose "Waiting for installer to finish"
 $process | Wait-Process -Timeout 300 -ErrorAction SilentlyContinue
 $process.Refresh()
 if ( !$process.HasExited ) {
-    Write-Host "Timedout" -ForegroundColor Yellow
+    Write-Verbose "Installer Timeout"
    Write-Host ""
    Write-Host "Killing hung installer: " -NoNewline
    $process | Stop-Process
    $process.Refresh()
@ -636,8 +601,6 @@ if ( !$process.HasExited ) {
        Write-Host "Failed" -ForegroundColor Red
        exit 1
    }
    Write-Host "Checking installed service: " -NoNewline
 }
 # Wait for salt-minion service to be registered to verify successful
@ -658,7 +621,7 @@ while ( ! $service ) {
        # probably went wrong and user intervention is required - report
        # failure.
        Write-Host "Failed" -ForegroundColor Red
-        Write-Host "Timed out waiting for the salt-minion service to be installed"
+        Write-Host "Timeout waiting for the salt-minion service to be installed"
        exit 1
    }
 }
@ -676,27 +639,31 @@ if( $RunService ) {
    # We'll try for 2 minutes, sometimes the minion takes that long to start as
    # it compiles python code for the first time
    $max_tries = 60
-    while ( $service.Status -ne "Running" ) {
+    if ( $service.Status -ne "Running" ) {
-        if ( $service.Status -eq "Stopped" ) {
+        while ( $service.Status -ne "Running" ) {
-            Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
+            if ( $service.Status -eq "Stopped" ) {
-        }
+                Start-Service -Name "salt-minion" -ErrorAction SilentlyContinue
-        Start-Sleep -Seconds 2
+            }
-        Write-Verbose "Checking the service status"
+            Start-Sleep -Seconds 2
-        $service.Refresh()
+            Write-Verbose "Checking the service status"
-        if ( $service.Status -eq "Running" ) {
+            $service.Refresh()
-            Write-Host "Success" -ForegroundColor Green
+            if ( $service.Status -eq "Running" ) {
-        } else {
+                Write-Host "Success" -ForegroundColor Green
            if ( $tries -le $max_tries ) {
                $tries += 1
            } else {
-                # If the salt-minion service is still not running, something
+                if ( $tries -le $max_tries ) {
-                # probably went wrong and user intervention is required - report
+                    $tries += 1
-                # failure.
+                } else {
-                Write-Host "Failed" -ForegroundColor Red
+                    # If the salt-minion service is still not running, something
-                Write-Host "Timed out waiting for the salt-minion service to start"
+                    # probably went wrong and user intervention is required - report
-                exit 1
+                    # failure.
                    Write-Host "Failed" -ForegroundColor Red
                    Write-Host "Timed out waiting for the salt-minion service to start"
                    exit 1
                }
            }
        }
    } else {
        Write-Host "Success" -ForegroundColor Green
    }
 } else {
    # Set the service to manual start
--- a/bootstrap-salt.sh
+++ b/bootstrap-salt.sh
--- a/kitchen.macos.yml
+++ b/kitchen.macos.yml
@ -1,42 +0,0 @@
 ---
 driver:
  name: exec
 provisioner:
  sudo: true
  salt_bootstrap_options: -MP stable %s
  init_environment: |
    echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
    sudo mkdir -p /etc/salt/master.d
    sudo mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
    brew install coreutils
    sh -c 't=$(gshuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
 platforms:
  - name: macos-12
  - name: macos-13
 suites:
  - name: stable-3006
    provisioner:
      salt_version: 3006
      salt_call_command: /opt/salt/salt-call
  - name: stable-3006-8
    provisioner:
      salt_version: 3006.8
      salt_call_command: /opt/salt/salt-call
  - name: stable-3007
    provisioner:
      salt_version: 3007
      salt_call_command: /opt/salt/salt-call
  - name: stable-3007-1
    provisioner:
      salt_version: 3007.1
      salt_call_command: /opt/salt/salt-call
  - name: latest
    provisioner:
      salt_version: latest
      salt_call_command: /opt/salt/salt-call
 verifier:
  command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/
--- a/kitchen.windows.yml
+++ b/kitchen.windows.yml
@ -1,42 +0,0 @@
 ---
 driver:
  name: proxy
  host: localhost
  reset_command: "exit 0"
  port: 5985
  username: kitchen
  password: Password1
 provisioner:
  salt_bootstrap_url: D:/a/salt-bootstrap/salt-bootstrap/bootstrap-salt.ps1
  salt_bootstrap_options: -Version %s -Verbose
