2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2011-02-27 15:18:09 -07:00
|
|
|
All salt configuration loading and defaults should be in this module
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2024-02-27 10:24:22 +00:00
|
|
|
|
2014-06-03 12:05:09 -06:00
|
|
|
import codecs
|
2014-11-20 23:22:24 +00:00
|
|
|
import glob
|
|
|
|
|
import logging
|
2011-02-26 16:07:24 -07:00
|
|
|
import os
|
2012-12-09 22:58:04 -05:00
|
|
|
import re
|
2014-11-20 23:22:24 +00:00
|
|
|
import sys
|
2014-02-07 08:38:52 -08:00
|
|
|
import time
|
2015-07-14 14:28:07 +10:00
|
|
|
import types
|
2021-04-01 16:29:01 -07:00
|
|
|
import urllib.parse
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
from copy import deepcopy
|
2012-01-08 23:04:45 -07:00
|
|
|
|
2024-05-25 15:51:16 -07:00
|
|
|
import salt.crypt
|
2014-11-20 23:22:24 +00:00
|
|
|
import salt.defaults.exitcodes
|
|
|
|
|
import salt.exceptions
|
2024-01-30 11:26:39 +00:00
|
|
|
import salt.features
|
2014-11-20 23:22:24 +00:00
|
|
|
import salt.syspaths
|
2017-10-09 12:53:31 -05:00
|
|
|
import salt.utils.data
|
2015-09-15 15:41:10 -06:00
|
|
|
import salt.utils.dictupdate
|
2017-07-18 10:31:01 -06:00
|
|
|
import salt.utils.files
|
2019-01-18 17:07:10 +00:00
|
|
|
import salt.utils.immutabletypes as immutabletypes
|
2013-06-12 22:47:12 -05:00
|
|
|
import salt.utils.network
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
import salt.utils.path
|
|
|
|
|
import salt.utils.platform
|
|
|
|
|
import salt.utils.stringutils
|
2017-10-05 13:37:27 -05:00
|
|
|
import salt.utils.user
|
2014-04-10 00:04:21 +01:00
|
|
|
import salt.utils.validate.path
|
2022-11-05 00:04:59 -07:00
|
|
|
import salt.utils.versions
|
2014-05-12 13:58:02 -05:00
|
|
|
import salt.utils.xdg
|
2017-12-27 22:31:50 -06:00
|
|
|
import salt.utils.yaml
|
2021-06-28 12:07:24 +01:00
|
|
|
from salt._logging import (
|
|
|
|
|
DFLT_LOG_DATEFMT,
|
|
|
|
|
DFLT_LOG_DATEFMT_LOGFILE,
|
|
|
|
|
DFLT_LOG_FMT_CONSOLE,
|
|
|
|
|
DFLT_LOG_FMT_JID,
|
|
|
|
|
DFLT_LOG_FMT_LOGFILE,
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-07-14 13:24:23 -06:00
|
|
|
try:
|
|
|
|
|
import psutil
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-07-14 13:24:23 -06:00
|
|
|
HAS_PSUTIL = True
|
|
|
|
|
except ImportError:
|
|
|
|
|
HAS_PSUTIL = False
|
|
|
|
|
|
2012-01-21 16:45:57 -08:00
|
|
|
log = logging.getLogger(__name__)
|
|
|
|
|
|
2017-02-09 10:50:45 -06:00
|
|
|
_DFLT_REFSPECS = ["+refs/heads/*:refs/remotes/origin/*", "+refs/tags/*:refs/tags/*"]
|
2017-12-04 23:57:28 -06:00
|
|
|
DEFAULT_INTERVAL = 60
|
2023-10-20 06:24:47 +01:00
|
|
|
DEFAULT_HASH_TYPE = "sha256"
|
|
|
|
|
|
2011-11-12 20:50:34 +00:00
|
|
|
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
if salt.utils.platform.is_windows():
|
2015-03-19 15:29:25 -05:00
|
|
|
# Since an 'ipc_mode' of 'ipc' will never work on Windows due to lack of
|
|
|
|
|
# support in ZeroMQ, we want the default to be something that has a
|
|
|
|
|
# chance of working.
|
|
|
|
|
_DFLT_IPC_MODE = "tcp"
|
2020-06-05 17:40:03 -06:00
|
|
|
_DFLT_FQDNS_GRAINS = False
|
2016-05-17 11:38:53 -06:00
|
|
|
_MASTER_TRIES = -1
|
2017-03-31 14:35:13 -06:00
|
|
|
# This needs to be SYSTEM in order for salt-master to run as a Service
|
|
|
|
|
# Otherwise, it will not respond to CLI calls
|
|
|
|
|
_MASTER_USER = "SYSTEM"
|
2020-06-15 20:08:41 -07:00
|
|
|
elif salt.utils.platform.is_proxy():
|
2020-06-16 07:36:06 -07:00
|
|
|
_DFLT_IPC_MODE = "ipc"
|
2020-06-16 11:16:10 -07:00
|
|
|
_DFLT_FQDNS_GRAINS = False
|
2020-06-16 07:36:06 -07:00
|
|
|
_MASTER_TRIES = 1
|
|
|
|
|
_MASTER_USER = salt.utils.user.get_user()
|
2022-12-05 18:01:10 +01:00
|
|
|
elif salt.utils.platform.is_darwin():
|
|
|
|
|
_DFLT_IPC_MODE = "ipc"
|
|
|
|
|
# fqdn resolution can be very slow on macOS, see issue #62168
|
|
|
|
|
_DFLT_FQDNS_GRAINS = False
|
|
|
|
|
_MASTER_TRIES = 1
|
|
|
|
|
_MASTER_USER = salt.utils.user.get_user()
|
2015-03-19 15:29:25 -05:00
|
|
|
else:
|
|
|
|
|
_DFLT_IPC_MODE = "ipc"
|
2023-01-25 15:47:51 -08:00
|
|
|
_DFLT_FQDNS_GRAINS = False
|
2016-05-17 11:38:53 -06:00
|
|
|
_MASTER_TRIES = 1
|
2023-04-07 10:32:03 -06:00
|
|
|
_MASTER_USER = salt.utils.user.get_user()
|
2015-03-19 15:29:25 -05:00
|
|
|
|
2016-07-16 12:45:08 -06:00
|
|
|
|
2016-07-14 13:48:52 -06:00
|
|
|
def _gather_buffer_space():
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-07-14 13:48:52 -06:00
|
|
|
Gather some system data and then calculate
|
|
|
|
|
buffer space.
|
|
|
|
|
|
|
|
|
|
Result is in bytes.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2024-02-26 07:37:19 +00:00
|
|
|
if HAS_PSUTIL:
|
2016-07-14 13:48:52 -06:00
|
|
|
# Oh good, we have psutil. This will be quick.
|
|
|
|
|
total_mem = psutil.virtual_memory().total
|
|
|
|
|
else:
|
2017-01-25 12:24:20 -06:00
|
|
|
# Avoid loading core grains unless absolutely required
|
|
|
|
|
import platform
|
2022-04-30 02:28:07 +07:00
|
|
|
|
2017-01-25 12:24:20 -06:00
|
|
|
import salt.grains.core
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-07-21 15:03:54 +03:00
|
|
|
# We need to load up ``mem_total`` grain. Let's mimic required OS data.
|
|
|
|
|
os_data = {"kernel": platform.system()}
|
2016-07-14 13:48:52 -06:00
|
|
|
grains = salt.grains.core._memdata(os_data)
|
|
|
|
|
total_mem = grains["mem_total"]
|
2016-08-10 13:50:26 -06:00
|
|
|
# Return the higher number between 5% of the system memory and 10MiB
|
2016-07-19 13:29:02 -06:00
|
|
|
return max([total_mem * 0.05, 10 << 20])
|
2016-07-14 13:48:52 -06:00
|
|
|
|
2018-11-01 16:55:40 -04:00
|
|
|
|
2016-07-14 13:24:23 -06:00
|
|
|
# For the time being this will be a fixed calculation
|
|
|
|
|
# TODO: Allow user configuration
|
2022-09-07 16:56:12 -06:00
|
|
|
_DFLT_IPC_WBUFFER = int(_gather_buffer_space() * 0.5)
|
2016-07-14 13:24:23 -06:00
|
|
|
# TODO: Reserved for future use
|
2022-09-07 16:56:12 -06:00
|
|
|
_DFLT_IPC_RBUFFER = int(_gather_buffer_space() * 0.5)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2019-01-18 17:07:10 +00:00
|
|
|
VALID_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2015-04-03 17:17:06 -06:00
|
|
|
# The address of the salt master. May be specified as IP address or hostname
|
2020-09-30 03:09:12 +02:00
|
|
|
"master": (str, list),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TCP/UDP port of the master to connect to in order to listen to publications
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_port": (str, int),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The behaviour of the minion when connecting to a master. Can specify 'failover',
|
2017-08-22 23:11:39 -07:00
|
|
|
# 'disable', 'distributed', or 'func'. If 'func' is specified, the 'master' option should be
|
|
|
|
|
# set to an exec module function to run to determine the master hostname. If 'disable' is
|
|
|
|
|
# specified the minion will run, but will not try to connect to a master. If 'distributed'
|
|
|
|
|
# is specified the minion will try to deterministically pick a master based on its' id.
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_type": str,
|
2015-06-27 11:59:31 -07:00
|
|
|
# Specify the format in which the master address will be specified. Can
|
|
|
|
|
# specify 'default' or 'ip_only'. If 'ip_only' is specified, then the
|
|
|
|
|
# master address will not be split into IP and PORT.
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_uri_format": str,
|
2022-03-24 15:37:28 -06:00
|
|
|
# The following options refer to the Minion only, and they specify
|
2017-11-22 10:13:54 +00:00
|
|
|
# the details of the source address / port to be used when connecting to
|
2022-07-06 14:25:47 -04:00
|
|
|
# the Master. This is useful when dealing with machines where due to firewall
|
2017-11-22 10:13:54 +00:00
|
|
|
# rules you are restricted to use a certain IP/port combination only.
|
2020-09-30 03:09:12 +02:00
|
|
|
"source_interface_name": str,
|
|
|
|
|
"source_address": str,
|
|
|
|
|
"source_ret_port": (str, int),
|
|
|
|
|
"source_publish_port": (str, int),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The fingerprint of the master key may be specified to increase security. Generate
|
|
|
|
|
# a master fingerprint with `salt-key -F master`
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_finger": str,
|
2019-01-07 18:03:19 -05:00
|
|
|
# Deprecated in 2019.2.0. Use 'random_master' instead.
|
2018-07-09 17:53:29 -04:00
|
|
|
# Do not remove! Keep as an alias for usability.
|
2014-06-02 01:01:16 -07:00
|
|
|
"master_shuffle": bool,
|
2022-07-06 14:25:47 -04:00
|
|
|
# When in multi-master mode, temporarily remove a master from the list if a connection
|
2015-04-03 17:17:06 -06:00
|
|
|
# is interrupted and try another master in the list.
|
2014-06-09 23:38:49 -07:00
|
|
|
"master_alive_interval": int,
|
2016-03-17 23:28:46 +03:00
|
|
|
# When in multi-master failover mode, fail back to the first master in the list if it's back
|
|
|
|
|
# online.
|
|
|
|
|
"master_failback": bool,
|
|
|
|
|
# When in multi-master mode, and master_failback is enabled ping the top master with this
|
|
|
|
|
# interval.
|
|
|
|
|
"master_failback_interval": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The name of the signing key-pair
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_sign_key_name": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Sign the master auth-replies with a cryptographic signature of the masters public key.
|
2014-06-19 09:32:09 -07:00
|
|
|
"master_sign_pubkey": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Enables verification of the master-public-signature returned by the master in auth-replies.
|
|
|
|
|
# Must also set master_sign_pubkey for this to work
|
2014-06-19 09:32:09 -07:00
|
|
|
"verify_master_pubkey_sign": bool,
|
2016-10-27 12:53:06 +03:00
|
|
|
# If verify_master_pubkey_sign is enabled, the signature is only verified, if the public-key of
|
|
|
|
|
# the master changes. If the signature should always be verified, this can be set to True.
|
2014-06-27 02:39:42 -07:00
|
|
|
"always_verify_signature": bool,
|
2016-10-27 12:53:06 +03:00
|
|
|
# The name of the file in the masters pki-directory that holds the pre-calculated signature of
|
|
|
|
|
# the masters public-key
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_pubkey_signature": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Instead of computing the signature for each auth-reply, use a pre-calculated signature.
|
|
|
|
|
# The master_pubkey_signature must also be set for this.
|
2014-06-26 06:03:41 -07:00
|
|
|
"master_use_pubkey_signature": bool,
|
2022-03-24 15:37:28 -06:00
|
|
|
# Enable master stats events to be fired, these events will contain information about
|
2017-11-29 17:11:23 -07:00
|
|
|
# what commands the master is processing and what the rates are of the executions
|
|
|
|
|
"master_stats": bool,
|
2017-11-30 11:35:33 -07:00
|
|
|
"master_stats_event_iter": int,
|
2016-10-27 12:53:06 +03:00
|
|
|
# The key fingerprint of the higher-level master for the syndic to verify it is talking to the
|
|
|
|
|
# intended master
|
2020-09-30 03:09:12 +02:00
|
|
|
"syndic_finger": str,
|
2016-07-24 10:31:18 -06:00
|
|
|
# The caching mechanism to use for the PKI key store. Can substantially decrease master publish
|
|
|
|
|
# times. Available types:
|
2022-07-06 14:25:47 -04:00
|
|
|
# 'maint': Runs on a schedule as a part of the maintenance process.
|
2016-07-24 10:31:18 -06:00
|
|
|
# '': Disable the key cache [default]
|
2020-09-30 03:09:12 +02:00
|
|
|
"key_cache": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The user under which the daemon should run
|
2020-09-30 03:09:12 +02:00
|
|
|
"user": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The root directory prepended to these options: pki_dir, cachedir,
|
|
|
|
|
# sock_dir, log_file, autosign_file, autoreject_file, extension_modules,
|
|
|
|
|
# key_logfile, pidfile:
|
2020-09-30 03:09:12 +02:00
|
|
|
"root_dir": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The directory used to store public key data
|
2020-09-30 03:09:12 +02:00
|
|
|
"pki_dir": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A unique identifier for this daemon
|
2020-09-30 03:09:12 +02:00
|
|
|
"id": str,
|
2017-07-05 16:09:16 -05:00
|
|
|
# Use a module function to determine the unique identifier. If this is
|
|
|
|
|
# set and 'id' is not set, it will allow invocation of a module function
|
|
|
|
|
# to determine the value of 'id'. For simple invocations without function
|
|
|
|
|
# arguments, this may be a string that is the function name. For
|
|
|
|
|
# invocations with function arguments, this may be a dictionary with the
|
|
|
|
|
# key being the function name, and the value being an embedded dictionary
|
|
|
|
|
# where each key is a function argument name and each value is the
|
|
|
|
|
# corresponding argument value.
|
2020-09-30 03:09:12 +02:00
|
|
|
"id_function": (dict, str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The directory to store all cache files.
|
2020-09-30 03:09:12 +02:00
|
|
|
"cachedir": str,
|
2016-08-03 12:16:22 -06:00
|
|
|
# Append minion_id to these directories. Helps with
|
|
|
|
|
# multiple proxies and minions running on the same machine.
|
2016-10-04 14:58:26 -06:00
|
|
|
# Allowed elements in the list: pki_dir, cachedir, extension_modules, pidfile
|
2016-08-03 12:16:22 -06:00
|
|
|
"append_minionid_config_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Flag to cache jobs locally.
|
2013-05-29 19:13:34 +00:00
|
|
|
"cache_jobs": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The path to the salt configuration file
|
2020-09-30 03:09:12 +02:00
|
|
|
"conf_file": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The directory containing unix sockets for things like the event bus
|
2020-09-30 03:09:12 +02:00
|
|
|
"sock_dir": str,
|
2017-05-31 14:45:48 +09:00
|
|
|
# The pool size of unix sockets, it is necessary to avoid blocking waiting for zeromq and tcp communications.
|
|
|
|
|
"sock_pool_size": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Specifies how the file server should backup files, if enabled. The backups
|
|
|
|
|
# live in the cache dir.
|
2020-09-30 03:09:12 +02:00
|
|
|
"backup_mode": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A default renderer for all operations on this host
|
2020-09-30 03:09:12 +02:00
|
|
|
"renderer": str,
|
2016-05-20 20:41:51 +03:00
|
|
|
# Renderer whitelist. The only renderers from this list are allowed.
|
|
|
|
|
"renderer_whitelist": list,
|
2022-07-06 14:25:47 -04:00
|
|
|
# Renderer blacklist. Renderers from this list are disallowed even if specified in whitelist.
|
2016-05-20 20:41:51 +03:00
|
|
|
"renderer_blacklist": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A flag indicating that a highstate run should immediately cease if a failure occurs.
