saltstack/salt-bootstrap
1
0
Fork 0
mirror of https://github.com/saltstack/salt-bootstrap.git synced 2025-04-16 09:40:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #2039 from dmurphy18/fix_2038

Browse source 
Update bootstrap shell CI/CD to utilize containers and clean up
This commit is contained in:
David Murphy 2024-11-21 14:09:40 -07:00 committed by GitHub
commit b37f1d8f32
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 645 additions and 701 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

236
.github/workflows/ci.yml vendored
View file

@ -124,6 +124,7 @@ jobs:
with:
distro-slug: macos-12
display-name: macOS 12
container-slug: macos-12
timeout: 20
runs-on: macos-12
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
@ -139,11 +140,28 @@ jobs:
with:
distro-slug: macos-13
display-name: macOS 13
container-slug: macos-13
timeout: 20
runs-on: macos-13
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
macos-14:
name: macOS 14
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-macos.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: macos-14
display-name: macOS 14
container-slug: macOS 14
timeout: 20
runs-on: macos-14
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
windows-2022:
name: Windows 2022
@ -155,180 +173,13 @@ jobs:
with:
distro-slug: windows-2022
display-name: Windows 2022
container-slug: windows-2022
timeout: 20
runs-on: windows-2022
instances: '["stable-3006", "stable-3006-8", "stable-3007", "stable-3007-1", "latest"]'
almalinux-8:
name: AlmaLinux 8
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: almalinux-8
display-name: AlmaLinux 8
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
almalinux-9:
name: AlmaLinux 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: almalinux-9
display-name: AlmaLinux 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
amazon-2:
name: Amazon 2
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: amazon-2
display-name: Amazon 2
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
centos-stream9:
name: CentOS Stream 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: centos-stream9
display-name: CentOS Stream 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
debian-11:
name: Debian 11
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: debian-11
display-name: Debian 11
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
debian-12:
name: Debian 12
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: debian-12
display-name: Debian 12
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
fedora-39:
name: Fedora 39
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: fedora-39
display-name: Fedora 39
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
fedora-40:
name: Fedora 40
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: fedora-40
display-name: Fedora 40
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
opensuse-15:
name: Opensuse 15
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: opensuse-15
display-name: Opensuse 15
timeout: 20
instances: '["latest", "default"]'
oraclelinux-8:
name: Oracle Linux 8
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: oraclelinux-8
display-name: Oracle Linux 8
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
oraclelinux-9:
name: Oracle Linux 9
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: oraclelinux-9
display-name: Oracle Linux 9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
photon-4:
name: Photon OS 4
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: photon-4
display-name: Photon OS 4
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
photon-5:
name: Photon OS 5
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
@ -339,6 +190,7 @@ jobs:
with:
distro-slug: photon-5
display-name: Photon OS 5
container-slug: systemd-photon-5
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "latest", "default"]'
@ -353,6 +205,7 @@ jobs:
with:
distro-slug: rockylinux-8
display-name: Rocky Linux 8
container-slug: systemd-rockylinux-8
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
@ -367,22 +220,9 @@ jobs:
with:
distro-slug: rockylinux-9
display-name: Rocky Linux 9
container-slug: systemd-rockylinux-9
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
ubuntu-2004:
name: Ubuntu 20.04
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: ubuntu-2004
display-name: Ubuntu 20.04
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "latest", "default"]'
ubuntu-2204:
@ -395,24 +235,11 @@ jobs:
with:
distro-slug: ubuntu-2204
display-name: Ubuntu 22.04
container-slug: systemd-ubuntu-22.04
timeout: 20
instances: '["stable-3006", "onedir-3006", "stable-3006-8", "stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
ubuntu-2404:
name: Ubuntu 24.04
if: github.event_name == 'push' || needs.collect-changed-files.outputs.run-tests == 'true'
uses: ./.github/workflows/test-linux.yml
needs:
- lint
- generate-actions-workflow
with:
distro-slug: ubuntu-2404
display-name: Ubuntu 24.04
timeout: 20
instances: '["stable-3007", "onedir-3007", "stable-3007-1", "git-master", "latest", "default"]'
set-pipeline-exit-status:
# This step is just so we can make github require this step, to pass checks
# on a pull request instead of requiring all
@ -423,25 +250,12 @@ jobs:
- generate-actions-workflow
- macos-12
- macos-13
- macos-14
- windows-2022
- almalinux-8
- almalinux-9
- amazon-2
- centos-stream9
- debian-11
- debian-12
- fedora-39
- fedora-40
- opensuse-15
- oraclelinux-8
- oraclelinux-9
- photon-4
- photon-5
- rockylinux-8
- rockylinux-9
- ubuntu-2004
- ubuntu-2204
- ubuntu-2404
if: always()
steps:

58
.github/workflows/nightly.yml vendored
View file

@ -41,61 +41,3 @@ jobs:
echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
fi
update-s3-bucket:
name: Update S3 Bucket
if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
runs-on:
- self-hosted
- linux
- repo-release
needs:
- workflow-requirements
environment: release
steps:
- uses: actions/checkout@v4
- name: Get Salt Project GitHub Actions Bot Environment
run: |
TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
- name: Setup GnuPG
run: |
sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
GNUPGHOME="$(mktemp -d -p /run/gpg)"
echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
cat <<EOF > "${GNUPGHOME}/gpg.conf"
batch
no-tty
pinentry-mode loopback
EOF
- name: Get Secrets
id: get-secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
sync
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
sync
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Install Requirements
run: |
python3 -m pip install -r requirements/release.txt
- name: Upload Develop to S3
run: |
tools release s3-publish --key-id 64CBBC8173D76B3F develop

181
.github/workflows/release.yml vendored
View file

@ -51,11 +51,7 @@ jobs:
update-develop:
name: Update CHANGELOG.md and bootstrap-salt.sh
runs-on:
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
runs-on: ubuntu-latest
permissions:
contents: write # To be able to publish the release
environment: release
@ -75,36 +71,6 @@ jobs:
python3 -m pip install -r requirements/release.txt
pre-commit install --install-hooks
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
@ -112,8 +78,6 @@ jobs:
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Update Repository
id: update-repo
@ -151,11 +115,7 @@ jobs:
merge-develop-into-stable:
name: Merge develop into stable
runs-on:
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
runs-on: ubuntu-latest
needs:
- update-develop
environment: release
@ -169,36 +129,6 @@ jobs:
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
fetch-depth: 0
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
@ -206,8 +136,6 @@ jobs:
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Download Release Details
uses: actions/download-artifact@v4
@ -250,10 +178,7 @@ jobs:
publish-release:
name: Create GitHub Release
runs-on:
- ubuntu-latest
## - self-hosted
## - linux
runs-on: ubuntu-latest
needs:
- merge-develop-into-stable
environment: release
@ -299,75 +224,9 @@ jobs:
name: release-details
failOnError: false
## update-s3-bucket:
## name: Update S3 Bucket
## runs-on:
## - ubuntu-latest
## ## - self-hosted
## ## - linux
## ## - repo-release
## needs:
## - publish-release
## environment: release
## steps:
## - uses: actions/checkout@v4
## with:
## ref: stable
## repository: ${{ github.repository }}
## ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
## - name: Get Salt Project GitHub Actions Bot Environment
## run: |
## TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30")
## SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment)
## echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV"
## ## - name: Setup GnuPG
## ## run: |
## ## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## ## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## ## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## ## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## ## batch
## ## no-tty
## ## pinentry-mode loopback
## ## EOF
## ## - name: Get Secrets
## ## id: get-secrets
## ## env:
## ## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## ## run: |
## ## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## ## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## ## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## ## --query SecretString --output text | jq .default_key -r | base64 -d \
## ## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## ## | gpg --import -
## ## sync
## ## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## ## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## ## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## ## sync
## ## rm "$SECRETS_KEY_FILE"
## ## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
## ## - name: Install Requirements
## ## run: |
## ## python3 -m pip install -r requirements/release.txt
## ## - name: Upload Stable Release to S3
## ## run: |
## ## tools release s3-publish --key-id 64CBBC8173D76B3F stable
update-develop-checksums:
name: Update Release Checksums on Develop
runs-on:
- ubuntu-latest
## - self-hosted
## - linux
## - repo-release
runs-on: ubuntu-latest
needs:
- publish-release
environment: release
@ -393,36 +252,6 @@ jobs:
repository: ${{ github.repository }}
ssh-key: ${{ secrets.SALT_BOOTSTRAP_RELEASE_KEY }}
## - name: Setup GnuPG
## run: |
## sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
## GNUPGHOME="$(mktemp -d -p /run/gpg)"
## echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
## cat <<EOF > "${GNUPGHOME}/gpg.conf"
## batch
## no-tty
## pinentry-mode loopback
## EOF
## - name: Get Secrets
## id: get-secrets
## env:
## SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
## run: |
## SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
## echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text | jq .default_key -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
## | gpg --import -
## sync
## aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
## --query SecretString --output text| jq .default_passphrase -r | base64 -d \
## | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
## sync
## rm "$SECRETS_KEY_FILE"
## echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Configure Git
shell: bash
run: |
@ -430,8 +259,6 @@ jobs:
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global commit.gpgsign false
## git config --global user.signingkey 64CBBC8173D76B3F
## git config --global commit.gpgsign true
- name: Update Latest Release on README
run: |