  init_environment: ''
 platforms:
  - name: windows-2022
  - name: windows-2019
 suites:
  - name: stable-3006
    provisioner:
      salt_version: 3006
      salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
  - name: stable-3006-8
    provisioner:
      salt_version: 3006.8
      salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
  - name: stable-3007
    provisioner:
      salt_version: 3007
      salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
  - name: stable-3007-1
    provisioner:
      salt_version: 3007.1
      salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
  - name: latest
    provisioner:
      salt_version: latest
      salt_call_command: c:\Program Files\Salt Project\Salt\salt-call.exe
 verifier:
  command: pytest --cache-clear -v -s -ra --log-cli-level=debug -k "not test_ping" tests/integration/
--- a/kitchen.yml
+++ b/kitchen.yml
@ -1,296 +0,0 @@
 ---
 driver:
  name: docker
  use_sudo: false
  hostname: salt
  privileged: true
  username: root
  cap_add:
    - sys_admin
  disable_upstart: false
  use_internal_docker_network: false
  run_command: /usr/lib/systemd/systemd
 provisioner:
  name: salt_solo
  salt_install: bootstrap
  salt_bootstrap_url: bootstrap-salt.sh
  salt_bootstrap_options: -MPfq git %s
  install_after_init_environment: true
  log_level: info
  sudo: false
  require_chef: false
  formula: tests
  run_salt_call: false
  init_environment: |
    echo 'auto_accept: true' > /tmp/auto-accept-keys.conf
    mkdir -p /etc/salt/master.d
    mv /tmp/auto-accept-keys.conf /etc/salt/master.d/auto-accept-keys.conf
    sh -c 't=$(shuf -i 1-15 -n 1); echo Sleeping $t seconds; sleep $t'
 ##  - name: amazon-2023
 ##    driver:
 ##      image: amazonlinux:2023
 ##      provision_command:
 ##        - yum -y install --allowerasing procps-ng curl
 ##        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
 ##  - name: opensuse-tumbleweed
 ##    driver:
 ##      image: opensuse/tumbleweed:latest
 ##      provision_command:
 ##        - *opensuse_provision_command_01
 ##        - *opensuse_provision_command_02
 ##        - *opensuse_provision_command_03
 ##        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
 platforms:
  - name: almalinux-9
    driver:
      provision_command:
        - dnf -y install crypto-policies-scripts procps-ng
        - update-crypto-policies --set DEFAULT:SHA1
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: almalinux-8
  - name: amazon-2
    driver:
      image: amazonlinux:2
      platform: rhel
      provision_command:
        - yum -y install procps-ng
  - name: arch
    driver:
      image: archlinux/archlinux
      provision_command:
        - pacman -Syu --noconfirm --needed systemd grep awk procps which
        - systemctl enable sshd
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: centos-stream9
    driver:
      platform: centosstream
      image: quay.io/centos/centos:stream9
      provision_command:
        - dnf -y install crypto-policies-scripts procps-ng
        - update-crypto-policies --set DEFAULT:SHA1
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: debian-11
    driver:
      image: debian:bullseye
      run_command: /lib/systemd/systemd
  - name: debian-12
    driver:
      image: debian:bookworm
      run_command: /lib/systemd/systemd
      provision_command:
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: fedora-39
    driver:
      provision_command: &fedora_provision_command
        - dnf -y install procps-ng crypto-policies-scripts
        - update-crypto-policies --set LEGACY
  - name: fedora-40
    driver:
      provision_command: *fedora_provision_command
  - name: gentoo
    driver:
      image: gentoo/stage3:latest
      run_command: /sbin/init
      provision_command:
        - rc-update add sshd default
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: gentoo-systemd
    driver:
      image: gentoo/stage3:systemd
      run_command: /lib/systemd/systemd
      provision_command:
        - systemctl enable sshd.service
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: opensuse-15
    driver:
      image: opensuse/leap:15.4
      provision_command:
        - &opensuse_provision_command_01 zypper --non-interactive install --auto-agree-with-licenses dbus-1
        - &opensuse_provision_command_02 zypper --non-interactive install --auto-agree-with-licenses sudo openssh which curl systemd
        - &opensuse_provision_command_03 systemctl enable sshd.service
  - name: rockylinux-9
    driver:
      platform: centosstream
      run_command: /usr/lib/systemd/systemd
      provision_command:
        - dnf -y install crypto-policies-scripts procps-ng