|
2013-05-29 19:13:34 +00:00
|
|
|
"failhard": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A flag to indicate that highstate runs should force refresh the modules prior to execution
|
2013-05-29 19:13:34 +00:00
|
|
|
"autoload_dynamic_modules": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Force the minion into a single environment when it fetches files from the master
|
2020-09-30 03:09:12 +02:00
|
|
|
"saltenv": (type(None), str),
|
2018-03-08 19:11:13 +01:00
|
|
|
# Prevent saltenv from being overridden on the command line
|
2017-11-29 22:09:09 -06:00
|
|
|
"lock_saltenv": bool,
|
2015-05-18 16:20:54 +03:00
|
|
|
# Force the minion into a single pillar root when it fetches pillar data from the master
|
2020-09-30 03:09:12 +02:00
|
|
|
"pillarenv": (type(None), str),
|
2016-12-21 19:49:32 -06:00
|
|
|
# Make the pillarenv always match the effective saltenv
|
|
|
|
|
"pillarenv_from_saltenv": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Allows a user to provide an alternate name for top.sls
|
2020-09-30 03:09:12 +02:00
|
|
|
"state_top": str,
|
|
|
|
|
"state_top_saltenv": (type(None), str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# States to run when a minion starts up
|
2020-09-30 03:09:12 +02:00
|
|
|
"startup_states": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# List of startup states
|
2013-05-29 19:13:34 +00:00
|
|
|
"sls_list": list,
|
2016-08-11 15:54:43 -06:00
|
|
|
# Configuration for snapper in the state system
|
|
|
|
|
"snapper_states": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"snapper_states_config": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A top file to execute if startup_states == 'top'
|
2020-09-30 03:09:12 +02:00
|
|
|
"top_file": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Location of the files a minion should look for. Set to 'local' to never ask the master.
|
2020-09-30 03:09:12 +02:00
|
|
|
"file_client": str,
|
2018-02-12 12:53:59 -07:00
|
|
|
"local": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# When using a local file_client, this parameter is used to allow the client to connect to
|
|
|
|
|
# a master for remote execution.
|
2014-09-28 18:53:43 -07:00
|
|
|
"use_master_when_local": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A map of saltenvs and fileserver backend locations
|
2013-05-29 19:13:34 +00:00
|
|
|
"file_roots": dict,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A map of saltenvs and fileserver backend locations
|
2013-05-29 19:13:34 +00:00
|
|
|
"pillar_roots": dict,
|
2017-01-25 14:36:41 -06:00
|
|
|
# The external pillars permitted to be used on-demand using pillar.ext
|
2017-01-25 15:08:57 -06:00
|
|
|
"on_demand_ext_pillar": list,
|
2017-01-26 14:54:39 -06:00
|
|
|
# A map of glob paths to be used
|
|
|
|
|
"decrypt_pillar": list,
|
|
|
|
|
# Delimiter to use in path expressions for decrypt_pillar
|
2020-09-30 03:09:12 +02:00
|
|
|
"decrypt_pillar_delimiter": str,
|
2017-01-26 14:54:39 -06:00
|
|
|
# Default renderer for decrypt_pillar
|
2020-09-30 03:09:12 +02:00
|
|
|
"decrypt_pillar_default": str,
|
2017-01-28 00:56:14 -06:00
|
|
|
# List of renderers available for decrypt_pillar
|
|
|
|
|
"decrypt_pillar_renderers": list,
|
2021-12-08 17:24:37 +00:00
|
|
|
# Treat GPG decryption errors as renderer errors
|
|
|
|
|
"gpg_decrypt_must_succeed": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The type of hashing algorithm to use when doing file comparisons
|
2020-09-30 03:09:12 +02:00
|
|
|
"hash_type": str,
|
2018-07-17 15:22:00 -05:00
|
|
|
# Order of preference for optimized .pyc files (PY3 only)
|
|
|
|
|
"optimization_order": list,
|
2016-09-01 09:40:36 -06:00
|
|
|
# Refuse to load these modules
|
2013-05-29 19:13:34 +00:00
|
|
|
"disable_modules": list,
|
2016-09-01 09:40:36 -06:00
|
|
|
# Refuse to load these returners
|
2013-05-29 19:13:34 +00:00
|
|
|
"disable_returners": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Tell the loader to only load modules in this list
|
2013-05-29 19:13:34 +00:00
|
|
|
"whitelist_modules": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt modules in
|
2013-05-29 19:13:34 +00:00
|
|
|
"module_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt returners in
|
2013-05-29 19:13:34 +00:00
|
|
|
"returner_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt states in
|
2013-05-29 19:13:34 +00:00
|
|
|
"states_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt grains in
|
2014-01-28 13:38:06 +01:00
|
|
|
"grains_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt renderers in
|
2013-05-29 19:13:34 +00:00
|
|
|
"render_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt outputters in
|
2013-05-29 19:13:34 +00:00
|
|
|
"outputter_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A list of additional directories to search for salt utilities in. (Used by the loader
|
|
|
|
|
# to populate __utils__)
|
2014-05-16 14:59:50 -04:00
|
|
|
"utils_dirs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# salt cloud providers
|
2013-05-29 19:13:34 +00:00
|
|
|
"providers": dict,
|
2015-04-03 17:17:06 -06:00
|
|
|
# First remove all modules during any sync operation
|
2013-05-29 19:13:34 +00:00
|
|
|
"clean_dynamic_modules": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A flag indicating that a master should accept any minion connection without any authentication
|
2013-05-29 19:13:34 +00:00
|
|
|
"open_mode": bool,
|
2015-10-30 18:56:24 -07:00
|
|
|
# Whether or not processes should be forked when needed. The alternative is to use threading.
|
2013-05-29 19:13:34 +00:00
|
|
|
"multiprocessing": bool,
|
2017-09-20 14:35:11 +02:00
|
|
|
# Maximum number of concurrently active processes at any given point in time
|
|
|
|
|
"process_count_max": int,
|
2015-10-30 18:56:24 -07:00
|
|
|
# Whether or not the salt minion should run scheduled mine updates
|
|
|
|
|
"mine_enabled": bool,
|
|
|
|
|
# Whether or not scheduled mine updates should be accompanied by a job return for the job cache
|
|
|
|
|
"mine_return_job": bool,
|
2017-09-07 09:21:42 -04:00
|
|
|
# The number of minutes between mine updates.
|
2013-05-29 19:13:34 +00:00
|
|
|
"mine_interval": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The ipc strategy. (i.e., sockets versus tcp, etc)
|
2020-09-30 03:09:12 +02:00
|
|
|
"ipc_mode": str,
|
2015-10-16 10:31:00 -06:00
|
|
|
# Enable ipv6 support for daemons
|
2018-08-22 13:29:31 -05:00
|
|
|
"ipv6": (type(None), bool),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The chunk size to use when streaming files with the file server
|
2013-05-29 19:13:34 +00:00
|
|
|
"file_buffer_size": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TCP port on which minion events should be published if ipc_mode is TCP
|
2013-05-29 19:13:34 +00:00
|
|
|
"tcp_pub_port": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TCP port on which minion events should be pulled if ipc_mode is TCP
|
2013-05-29 19:13:34 +00:00
|
|
|
"tcp_pull_port": int,
|
2017-02-21 15:50:31 -07:00
|
|
|
# The TCP port on which events for the master should be published if ipc_mode is TCP
|
2017-07-14 17:26:02 -06:00
|
|
|
"tcp_master_pub_port": int,
|
|
|
|
|
# The TCP port on which events for the master should be pulled if ipc_mode is TCP
|
2015-03-19 15:29:25 -05:00
|
|
|
"tcp_master_pull_port": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TCP port on which events for the master should pulled and then republished onto
|
|
|
|
|
# the event bus on the master
|
2015-03-19 15:29:25 -05:00
|
|
|
"tcp_master_publish_pull": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TCP port for mworkers to connect to on the master
|
2015-03-19 15:29:25 -05:00
|
|
|
"tcp_master_workers": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The file to send logging data to
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_file": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The level of verbosity at which to log
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_level": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The log level to log to a given file
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_level_logfile": (type(None), str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The format to construct dates in log files
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_datefmt": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The dateformat for a given logfile
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_datefmt_logfile": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The format for console logs
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_fmt_console": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The format for a given log file
|
2020-09-30 03:09:12 +02:00
|
|
|
"log_fmt_logfile": (tuple, str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# A dictionary of logging levels
|
2018-01-07 14:48:45 -06:00
|
|
|
"log_granular_levels": dict,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The maximum number of bytes a single log file may contain before
|
|
|
|
|
# it is rotated. A value of 0 disables this feature.
|
|
|
|
|
# Currently only supported on Windows. On other platforms, use an
|
2013-05-29 19:13:34 +00:00
|
|
|
# external tool such as 'logrotate' to manage log files.
|
Windows: Add log file rotation support
An external log file rotation tool, such as `logrotate` will not work
with an operating system such as Windows. From the Python documentation
for `WatchedFileHandler` (which is used for log files in Salt):
"This handler is not appropriate for use under Windows, because under
Windows open log files cannot be moved or renamed - logging opens the
files with exclusive locks - and so there is no need for such a handler.
Furthermore, ST_INO is not supported under Windows; stat() always returns
zero for this value."
This also describes the problem with why an external utility such as
`logrotate` will not work for Windows, because files cannot be renamed
while in use, unlike on other operating systems, such as Linux.
Due to the above, the strategy for this change is to use the
`RotatingFileHandler` logger (when log file rotation is enabled) and to
allow only one process to do the file logging. Previously on Windows,
there was a file logger installed in the main process and another in the
logging listener process. This change changes the architecture in the
following way (on Windows only):
- Added two new configuration options, `log_rotate_max_bytes` and
`log_rotate_backup_count`. They both default to 0. When
`log_rotate_max_bytes` is non-zero, the `RotatingFileHandler` will be
used for file logging instead of the `WatchedFileHandler`.
- The only process that does file logging is the logging listener process
(if it exists)
- When the logging listener process does not exist, only the main process
does file logging.
- When the logging listener process exists, the main process will now set
up multiprocessing logging (which is the client to the logging listener).
- Since the logging listener does logging for extended logging, console,
and log file logging, do not use these types of logging in the main process
when there is a logging listener.
There is one observed caveat: when the log file is in use, and it is time
to rollover (rename the file), the rollover will fail. This has been
obversed when salt-call is running and has the `minion` log file open
for its own logging uses while the salt-minion is trying to rollover.
Luckily, it will recover and try to rollover again on the next log write,
and if the file is no longer in use, it will succeed this time. Hence,
having a log file open somewhere else will delay rollover until the file
is closed.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
2016-10-19 15:06:46 -05:00
|
|
|
"log_rotate_max_bytes": int,
|
|
|
|
|
# The number of backup files to keep when rotating log files. Only
|
|
|
|
|
# used if log_rotate_max_bytes is greater than 0.
|
|
|
|
|
# Currently only supported on Windows. On other platforms, use an
|
|
|
|
|
# external tool such as 'logrotate' to manage log files.
|
|
|
|
|
"log_rotate_backup_count": int,
|
|
|
|
|
# If an event is above this size, it will be trimmed before putting it on the event bus
|
|
|
|
|
"max_event_size": int,
|
2020-05-22 09:26:32 -06:00
|
|
|
# Enable old style events to be sent on minion_startup. Change default to False in 3001 release
|
2015-04-03 17:17:06 -06:00
|
|
|
"enable_legacy_startup_events": bool,
|
|
|
|
|
# Always execute states with test=True if this flag is set
|
2018-11-01 16:46:07 -04:00
|
|
|
"test": bool,
|
|
|
|
|
# Tell the loader to attempt to import *.pyx cython files if cython is available
|
2018-03-05 11:38:09 -07:00
|
|
|
"cython_enable": bool,
|
2020-06-05 17:40:03 -06:00
|
|
|
# Whether or not to load grains for FQDNs
|
|
|
|
|
"enable_fqdns_grains": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Whether or not to load grains for the GPU
|
2013-05-29 19:13:34 +00:00
|
|
|
"enable_gpu_grains": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Tell the loader to attempt to import *.zip archives
|
2013-05-29 19:13:34 +00:00
|
|
|
"enable_zip_modules": bool,
|
|
|
|
|
# Tell the client to show minions that have timed out
|
2014-08-07 10:12:47 -04:00
|
|
|
"show_timeout": bool,
|
2018-08-28 11:28:27 -05:00
|
|
|
# Tell the client to display the jid when a job is published
|
|
|
|
|
"show_jid": bool,
|
|
|
|
|
# Ensure that a generated jid is always unique. If this is set, the jid
|
2015-08-21 18:05:04 -07:00
|
|
|
# format is different due to an underscore and process id being appended
|
|
|
|
|
# to the jid. WARNING: A change to the jid format may break external
|
2015-04-03 17:17:06 -06:00
|
|
|
# applications that depend on the original format.
|
|
|
|
|
"unique_jid": bool,
|
2022-12-21 13:25:18 -05:00
|
|
|
# Governs whether state runs will queue or fail to run when a state is already running
|
2023-04-20 14:52:40 -04:00
|
|
|
"state_queue": (bool, int),
|
2015-04-03 17:17:06 -06:00
|
|
|
# Tells the highstate outputter to show successful states. False will omit successes.
|
2014-04-14 16:33:33 -04:00
|
|
|
"state_verbose": bool,
|
2017-09-11 11:19:59 -05:00
|
|
|
# Specify the format for state outputs. See highstate outputter for additional details.
|
2020-09-30 03:09:12 +02:00
|
|
|
"state_output": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Tells the highstate outputter to only report diffs of states that changed
|
2013-05-29 19:13:34 +00:00
|
|
|
"state_output_diff": bool,
|
2020-12-17 21:45:36 -06:00
|
|
|
# Tells the highstate outputter whether profile information will be shown for each state run
|
|
|
|
|
"state_output_profile": bool,
|
2021-10-02 10:01:55 -04:00
|
|
|
# Tells the highstate outputter whether success and failure percents will be shown for each state run
|
|
|
|
|
"state_output_pct": bool,
|
2022-01-30 14:48:41 -05:00
|
|
|
# Tells the highstate outputter to aggregate information about states which
|
|
|
|
|
# have multiple "names" under the same state ID in the highstate output.
|
|
|
|
|
"state_compress_ids": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# When true, states run in the order defined in an SLS file, unless requisites re-order them
|
|
|
|
|
"state_auto_order": bool,
|
|
|
|
|
# Fire events as state chunks are processed by the state compiler
|
2018-01-07 14:48:45 -06:00
|
|
|
"state_events": bool,
|
2015-07-28 16:03:08 -06:00
|
|
|
# The number of seconds a minion should wait before retry when attempting authentication
|
|
|
|
|
"acceptance_wait_time": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds a minion should wait before giving up during authentication
|
2013-10-01 12:19:19 -06:00
|
|
|
"acceptance_wait_time_max": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Retry a connection attempt if the master rejects a minion's public key
|
2013-10-01 12:19:19 -06:00
|
|
|
"rejected_retry": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The interval in which a daemon's main loop should attempt to perform all necessary tasks
|
|
|
|
|
# for normal operation
|
2013-05-29 19:13:34 +00:00
|
|
|
"loop_interval": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Perform pre-flight verification steps before daemon startup, such as checking configuration
|
|
|
|
|
# files and certain directories.
|
2013-07-27 16:51:38 -04:00
|
|
|
"verify_env": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The grains dictionary for a minion, containing specific "facts" about the minion
|
2014-03-24 14:16:31 -04:00
|
|
|
"grains": dict,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Allow a daemon to function even if the key directories are not secured
|
|
|
|
|
"permissive_pki_access": bool,
|
2017-06-23 18:09:56 -05:00
|
|
|
# The passphrase of the master's private key
|
2020-09-30 03:09:12 +02:00
|
|
|
"key_pass": (type(None), str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The passphrase of the master's private signing key
|
2020-09-30 03:09:12 +02:00
|
|
|
"signing_key_pass": (type(None), str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The path to a directory to pull in configuration file includes
|
2020-09-30 03:09:12 +02:00
|
|
|
"default_include": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# If a minion is running an esky build of salt, upgrades can be performed using the url
|
|
|
|
|
# defined here. See saltutil.update() for additional information
|
2020-09-30 03:09:12 +02:00
|
|
|
"update_url": (bool, str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# If using update_url with saltutil.update(), provide a list of services to be restarted
|
|
|
|
|
# post-install
|
|
|
|
|
"update_restart_services": list,
|
2015-11-04 11:01:55 +01:00
|
|
|
# The number of seconds to sleep between retrying an attempt to resolve the hostname of a
|
2017-06-23 18:09:56 -05:00
|
|
|
# salt master
|
|
|
|
|
"retry_dns": float,
|
2018-01-09 13:40:07 -06:00
|
|
|
"retry_dns_count": (type(None), int),
|
2017-06-23 18:09:56 -05:00
|
|
|
# In the case when the resolve of the salt master hostname fails, fall back to localhost
|
2018-01-09 13:40:07 -06:00
|
|
|
"resolve_dns_fallback": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# set the zeromq_reconnect_ivl option on the minion.