157
.github/workflows/templates/generate.py vendored
View file

@ -6,25 +6,22 @@ import pathlib
os.chdir(os.path.abspath(os.path.dirname(__file__)))
# only test against current containers with systemd
# will add these when they become available with systemd
# "amazonlinux-2",
# "amazonlinux-2023",
# "debian-11",
# "debian-12",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
LINUX_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"opensuse-15",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
WINDOWS = [
@ -34,84 +31,78 @@ WINDOWS = [
OSX = [
"macos-12",
"macos-13",
"macos-14",
]
# only test against current containers with systemd
# will add these when they become available with systemd
# "amazonlinux-2",
# "amazonlinux-2023",
# "centos-stream9",
# "debian-11",
# "debian-12",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
STABLE_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"opensuse-15",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
# only test against current containers with systemd
# will add these when they become available with systemd
# "amazonlinux-2",
# "amazonlinux-2023",
# "debian-11",
# "debian-12",
# "debian-13",
# "fedora-40",
# "photon-4",
# "ubuntu-2004",
# "ubuntu-2404",
ONEDIR_DISTROS = [
"almalinux-8",
"almalinux-9",
"amazon-2",
"centos-stream9",
"debian-11",
"debian-12",
"fedora-39",
"fedora-40",
"oraclelinux-8",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-8",
"rockylinux-9",
"ubuntu-2004",
"ubuntu-2204",
"ubuntu-2404",
]
# only test against current containers with systemd
# will add these when they become available with systemd
# "amazonlinux-2",
# "amazonlinux-2023",
# "debian-12",
# "photon-4",
# "photon-5",
# "rockylinux-9",
# "ubuntu-2404",
ONEDIR_RC_DISTROS = [
"almalinux-9",
"amazon-2",
"centos-stream9",
"debian-12",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
"ubuntu-2404",
"ubuntu-2204",
]
BLACKLIST_3006 = [
"debian-12",
"fedora-40",
"opensuse-15",
"ubuntu-2404",
]
BLACKLIST_3007 = [
"fedora-39",
"opensuse-15",
"photon-4",
"photon-5",
]
BLACKLIST_GIT_3006 = [
"almalinux-9",
"amazon-2",
"centos-stream9",
"amazonlinux-2",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-40",
"opensuse-15",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
@ -121,15 +112,12 @@ BLACKLIST_GIT_3006 = [
]
BLACKLIST_GIT_3007 = [
"almalinux-9",
"amazon-2",
"centos-stream9",
"amazonlinux-2",
"amazonlinux-2023",
"debian-11",
"debian-12",
"fedora-39",
"debian-13",
"fedora-40",
"opensuse-15",
"oraclelinux-9",
"photon-4",
"photon-5",
"rockylinux-9",
@ -139,10 +127,11 @@ BLACKLIST_GIT_3007 = [
]
BLACKLIST_GIT_MASTER = [
"amazon-2",
"fedora-39",
"amazonlinux-2",
"amazonlinux-2023",
"photon-4",
"photon-5",
"rockylinux-9",
]
SALT_VERSIONS = [
@ -199,27 +188,18 @@ GIT_VERSION_BLACKLIST = [
# Use build and pip and other standards-based tools.
#
GIT_DISTRO_BLACKLIST = [
"almalinux-8",
"fedora-39",
"opensuse-15",
"oraclelinux-8",
"rockylinux-8",
]
LATEST_PKG_BLACKLIST = []
DISTRO_DISPLAY_NAMES = {
"almalinux-8": "AlmaLinux 8",
"almalinux-9": "AlmaLinux 9",
"amazon-2": "Amazon 2",
"centos-stream9": "CentOS Stream 9",
"amazonlinux-2": "Amazon 2",
"amazonlinux-2023": "Amazon 2023",
"debian-11": "Debian 11",
"debian-12": "Debian 12",
"fedora-39": "Fedora 39",
"debian-13": "Debian 13",
"fedora-40": "Fedora 40",
"opensuse-15": "Opensuse 15",
"oraclelinux-8": "Oracle Linux 8",
"oraclelinux-9": "Oracle Linux 9",
"photon-4": "Photon OS 4",
"photon-5": "Photon OS 5",