        - update-crypto-policies --set DEFAULT:SHA1
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: oraclelinux-9
    driver:
      run_command: /usr/lib/systemd/systemd
      provision_command:
        - dnf -y install crypto-policies-scripts procps-ng
        - update-crypto-policies --set DEFAULT:SHA1
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: rockylinux-8
  - name: oraclelinux-8
  - name: ubuntu-24.04
    driver:
      run_command: /lib/systemd/systemd
      provision_command:
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: ubuntu-22.04
    driver:
      run_command: /lib/systemd/systemd
      provision_command:
        - echo "PubkeyAcceptedAlgorithms +ssh-rsa" | tee -a /etc/ssh/sshd_config
  - name: ubuntu-20.04
    driver:
      run_command: /lib/systemd/systemd
  - name: photon-4
    driver:
      image: photon:4.0
      provision_command:
        - tdnf -y install rpm procps-ng coreutils gawk systemd
        - echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
        - sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
        - systemctl enable sshd.service
  - name: photon-5
    driver:
      image: photon:5.0
      provision_command:
        - tdnf -y install rpm procps-ng coreutils gawk systemd
        - echo "PubkeyAcceptedKeyTypes +ssh-rsa" | tee -a /etc/ssh/sshd_config
        - sed -ie 's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
        - systemctl enable sshd.service
 suites:
  - name: git-3006
    provisioner:
      salt_version: v3006
      salt_bootstrap_options: -x python3 -MPfq git %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - debian-11
      - debian-12
      - arch
      - gentoo
      - gentoo-systemd
  - name: git-3006x
    provisioner:
      salt_version: 3006.x
      salt_bootstrap_options: -x python3 -MPfq git %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - debian-11
      - debian-12
      - arch
      - gentoo
      - gentoo-systemd
  - name: git-3007
    provisioner:
      salt_version: v3007
      salt_bootstrap_options: -x python3 -MPfq git %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - debian-11
      - arch
      - gentoo
      - gentoo-systemd
  - name: git-3007x
    provisioner:
      salt_version: 3007.x
      salt_bootstrap_options: -x python3 -MPfq git %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - debian-11
      - arch
      - gentoo
      - gentoo-systemd
  - name: stable-3006
    provisioner:
      salt_version: 3006
      salt_bootstrap_options: -x python3 -MP stable %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - arch
  - name: stable-3006-8
    provisioner:
      salt_version: 3006.8
      salt_bootstrap_options: -x python3 -MP stable %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - arch
  - name: stable-3007
    provisioner:
      salt_version: 3007
      salt_bootstrap_options: -x python3 -MP stable %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - arch
  - name: stable-3007-1
    provisioner:
      salt_version: 3007.1
      salt_bootstrap_options: -x python3 -MP stable %s
    excludes:
      - opensuse-15
      - opensuse-tumbleweed
      - arch
  - name: git-master
    provisioner:
      salt_version: master
      salt_bootstrap_options: -x python3 -MPfq -D git %s
  - name: latest
    provisioner:
      salt_version: latest
      salt_bootstrap_options: -MP stable %s
  - name: default
    provisioner:
      salt_version: latest
      salt_bootstrap_options: -MP
  - name: onedir-nightly
    provisioner:
      salt_version: nightly
      salt_bootstrap_options: -MP onedir %s
  - name: onedir-latest
    provisioner:
      salt_version: latest
      salt_bootstrap_options: -MP onedir %s
  - name: onedir-3006
    provisioner:
      salt_version: 3006
      salt_bootstrap_options: -MP onedir %s
  - name: onedir-3007
    provisioner:
      salt_version: 3007
      salt_bootstrap_options: -MP onedir %s
  - name: onedir-rc-3008-0rc1
    provisioner:
      salt_version: 3008.0rc1
      salt_bootstrap_options: -R staging.repo.saltproject.io -MP onedir_rc %s
    excludes:
      - arch
      - gentoo
      - opensuse-15
      - opensuse-tumbleweed
      - ubuntu-2004
      - ubuntu-2204
  - name: quickstart
    provisioner:
      salt_bootstrap_options: -Q
 verifier:
  name: shell
  remote_exec: false
  command: pytest --cache-clear -v -s -ra --log-cli-level=info tests/integration/
--- a/salt-quick-start.ps1
+++ b/salt-quick-start.ps1
@ -1,39 +1,31 @@
-function Convert-PSObjectToHashtable {
+<#
-    param (
+.SYNOPSIS
-        [Parameter(ValueFromPipeline)]
+    A simple Powershell script to quickly start using Salt.