|
|
|
|
|
# http://lists.zeromq.org/pipermail/zeromq-dev/2011-January/008845.html
|
2018-01-07 14:48:45 -06:00
|
|
|
"recon_max": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# If recon_randomize is set, this specifies the lower bound for the randomized period
|
|
|
|
|
"recon_default": float,
|
|
|
|
|
# Tells the minion to choose a bounded, random interval to have zeromq attempt to reconnect
|
|
|
|
|
# in the event of a disconnect event
|
2017-05-31 19:18:40 -06:00
|
|
|
"recon_randomize": bool,
|
2021-01-06 15:55:37 +01:00
|
|
|
# Configures retry interval, randomized between timer and timer_max if timer_max > 0
|
2017-05-31 19:18:40 -06:00
|
|
|
"return_retry_timer": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
"return_retry_timer_max": int,
|
2021-01-06 15:55:37 +01:00
|
|
|
# Configures amount of return retries
|
|
|
|
|
"return_retry_tries": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Specify one or more returners in which all events will be sent to. Requires that the returners
|
|
|
|
|
# in question have an event_return(event) function!
|
2020-09-30 03:09:12 +02:00
|
|
|
"event_return": (list, str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of events to queue up in memory before pushing them down the pipe to an event
|
|
|
|
|
# returner specified by 'event_return'
|
2018-09-24 20:11:05 -07:00
|
|
|
"event_return_queue": int,
|
2016-10-10 11:14:51 -05:00
|
|
|
# The number of seconds that events can languish in the queue before we flush them.
|
2015-04-03 17:17:06 -06:00
|
|
|
# The goal here is to ensure that if the bus is not busy enough to reach a total
|
|
|
|
|
# `event_return_queue` events won't get stale.
|
2015-11-06 07:57:00 -08:00
|
|
|
"event_return_queue_max_seconds": int,
|
2016-07-26 15:47:10 -04:00
|
|
|
# Only forward events to an event returner if it matches one of the tags in this list
|
2017-05-31 19:18:40 -06:00
|
|
|
"event_return_whitelist": list,
|
2016-10-27 12:53:06 +03:00
|
|
|
# Events matching a tag in this list should never be sent to an event returner.
|
2014-12-01 11:46:27 -07:00
|
|
|
"event_return_blacklist": list,
|
2019-06-07 13:23:03 -06:00
|
|
|
# default match type for filtering events tags: startswith, endswith, find, regex, fnmatch
|
2020-09-30 03:09:12 +02:00
|
|
|
"event_match_type": str,
|
2019-06-07 13:23:03 -06:00
|
|
|
# This pidfile to write out to when a daemon starts
|
2020-09-30 03:09:12 +02:00
|
|
|
"pidfile": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Used with the SECO range master tops system
|
2020-09-30 03:09:12 +02:00
|
|
|
"range_server": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The tcp keepalive interval to set on TCP ports. This setting can be used to tune Salt
|
|
|
|
|
# connectivity issues in messy network environments with misbehaving firewalls
|
2014-12-01 13:05:21 -07:00
|
|
|
"tcp_keepalive": bool,
|
2015-10-21 22:15:13 -06:00
|
|
|
# Sets zeromq TCP keepalive idle. May be used to tune issues with minion disconnects
|
|
|
|
|
"tcp_keepalive_idle": float,
|
2015-11-04 11:01:55 +01:00
|
|
|
# Sets zeromq TCP keepalive count. May be used to tune issues with minion disconnects
|
2018-01-07 14:48:45 -06:00
|
|
|
"tcp_keepalive_cnt": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Sets zeromq TCP keepalive interval. May be used to tune issues with minion disconnects.
|
2013-05-29 19:13:34 +00:00
|
|
|
"tcp_keepalive_intvl": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The network interface for a daemon to bind to
|
2020-09-30 03:09:12 +02:00
|
|
|
"interface": str,
|
2016-10-27 12:53:06 +03:00
|
|
|
# The port for a salt master to broadcast publications on. This will also be the port minions
|
|
|
|
|
# connect to to listen for publications.
|
|
|
|
|
"publish_port": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# TODO unknown option!
|
|
|
|
|
"auth_mode": int,
|
|
|
|
|
# listen queue size / backlog
|
2016-12-12 21:20:55 +01:00
|
|
|
"zmq_backlog": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Set the zeromq high water mark on the publisher interface.
|
|
|
|
|
# http://api.zeromq.org/3-2:zmq-setsockopt
|
|
|
|
|
"pub_hwm": int,
|
|
|
|
|
# IPC buffer size
|
|
|
|
|
# Refs https://github.com/saltstack/salt/issues/34215
|
2013-05-29 19:13:34 +00:00
|
|
|
"ipc_write_buffer": int,
|
2018-12-18 18:13:48 -05:00
|
|
|
# various subprocess niceness levels
|
|
|
|
|
"req_server_niceness": (type(None), int),
|
|
|
|
|
"pub_server_niceness": (type(None), int),
|
|
|
|
|
"fileserver_update_niceness": (type(None), int),
|
|
|
|
|
"maintenance_niceness": (type(None), int),
|
|
|
|
|
"mworker_niceness": (type(None), int),
|
|
|
|
|
"mworker_queue_niceness": (type(None), int),
|
|
|
|
|
"event_return_niceness": (type(None), int),
|
|
|
|
|
"event_publisher_niceness": (type(None), int),
|
|
|
|
|
"reactor_niceness": (type(None), int),
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of MWorker processes for a master to startup. This number needs to scale up as
|
|
|
|
|
# the number of connected minions increases.
|
|
|
|
|
"worker_threads": int,
|
|
|
|
|
# The port for the master to listen to returns on. The minion needs to connect to this port
|
|
|
|
|
# to send returns.
|
2013-05-29 19:13:34 +00:00
|
|
|
"ret_port": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of hours to keep jobs around in the job cache on the master
|
2022-11-05 00:04:59 -07:00
|
|
|
# This option is deprecated by keep_jobs_seconds
|
2014-08-04 12:22:59 -07:00
|
|
|
"keep_jobs": int,
|
2022-11-05 00:04:59 -07:00
|
|
|
# The number of seconds to keep jobs around in the job cache on the master
|
|
|
|
|
"keep_jobs_seconds": int,
|
2016-07-14 13:24:23 -06:00
|
|
|
# If the returner supports `clean_old_jobs`, then at cleanup time,
|
|
|
|
|
# archive the job data before deleting it.
|
2016-07-14 13:48:52 -06:00
|
|
|
"archive_jobs": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A master-only copy of the file_roots dictionary, used by the state compiler
|
|
|
|
|
"master_roots": dict,
|
|
|
|
|
# Add the proxymodule LazyLoader object to opts. This breaks many things
|
|
|
|
|
# but this was the default pre 2015.8.2. This should default to
|
|
|
|
|
# False in 2016.3.0
|
2016-03-01 12:56:00 -07:00
|
|
|
"add_proxymodule_to_opts": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Merge pillar data into configuration opts.
|
|
|
|
|
# As multiple proxies can run on the same server, we may need different
|
|
|
|
|
# configuration options for each, while there's one single configuration file.
|
|
|
|
|
# The solution is merging the pillar data of each proxy minion into the opts.
|
2016-08-16 14:40:26 -06:00
|
|
|
"proxy_merge_pillar_in_opts": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Deep merge of pillar data into configuration opts.
|
|
|
|
|
# Evaluated only when `proxy_merge_pillar_in_opts` is True.
|
|
|
|
|
"proxy_deep_merge_pillar_in_opts": bool,
|
|
|
|
|
# The strategy used when merging pillar into opts.
|
2015-10-07 09:22:15 -06:00
|
|
|
# Considered only when `proxy_merge_pillar_in_opts` is True.
|
2020-09-30 03:09:12 +02:00
|
|
|
"proxy_merge_pillar_in_opts_strategy": str,
|
2017-07-05 10:14:50 +00:00
|
|
|
# Allow enabling mine details using pillar data.
|
2017-07-05 10:54:45 +00:00
|
|
|
"proxy_mines_pillar": bool,
|
2017-07-05 10:14:50 +00:00
|
|
|
# In some particular cases, always alive proxies are not beneficial.
|
|
|
|
|
# This option can be used in those less dynamic environments:
|
|
|
|
|
# the user can request the connection
|
|
|
|
|
# always alive, or init-shutdown per command.
|
2017-03-21 12:17:56 +00:00
|
|
|
"proxy_always_alive": bool,
|
2017-07-05 10:14:50 +00:00
|
|
|
# Poll the connection state with the proxy minion
|
|
|
|
|
# If enabled, this option requires the function `alive`
|
|
|
|
|
# to be implemented in the proxy module
|
|
|
|
|
"proxy_keep_alive": bool,
|
|
|
|
|
# Frequency of the proxy_keep_alive, in minutes
|
|
|
|
|
"proxy_keep_alive_interval": int,
|
|
|
|
|
# Update intervals
|
|
|
|
|
"roots_update_interval": int,
|
2017-12-04 23:57:28 -06:00
|
|
|
"azurefs_update_interval": int,
|
|
|
|
|
"gitfs_update_interval": int,
|
2019-06-27 15:41:49 +02:00
|
|
|
"git_pillar_update_interval": int,
|
2017-12-04 23:57:28 -06:00
|
|
|
"hgfs_update_interval": int,
|
|
|
|
|
"minionfs_update_interval": int,
|
|
|
|
|
"s3fs_update_interval": int,
|
|
|
|
|
"svnfs_update_interval": int,
|
2020-04-15 13:20:32 +02:00
|
|
|
# NOTE: git_pillar_base, git_pillar_fallback, git_pillar_branch,
|
|
|
|
|
# git_pillar_env, and git_pillar_root omitted here because their values
|
|
|
|
|
# could conceivably be loaded as non-string types, which is OK because
|
|
|
|
|
# git_pillar will normalize them to strings. But rather than include all the
|
|
|
|
|
# possible types they could be, we'll just skip type-checking.
|
2017-02-02 11:35:40 -07:00
|
|
|
"git_pillar_ssl_verify": bool,
|
2017-12-04 23:57:28 -06:00
|
|
|
"git_pillar_global_lock": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"git_pillar_user": str,
|
|
|
|
|
"git_pillar_password": str,
|
2017-12-04 23:57:28 -06:00
|
|
|
"git_pillar_insecure_auth": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"git_pillar_privkey": str,
|
|
|
|
|
"git_pillar_pubkey": str,
|
|
|
|
|
"git_pillar_passphrase": str,
|
2017-02-09 10:50:45 -06:00
|
|
|
"git_pillar_refspecs": list,
|
2018-03-02 20:41:29 -06:00
|
|
|
"git_pillar_includes": bool,
|
|
|
|
|
"git_pillar_verify_config": bool,
|
2020-04-15 13:20:32 +02:00
|
|
|
# NOTE: gitfs_base, gitfs_fallback, gitfs_mountpoint, and gitfs_root omitted
|
|
|
|
|
# here because their values could conceivably be loaded as non-string types,
|
|
|
|
|
# which is OK because gitfs will normalize them to strings. But rather than
|
|
|
|
|
# include all the possible types they could be, we'll just skip type-checking.
|
2018-01-07 14:48:45 -06:00
|
|
|
"gitfs_remotes": list,
|
2015-07-21 16:37:46 -05:00
|
|
|
"gitfs_insecure_auth": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"gitfs_privkey": str,
|
|
|
|
|
"gitfs_pubkey": str,
|
|
|
|
|
"gitfs_passphrase": str,
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv_whitelist": list,
|
2017-02-09 10:50:45 -06:00
|
|
|
"gitfs_saltenv_blacklist": list,
|
2015-07-21 16:37:46 -05:00
|
|
|
"gitfs_ssl_verify": bool,
|
2016-04-18 08:40:20 -06:00
|
|
|
"gitfs_global_lock": bool,
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv": list,
|
2017-05-09 10:34:26 -05:00
|
|
|
"gitfs_ref_types": list,
|
2017-02-09 10:50:45 -06:00
|
|
|
"gitfs_refspecs": list,
|
2018-03-02 20:41:29 -06:00
|
|
|
"gitfs_disable_saltenv_mapping": bool,
|
2013-05-29 19:13:34 +00:00
|
|
|
"hgfs_remotes": list,
|
2020-09-30 03:09:12 +02:00
|
|
|
"hgfs_mountpoint": str,
|
|
|
|
|
"hgfs_root": str,
|
|
|
|
|
"hgfs_base": str,
|
|
|
|
|
"hgfs_branch_method": str,
|
2017-05-06 23:04:08 -05:00
|
|
|
"hgfs_saltenv_whitelist": list,
|
|
|
|
|
"hgfs_saltenv_blacklist": list,
|
2013-10-12 02:35:50 -04:00
|
|
|
"svnfs_remotes": list,
|
2020-09-30 03:09:12 +02:00
|
|
|
"svnfs_mountpoint": str,
|
|
|
|
|
"svnfs_root": str,
|
|
|
|
|
"svnfs_trunk": str,
|
|
|
|
|
"svnfs_branches": str,
|
|
|
|
|
"svnfs_tags": str,
|
2017-05-06 23:04:08 -05:00
|
|
|
"svnfs_saltenv_whitelist": list,
|
|
|
|
|
"svnfs_saltenv_blacklist": list,
|
2020-09-30 03:09:12 +02:00
|
|
|
"minionfs_env": str,
|
|
|
|
|
"minionfs_mountpoint": str,
|
2014-04-07 11:23:17 -05:00
|
|
|
"minionfs_whitelist": list,
|
|
|
|
|
"minionfs_blacklist": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Specify a list of external pillar systems to use
|
2013-05-29 19:13:34 +00:00
|
|
|
"ext_pillar": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Reserved for future use to version the pillar structure
|
2013-05-29 19:13:34 +00:00
|
|
|
"pillar_version": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Whether or not a copy of the master opts dict should be rendered into minion pillars
|
2013-05-29 19:13:34 +00:00
|
|
|
"pillar_opts": bool,
|
2016-01-25 11:43:16 -06:00
|
|
|
# Cache the master pillar to disk to avoid having to pass through the rendering system
|
|
|
|
|
"pillar_cache": bool,
|
|
|
|
|
# Pillar cache TTL, in seconds. Has no effect unless `pillar_cache` is True
|
|
|
|
|
"pillar_cache_ttl": int,
|
|
|
|
|
# Pillar cache backend. Defaults to `disk` which stores caches in the master cache
|
2020-09-30 03:09:12 +02:00
|
|
|
"pillar_cache_backend": str,
|
2019-12-31 15:13:58 +01:00
|
|
|
# Cache the GPG data to avoid having to pass through the gpg renderer
|
|
|
|
|
"gpg_cache": bool,
|
|
|
|
|
# GPG data cache TTL, in seconds. Has no effect unless `gpg_cache` is True
|
|
|
|
|
"gpg_cache_ttl": int,
|
|
|
|
|
# GPG data cache backend. Defaults to `disk` which stores caches in the master cache
|
2020-09-30 03:09:12 +02:00
|
|
|
"gpg_cache_backend": str,
|
2015-03-03 20:53:36 -05:00
|
|
|
"pillar_safe_render_error": bool,
|
2015-10-01 13:01:55 +02:00
|
|
|
# When creating a pillar, there are several strategies to choose from when
|
2015-06-15 11:30:14 -06:00
|
|
|
# encountering duplicate values
|
2020-09-30 03:09:12 +02:00
|
|
|
"pillar_source_merging_strategy": str,
|
2015-12-29 10:22:54 -07:00
|
|
|
# Recursively merge lists by aggregating them instead of replacing them.
|
|
|
|
|
"pillar_merge_lists": bool,
|
2018-03-22 13:32:13 -05:00
|
|
|
# If True, values from included pillar SLS targets will override
|
|
|
|
|
"pillar_includes_override_sls": bool,
|
2015-08-24 13:50:32 -06:00
|
|
|
# How to merge multiple top files from multiple salt environments
|
|
|
|
|
# (saltenvs); can be 'merge' or 'same'
|
2020-09-30 03:09:12 +02:00
|
|
|
"top_file_merging_strategy": str,
|
2015-08-24 13:50:32 -06:00
|
|
|
# The ordering for salt environment merging, when top_file_merging_strategy
|
|
|
|
|
# is set to 'same'
|
2015-06-15 11:30:14 -06:00
|
|
|
"env_order": list,
|
2015-08-24 13:50:32 -06:00
|
|
|
# The salt environment which provides the default top file when
|
|
|
|
|
# top_file_merging_strategy is set to 'same'; defaults to 'base'
|
2020-09-30 03:09:12 +02:00
|
|
|
"default_top": str,
|
2014-10-15 09:23:30 -07:00
|
|
|
"ping_on_rotate": bool,
|
2013-05-29 19:13:34 +00:00
|
|
|
"peer": dict,
|
2014-10-03 11:43:33 -06:00
|
|
|
"preserve_minion_cache": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"syndic_master": (str, list),