"rockylinux-8": "Rocky Linux 8",
@ -229,9 +209,30 @@ DISTRO_DISPLAY_NAMES = {
"ubuntu-2404": "Ubuntu 24.04",
"macos-12": "macOS 12",
"macos-13": "macOS 13",
"macos-14": "macOS 14",
"windows-2022": "Windows 2022",
}
CONTAINER_SLUG_NAMES = {
"amazonlinux-2": "systemd-amazonlinux-2",
"amazonlinux-2023": "systemd-amazonlinux-2023",
"debian-11": "systemd-debian-11",
"debian-12": "systemd-debian-12",
"debian-13": "systemd-debian-13",
"fedora-40": "systemd-fedora-40",
"photon-4": "systemd-photon-4",
"photon-5": "systemd-photon-5",
"rockylinux-8": "systemd-rockylinux-8",
"rockylinux-9": "systemd-rockylinux-9",
"ubuntu-2004": "systemd-ubuntu-20.04",
"ubuntu-2204": "systemd-ubuntu-22.04",
"ubuntu-2404": "systemd-ubuntu-24.04",
"macos-12": "macos-12",
"macos-13": "macos-13",
"macos-14": "macOS 14",
"windows-2022": "windows-2022",
}
TIMEOUT_DEFAULT = 20
TIMEOUT_OVERRIDES = {}
VERSION_ONLY_OVERRIDES = []
@ -246,6 +247,7 @@ TEMPLATE = """
with:
distro-slug: {distro}
display-name: {display_name}
container-slug: {container_name}
timeout: {timeout_minutes}{runs_on}
instances: '{instances}'
"""
@ -296,6 +298,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)
@ -341,6 +344,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)
@ -440,6 +444,7 @@ def generate_test_jobs():
ifcheck=ifcheck,
instances=json.dumps(instances),
display_name=DISTRO_DISPLAY_NAMES[distro],
container_name=CONTAINER_SLUG_NAMES[distro],
timeout_minutes=timeout_minutes,
)

45
.github/workflows/test-linux.yml vendored
View file

@ -17,6 +17,11 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
@ -26,10 +31,10 @@ on:
jobs:
Test:
name: ${{ matrix.instance }}
## runs-on: ubuntu-20.04
runs-on: ubuntu-latest
container:
image: ghcr.io/saltstack/salt-ci-containers/packaging:ubuntu-22.04
image: ghcr.io/saltstack/salt-ci-containers/testing:${{ inputs.container-slug }}
options: --privileged
timeout-minutes: ${{ inputs.timeout }}
strategy:
@ -41,18 +46,36 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Install Pytest
- name: Install Python Dependencies with pip breakage
if: ${{ ( inputs.distro-slug == 'debian-11' ) || ( inputs.distro-slug == 'debian-12' ) || ( inputs.distro-slug == 'debian-13' ) || ( inputs.distro-slug == 'ubuntu-2404' ) }}
run: |
pip install -U pytest
python3 -m pip install --break-system-packages -r tests/requirements.txt
## TBD Disabled until CI/CD is functional
## - name: Bootstrap Salt
## run: |
## sh -x ./bootstrap-salt.sh
- name: Install Python Dependencies without pip breakage
if: ${{ ( inputs.distro-slug != 'debian-11' ) && ( inputs.distro-slug != 'debian-12' ) && ( inputs.distro-slug != 'debian-13' ) && ( inputs.distro-slug != 'ubuntu-2404' ) }}
run: |
python3 -m pip install -r tests/requirements.txt
## - name: Test Bootstrap
## run: |
## pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Get Version
run: |
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
# sed 1st - becomes space, 2nd - becomes dot
vt_parm_ver=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
- name: Bootstrap Salt
run: |
# sed 1st - becomes space, 2nd - becomes dot
bt_arg1=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $1}')
bt_arg2=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./' | awk -F ' ' '{print $2}')
echo "bt parms ,$bt_parms, bt_arg1 ,$bt_arg1, bt_arg2 ,$bt_arg2,"
sh -x ./bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
- name: Test Bootstrap
run: |
pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