        $InputObject
    )
    if ($null -eq $InputObject) { return $null }
-    $is_enum = $InputObject -is [System.Collections.IEnumerable]
+.DESCRIPTION
-    $not_string = $InputObject -isnot [string]
+    This script will download the latest onedir version of Salt and extract it
-    if ($is_enum -and $not_string) {
+    into the same directory where the script is run. The script sets up an
-        $collection = @(
+    environment that will allow you to run salt-call commands. To remove, just
-            foreach ($object in $InputObject) {
+    delete the `salt` directory. The environment variables will only be set for
-                Convert-PSObjectToHashtable $object
+    the current powershell session.
            }
        )
-        Write-Host -NoEnumerate $collection
+.EXAMPLE
-    } elseif ($InputObject -is [PSObject]) {
+    ./salt-quick-start.ps1
        $hash = @{}
-        foreach ($property in $InputObject.PSObject.Properties) {
+.LINK
-            $hash[$property.Name] = Convert-PSObjectToHashtable $property.Value
+    Salt Bootstrap GitHub Project (script home) - https://github.com/saltstack/salt-bootstrap
-        }
+    Original Vagrant Provisioner Project - https://github.com/saltstack/salty-vagrant
    Vagrant Project (utilizes this script) - https://github.com/mitchellh/vagrant
    Salt Download Location - https://packages.broadcom.com/artifactory/saltproject-generic/windows/
    Salt Manual Install Directions (Windows) - https://docs.saltproject.io/salt/install-guide/en/latest/topics/install-by-operating-system/windows.html
 #>
-        $hash
+# This is so the -Verbose parameter will work
-    } else {
+[CmdletBinding()] param()
        $InputObject
    }
 }
 function Expand-ZipFile {
    # Extract a zip file
    #
    # Used by:
    # - Install-SaltMinion
    #
    # Args:
    #     ZipFile (string): The file to extract
    #     Destination (string): The location to extract to
@ -81,60 +73,151 @@ function Expand-ZipFile {
    Write-Debug "Finished unzipping '$ZipFile' to '$Destination'"
 }
 function Get-FileHash {
    # Get-FileHash is a built-in cmdlet in powershell 5+ but we need to support
    # powershell 3. This will overwrite the powershell 5 commandlet only for
    # this script. But it will provide the missing cmdlet for powershell 3
    [CmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [String] $Path,
-[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
+        [Parameter(Mandatory=$false)]
        [ValidateSet(
                "SHA1",
                "SHA256",
                "SHA384",
                "SHA512",
        # https://serverfault.com/questions/820300/
        # why-isnt-mactripledes-algorithm-output-in-powershell-stable
                "MACTripleDES", # don't use
                "MD5",
                "RIPEMD160",
                IgnoreCase=$true)]
        [String] $Algorithm = "SHA256"
    )
-$global:ProgressPreference = 'SilentlyContinue'
+    if ( !(Test-Path $Path) ) {
-
+        Write-Verbose "Invalid path for hashing: $Path"
-$RepoUrl = "https://repo.saltproject.io/salt/py3/onedir"
+        return @{}
 if ([IntPtr]::Size -eq 4) {
    $arch = "x86"
 } else {
    $arch = "amd64"
 }
 $enc = [System.Text.Encoding]::UTF8
 try {
    $response = Invoke-WebRequest -Uri "$RepoUrl/repo.json" -UseBasicParsing
    if ($response.Content.GetType().Name -eq "Byte[]") {
        $psobj = $enc.GetString($response.Content) | ConvertFrom-Json
    } else {
        $psobj = $response.Content | ConvertFrom-Json
    }
-    $hash = Convert-PSObjectToHashtable $psobj
+
-} catch {
+    if ( (Get-Item -Path $Path) -isnot [System.IO.FileInfo]) {
-    Write-Host "repo.json not found at: $RepoUrl"
+        Write-Verbose "Not a file for hashing: $Path"
-    $hash = @{}
+        return @{}
-}
+    }
-$searchVersion = "latest"
+
-if ( $hash.Contains($searchVersion)) {
+    $Path = Resolve-Path -Path $Path
-    foreach ($item in $hash.($searchVersion).Keys) {
+
-        if ( $item.EndsWith(".zip") ) {
+    Switch ($Algorithm) {
-            if ( $item.Contains($arch) ) {
+        SHA1 {