|
2016-06-21 19:44:54 +03:00
|
|
|
# The behaviour of the multimaster syndic when connection to a master of masters failed. Can
|
|
|
|
|
# specify 'random' (default) or 'ordered'. If set to 'random' masters will be iterated in random
|
|
|
|
|
# order if 'ordered' the configured order will be used.
|
2020-09-30 03:09:12 +02:00
|
|
|
"syndic_failover": str,
|
2016-12-02 01:44:55 +01:00
|
|
|
"syndic_forward_all_events": bool,
|
2013-05-29 19:13:34 +00:00
|
|
|
"runner_dirs": list,
|
2016-07-21 09:51:45 -06:00
|
|
|
"client_acl_verify": bool,
|
2015-10-22 13:04:49 +03:00
|
|
|
"publisher_acl": dict,
|
|
|
|
|
"publisher_acl_blacklist": dict,
|
2014-11-17 14:00:14 -08:00
|
|
|
"sudo_acl": bool,
|
2013-05-29 19:13:34 +00:00
|
|
|
"external_auth": dict,
|
|
|
|
|
"token_expire": int,
|
2016-05-17 15:27:53 -06:00
|
|
|
"token_expire_user_override": (bool, dict),
|
2013-08-08 15:12:25 -05:00
|
|
|
"file_recv": bool,
|
2014-08-19 10:32:01 -06:00
|
|
|
"file_recv_max_size": int,
|
2020-09-30 03:09:12 +02:00
|
|
|
"file_ignore_regex": (list, str),
|
|
|
|
|
"file_ignore_glob": (list, str),
|
2013-05-29 19:13:34 +00:00
|
|
|
"fileserver_backend": list,
|
2013-09-20 14:22:18 -05:00
|
|
|
"fileserver_followsymlinks": bool,
|
2013-09-20 20:25:48 -05:00
|
|
|
"fileserver_ignoresymlinks": bool,
|
2017-02-27 20:21:53 -06:00
|
|
|
"fileserver_verify_config": bool,
|
2022-03-24 15:37:28 -06:00
|
|
|
# Optionally apply '*' permissions to any user. By default '*' is a fallback case that is
|
2017-08-28 12:46:26 +03:00
|
|
|
# applied only if the user didn't matched by other matchers.
|
|
|
|
|
"permissive_acl": bool,
|
2017-03-16 20:32:10 +03:00
|
|
|
# Optionally enables keeping the calculated user's auth list in the token file.
|
|
|
|
|
"keep_acl_in_token": bool,
|
2017-03-17 18:05:02 +03:00
|
|
|
# Auth subsystem module to use to get authorized access list for a user. By default it's the
|
|
|
|
|
# same module used for external authentication.
|
2020-09-30 03:09:12 +02:00
|
|
|
"eauth_acl_module": str,
|
2017-08-03 16:02:58 +05:30
|
|
|
# Subsystem to use to maintain eauth tokens. By default, tokens are stored on the local
|
|
|
|
|
# filesystem
|
2020-09-30 03:09:12 +02:00
|
|
|
"eauth_tokens": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of open files a daemon is allowed to have open. Frequently needs to be increased
|
|
|
|
|
# higher than the system default in order to account for the way zeromq consumes file handles.
|
2013-05-29 19:13:34 +00:00
|
|
|
"max_open_files": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Automatically accept any key provided to the master. Implies that the key will be preserved
|
|
|
|
|
# so that subsequent connections will be authenticated even if this option has later been
|
|
|
|
|
# turned off.
|
2013-05-29 19:13:34 +00:00
|
|
|
"auto_accept": bool,
|
2014-05-10 13:46:03 -04:00
|
|
|
"autosign_timeout": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A mapping of external systems that can be used to generate topfile data.
|
2016-02-23 12:11:33 -07:00
|
|
|
"master_tops": dict,
|
2017-06-12 20:21:55 -05:00
|
|
|
# Whether or not matches from master_tops should be executed before or
|
|
|
|
|
# after those from the top file(s).
|
|
|
|
|
"master_tops_first": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# A flag that should be set on a top-level master when it is ordering around subordinate masters
|
|
|
|
|
# via the use of a salt syndic
|
2013-05-29 19:13:34 +00:00
|
|
|
"order_masters": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Whether or not to cache jobs so that they can be examined later on
|
2013-05-29 19:13:34 +00:00
|
|
|
"job_cache": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Define a returner to be used as an external job caching storage backend
|
2020-09-30 03:09:12 +02:00
|
|
|
"ext_job_cache": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Specify a returner for the master to use as a backend storage system to cache jobs returns
|
|
|
|
|
# that it receives
|
2020-09-30 03:09:12 +02:00
|
|
|
"master_job_cache": str,
|
2015-07-16 17:19:44 -06:00
|
|
|
# Specify whether the master should store end times for jobs as returns come in
|
2015-07-16 17:29:21 -06:00
|
|
|
"job_cache_store_endtime": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The minion data cache is a cache of information about the minions stored on the master.
|
|
|
|
|
# This information is primarily the pillar and grains data. The data is cached in the master
|
|
|
|
|
# cachedir under the name of the minion and used to predetermine what minions are expected to
|
|
|
|
|
# reply from executions.
|
2013-05-29 19:13:34 +00:00
|
|
|
"minion_data_cache": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds between AES key rotations on the master
|
2013-05-29 19:13:34 +00:00
|
|
|
"publish_session": int,
|
2021-09-09 15:55:18 +00:00
|
|
|
# Defines a salt reactor. See https://docs.saltproject.io/en/latest/topics/reactor/
|
2013-05-29 19:13:34 +00:00
|
|
|
"reactor": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The TTL for the cache of the reactor configuration
|
2014-02-27 21:44:23 -08:00
|
|
|
"reactor_refresh_interval": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of workers for the runner/wheel in the reactor
|
2014-12-04 19:15:07 -08:00
|
|
|
"reactor_worker_threads": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The queue size for workers in the reactor
|
2014-12-04 19:15:07 -08:00
|
|
|
"reactor_worker_hwm": int,
|
2021-09-09 15:55:18 +00:00
|
|
|
# Defines engines. See https://docs.saltproject.io/en/latest/topics/engines/
|
2016-04-15 12:07:05 -06:00
|
|
|
"engines": list,
|
2016-08-01 22:59:41 -05:00
|
|
|
# Whether or not to store runner returns in the job cache
|
|
|
|
|
"runner_returns": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"serial": str,
|
|
|
|
|
"search": str,
|
2016-10-27 12:53:06 +03:00
|
|
|
# A compound target definition.
|
2021-09-09 15:55:18 +00:00
|
|
|
# See: https://docs.saltproject.io/en/latest/topics/targeting/nodegroups.html
|
2017-03-29 00:43:58 -05:00
|
|
|
"nodegroups": (dict, list),
|
2015-11-18 11:59:36 -07:00
|
|
|
# List-only nodegroups for salt-ssh. Each group must be formed as either a
|
|
|
|
|
# comma-separated list, or a YAML list.
|
2015-11-18 13:09:29 -07:00
|
|
|
"ssh_list_nodegroups": dict,
|
2016-04-24 19:53:32 -06:00
|
|
|
# By default, salt-ssh uses its own specially-generated RSA key to auth
|
|
|
|
|
# against minions. If this is set to True, salt-ssh will look in
|
|
|
|
|
# for a key at ~/.ssh/id_rsa, and fall back to using its own specially-
|
|
|
|
|
# generated RSA key if that file doesn't exist.
|
|
|
|
|
"ssh_use_home_key": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The logfile location for salt-key
|
2020-09-30 03:09:12 +02:00
|
|
|
"key_logfile": str,
|
2017-03-02 16:42:45 -07:00
|
|
|
# The upper bound for the random number of seconds that a minion should
|
|
|
|
|
# delay when starting in up before it connects to a master. This can be
|
|
|
|
|
# used to mitigate a thundering-herd scenario when many minions start up
|
|
|
|
|
# at once and attempt to all connect immediately to the master
|
|
|
|
|
"random_startup_delay": int,
|
2015-08-09 02:52:05 -05:00
|
|
|
# The source location for the winrepo sls files
|
|
|
|
|
# (used by win_pkg.py, minion only)
|
2020-09-30 03:09:12 +02:00
|
|
|
"winrepo_source_dir": str,
|
|
|
|
|
"winrepo_dir": str,
|
|
|
|
|
"winrepo_dir_ng": str,
|
|
|
|
|
"winrepo_cachefile": str,
|
2018-03-02 20:41:29 -06:00
|
|
|
# NOTE: winrepo_branch omitted here because its value could conceivably be
|
|
|
|
|
# loaded as a non-string type, which is OK because winrepo will normalize
|
|
|
|
|
# them to strings. But rather than include all the possible types it could
|
|
|
|
|
# be, we'll just skip type-checking.
|
2016-09-12 14:48:39 +10:00
|
|
|
"winrepo_cache_expire_max": int,
|
|
|
|
|
"winrepo_cache_expire_min": int,
|
2015-08-09 02:52:05 -05:00
|
|
|
"winrepo_remotes": list,
|
2015-08-26 10:25:56 -06:00
|
|
|
"winrepo_remotes_ng": list,
|
2015-08-09 02:52:05 -05:00
|
|
|
"winrepo_ssl_verify": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"winrepo_user": str,
|
|
|
|
|
"winrepo_password": str,
|
2015-08-09 02:52:05 -05:00
|
|
|
"winrepo_insecure_auth": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"winrepo_privkey": str,
|
|
|
|
|
"winrepo_pubkey": str,
|
|
|
|
|
"winrepo_passphrase": str,
|
2017-02-09 10:50:45 -06:00
|
|
|
"winrepo_refspecs": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Set a hard limit for the amount of memory modules can consume on a minion.
|
2013-09-26 16:32:33 -07:00
|
|
|
"modules_max_memory": int,
|
2019-09-18 16:29:54 -07:00
|
|
|
# Blacklist specific core grains to be filtered
|
|
|
|
|
"grains_blacklist": list,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of minutes between the minion refreshing its cache of grains
|
2013-10-18 12:56:54 -06:00
|
|
|
"grains_refresh_every": int,
|
2022-02-23 14:00:48 -05:00
|
|
|
# Enable grains refresh prior to any operation
|
|
|
|
|
"grains_refresh_pre_exec": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Use lspci to gather system data for grains on a minion
|
2013-10-21 15:20:47 -06:00
|
|
|
"enable_lspci": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds for the salt client to wait for additional syndics to
|
|
|
|
|
# check in with their lists of expected minions before giving up
|
2013-11-07 15:41:04 -07:00
|
|
|
"syndic_wait": int,
|
2017-10-01 15:47:03 -04:00
|
|
|
# Override Jinja environment option defaults for all templates except sls templates
|
2017-08-16 18:45:25 -04:00
|
|
|
"jinja_env": dict,
|
2017-10-01 15:47:03 -04:00
|
|
|
# Set Jinja environment options for sls templates
|
2017-08-16 18:45:25 -04:00
|
|
|
"jinja_sls_env": dict,
|
2015-04-03 17:17:06 -06:00
|
|
|
# If this is set to True leading spaces and tabs are stripped from the start
|
|
|
|
|
# of a line to a block.
|
2013-11-08 13:29:47 -07:00
|
|
|
"jinja_lstrip_blocks": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# If this is set to True the first newline after a Jinja block is removed
|
2013-11-08 13:29:47 -07:00
|
|
|
"jinja_trim_blocks": bool,
|
2016-04-25 19:01:42 +02:00
|
|
|
# Cache minion ID to file
|
2013-11-13 09:35:17 -07:00
|
|
|
"minion_id_caching": bool,
|
2017-05-20 15:10:25 +02:00
|
|
|
# Always generate minion id in lowercase.
|
|
|
|
|
"minion_id_lowercase": bool,
|
2019-09-18 17:37:18 -07:00
|
|
|
# Remove either a single domain (foo.org), or all (True) from a generated minion id.
|
2020-09-30 03:09:12 +02:00
|
|
|
"minion_id_remove_domain": (str, bool),
|
2015-04-03 17:17:06 -06:00
|
|
|
# If set, the master will sign all publications before they are sent out
|
2013-12-11 13:47:47 -07:00
|
|
|
"sign_pub_messages": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The size of key that should be generated when creating new keys
|
2013-12-23 08:48:35 -07:00
|
|
|
"keysize": int,
|
2018-10-05 10:48:14 -04:00
|
|
|
# The transport system for this daemon. (i.e. zeromq, tcp, detect, etc)
|
2020-09-30 03:09:12 +02:00
|
|
|
"transport": str,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds to wait when the client is requesting information about running jobs
|
2014-01-31 10:11:02 +00:00
|
|
|
"gather_job_timeout": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds to wait before timing out an authentication request
|
2014-02-03 23:22:51 -07:00
|
|
|
"auth_timeout": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of attempts to authenticate to a master before giving up
|
2014-04-23 19:01:32 -04:00
|
|
|
"auth_tries": int,
|
2016-03-09 14:58:07 -06:00
|
|
|
# The number of attempts to connect to a master before giving up.
|
|
|
|
|
# Set this to -1 for unlimited attempts. This allows for a master to have
|
|
|
|
|
# downtime and the minion to reconnect to it later when it comes back up.
|
|
|
|
|
# In 'failover' mode, it is the number of attempts for each set of masters.
|
|
|
|
|
# In this mode, it will cycle through the list of masters for each attempt.
|
|
|
|
|
"master_tries": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Never give up when trying to authenticate to a master
|
2014-04-23 19:01:32 -04:00
|
|
|
"auth_safemode": bool,
|
2018-07-09 17:53:29 -04:00
|
|
|
# Selects a random master when starting a minion up in multi-master mode or
|
|
|
|
|
# when starting a minion with salt-call. ``master`` must be a list.
|
2014-02-04 00:42:21 -07:00
|
|
|
"random_master": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# An upper bound for the amount of time for a minion to sleep before attempting to
|
|
|
|
|
# reauth after a restart.
|
2014-06-03 14:32:19 -06:00
|
|
|
"random_reauth_delay": int,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The number of seconds for a syndic to poll for new messages that need to be forwarded
|
2014-02-04 14:42:04 +00:00
|
|
|
"syndic_event_forward_timeout": float,
|
2015-04-03 17:17:06 -06:00
|
|
|
# The length that the syndic event queue must hit before events are popped off and forwarded
|
2015-03-19 10:27:40 -06:00
|
|
|
"syndic_jid_forward_cache_hwm": int,
|
2016-11-20 16:13:55 +02:00
|
|
|
# Salt SSH configuration
|
2020-09-30 03:09:12 +02:00
|
|
|
"ssh_passwd": str,
|
|
|
|
|
"ssh_port": str,
|
2014-02-20 03:03:16 -07:00
|
|
|
"ssh_sudo": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"ssh_sudo_user": str,
|
2014-02-20 03:03:16 -07:00
|
|
|
"ssh_timeout": float,
|
2020-09-30 03:09:12 +02:00
|
|
|
"ssh_user": str,
|
|
|
|
|
"ssh_scan_ports": str,
|
2014-11-25 11:52:23 -07:00
|
|
|
"ssh_scan_timeout": float,
|
2015-06-03 17:55:43 +03:00
|
|
|
"ssh_identities_only": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"ssh_log_file": str,
|
|
|
|
|
"ssh_config_file": str,
|
2018-05-06 21:15:58 +02:00
|
|
|
"ssh_merge_pillar": bool,
|
2020-04-06 13:21:02 -04:00
|
|
|
"ssh_run_pre_flight": bool,
|
2015-01-21 15:35:04 -07:00
|
|
|
"cluster_mode": bool,
|
2020-09-30 03:09:12 +02:00
|
|
|
"sqlite_queue_dir": str,
|
2014-04-23 17:39:38 -06:00
|
|
|
"queue_dirs": list,
|
2017-11-30 13:56:10 -05:00
|
|
|
# Instructs the minion to ping its master(s) every n number of minutes. Used
|
2015-04-03 17:17:06 -06:00
|
|
|
# primarily as a mitigation technique against minion disconnects.
|
2014-04-23 19:01:32 -04:00
|
|
|
"ping_interval": int,
|
2016-02-04 13:06:04 +01:00
|
|
|
# Instructs the salt CLI to print a summary of a minion responses before returning
|
2014-05-02 12:41:16 -06:00
|
|
|
"cli_summary": bool,
|
2015-11-04 12:15:41 +01:00
|
|
|
# The maximum number of minion connections allowed by the master. Can have performance
|
|
|
|
|
# implications in large setups.
|
2014-05-30 06:00:13 -07:00
|
|
|
"max_minions": int,
|
2020-09-30 03:09:12 +02:00
|
|
|
"username": (type(None), str),
|
|
|
|
|
"password": (type(None), str),
|
2015-04-03 17:17:06 -06:00
|
|
|
# Use zmq.SUSCRIBE to limit listening sockets to only process messages bound for them
|
2014-07-09 09:45:08 -07:00
|
|
|
"zmq_filtering": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Connection caching. Can greatly speed up salt performance.