42
.github/workflows/test-macos.yml vendored
View file

@ -22,6 +22,11 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
@ -31,8 +36,8 @@ on:
jobs:
Test:
name: ${{ matrix.instance }}
## runs-on: ${{ inputs.runs-on }}
runs-on: macos-13
runs-on: ${{ inputs.runs-on }}
## runs-on: macos-13
timeout-minutes: ${{ inputs.timeout }}
strategy:
fail-fast: false
@ -42,18 +47,37 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Install Pytest
- name: Install Python Dependencies with pip breakage
if: ${{ ( inputs.distro-slug != 'macos-12' ) && ( inputs.distro-slug != 'macos-13' ) }}
run: |
pip install -U pytest
python3 -m pip install --break-system-packages -r tests/requirements.txt
- name: Install Python Dependencies without pip breakage
if: ${{ ( inputs.distro-slug == 'macos-12' ) || ( inputs.distro-slug == 'macos-13' ) }}
run: |
python3 -m pip install -r tests/requirements.txt
- name: Get Version
run: |
# We need to get the version here and make it an environment variable
# It is used to install via bootstrap and in the test
# The version is in the instance name
# sed 1st - becomes space, 2nd - becomes dot
vt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
vt_parm_ver=$(echo "$vt_parms" | awk -F ' ' '{print $2}')
echo "SaltVersion=$vt_parm_ver" >> $GITHUB_ENV
- name: Bootstrap Salt
run: |
sudo sh -x ./bootstrap-salt.sh
# sed 1st - becomes space, 2nd - becomes dot
bt_parms=$(echo "${{ matrix.instance }}" | sed 's/-/ /' | sed 's/-/./')
bt_arg1=$(echo "$bt_parms" | awk -F ' ' '{print $1}')
bt_arg2=$(echo "$bt_parms" | awk -F ' ' '{print $2}')
sudo sh ./bootstrap-salt.sh "$bt_arg1" "$bt_arg2"
## TBD Disabled until CI/CD is functional
## - name: Test Bootstrap
## run: |
## pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Test Bootstrap
run: |
pytest --cache-clear -v -s -ra --log-cli-level=debug tests/integration/
- name: Set Exit Status
if: always()

9
.github/workflows/test-windows.yml vendored
View file

@ -22,6 +22,11 @@ on:
required: true
description: The Instances To Test
container-slug:
type: string
required: true
description: The Container Slug
timeout:
type: number
required: false
@ -46,9 +51,9 @@ jobs:
with:
python-version: "3.10"
- name: Install Pytest
- name: Install Python Dependencies
run: |
pip install -r tests\requirements.txt
python3 -m pip install -r tests/requirements.txt
- name: Get Version
run: |