-                $saltFileName = $hash.($searchVersion).($item).name
+            $hasher = [System.Security.Cryptography.SHA1CryptoServiceProvider]::Create()
-                $saltVersion = $hash.($searchVersion).($item).version
+        }
-                $saltSha512 = $hash.($searchVersion).($item).SHA512
+        SHA256 {
-            }
+            $hasher = [System.Security.Cryptography.SHA256]::Create()
        }
        SHA384 {
            $hasher = [System.Security.Cryptography.SHA384]::Create()
        }
        SHA512 {
            $hasher = [System.Security.Cryptography.SHA512]::Create()
        }
        MACTripleDES {
            $hasher = [System.Security.Cryptography.MACTripleDES]::Create()
        }
        MD5 {
            $hasher = [System.Security.Cryptography.MD5]::Create()
        }
        RIPEMD160 {
            $hasher = [System.Security.Cryptography.RIPEMD160]::Create()
        }
    }
    Write-Verbose "Hashing using $Algorithm algorithm"
    try {
        $data = [System.IO.File]::OpenRead($Path)
        $hash = $hasher.ComputeHash($data)
        $hash = [System.BitConverter]::ToString($hash) -replace "-",""
        return @{
            Path = $Path;
            Algorithm = $Algorithm.ToUpper();
            Hash = $hash
        }
    } catch {
        Write-Verbose "Error hashing: $Path"
        Write-Verbose "ERROR: $_"
        return @{}
    } finally {
        if ($null -ne $data) {
            $data.Close()
        }
    }
 }
-if ( $saltFileName -and $saltVersion -and $saltSha512 ) {
+
-    if ( $RepoUrl.Contains("minor") ) {
+#===============================================================================
-        $saltFileUrl = @($RepoUrl, $saltVersion, $saltFileName) -join "/"
+# Script settings
-    } else {
+#===============================================================================
-        $saltFileUrl = @($RepoUrl, "minor", $saltVersion, $saltFileName) -join "/"
+[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]'Tls12'
-    }
+$global:ProgressPreference = 'SilentlyContinue'
 #===============================================================================
 # Declare Variables
 #===============================================================================
 $ApiUrl  = "https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/onedir"
 # Detect architecture ($arch)
 if ([IntPtr]::Size -eq 4) { $arch = "x86" } else { $arch = "amd64" }
 #===============================================================================
 # Setting up quickstart environment
 #===============================================================================
 Write-Host ""
 Write-Host "Setting up quickstart environment for Salt" -ForegroundColor Cyan
 Write-Verbose "Getting version information from Artifactory"
 $response = Invoke-WebRequest $ApiUrl -UseBasicParsing
 # Convert the output to a powershell object
 $psobj = $response.ToString() | ConvertFrom-Json
 $Version = $psobj.children[-1].uri.Trim("/")
 Write-Verbose "Getting sha256 hash and download url from Artifactory"
 $saltFileName = "salt-$Version-onedir-windows-$arch.zip"
 $response = Invoke-WebRequest "$ApiUrl/$Version/$saltFileName" -UseBasicParsing
 $psobj = $response.ToString() | ConvertFrom-Json
 $saltFileUrl = $psobj.downloadUri
 $saltSha256  = $psobj.checksums.sha256
 Write-Verbose "URL: $saltFileUrl"
 Write-Host "*  INFO: Downloading Salt: " -NoNewline
 Invoke-WebRequest -Uri $saltFileUrl -OutFile .\salt.zip
 if ( Test-Path -Path .\salt.zip ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
 $localSha256 = (Get-FileHash -Path .\salt.zip -Algorithm SHA256).Hash
 Write-Verbose "Local Hash: $localSha256"
 Write-Verbose "Remote Hash: $saltSha256"
 Write-Host "*  INFO: Comparing Hash: " -NoNewline
 if ( $localSha256 -eq $saltSha256 ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
-Write-Host "*  INFO: Downloading Salt"
+Write-Host "*  INFO: Extracting Salt: " -NoNewline
 Invoke-WebRequest -Uri $saltFileUrl -OutFile .\salt.zip
 Write-Host "*  INFO: Extracting Salt"
 Expand-ZipFile -ZipFile .\salt.zip -Destination .