|
2014-08-29 12:51:10 +02:00
|
|
|
"con_cache": bool,
|
2014-09-18 13:43:23 +02:00
|
|
|
"rotate_aes_key": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Cache ZeroMQ connections. Can greatly improve salt performance.
|
2014-10-15 21:41:26 +02:00
|
|
|
"cache_sreqs": bool,
|
2015-04-03 17:17:06 -06:00
|
|
|
# Can be set to override the python_shell=False default in the cmd module
|
2014-11-11 14:31:15 -07:00
|
|
|
"cmd_safe": bool,
|
2015-06-19 18:41:15 +03:00
|
|
|
# Used by salt-api for master requests timeout
|
|
|
|
|
"rest_timeout": int,
|
2015-07-28 16:03:08 -06:00
|
|
|
# If set, all minion exec module actions will be rerouted through sudo as this user
|
2020-09-30 03:09:12 +02:00
|
|
|
"sudo_user": str,
|
2018-02-19 13:25:58 +01:00
|
|
|
# HTTP connection timeout in seconds. Applied for tornado http fetch functions like cp.get_url
|
|
|
|
|
# should be greater than overall download time
|
|
|
|
|
"http_connect_timeout": float,
|
2016-10-27 12:53:06 +03:00
|
|
|
# HTTP request timeout in seconds. Applied for tornado http fetch functions like cp.get_url
|
|
|
|
|
# should be greater than overall download time
|
2015-08-12 17:31:19 +03:00
|
|
|
"http_request_timeout": float,
|
|
|
|
|
# HTTP request max file content size.
|
|
|
|
|
"http_max_body": int,
|
2016-10-27 12:53:06 +03:00
|
|
|
# Delay in seconds before executing bootstrap (Salt Cloud)
|
2015-11-05 10:52:40 -05:00
|
|
|
"bootstrap_delay": int,
|
2016-03-30 15:46:30 -06:00
|
|
|
# If a proxymodule has a function called 'grains', then call it during
|
|
|
|
|
# regular grains loading and merge the results with the proxy's grains
|
|
|
|
|
# dictionary. Otherwise it is assumed that the module calls the grains
|
|
|
|
|
# function in a custom way and returns the data elsewhere
|
|
|
|
|
#
|
2017-06-14 12:18:37 -06:00
|
|
|
# Default to False for 2016.3 and 2016.11. Switch to True for 2017.7.0
|
2016-03-30 15:46:30 -06:00
|
|
|
"proxy_merge_grains_in_module": bool,
|
2016-04-15 12:19:11 -06:00
|
|
|
# Command to use to restart salt-minion
|
|
|
|
|
"minion_restart_command": list,
|
2016-04-18 09:41:58 -06:00
|
|
|
# Whether or not a minion should send the results of a command back to the master
|
|
|
|
|
# Useful when a returner is the source of truth for a job result
|
|
|
|
|
"pub_ret": bool,
|
2016-07-08 07:21:34 +10:00
|
|
|
# HTTP proxy settings. Used in tornado fetch functions, apt-key etc
|
2020-09-30 03:09:12 +02:00
|
|
|
"proxy_host": str,
|
|
|
|
|
"proxy_username": str,
|
|
|
|
|
"proxy_password": str,
|
2016-07-08 07:21:34 +10:00
|
|
|
"proxy_port": int,
|
2017-09-26 09:17:01 +10:00
|
|
|
# Exclude list of hostnames from proxy
|
|
|
|
|
"no_proxy": list,
|
2016-08-03 17:18:30 +03:00
|
|
|
# Minion de-dup jid cache max size
|
|
|
|
|
"minion_jid_queue_hwm": int,
|
2022-03-24 15:37:28 -06:00
|
|
|
# Minion data cache driver (one of salt.cache.* modules)
|
2020-09-30 03:09:12 +02:00
|
|
|
"cache": str,
|
2017-03-28 19:21:58 +03:00
|
|
|
# Enables a fast in-memory cache booster and sets the expiration time.
|
|
|
|
|
"memcache_expire_seconds": int,
|
2017-04-03 19:48:04 +03:00
|
|
|
# Set a memcache limit in items (bank + key) per cache storage (driver + driver_opts).
|
2017-03-28 19:21:58 +03:00
|
|
|
"memcache_max_items": int,
|
|
|
|
|
# Each time a cache storage got full cleanup all the expired items not just the oldest one.
|
|
|
|
|
"memcache_full_cleanup": bool,
|
2017-04-03 19:48:04 +03:00
|
|
|
# Enable collecting the memcache stats and log it on `debug` log level.
|
2017-03-28 19:21:58 +03:00
|
|
|
"memcache_debug": bool,
|
2016-09-14 16:16:35 +02:00
|
|
|
# Thin and minimal Salt extra modules
|
2020-09-30 03:09:12 +02:00
|
|
|
"thin_extra_mods": str,
|
|
|
|
|
"min_extra_mods": str,
|
2016-12-19 14:25:10 -07:00
|
|
|
# Default returners minion should use. List or comma-delimited string
|
2020-09-30 03:09:12 +02:00
|
|
|
"return": (str, list),
|
2016-11-18 18:31:57 +03:00
|
|
|
# TLS/SSL connection options. This could be set to a dictionary containing arguments
|
|
|
|
|
# corresponding to python ssl.wrap_socket method. For details see:
|
|
|
|
|
# http://www.tornadoweb.org/en/stable/tcpserver.html#tornado.tcpserver.TCPServer
|
|
|
|
|
# http://docs.python.org/2/library/ssl.html#ssl.wrap_socket
|
|
|
|
|
# Note: to set enum arguments values like `cert_reqs` and `ssl_version` use constant names
|
|
|
|
|
# without ssl module prefix: `CERT_REQUIRED` or `PROTOCOL_SSLv23`.
|
2017-02-22 14:06:26 +03:00
|
|
|
"ssl": (dict, bool, type(None)),
|
2016-12-08 13:17:25 -06:00
|
|
|
# Controls how a multi-function job returns its data. If this is False,
|
|
|
|
|
# it will return its data using a dictionary with the function name as
|
|
|
|
|
# the key. This is compatible with legacy systems. If this is True, it
|
|
|
|
|
# will return its data using an array in the same order as the input
|
|
|
|
|
# array of functions to execute. This allows for calling the same
|
|
|
|
|
# function multiple times in the same multi-function job.
|
|
|
|
|
"multifunc_ordered": bool,
|
2016-12-15 13:38:17 -06:00
|
|
|
# Controls whether beacons are set up before a connection
|
|
|
|
|
# to the master is attempted.
|
|
|
|
|
"beacons_before_connect": bool,
|
|
|
|
|
# Controls whether the scheduler is set up before a connection
|
|
|
|
|
# to the master is attempted.
|
|
|
|
|
"scheduler_before_connect": bool,
|
2017-02-13 12:19:55 -06:00
|
|
|
# Whitelist/blacklist specific modules to be synced
|
2017-02-08 13:32:04 -06:00
|
|
|
"extmod_whitelist": dict,
|
2017-02-13 12:19:55 -06:00
|
|
|
"extmod_blacklist": dict,
|
2017-01-22 15:12:32 +08:00
|
|
|
# django auth
|
2020-09-30 03:09:12 +02:00
|
|
|
"django_auth_path": str,
|
|
|
|
|
"django_auth_settings": str,
|
2017-04-10 14:42:40 -06:00
|
|
|
# Number of times to try to auth with the master on a reconnect with the
|
|
|
|
|
# tcp transport
|
|
|
|
|
"tcp_authentication_retries": int,
|
2021-02-04 22:34:47 +01:00
|
|
|
# Backoff interval in seconds for minion reconnect with tcp transport
|
|
|
|
|
"tcp_reconnect_backoff": float,
|
2017-04-17 13:12:46 -06:00
|
|
|
# Permit or deny allowing minions to request revoke of its own key
|
|
|
|
|
"allow_minion_key_revoke": bool,
|
2017-05-12 14:08:57 -05:00
|
|
|
# File chunk size for salt-cp
|
|
|
|
|
"salt_cp_chunk_size": int,
|
2017-06-08 13:18:53 -06:00
|
|
|
# Require that the minion sign messages it posts to the master on the event
|
|
|
|
|
# bus
|
|
|
|
|
"minion_sign_messages": bool,
|
|
|
|
|
# Have master drop messages from minions for which their signatures do
|
|
|
|
|
# not verify
|
|
|
|
|
"drop_messages_signature_fail": bool,
|
|
|
|
|
# Require that payloads from minions have a 'sig' entry
|
|
|
|
|
# (in other words, require that minions have 'minion_sign_messages'
|
|
|
|
|
# turned on)
|
|
|
|
|
"require_minion_sign_messages": bool,
|
2017-07-31 06:00:55 -04:00
|
|
|
# The list of config entries to be passed to external pillar function as
|
|
|
|
|
# part of the extra_minion_data param
|
|
|
|
|
# Subconfig entries can be specified by using the ':' notation (e.g. key:subkey)
|
2020-09-30 03:09:12 +02:00
|
|
|
"pass_to_ext_pillars": (str, list),
|
2017-11-15 15:38:28 +01:00
|
|
|
# SSDP discovery publisher description.
|
|
|
|
|
# Contains publisher configuration and minion mapping.
|
|
|
|
|
# Setting it to False disables discovery
|
|
|
|
|
"discovery": (dict, bool),
|
2017-11-02 11:01:44 -06:00
|
|
|
# Scheduler should be a dictionary
|
|
|
|
|
"schedule": dict,
|
2018-01-05 10:06:21 -08:00
|
|
|
# Whether to fire auth events
|
2018-01-05 09:31:55 -08:00
|
|
|
"auth_events": bool,
|
2018-01-09 15:52:16 -07:00
|
|
|
# Whether to fire Minion data cache refresh events
|
|
|
|
|
"minion_data_cache_events": bool,
|
2017-11-16 14:25:05 -07:00
|
|
|
# Enable calling ssh minions from the salt master
|
2017-11-16 15:32:18 -07:00
|
|
|
"enable_ssh_minions": bool,
|
2018-04-19 21:23:26 +03:00
|
|
|
# Thorium saltenv
|
2020-09-30 03:09:12 +02:00
|
|
|
"thoriumenv": (type(None), str),
|
2018-04-19 21:23:26 +03:00
|
|
|
# Thorium top file location
|
2020-09-30 03:09:12 +02:00
|
|
|
"thorium_top": str,
|
2020-01-14 18:17:45 -08:00
|
|
|
# Allow raw_shell option when using the ssh
|
|
|
|
|
# client via the Salt API
|
|
|
|
|
"netapi_allow_raw_shell": bool,
|
2020-11-03 21:29:38 +00:00
|
|
|
# Enable clients in the Salt API
|
|
|
|
|
"netapi_enable_clients": list,
|
2020-09-30 03:09:12 +02:00
|
|
|
"disabled_requisites": (str, list),
|
2022-09-26 14:12:18 -04:00
|
|
|
"global_state_conditions": (type(None), dict),
|
2020-10-08 07:18:08 -07:00
|
|
|
# Feature flag config
|
|
|
|
|
"features": dict,
|
Merge 3003 changes forward to the master branch (#59879)
* Merge 3002.6 bugfix changes (#59822)
* Pass `CI_RUN` as an environment variable to the test run.
This allows us to know if we're running the test suite under a CI
environment or not and adapt/adjust if needed
* Migrate `unit.setup` to PyTest
* Backport ae36b15 just for test_install.py
* Only skip tests on CI runs
* Always store git sha in _version.py during installation
* Fix PEP440 compliance.
The wheel metadata version 1.2 states that the package version MUST be
PEP440 compliant.
This means that instead of `3002.2-511-g033c53eccb`, the salt version
string should look like `3002.2+511.g033c53eccb`, a post release of
`3002.2` ahead by 511 commits with the git sha `033c53eccb`
* Fix and migrate `tests/unit/test_version.py` to PyTest
* Skip test if `easy_install` is not available
* We also need to be PEP440 compliant when there's no git history
* Allow extra_filerefs as sanitized kwargs for SSH client
* Fix regression on cmd.run when passing tuples as cmd
Co-authored-by: Alexander Graul <agraul@suse.com>
* Add unit tests to ensure cmd.run accepts tuples
* Add unit test to check for extra_filerefs on SSH opts
* Add changelog file
* Fix comment for test case
* Fix unit test to avoid failing on Windows
* Skip failing test on windows
* Fix test to work on Windows
* Add all ssh kwargs to sanitize_kwargs method
* Run pre-commit
* Fix pylint
* Fix cmdmod loglevel and module_names tests
* Fix pre-commit
* Skip ssh tests if binary does not exist
* Use setup_loader for cmdmod test
* Prevent argument injection in restartcheck
* Add changelog for restartcheck fix
* docs_3002.6
* Add back tests removed in merge
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
* Remove glance state module in favor of glance_image
* update wording in changelog
* bump deprecation warning to Silicon.
* Updating warnutil version to Phosphorous.
* Update salt/modules/keystone.py
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Check $HOMEBREW_PREFIX when linking against libcrypto
When loading `libcrypto`, Salt checks for a Homebrew installation of `openssl`
at Homebrew's default prefix of `/usr/local`. However, on Apple Silicon Macs,
Homebrew's default installation prefix is `/opt/homebrew`. On all platforms,
the prefix is configurable. If Salt doesn't find one of those `libcrypto`s,
it will fall back on the un-versioned `/usr/lib/libcrypto.dylib`, which will
cause the following crash:
Application Specific Information:
/usr/lib/libcrypto.dylib
abort() called
Invalid dylib load. Clients should not load the unversioned libcrypto dylib as it does not have a stable ABI.
This commit checks $HOMEBREW_PREFIX instead of hard-coding `/usr/local`.
* Add test case
* Add changelog for 59808
* Add changelog entry
* Make _find_libcrypto fail on Big Sur if it can't find a library
Right now, if `_find_libcrypto` can't find any externally-managed versions of
libcrypto, it will fall back on the pre-Catalina un-versioned system libcrypto.
This does not exist on Big Sur and it would be better to raise an exception
here rather than crashing later when trying to open it.
* Update _find_libcrypto tests
This commit simplifies the unit tests for _find_libcrypto by mocking out the
host's filesystem and testing the common libcrypto installations (brew, ports,
etc.) on Big Sur. It simplifies the tests for falling back on system versions
of libcrypto on previous versions of macOS.
* Fix description of test_find_libcrypto_with_system_before_catalina
* Patch sys.platform for test_rsax931 tests
* modules/match: add missing "minion_id" in Pillar example
The documented Pillar example for `match.filter_by` lacks the `minion_id` parameter. Without it, the assignment won't work as expected.
- fix documentation
- add tests:
- to prove the misbehavior of the documented example
- to prove the proper behaviour when supplying `minion_id`
- to ensure some misbehaviour observed with compound matchers doesn't occur
* Fix for issue #59773
- When instantiating the loader grab values of grains and pillars if
they are NamedLoaderContext instances.
- The loader uses a copy of opts.
- Impliment deepcopy on NamedLoaderContext instances.
* Add changelog for #59773
* _get_initial_pillar function returns pillar
* Fix linter issues
* Clean up test
* Bump deprecation release for neutron
* Uncomment Sulfur release name
* Removing the _ext_nodes deprecation warning and alias.
* Adding changelog.
* Renaming changelog file.