16
README.rst
View file

@ -414,21 +414,19 @@ Debian and derivatives
- Devuan GNU/Linux 1/2/3/4/5
- Kali Linux 1.0 (based on Debian 7)
- Linux Mint Debian Edition 1 (based on Debian 8)
- Raspbian 8 (``armhf`` packages) and 9 (using ``git`` installation mode only)
Red Hat family
~~~~~~~~~~~~~~
- Amazon Linux 2012.3 and later
- Amazon Linux 2
- Amazon Linux 2023
- CentOS 7/8/9
- CentOS 8/9
- Cloud Linux 6/7
- Fedora 38/39/40 (install latest stable from standard repositories)
- Oracle Linux 7/8/9
- Red Hat Enterprise Linux 7/8/9
- Scientific Linux 7/8/9
- Fedora 40 (install latest stable from standard repositories)
- Oracle Linux 8/9
- Red Hat Enterprise Linux 8/9
- Scientific Linux 8/9
SUSE family
@ -461,8 +459,8 @@ repositories are not provided on the `Salt Project's Ubuntu repository`_ for the
the bootstrap script will attempt to install the packages for the most closely related LTS Ubuntu
release instead.
For example, when installing Salt on Ubuntu 21.10, the bootstrap script will setup the repository
for Ubuntu 20.04 from the `Salt Project's Ubuntu repository`_ and install the 20.04 packages.
For example, when installing Salt on Ubuntu 24.10, the bootstrap script will setup the repository
for Ubuntu 24.04 from the `Salt Project's Ubuntu repository`_ and install the 24.04 packages.
Non-LTS Ubuntu releases are not supported once the release reaches End-of-Life as defined by
`Ubuntu's release schedule`_.

550
bootstrap-salt.sh
View file

File diff suppressed because it is too large Load diff

11
tests/conftest.py
View file

@ -18,7 +18,6 @@ def target_python_version():
def target_salt_version():
target_salt = os.environ.get("SaltVersion", "")
html_response = requests.get(API_URL)
content = json.loads(html_response.text)
folders = content["children"]
@ -36,6 +35,14 @@ def target_salt_version():
target_salt = target_salt[1:]
if target_salt not in versions:
pytest.skip(f"Invalid testing version: {target_salt}")
if target_salt in ("default", "latest", "master", "nightly"):
if target_salt in (
"default",
"latest",
"master",
"nightly",
"stable",
"onedir",
"git",
):
pytest.skip("Don't have a specific salt version to test against")
return versions[target_salt]

41
tests/integration/test_installation.py
View file

@ -15,7 +15,9 @@ def path():
salt_path = "C:\\Program Files\\Salt Project\\Salt"
if salt_path not in os.environ["path"]:
os.environ["path"] = f'{os.environ["path"]};{salt_path}'
yield os.environ["path"]
yield os.environ["path"]
else:
yield ""
def run_salt_call(cmd):
@ -23,9 +25,33 @@ def run_salt_call(cmd):
Runs salt call command and returns a dictionary
Accepts cmd as a list
"""
cmd.append("--out=json")
result = subprocess.run(cmd, capture_output=True, text=True)
json_data = json.loads(result.stdout)
json_data = {"local": {}}
if platform.system() == "Windows":
cmd.append("--out=json")
result = subprocess.run(cmd, capture_output=True, text=True)
print(
f"DGM run_salt_call, cmd '{cmd}', result '{result}', stdout '{result.stdout}'",
flush=True,
)
if 0 == result.returncode:
json_data = json.loads(result.stdout)
else:
log.error(f"failed to produce output result, '{result}'")
else:
cmdl = ["sudo"]
cmdl.extend(cmd)
cmdl.append("--out=json")
result = subprocess.run(cmdl, capture_output=True, text=True)
print(
f"DGM run_salt_call, cmdl '{cmdl}', result '{result}', stdout '{result.stdout}'",
flush=True,
)
if 0 == result.returncode:
json_data = json.loads(result.stdout)
else:
log.error(f"failed to produce output result, '{result}'")
return json_data["local"]
@ -48,5 +74,10 @@ def test_target_salt_version(path, target_salt_version):
pytest.skip(f"No target version specified")
cmd = ["salt-call", "--local", "grains.item", "saltversion", "--timeout=120"]
result = run_salt_call(cmd)
dgm_saltversion = result["saltversion"]
print(
f"DGM test_target_salt_version, target_salt_version '{target_salt_version}', result saltversion '{dgm_saltversion }', result '{result}'",
flush=True,
)
# Returns: {'saltversion': '3006.9+217.g53cfa53040'}
assert result["saltversion"] == target_salt_version
assert result["saltversion"] == target_salt_version