 if ( Test-Path -Path .\salt\Scripts\python.exe ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
 Write-Host "*  INFO: Creating Saltfile: " -NoNewline
 $PATH = $(Get-Location).Path
 $saltfile_contents = @"
 salt-call:
  local: True
@ -143,20 +226,42 @@ salt-call:
  cachedir: $PATH\salt\var\cache\salt
  file_root: $PATH\salt\srv\salt
 "@
 Set-Content -Path .\salt\Saltfile -Value $saltfile_contents
 if ( Test-Path -Path .\salt\Saltfile ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
 New-Item -Path "$PATH\salt\var\log\salt" -Type Directory -Force | Out-Null
 New-Item -Path "$PATH\salt\conf" -Type Directory -Force | Out-Null
 New-Item -Path "$PATH\salt\var\cache\salt" -Type Directory -Force | Out-Null
 New-Item -Path "$PATH\salt\srv\salt" -Type Directory -Force | Out-Null
-Write-Host "*  INFO: Adding Salt to current path"
+Write-Host "*  INFO: Adding Salt to current path: " -NoNewline
 Write-Host "*  INFO:   $PATH\salt"
 $env:Path = "$PATH\salt;$env:PATH"
 Write-Verbose $env:Path
 if ( $env:PATH -Like "*$PATH\salt*" ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
 Write-Host "*  INFO:   $PATH\salt"
-Write-Host "*  INFO: Setting the SALT_SALTFILE environment variable"
+Write-Host "*  INFO: Setting the SALT_SALTFILE environment variable: "-NoNewline
 Write-Host "*  INFO:   $PATH\salt\Saltfile"
 $env:SALT_SALTFILE="$PATH\salt\Saltfile"
 if ( Test-Path -Path $env:SALT_SALTFILE ) {
    Write-Host "Success" -ForegroundColor Green
 } else {
    Write-Host "Failed" -ForegroundColor Red
    exit 1
 }
 Write-Host "*  INFO:   $PATH\salt\Saltfile"
 Write-Host ""
 Write-Host "You can now run simple salt-call commands" -ForegroundColor Cyan
 Write-Host "*  INFO: Create Salt states in $PATH\salt\srv\salt"
 Write-Host "*  INFO: Try running salt-call test.ping"
 Write-Host ""
--- a/salt-quick-start.sh
+++ b/salt-quick-start.sh
@ -1,7 +1,7 @@
 #!/bin/sh
 __ScriptName="salt-quick-start.sh"
-SALT_REPO_URL="https://repo.saltproject.io/salt/py3/onedir"
+SALT_REPO_URL="https://packages.broadcom.com/artifactory/salt-project-generic/onedir"
 _COLORS=${QS_COLORS:-$(tput colors 2>/dev/null || echo 0)}
 _LOCAL=0
@ -89,8 +89,20 @@ if [[ "$_LOCAL" == "1" && "$_FULL" == "1" ]]; then
 fi
 __parse_repo_json_jq() {
-  _JSON_FILE="${SALT_REPO_URL}/repo.json"
+
-  _JSON_VERSION=$(curl -s ${_JSON_FILE} | jq -sr ".[].latest[] | select(.os == \"$1\") | select(.arch == \"$2\").version")
+    # $1 is OS_NAME
    # $2 is ARCH
    # get dir listing from url, sort and pick highest
    onedir_versions_tmpf=$(mktemp)
    curr_pwd=$(pwd)
    cd  ${onedir_versions_tmpf} || return 1
    wget -r -np -nH --exclude-directories=onedir,relenv,windows -x -l 1 "$SALT_REPO_URL/"
    # shellcheck disable=SC2010
    LATEST_VERSION=$(ls artifactory/saltproject-generic/onedir/ | grep -v 'index.html' | sort -V -u | tail -n 1)