* Update 59804.removed
* Initial pass at fips_mode config option
* Fix pre-commit
* Fix tests and add changelog
* update docs 3003
* update docs 3003 - newline
* Fix warts in changelog
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@wiked.org>
Co-authored-by: Hoa-Long Tam <hoalong@apple.com>
Co-authored-by: krionbsd <krion@freebsd.org>
Co-authored-by: Elias Probst <e.probst@ssc-services.de>
Co-authored-by: Frode Gundersen <frogunder@gmail.com>
2021-03-24 07:52:25 -07:00
|
|
|
"fips_mode": bool,
|
2021-07-26 12:22:19 -04:00
|
|
|
# Feature flag to enable checking if master is connected to a host
|
|
|
|
|
# on a given port
|
|
|
|
|
"detect_remote_minions": bool,
|
|
|
|
|
# The port to be used when checking if a master is connected to a
|
|
|
|
|
# minion
|
|
|
|
|
"remote_minions_port": int,
|
2022-05-25 15:13:12 +02:00
|
|
|
# pass renderer: Fetch secrets only for the template variables matching the prefix
|
|
|
|
|
"pass_variable_prefix": str,
|
|
|
|
|
# pass renderer: Whether to error out when unable to fetch a secret
|
|
|
|
|
"pass_strict_fetch": bool,
|
|
|
|
|
# pass renderer: Set GNUPGHOME env for Pass
|
|
|
|
|
"pass_gnupghome": str,
|
|
|
|
|
# pass renderer: Set PASSWORD_STORE_DIR env for Pass
|
|
|
|
|
"pass_dir": str,
|
2023-03-23 17:23:26 -07:00
|
|
|
# Maintenence process restart interval
|
|
|
|
|
"maintenance_interval": int,
|
|
|
|
|
# Fileserver process restart interval
|
|
|
|
|
"fileserver_interval": int,
|
2023-07-31 17:28:07 -07:00
|
|
|
"request_channel_timeout": int,
|
|
|
|
|
"request_channel_tries": int,
|
2024-05-23 15:05:16 -07:00
|
|
|
# RSA encryption for minion
|
|
|
|
|
"encryption_algorithm": str,
|
|
|
|
|
# RSA signing for minion
|
|
|
|
|
"signing_algorithm": str,
|
|
|
|
|
# Master publish channel signing
|
|
|
|
|
"publish_signing_algorithm": str,
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
2013-05-29 19:13:34 +00:00
|
|
|
|
2013-01-17 16:58:42 +01:00
|
|
|
# default configurations
|
2019-01-18 17:07:10 +00:00
|
|
|
DEFAULT_MINION_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2014-04-10 10:53:29 -06:00
|
|
|
"interface": "0.0.0.0",
|
2013-01-17 16:58:42 +01:00
|
|
|
"master": "salt",
|
2014-05-26 15:40:12 +02:00
|
|
|
"master_type": "str",
|
2015-06-27 11:59:31 -07:00
|
|
|
"master_uri_format": "default",
|
2017-11-22 10:13:54 +00:00
|
|
|
"source_interface_name": "",
|
2017-11-21 11:08:39 +00:00
|
|
|
"source_address": "",
|
2017-11-22 10:13:54 +00:00
|
|
|
"source_ret_port": 0,
|
|
|
|
|
"source_publish_port": 0,
|
2016-03-31 13:50:51 -06:00
|
|
|
"master_port": 4506,
|
2013-01-17 16:58:42 +01:00
|
|
|
"master_finger": "",
|
2014-06-02 01:01:16 -07:00
|
|
|
"master_shuffle": False,
|
2014-06-09 23:38:49 -07:00
|
|
|
"master_alive_interval": 0,
|
2016-03-17 23:28:46 +03:00
|
|
|
"master_failback": False,
|
|
|
|
|
"master_failback_interval": 0,
|
2014-06-19 09:32:09 -07:00
|
|
|
"verify_master_pubkey_sign": False,
|
2017-03-21 14:10:03 -06:00
|
|
|
"sign_pub_messages": False,
|
2014-06-27 02:39:42 -07:00
|
|
|
"always_verify_signature": False,
|
2014-06-26 06:03:41 -07:00
|
|
|
"master_sign_key_name": "master_sign",
|
2014-03-04 15:36:03 -07:00
|
|
|
"syndic_finger": "",
|
2017-10-05 13:37:27 -05:00
|
|
|
"user": salt.utils.user.get_user(),
|
2013-12-05 19:18:33 +00:00
|
|
|
"root_dir": salt.syspaths.ROOT_DIR,
|
2022-09-27 19:45:56 +02:00
|
|
|
"pki_dir": os.path.join(salt.syspaths.LIB_STATE_DIR, "pki", "minion"),
|
2015-10-21 22:15:13 -06:00
|
|
|
"id": "",
|
2017-07-05 16:09:16 -05:00
|
|
|
"id_function": {},
|
2013-12-05 19:18:33 +00:00
|
|
|
"cachedir": os.path.join(salt.syspaths.CACHE_DIR, "minion"),
|
2016-08-03 12:16:22 -06:00
|
|
|
"append_minionid_config_dirs": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"cache_jobs": False,
|
2019-09-18 16:29:54 -07:00
|
|
|
"grains_blacklist": [],
|
2014-01-23 14:19:16 -07:00
|
|
|
"grains_cache": False,
|
|
|
|
|
"grains_cache_expiration": 300,
|
2015-10-23 20:30:22 +02:00
|
|
|
"grains_deep_merge": False,
|
2013-12-05 19:18:33 +00:00
|
|
|
"conf_file": os.path.join(salt.syspaths.CONFIG_DIR, "minion"),
|
|
|
|
|
"sock_dir": os.path.join(salt.syspaths.SOCK_DIR, "minion"),
|
2017-05-31 14:45:48 +09:00
|
|
|
"sock_pool_size": 1,
|
2013-01-17 16:58:42 +01:00
|
|
|
"backup_mode": "",
|
2018-04-16 22:28:34 -05:00
|
|
|
"renderer": "jinja|yaml",
|
2016-05-20 20:41:51 +03:00
|
|
|
"renderer_whitelist": [],
|
|
|
|
|
"renderer_blacklist": [],
|
2017-03-02 16:42:45 -07:00
|
|
|
"random_startup_delay": 0,
|
2013-01-17 16:58:42 +01:00
|
|
|
"failhard": False,
|
|
|
|
|
"autoload_dynamic_modules": True,
|
2017-11-29 22:09:09 -06:00
|
|
|
"saltenv": None,
|
|
|
|
|
"lock_saltenv": False,
|
2015-05-18 16:20:54 +03:00
|
|
|
"pillarenv": None,
|
2016-12-21 19:49:32 -06:00
|
|
|
"pillarenv_from_saltenv": False,
|
2016-03-07 21:34:28 -06:00
|
|
|
"pillar_opts": False,
|
2018-03-22 13:32:13 -05:00
|
|
|
"pillar_source_merging_strategy": "smart",
|
|
|
|
|
"pillar_merge_lists": False,
|
|
|
|
|
"pillar_includes_override_sls": False,
|
2019-12-31 15:13:58 +01:00
|
|
|
# ``pillar_cache``, ``pillar_cache_ttl``, ``pillar_cache_backend``,
|
|
|
|
|
# ``gpg_cache``, ``gpg_cache_ttl`` and ``gpg_cache_backend``
|
2016-01-25 11:43:16 -06:00
|
|
|
# are not used on the minion but are unavoidably in the code path
|
|
|
|
|
"pillar_cache": False,
|
|
|
|
|
"pillar_cache_ttl": 3600,
|
|
|
|
|
"pillar_cache_backend": "disk",
|
2024-02-14 00:55:36 -07:00
|
|
|
"request_channel_timeout": 60,
|
2023-07-31 17:28:07 -07:00
|
|
|
"request_channel_tries": 3,
|
2019-12-31 15:13:58 +01:00
|
|
|
"gpg_cache": False,
|
|
|
|
|
"gpg_cache_ttl": 86400,
|
|
|
|
|
"gpg_cache_backend": "disk",
|
2016-01-25 22:24:48 -06:00
|
|
|
"extension_modules": os.path.join(salt.syspaths.CACHE_DIR, "minion", "extmods"),
|
2013-01-17 16:58:42 +01:00
|
|
|
"state_top": "top.sls",
|
2015-07-27 10:50:06 -06:00
|
|
|
"state_top_saltenv": None,
|
2013-01-17 16:58:42 +01:00
|
|
|
"startup_states": "",
|
|
|
|
|
"sls_list": [],
|
2019-08-01 13:14:22 +02:00
|
|
|
"start_event_grains": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"top_file": "",
|
2018-04-19 21:23:26 +03:00
|
|
|
"thoriumenv": None,
|
|
|
|
|
"thorium_top": "top.sls",
|
2016-02-02 09:47:56 -07:00
|
|
|
"thorium_interval": 0.5,
|
|
|
|
|
"thorium_roots": {"base": [salt.syspaths.BASE_THORIUM_ROOTS_DIR]},
|
2013-01-17 16:58:42 +01:00
|
|
|
"file_client": "remote",
|
2018-02-12 12:53:59 -07:00
|
|
|
"local": False,
|
2014-09-28 18:53:43 -07:00
|
|
|
"use_master_when_local": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"file_roots": {
|
2019-01-22 17:03:27 +00:00
|
|
|
"base": [salt.syspaths.BASE_FILE_ROOTS_DIR, salt.syspaths.SPM_FORMULA_PATH]
|
2016-02-02 09:47:56 -07:00
|
|
|
},
|
2016-10-11 17:33:23 -05:00
|
|
|
"top_file_merging_strategy": "merge",
|
2017-01-28 00:56:14 -06:00
|
|
|
"env_order": [],
|
2015-07-21 16:37:46 -05:00
|
|
|
"default_top": "base",
|
2015-10-30 18:56:24 -07:00
|
|
|
"file_recv": False,
|
2014-04-29 17:24:09 -06:00
|
|
|
"file_recv_max_size": 100,
|
2013-01-17 16:58:42 +01:00
|
|
|
"file_ignore_regex": [],
|
2015-08-26 10:25:56 -06:00
|
|
|
"file_ignore_glob": [],
|
2016-03-14 09:49:35 -06:00
|
|
|
"fileserver_backend": ["roots"],
|
2014-07-09 16:01:43 -07:00
|
|
|
"fileserver_followsymlinks": True,
|
2016-12-15 13:38:17 -06:00
|
|
|
"fileserver_ignoresymlinks": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"pillar_roots": {
|
2015-08-27 12:21:53 -06:00
|
|
|
"base": [salt.syspaths.BASE_PILLAR_ROOTS_DIR, salt.syspaths.SPM_PILLAR_PATH]
|
2016-02-02 09:47:56 -07:00
|
|
|
},
|
2016-10-11 17:33:23 -05:00
|
|
|
"on_demand_ext_pillar": ["libvirt", "virtkey"],
|
2015-08-24 13:50:32 -06:00
|
|
|
"decrypt_pillar": [],
|
2017-11-29 22:09:09 -06:00
|
|
|
"decrypt_pillar_delimiter": ":",
|
|
|
|
|
"decrypt_pillar_default": "gpg",
|
2017-12-08 13:23:01 -06:00
|
|
|
"decrypt_pillar_renderers": ["gpg"],
|
2021-12-08 17:24:37 +00:00
|
|
|
"gpg_decrypt_must_succeed": False,
|
2017-12-04 23:57:28 -06:00
|
|
|
# Update intervals
|
|
|
|
|
"roots_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"azurefs_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"gitfs_update_interval": DEFAULT_INTERVAL,
|
2019-06-27 15:41:49 +02:00
|
|
|
"git_pillar_update_interval": DEFAULT_INTERVAL,
|
2017-12-04 23:57:28 -06:00
|
|
|
"hgfs_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"minionfs_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"s3fs_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"svnfs_update_interval": DEFAULT_INTERVAL,
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_base": "master",
|
|
|
|
|
"git_pillar_branch": "master",
|
|
|
|
|
"git_pillar_env": "",
|
2020-04-15 13:20:32 +02:00
|
|
|
"git_pillar_fallback": "",
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_root": "",
|
|
|
|
|
"git_pillar_ssl_verify": True,
|
2016-04-18 08:40:20 -06:00
|
|
|
"git_pillar_global_lock": True,
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_user": "",
|
|
|
|
|
"git_pillar_password": "",
|
|
|
|
|
"git_pillar_insecure_auth": False,
|
|
|
|
|
"git_pillar_privkey": "",
|
|
|
|
|
"git_pillar_pubkey": "",
|
2016-04-06 15:34:02 -06:00
|
|
|
"git_pillar_passphrase": "",
|
2017-02-09 10:50:45 -06:00
|
|
|
"git_pillar_refspecs": _DFLT_REFSPECS,
|
2016-04-18 08:40:20 -06:00
|
|
|
"git_pillar_includes": True,
|
2014-09-19 13:08:16 -06:00
|
|
|
"gitfs_remotes": [],
|
|
|
|
|
"gitfs_mountpoint": "",
|
|
|
|
|
"gitfs_root": "",
|
2016-04-18 08:40:20 -06:00
|
|
|
"gitfs_base": "master",
|
2020-04-15 13:20:32 +02:00
|
|
|
"gitfs_fallback": "",
|
2015-07-21 16:37:46 -05:00
|
|
|
"gitfs_user": "",
|
|
|
|
|
"gitfs_password": "",
|
|
|
|
|
"gitfs_insecure_auth": False,
|
|
|
|
|
"gitfs_privkey": "",
|
|
|
|
|
"gitfs_pubkey": "",
|
|
|
|
|
"gitfs_passphrase": "",
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv_whitelist": [],
|
2015-07-21 16:37:46 -05:00
|
|
|
"gitfs_saltenv_blacklist": [],
|
2016-04-18 08:40:20 -06:00
|
|
|
"gitfs_global_lock": True,
|
2016-04-26 14:42:26 -06:00
|
|
|
"gitfs_ssl_verify": True,
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv": [],
|
2017-05-09 10:34:26 -05:00
|
|
|
"gitfs_ref_types": ["branch", "tag", "sha"],
|
2017-02-09 10:50:45 -06:00
|
|
|
"gitfs_refspecs": _DFLT_REFSPECS,
|
2017-01-09 01:24:18 -06:00
|
|
|
"gitfs_disable_saltenv_mapping": False,
|
2017-02-27 20:21:53 -06:00
|
|
|
"unique_jid": False,
|
2023-10-20 06:24:47 +01:00
|
|
|
"hash_type": DEFAULT_HASH_TYPE,
|
2017-02-27 20:21:53 -06:00
|
|
|
"optimization_order": [0, 1, 2],
|
2013-01-17 16:58:42 +01:00
|
|
|
"disable_modules": [],
|
|
|
|
|
"disable_returners": [],
|
|
|
|
|
"whitelist_modules": [],
|
|
|
|
|
"module_dirs": [],
|
|
|
|
|
"returner_dirs": [],
|
2014-01-28 13:38:06 +01:00
|
|
|
"grains_dirs": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"states_dirs": [],
|
|
|
|
|
"render_dirs": [],
|
2013-01-24 17:21:59 +01:00
|
|
|
"outputter_dirs": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"utils_dirs": [],
|
2017-02-03 11:36:53 -07:00
|
|
|
"publisher_acl": {},
|
|
|
|
|
"publisher_acl_blacklist": {},
|
2013-01-17 16:58:42 +01:00
|
|
|
"providers": {},
|
|
|
|
|
"clean_dynamic_modules": True,
|
2014-02-15 00:26:40 -06:00
|
|
|
"open_mode": False,
|
2014-02-25 17:02:12 -07:00
|
|
|
"auto_accept": True,
|
2014-05-10 13:46:03 -04:00
|
|
|
"autosign_timeout": 120,
|
2014-02-15 00:26:40 -06:00
|
|
|
"multiprocessing": True,
|
|
|
|
|
"process_count_max": -1,
|
2013-08-26 20:31:53 +00:00
|
|
|
"mine_enabled": True,
|
2014-08-20 21:31:45 -05:00
|
|
|
"mine_return_job": False,
|
|
|
|
|
"mine_interval": 60,
|
2015-03-19 15:29:25 -05:00
|
|
|
"ipc_mode": _DFLT_IPC_MODE,
|
2014-08-20 21:31:45 -05:00
|
|
|
"ipc_write_buffer": _DFLT_IPC_WBUFFER,
|
2018-08-22 13:29:31 -05:00
|
|
|
"ipv6": None,
|
2013-04-28 22:12:35 -06:00
|
|
|
"file_buffer_size": 262144,
|
2014-08-20 21:31:45 -05:00
|
|
|
"tcp_pub_port": 4510,
|
|
|
|
|
"tcp_pull_port": 4511,
|
2017-05-06 23:04:08 -05:00
|
|
|
"tcp_authentication_retries": 5,
|
2021-02-04 22:34:47 +01:00
|
|
|
"tcp_reconnect_backoff": 1,
|
2017-05-06 23:04:08 -05:00
|
|
|
"log_file": os.path.join(salt.syspaths.LOGS_DIR, "minion"),
|
|
|
|
|
"log_level": "warning",
|
2016-04-18 08:40:20 -06:00
|
|
|
"log_level_logfile": None,
|
2021-06-28 12:07:24 +01:00
|
|
|
"log_datefmt": DFLT_LOG_DATEFMT,
|
|
|
|
|
"log_datefmt_logfile": DFLT_LOG_DATEFMT_LOGFILE,
|
|
|
|
|
"log_fmt_console": DFLT_LOG_FMT_CONSOLE,
|
|
|
|
|
"log_fmt_logfile": DFLT_LOG_FMT_LOGFILE,
|
|
|
|
|
"log_fmt_jid": DFLT_LOG_FMT_JID,
|
2013-01-17 16:58:42 +01:00
|
|
|
"log_granular_levels": {},
|
Windows: Add log file rotation support
An external log file rotation tool, such as `logrotate` will not work
with an operating system such as Windows. From the Python documentation
for `WatchedFileHandler` (which is used for log files in Salt):
"This handler is not appropriate for use under Windows, because under
Windows open log files cannot be moved or renamed - logging opens the
files with exclusive locks - and so there is no need for such a handler.
Furthermore, ST_INO is not supported under Windows; stat() always returns
zero for this value."
This also describes the problem with why an external utility such as
`logrotate` will not work for Windows, because files cannot be renamed
while in use, unlike on other operating systems, such as Linux.
Due to the above, the strategy for this change is to use the
`RotatingFileHandler` logger (when log file rotation is enabled) and to
allow only one process to do the file logging. Previously on Windows,
there was a file logger installed in the main process and another in the
logging listener process. This change changes the architecture in the
following way (on Windows only):
- Added two new configuration options, `log_rotate_max_bytes` and
`log_rotate_backup_count`. They both default to 0. When
`log_rotate_max_bytes` is non-zero, the `RotatingFileHandler` will be
used for file logging instead of the `WatchedFileHandler`.
- The only process that does file logging is the logging listener process
(if it exists)
- When the logging listener process does not exist, only the main process
does file logging.
- When the logging listener process exists, the main process will now set
up multiprocessing logging (which is the client to the logging listener).
- Since the logging listener does logging for extended logging, console,
and log file logging, do not use these types of logging in the main process
when there is a logging listener.
There is one observed caveat: when the log file is in use, and it is time
to rollover (rename the file), the rollover will fail. This has been
obversed when salt-call is running and has the `minion` log file open
for its own logging uses while the salt-minion is trying to rollover.
Luckily, it will recover and try to rollover again on the next log write,
and if the file is no longer in use, it will succeed this time. Hence,
having a log file open somewhere else will delay rollover until the file
is closed.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
2016-10-19 15:06:46 -05:00
|
|
|
"log_rotate_max_bytes": 0,
|
|
|
|
|
"log_rotate_backup_count": 0,
|
2017-05-09 10:34:26 -05:00
|
|
|
"max_event_size": 1048576,
|
2018-03-05 11:38:09 -07:00
|
|
|
"enable_legacy_startup_events": True,
|
2013-01-17 16:58:42 +01:00
|
|
|
"test": False,
|
2013-10-18 13:45:15 -06:00
|
|
|
"ext_job_cache": "",
|
2017-05-09 10:34:26 -05:00
|
|
|
"cython_enable": False,
|
2020-06-05 17:40:03 -06:00
|
|
|
"enable_fqdns_grains": _DFLT_FQDNS_GRAINS,
|
2017-05-09 10:34:26 -05:00
|
|
|
"enable_gpu_grains": True,
|
|
|
|
|
"enable_zip_modules": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"state_verbose": True,
|
|
|
|
|
"state_output": "full",
|
2017-05-09 10:34:26 -05:00
|
|
|
"state_output_diff": False,
|
2020-12-17 21:45:36 -06:00
|
|
|
"state_output_profile": True,
|
2013-08-20 11:52:56 -06:00
|
|
|
"state_auto_order": True,
|
2014-03-14 11:15:32 -06:00
|
|
|
"state_events": False,
|
2014-05-06 12:04:06 -06:00
|
|
|
"state_aggregate": False,
|
2022-12-21 13:25:18 -05:00
|
|
|
"state_queue": False,
|
2017-05-09 10:34:26 -05:00
|
|
|
"snapper_states": False,
|
2013-08-21 18:57:45 -04:00
|
|
|
"snapper_states_config": "root",
|
2013-01-17 16:58:42 +01:00
|
|
|
"acceptance_wait_time": 10,
|
2013-07-27 19:53:15 -05:00
|
|
|
"acceptance_wait_time_max": 0,
|
2014-03-24 14:16:31 -04:00
|
|
|
"rejected_retry": False,
|
2013-05-28 05:40:07 +00:00
|
|
|
"loop_interval": 1,
|
2013-01-17 16:58:42 +01:00
|
|
|
"verify_env": True,
|
|
|
|
|
"grains": {},
|
|
|
|
|
"permissive_pki_access": False,
|
|
|
|
|
"default_include": "minion.d/*.conf",
|
|
|
|
|
"update_url": False,
|
2013-08-21 18:57:45 -04:00
|
|
|
"update_restart_services": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"retry_dns": 30,
|
2014-02-19 19:52:46 -06:00
|
|
|
"retry_dns_count": None,
|
2013-08-21 18:57:45 -04:00
|
|
|
"resolve_dns_fallback": True,
|
2014-06-25 15:55:43 -06:00
|
|
|
"recon_max": 10000,
|
2014-02-08 05:24:24 -06:00
|
|
|
"recon_default": 1000,
|
2014-08-07 10:12:47 -04:00
|
|
|
"recon_randomize": True,
|
|
|
|
|
"return_retry_timer": 5,
|
2015-11-06 07:57:00 -08:00
|
|
|
"return_retry_timer_max": 10,
|
2021-01-06 15:55:37 +01:00
|
|
|
"return_retry_tries": 3,
|
2014-08-07 10:12:47 -04:00
|
|
|
"random_reauth_delay": 10,
|
2014-04-15 18:17:11 -05:00
|
|
|
"winrepo_source_dir": "salt://win/repo-ng/",
|
2017-08-04 11:51:21 -05:00
|
|
|
"winrepo_dir": os.path.join(salt.syspaths.BASE_FILE_ROOTS_DIR, "win", "repo"),
|
2015-08-26 10:25:56 -06:00
|
|
|
"winrepo_dir_ng": os.path.join(
|
2013-10-12 02:35:50 -04:00
|
|
|
salt.syspaths.BASE_FILE_ROOTS_DIR, "win", "repo-ng"
|
2020-04-02 20:10:20 -05:00
|
|
|
),
|
2015-08-09 02:52:05 -05:00
|
|
|
"winrepo_cachefile": "winrepo.p",
|
2020-06-23 18:56:42 -06:00
|
|
|
"winrepo_cache_expire_max": 604800,
|
2018-11-15 01:38:16 +11:00
|
|
|
"winrepo_cache_expire_min": 1800,
|
2013-10-12 02:35:50 -04:00
|
|
|
"winrepo_remotes": ["https://github.com/saltstack/salt-winrepo.git"],
|
2017-05-06 23:04:08 -05:00
|
|
|
"winrepo_remotes_ng": ["https://github.com/saltstack/salt-winrepo-ng.git"],
|
2017-11-29 17:11:23 -07:00
|
|
|
"winrepo_branch": "master",
|
2020-06-26 13:23:26 -06:00
|
|
|
"winrepo_fallback": "",
|
2015-03-03 20:53:36 -05:00
|
|
|
"winrepo_ssl_verify": True,
|
|
|
|
|
"winrepo_user": "",
|
2014-04-09 06:39:46 +02:00
|
|
|
"winrepo_password": "",
|
2018-03-22 13:32:13 -05:00
|
|
|
"winrepo_insecure_auth": False,
|
|
|
|
|
"winrepo_privkey": "",
|
2015-08-28 15:20:21 -05:00
|
|
|
"winrepo_pubkey": "",
|
|
|
|
|
"winrepo_passphrase": "",
|
2017-02-09 10:50:45 -06:00
|
|
|
"winrepo_refspecs": _DFLT_REFSPECS,
|
2018-03-22 13:32:13 -05:00
|
|
|
"pidfile": os.path.join(salt.syspaths.PIDFILE_DIR, "salt-minion.pid"),
|
|
|
|
|
"range_server": "range:80",
|
|
|
|
|
"reactor_refresh_interval": 60,
|
2016-01-25 11:43:16 -06:00
|
|
|
"reactor_worker_threads": 10,
|
2016-03-14 09:49:35 -06:00
|
|
|
"reactor_worker_hwm": 10000,
|
2016-04-15 12:07:05 -06:00
|
|
|
"engines": [],
|
2016-01-25 11:43:16 -06:00
|
|
|
"tcp_keepalive": True,
|
|
|
|
|
"tcp_keepalive_idle": 300,
|
|
|
|
|
"tcp_keepalive_cnt": -1,
|
2014-10-15 09:23:30 -07:00
|
|
|
"tcp_keepalive_intvl": -1,
|
2013-09-26 16:32:33 -07:00
|
|
|
"modules_max_memory": -1,
|
2014-10-15 09:23:30 -07:00
|
|
|
"grains_refresh_every": 0,
|
|
|
|
|
"minion_id_caching": True,
|
2014-10-03 11:43:33 -06:00
|
|
|
"minion_id_lowercase": False,
|
|
|
|
|
"minion_id_remove_domain": False,
|
2015-03-03 09:06:57 -07:00
|
|
|
"keysize": 2048,
|
2016-11-30 12:32:36 +02:00
|
|
|
"transport": "zeromq",
|
2016-08-15 11:03:45 -05:00
|
|
|
"auth_timeout": 5,
|
2014-08-07 09:38:11 -04:00
|
|
|
"auth_tries": 7,
|
2016-11-30 12:32:36 +02:00
|
|
|
"master_tries": _MASTER_TRIES,
|
|
|
|
|
"master_tops_first": False,
|
2014-04-23 19:01:32 -04:00
|
|
|
"auth_safemode": False,
|
2016-03-10 13:59:23 +03:00
|
|
|
"random_master": False,
|
2016-12-02 01:44:55 +01:00
|
|
|
"cluster_mode": False,
|
|
|
|
|
"restart_on_error": False,
|
|
|
|
|
"ping_interval": 0,
|
2014-06-20 15:06:47 -04:00
|
|
|
"username": None,
|
2015-11-12 11:48:25 +03:00
|
|
|
"password": None,
|
|
|
|
|
"zmq_filtering": False,
|
|
|
|
|
"zmq_monitor": False,
|
2016-07-21 09:51:45 -06:00
|
|
|
"cache_sreqs": True,
|
2014-11-11 14:31:15 -07:00
|
|
|
"cmd_safe": True,
|
2016-07-21 09:51:45 -06:00
|
|
|
"sudo_user": "",
|
2018-02-19 13:25:58 +01:00
|
|
|
"http_connect_timeout": 20.0, # tornado default - 20 seconds
|
2015-08-12 17:31:19 +03:00
|
|
|
"http_request_timeout": 1 * 60 * 60.0, # 1 hour
|
|
|
|
|
"http_max_body": 100 * 1024 * 1024 * 1024, # 100GB
|
2016-07-21 09:51:45 -06:00
|
|
|
"event_match_type": "startswith",
|
2016-04-15 12:19:11 -06:00
|
|
|
"minion_restart_command": [],
|
2015-10-22 13:04:49 +03:00
|
|
|
"pub_ret": True,
|
2016-07-08 07:21:34 +10:00
|
|
|
"proxy_host": "",
|
|
|
|
|
"proxy_username": "",
|
|
|
|
|
"proxy_password": "",
|
2016-07-09 01:01:39 +10:00
|
|
|
"proxy_port": 0,
|
2016-08-03 17:18:30 +03:00
|
|
|
"minion_jid_queue_hwm": 100,
|
2020-04-02 20:10:20 -05:00
|
|
|
"ssl": None,
|
2016-12-08 13:17:25 -06:00
|
|
|
"multifunc_ordered": False,
|
2015-10-22 13:04:49 +03:00
|
|
|
"beacons_before_connect": False,
|
|
|
|
|
"scheduler_before_connect": False,
|
2017-01-10 09:26:29 -07:00
|
|
|
"cache": "localfs",
|
2017-05-25 17:57:25 -05:00
|
|
|
"salt_cp_chunk_size": 65536,
|
2015-10-22 13:04:49 +03:00
|
|
|
"extmod_whitelist": {},
|
|
|
|
|
"extmod_blacklist": {},
|
2014-11-17 14:00:14 -08:00
|
|
|
"minion_sign_messages": False,
|
2016-05-16 23:05:27 -06:00
|
|
|
"discovery": False,
|
2017-12-07 14:08:20 -07:00
|
|
|
"schedule": {},
|
2016-05-16 23:05:27 -06:00
|
|
|
"ssh_merge_pillar": True,
|
2018-10-09 13:10:28 -07:00
|
|
|
"disabled_requisites": [],
|
2022-09-20 09:21:14 -04:00
|
|
|
"global_state_conditions": None,
|
2021-02-18 16:48:36 -08:00
|
|
|
"reactor_niceness": None,
|
Merge 3003 changes forward to the master branch (#59879)
* Merge 3002.6 bugfix changes (#59822)
* Pass `CI_RUN` as an environment variable to the test run.
This allows us to know if we're running the test suite under a CI
environment or not and adapt/adjust if needed
* Migrate `unit.setup` to PyTest
* Backport ae36b15 just for test_install.py
* Only skip tests on CI runs
* Always store git sha in _version.py during installation
* Fix PEP440 compliance.
The wheel metadata version 1.2 states that the package version MUST be
PEP440 compliant.
This means that instead of `3002.2-511-g033c53eccb`, the salt version
string should look like `3002.2+511.g033c53eccb`, a post release of
`3002.2` ahead by 511 commits with the git sha `033c53eccb`
* Fix and migrate `tests/unit/test_version.py` to PyTest
* Skip test if `easy_install` is not available
* We also need to be PEP440 compliant when there's no git history
* Allow extra_filerefs as sanitized kwargs for SSH client
* Fix regression on cmd.run when passing tuples as cmd
Co-authored-by: Alexander Graul <agraul@suse.com>
* Add unit tests to ensure cmd.run accepts tuples
* Add unit test to check for extra_filerefs on SSH opts
* Add changelog file
* Fix comment for test case
* Fix unit test to avoid failing on Windows
* Skip failing test on windows
* Fix test to work on Windows
* Add all ssh kwargs to sanitize_kwargs method
* Run pre-commit
* Fix pylint
* Fix cmdmod loglevel and module_names tests
* Fix pre-commit
* Skip ssh tests if binary does not exist
* Use setup_loader for cmdmod test
* Prevent argument injection in restartcheck
* Add changelog for restartcheck fix
* docs_3002.6
* Add back tests removed in merge
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
* Remove glance state module in favor of glance_image
* update wording in changelog
* bump deprecation warning to Silicon.
* Updating warnutil version to Phosphorous.
* Update salt/modules/keystone.py
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Check $HOMEBREW_PREFIX when linking against libcrypto
When loading `libcrypto`, Salt checks for a Homebrew installation of `openssl`
at Homebrew's default prefix of `/usr/local`. However, on Apple Silicon Macs,
Homebrew's default installation prefix is `/opt/homebrew`. On all platforms,
the prefix is configurable. If Salt doesn't find one of those `libcrypto`s,
it will fall back on the un-versioned `/usr/lib/libcrypto.dylib`, which will
cause the following crash:
Application Specific Information:
/usr/lib/libcrypto.dylib
abort() called
Invalid dylib load. Clients should not load the unversioned libcrypto dylib as it does not have a stable ABI.
This commit checks $HOMEBREW_PREFIX instead of hard-coding `/usr/local`.
* Add test case
* Add changelog for 59808
* Add changelog entry
* Make _find_libcrypto fail on Big Sur if it can't find a library
Right now, if `_find_libcrypto` can't find any externally-managed versions of
libcrypto, it will fall back on the pre-Catalina un-versioned system libcrypto.
This does not exist on Big Sur and it would be better to raise an exception
here rather than crashing later when trying to open it.
* Update _find_libcrypto tests
This commit simplifies the unit tests for _find_libcrypto by mocking out the
host's filesystem and testing the common libcrypto installations (brew, ports,
etc.) on Big Sur. It simplifies the tests for falling back on system versions
of libcrypto on previous versions of macOS.
* Fix description of test_find_libcrypto_with_system_before_catalina
* Patch sys.platform for test_rsax931 tests
* modules/match: add missing "minion_id" in Pillar example
The documented Pillar example for `match.filter_by` lacks the `minion_id` parameter. Without it, the assignment won't work as expected.
- fix documentation
- add tests:
- to prove the misbehavior of the documented example
- to prove the proper behaviour when supplying `minion_id`
- to ensure some misbehaviour observed with compound matchers doesn't occur
* Fix for issue #59773
- When instantiating the loader grab values of grains and pillars if
they are NamedLoaderContext instances.
- The loader uses a copy of opts.
- Impliment deepcopy on NamedLoaderContext instances.
* Add changelog for #59773
* _get_initial_pillar function returns pillar
* Fix linter issues
* Clean up test
* Bump deprecation release for neutron
* Uncomment Sulfur release name
* Removing the _ext_nodes deprecation warning and alias.