    cd ${curr_pwd} || return "${LATEST_VERSION}"
    rm -fR ${onedir_versions_tmpf}
    _JSON_VERSION="${LATEST_VERSION}"
 }
 __fetch_url() {
@ -146,7 +158,7 @@ fi
 __parse_repo_json_jq ${OS_NAME} ${CPU_ARCH_L}
 FILE="salt-${_JSON_VERSION}-onedir-${OS_NAME_L}-${CPU_ARCH_L}.tar.xz"
-URL="${SALT_REPO_URL}/latest/${FILE}"
+URL="${SALT_REPO_URL}/${_JSON_VERSION}/${FILE}"
 if [[ ! -f ${FILE} ]]; then
  echoinfo "Downloading Salt"
--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -1,43 +1,12 @@
-import logging
+import json
 import os
 import pprint
 import pytest
-import testinfra
+import requests
-log = logging.getLogger(__name__)
+API_URL = (
-
+    "https://packages.broadcom.com/artifactory/api/storage/saltproject-generic/windows"
-
+)
@pytest.fixture(scope="session")
 def host():
    if (
        os.environ.get("RUNNER_OS", "") == "macOS"
        and os.environ.get("KITCHEN_LOCAL_YAML", "") == "kitchen.macos.yml"
    ):
        # Adjust the `PATH` so that the `salt-call` executable can be found
        os.environ["PATH"] = "/opt/salt/bin{}{}".format(os.pathsep, os.environ["PATH"])
        return testinfra.get_host("local://", sudo=True)
    if os.environ.get("KITCHEN_USERNAME") == "vagrant" or "windows" in os.environ.get(
        "KITCHEN_INSTANCE"
    ):
        if "windows" in os.environ.get("KITCHEN_INSTANCE"):
            _url = "winrm://{KITCHEN_USERNAME}:{KITCHEN_PASSWORD}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
                **os.environ
            )
            return testinfra.get_host(
                _url,
                no_ssl=True,
            )
        return testinfra.get_host(
            "paramiko://{KITCHEN_USERNAME}@{KITCHEN_HOSTNAME}:{KITCHEN_PORT}".format(
                **os.environ
            ),
            ssh_identity_file=os.environ.get("KITCHEN_SSH_KEY"),
        )
    return testinfra.get_host(
        "docker://{KITCHEN_USERNAME}@{KITCHEN_CONTAINER_ID}".format(**os.environ)
    )
@pytest.fixture(scope="session")
@ -47,21 +16,33 @@ def target_python_version():
@pytest.fixture(scope="session")
 def target_salt_version():
    bootstrap_types = ("git", "stable", "onedir", "onedir_rc")
-    # filter out any bootstrap types and then join
+    target_salt = os.environ.get("SaltVersion", "")
-    target_salt = ".".join(
+    html_response = requests.get(API_URL)
-        [
+    content = json.loads(html_response.text)
-            item
+    folders = content["children"]
-            for item in os.environ["KITCHEN_SUITE"].split("-")
+    versions = {}
-            if item not in bootstrap_types
+    for folder in folders:
-        ]
+        if folder["folder"]:
-    )
+            version = folder["uri"].strip("/")
-
+            versions[version] = version
-    # target_salt = os.environ["KITCHEN_SUITE"].split("-", 1)[-1].replace("-", ".")
+            # We're trying to get the latest major version and latest overall
            maj_version = version.split(".")[0]
            versions[maj_version] = version
            versions["latest"] = version
    if target_salt.startswith("v"):
        target_salt = target_salt[1:]
-    if target_salt in ("default", "latest", "master", "nightly"):
+    if target_salt not in versions:
        pytest.skip(f"Invalid testing version: {target_salt}")
    if target_salt in (
        "default",
        "latest",
        "master",
        "nightly",
        "stable",
        "onedir",
        "git",
    ):
        pytest.skip("Don't have a specific salt version to test against")
-    return target_salt
+    return versions[target_salt]
--- a/tests/integration/init.py
+++ b/tests/integration/init.py
@ -1 +0,0 @@
 # -*- coding: utf-8 -*-
--- a/tests/integration/test_installation.py
+++ b/tests/integration/test_installation.py
@ -1,31 +1,82 @@
 import json
 import logging
 import os
-from contextlib import nullcontext
+import platform
 import subprocess
 import pytest
 log = logging.getLogger(__name__)
-def selected_context_manager(host):
+@pytest.fixture
-    if "windows" in os.environ.get("KITCHEN_INSTANCE"):
+def path():
-        return nullcontext()
+    if platform.system() == "Windows":
-    return host.sudo()
+        salt_path = "C:\\Program Files\\Salt Project\\Salt"
        if salt_path not in os.environ["path"]:
            os.environ["path"] = f'{os.environ["path"]};{salt_path}'
        yield os.environ["path"]
    else:
        yield ""
-def test_ping(host):
+def run_salt_call(cmd):
-    with selected_context_manager(host):
+    """
-        assert host.salt("test.ping", "--timeout=120")
+    Runs salt call command and returns a dictionary
-
+    Accepts cmd as a list
-
+    """
-def test_target_python_version(host, target_python_version):
+    json_data = {"local": {}}
-    with selected_context_manager(host):
+    if platform.system() == "Windows":
-        ret = host.salt("grains.item", "pythonversion", "--timeout=120")
+        cmd.append("--out=json")
-        assert ret["pythonversion"][0] == target_python_version
+        result = subprocess.run(cmd, capture_output=True, text=True)
-
+        if 0 == result.returncode:
-
+            json_data = json.loads(result.stdout)
 def test_target_salt_version(host, target_salt_version):
    with selected_context_manager(host):
        ret = host.salt("grains.item", "saltversion", "--timeout=120")
        if target_salt_version.endswith(".0") or target_salt_version.endswith(".x"):
            assert ret["saltversion"] == ".".join(target_salt_version.split(".")[:-1])
        else:
-            assert ret["saltversion"].startswith(target_salt_version)
+            log.error(f"failed to produce output result, '{result}'")
    else:
        if platform.system() == "Darwin":
            cmdl = ["sudo"]
        else:
            cmdl = []
        cmdl.extend(cmd)
        cmdl.append("--out=json")
        try:
            result = subprocess.run(cmdl, capture_output=True, text=True)
        except TypeError:
            result = subprocess.run(
                cmdl,
                stdout=subprocess.PIPE,
                stderr=subprocess.PIPE,
                universal_newlines=True,
            )
        if 0 == result.returncode:
            json_data = json.loads(result.stdout)
        else:
            log.error(f"failed to produce output result, '{result}'")
    return json_data["local"]
 def test_ping(path):
    cmd = ["salt-call", "--local", "test.ping"]
    result = run_salt_call(cmd)
    assert result == True
 def test_target_python_version(path, target_python_version):
    cmd = ["salt-call", "--local", "grains.item", "pythonversion", "--timeout=120"]
    result = run_salt_call(cmd)
    # Returns: {'pythonversion': [3, 10, 11, 'final', 0]}
    py_maj_ver = result["pythonversion"][0]
    assert py_maj_ver == target_python_version
 def test_target_salt_version(path, target_salt_version):
    if not target_salt_version:
        pytest.skip(f"No target version specified")
    cmd = ["salt-call", "--local", "grains.item", "saltversion", "--timeout=120"]
    result = run_salt_call(cmd)
    # Returns: {'saltversion': '3006.9+217.g53cfa53040'}
    adj_saltversion = result["saltversion"].split("+")[0]
    assert adj_saltversion == target_salt_version
--- a/tests/requirements.txt
+++ b/tests/requirements.txt
@ -1,5 +1,2 @@
-pytest-testinfra
+pytest
-paramiko
+requests
 requests-ntlm==1.1.0; sys.platform == 'win32'
 pywinrm; sys.platform == 'win32'
 six>=1.10.0