* Adding changelog.
* Renaming changelog file.
* Update 59804.removed
* Initial pass at fips_mode config option
* Fix pre-commit
* Fix tests and add changelog
* update docs 3003
* update docs 3003 - newline
* Fix warts in changelog
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@wiked.org>
Co-authored-by: Hoa-Long Tam <hoalong@apple.com>
Co-authored-by: krionbsd <krion@freebsd.org>
Co-authored-by: Elias Probst <e.probst@ssc-services.de>
Co-authored-by: Frode Gundersen <frogunder@gmail.com>
2021-03-24 07:52:25 -07:00
|
|
|
"fips_mode": False,
|
2024-01-30 11:26:39 +00:00
|
|
|
"features": {},
|
2024-05-23 15:05:16 -07:00
|
|
|
"encryption_algorithm": "OAEP-SHA1",
|
|
|
|
|
"signing_algorithm": "PKCS1v15-SHA1",
|
2020-04-02 20:10:20 -05:00
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
2016-05-16 23:05:27 -06:00
|
|
|
DEFAULT_MASTER_OPTS = immutabletypes.freeze(
|
2020-04-02 20:10:20 -05:00
|
|
|
{
|
2013-01-17 16:58:42 +01:00
|
|
|
"interface": "0.0.0.0",
|
2016-03-31 13:50:51 -06:00
|
|
|
"publish_port": 4505,
|
2016-12-12 21:20:55 +01:00
|
|
|
"zmq_backlog": 1000,
|
2013-11-25 09:41:44 -07:00
|
|
|
"pub_hwm": 1000,
|
2013-01-17 16:58:42 +01:00
|
|
|
"auth_mode": 1,
|
2016-05-16 23:05:27 -06:00
|
|
|
"user": _MASTER_USER,
|
2017-08-03 16:02:58 +05:30
|
|
|
"worker_threads": 5,
|
2016-01-26 09:31:56 -06:00
|
|
|
"sock_dir": os.path.join(salt.syspaths.SOCK_DIR, "master"),
|
2013-01-17 16:58:42 +01:00
|
|
|
"sock_pool_size": 1,
|
2016-04-04 13:21:07 -06:00
|
|
|
"ret_port": 4506,
|
2016-08-15 11:03:45 -05:00
|
|
|
"timeout": 5,
|
2013-01-17 16:58:42 +01:00
|
|
|
"keep_jobs": 24,
|
2022-11-05 00:04:59 -07:00
|
|
|
"keep_jobs_seconds": 86400,
|
2013-09-20 20:25:48 -05:00
|
|
|
"archive_jobs": False,
|
2013-10-31 17:07:02 -06:00
|
|
|
"root_dir": salt.syspaths.ROOT_DIR,
|
2022-09-27 19:45:56 +02:00
|
|
|
"pki_dir": os.path.join(salt.syspaths.LIB_STATE_DIR, "pki", "master"),
|
2016-07-24 10:31:18 -06:00
|
|
|
"key_cache": "",
|
2013-12-05 19:18:33 +00:00
|
|
|
"cachedir": os.path.join(salt.syspaths.CACHE_DIR, "master"),
|
2013-01-17 16:58:42 +01:00
|
|
|
"file_roots": {
|
2013-12-05 19:18:33 +00:00
|
|
|
"base": [salt.syspaths.BASE_FILE_ROOTS_DIR, salt.syspaths.SPM_FORMULA_PATH]
|
2020-04-02 20:10:20 -05:00
|
|
|
},
|
2013-01-17 16:58:42 +01:00
|
|
|
"master_roots": {"base": [salt.syspaths.BASE_MASTER_ROOTS_DIR]},
|
|
|
|
|
"pillar_roots": {
|
|
|
|
|
"base": [salt.syspaths.BASE_PILLAR_ROOTS_DIR, salt.syspaths.SPM_PILLAR_PATH]
|
2020-04-02 20:10:20 -05:00
|
|
|
},
|
2018-04-16 22:28:34 -05:00
|
|
|
"on_demand_ext_pillar": ["libvirt", "virtkey"],
|
2016-05-20 20:41:51 +03:00
|
|
|
"decrypt_pillar": [],
|
|
|
|
|
"decrypt_pillar_delimiter": ":",
|
2017-01-28 00:56:14 -06:00
|
|
|
"decrypt_pillar_default": "gpg",
|
2016-05-20 20:41:51 +03:00
|
|
|
"decrypt_pillar_renderers": ["gpg"],
|
2021-12-08 17:24:37 +00:00
|
|
|
"gpg_decrypt_must_succeed": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"thoriumenv": None,
|
|
|
|
|
"thorium_top": "top.sls",
|
|
|
|
|
"thorium_interval": 0.5,
|
|
|
|
|
"thorium_roots": {"base": [salt.syspaths.BASE_THORIUM_ROOTS_DIR]},
|
2015-07-27 10:50:06 -06:00
|
|
|
"top_file_merging_strategy": "merge",
|
2015-08-24 13:50:32 -06:00
|
|
|
"env_order": [],
|
2015-07-27 10:50:06 -06:00
|
|
|
"saltenv": None,
|
2015-07-16 17:29:21 -06:00
|
|
|
"lock_saltenv": False,
|
|
|
|
|
"pillarenv": None,
|
|
|
|
|
"default_top": "base",
|
|
|
|
|
"file_client": "local",
|
2013-01-17 16:58:42 +01:00
|
|
|
"local": True,
|
|
|
|
|
# Update intervals
|
2013-06-25 23:42:09 +03:00
|
|
|
"roots_update_interval": DEFAULT_INTERVAL,
|
2015-03-19 15:29:25 -05:00
|
|
|
"azurefs_update_interval": DEFAULT_INTERVAL,
|
2016-07-14 13:48:52 -06:00
|
|
|
"gitfs_update_interval": DEFAULT_INTERVAL,
|
2019-06-27 15:41:49 +02:00
|
|
|
"git_pillar_update_interval": DEFAULT_INTERVAL,
|
2017-12-04 23:57:28 -06:00
|
|
|
"hgfs_update_interval": DEFAULT_INTERVAL,
|
2018-08-22 13:29:31 -05:00
|
|
|
"minionfs_update_interval": DEFAULT_INTERVAL,
|
2017-12-04 23:57:28 -06:00
|
|
|
"s3fs_update_interval": DEFAULT_INTERVAL,
|
|
|
|
|
"svnfs_update_interval": DEFAULT_INTERVAL,
|
2015-03-19 15:29:25 -05:00
|
|
|
"git_pillar_base": "master",
|
|
|
|
|
"git_pillar_branch": "master",
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_env": "",
|
2020-04-15 13:20:32 +02:00
|
|
|
"git_pillar_fallback": "",
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_root": "",
|
2016-04-06 15:34:02 -06:00
|
|
|
"git_pillar_ssl_verify": True,
|
2015-03-19 15:29:25 -05:00
|
|
|
"git_pillar_global_lock": True,
|
|
|
|
|
"git_pillar_user": "",
|
|
|
|
|
"git_pillar_password": "",
|
2015-07-21 16:37:46 -05:00
|
|
|
"git_pillar_insecure_auth": False,
|
|
|
|
|
"git_pillar_privkey": "",
|
2015-03-19 15:29:25 -05:00
|
|
|
"git_pillar_pubkey": "",
|
2013-12-05 19:18:33 +00:00
|
|
|
"git_pillar_passphrase": "",
|
2013-01-17 16:58:42 +01:00
|
|
|
"git_pillar_refspecs": _DFLT_REFSPECS,
|
|
|
|
|
"git_pillar_includes": True,
|
|
|
|
|
"git_pillar_verify_config": True,
|
2014-09-19 13:08:16 -06:00
|
|
|
"gitfs_remotes": [],
|
|
|
|
|
"gitfs_mountpoint": "",
|
|
|
|
|
"gitfs_root": "",
|
|
|
|
|
"gitfs_base": "master",
|
2020-04-15 13:20:32 +02:00
|
|
|
"gitfs_fallback": "",
|
2014-09-19 13:08:16 -06:00
|
|
|
"gitfs_user": "",
|
|
|
|
|
"gitfs_password": "",
|
2013-01-17 16:58:42 +01:00
|
|
|
"gitfs_insecure_auth": False,
|
2014-09-19 13:08:16 -06:00
|
|
|
"gitfs_privkey": "",
|
|
|
|
|
"gitfs_pubkey": "",
|
|
|
|
|
"gitfs_passphrase": "",
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv_whitelist": [],
|
|
|
|
|
"gitfs_saltenv_blacklist": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"gitfs_global_lock": True,
|
2016-04-26 14:42:26 -06:00
|
|
|
"gitfs_ssl_verify": True,
|
2017-05-06 23:04:08 -05:00
|
|
|
"gitfs_saltenv": [],
|
2017-05-09 10:34:26 -05:00
|
|
|
"gitfs_ref_types": ["branch", "tag", "sha"],
|
2013-01-17 16:58:42 +01:00
|
|
|
"gitfs_refspecs": _DFLT_REFSPECS,
|
2013-12-05 19:18:33 +00:00
|
|
|
"gitfs_disable_saltenv_mapping": False,
|
2014-09-19 13:08:16 -06:00
|
|
|
"hgfs_remotes": [],
|
2013-12-05 19:18:33 +00:00
|
|
|
"hgfs_mountpoint": "",
|
2020-04-02 20:10:20 -05:00
|
|
|
"hgfs_root": "",
|
2013-12-05 19:18:33 +00:00
|
|
|
"hgfs_base": "default",
|
|
|
|
|
"hgfs_branch_method": "branches",
|
|
|
|
|
"hgfs_saltenv_whitelist": [],
|
2013-04-19 17:53:32 -06:00
|
|
|
"hgfs_saltenv_blacklist": [],
|
2015-08-12 17:31:19 +03:00
|
|
|
"show_timeout": True,
|
2013-04-19 17:53:32 -06:00
|
|
|
"show_jid": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"unique_jid": False,
|
2014-09-19 13:08:16 -06:00
|
|
|
"svnfs_remotes": [],
|
2014-02-19 19:52:46 -06:00
|
|
|
"svnfs_mountpoint": "",
|
2013-10-12 02:35:50 -04:00
|
|
|
"svnfs_root": "",
|
2014-02-19 19:52:46 -06:00
|
|
|
"svnfs_trunk": "trunk",
|
2013-01-17 16:58:42 +01:00
|
|
|
"svnfs_branches": "branches",
|
2014-11-19 07:59:42 -08:00
|
|
|
"svnfs_tags": "tags",
|
2014-12-01 13:05:21 -07:00
|
|
|
"svnfs_saltenv_whitelist": [],
|
|
|
|
|
"svnfs_saltenv_blacklist": [],
|
|
|
|
|
"max_event_size": 1048576,
|
2017-11-29 17:11:23 -07:00
|
|
|
"master_stats": False,
|
2015-10-21 22:15:13 -06:00
|
|
|
"master_stats_event_iter": 60,
|
2014-04-07 11:23:17 -05:00
|
|
|
"minionfs_env": "base",
|
2015-10-21 22:15:13 -06:00
|
|
|
"minionfs_mountpoint": "",
|
2014-04-07 11:23:17 -05:00
|
|
|
"minionfs_whitelist": [],
|
|
|
|
|
"minionfs_blacklist": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"ext_pillar": [],
|
|
|
|
|
"pillar_version": 2,
|
2015-10-21 22:15:13 -06:00
|
|
|
"pillar_opts": False,
|
2016-08-31 18:44:51 -05:00
|
|
|
"pillar_safe_render_error": True,
|
|
|
|
|
"pillar_source_merging_strategy": "smart",
|
2013-01-17 16:58:42 +01:00
|
|
|
"pillar_merge_lists": False,
|
2017-01-24 10:03:53 -07:00
|
|
|
"pillar_includes_override_sls": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"pillar_cache": False,
|
|
|
|
|
"pillar_cache_ttl": 3600,
|
2015-07-28 16:03:08 -06:00
|
|
|
"pillar_cache_backend": "disk",
|
2019-12-31 15:13:58 +01:00
|
|
|
"gpg_cache": False,
|
|
|
|
|
"gpg_cache_ttl": 86400,
|
|
|
|
|
"gpg_cache_backend": "disk",
|
2015-07-28 16:03:08 -06:00
|
|
|
"ping_on_rotate": False,
|
2020-04-02 20:10:20 -05:00
|
|
|
"peer": {},
|
2013-08-20 11:52:56 -06:00
|
|
|
"preserve_minion_cache": False,
|
|
|
|
|
"syndic_master": "masterofmasters",
|
2016-03-10 13:59:23 +03:00
|
|
|
"syndic_failover": "random",
|
2014-03-14 11:15:32 -06:00
|
|
|
"syndic_forward_all_events": False,
|
|
|
|
|
"syndic_log_file": os.path.join(salt.syspaths.LOGS_DIR, "syndic"),
|
2014-05-06 12:04:06 -06:00
|
|
|
"syndic_pidfile": os.path.join(salt.syspaths.PIDFILE_DIR, "salt-syndic.pid"),
|
|
|
|
|
"outputter_dirs": [],
|
2017-08-23 11:28:02 +03:00
|
|
|
"runner_dirs": [],
|
2014-05-16 14:59:50 -04:00
|
|
|
"utils_dirs": [],
|
2016-04-06 15:34:02 -06:00
|
|
|
"client_acl_verify": True,
|
2017-02-03 11:36:53 -07:00
|
|
|
"publisher_acl": {},
|
2014-05-06 12:04:06 -06:00
|
|
|
"publisher_acl_blacklist": {},
|
|
|
|
|
"sudo_acl": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"external_auth": {},
|
|
|
|
|
"token_expire": 43200,
|
2016-04-24 19:53:32 -06:00
|
|
|
"token_expire_user_override": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"permissive_acl": False,
|
2017-06-23 18:09:56 -05:00
|
|
|
"keep_acl_in_token": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"eauth_acl_module": "",
|
2017-08-03 16:02:58 +05:30
|
|
|
"eauth_tokens": "localfs",
|
2015-08-09 02:52:05 -05:00
|
|
|
"extension_modules": os.path.join(salt.syspaths.CACHE_DIR, "master", "extmods"),
|
|
|
|
|
"module_dirs": [],
|
2014-09-19 13:16:23 -06:00
|
|
|
"file_recv": False,
|
|
|
|
|
"file_recv_max_size": 100,
|
2013-01-17 16:58:42 +01:00
|
|
|
"file_buffer_size": 1048576,
|
2015-08-09 02:52:05 -05:00
|
|
|
"file_ignore_regex": [],
|
2016-03-24 10:20:26 +01:00
|
|
|
"file_ignore_glob": [],
|
2015-08-09 02:52:05 -05:00
|
|
|
"fileserver_backend": ["roots"],
|
|
|
|
|
"fileserver_followsymlinks": True,
|
2015-08-25 16:01:42 -06:00
|
|
|
"fileserver_ignoresymlinks": False,
|
2017-02-27 20:21:53 -06:00
|
|
|
"fileserver_verify_config": True,
|
2013-01-17 16:58:42 +01:00
|
|
|
"max_open_files": 100000,
|
2023-10-20 06:24:47 +01:00
|
|
|
"hash_type": DEFAULT_HASH_TYPE,
|
2018-07-17 15:22:00 -05:00
|
|
|
"optimization_order": [0, 1, 2],
|
2015-08-25 16:01:42 -06:00
|
|
|
"conf_file": os.path.join(salt.syspaths.CONFIG_DIR, "master"),
|
2015-08-09 02:52:05 -05:00
|
|
|
"open_mode": False,
|
|
|
|
|
"auto_accept": False,
|
|
|
|
|
"renderer": "jinja|yaml",
|
2017-05-06 23:04:08 -05:00
|
|
|
"renderer_whitelist": [],
|
|
|
|
|
"renderer_blacklist": [],
|
2013-01-17 16:58:42 +01:00
|
|
|
"failhard": False,
|
2018-04-19 21:23:26 +03:00
|
|
|
"state_top": "top.sls",
|
2016-07-13 19:20:27 +02:00
|
|
|
"state_top_saltenv": None,
|
2013-01-17 16:58:42 +01:00
|
|
|
"master_tops": {},
|
2017-06-12 20:21:55 -05:00
|
|
|
"master_tops_first": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"order_masters": False,
|
|
|
|
|
"job_cache": True,
|
2013-10-18 13:45:15 -06:00
|
|
|
"ext_job_cache": "",
|
2014-04-19 09:29:32 -07:00
|
|
|
"master_job_cache": "local_cache",
|
2015-08-09 02:52:05 -05:00
|
|
|
"job_cache_store_endtime": False,
|
|
|
|
|
"minion_data_cache": True,
|
2013-06-25 23:42:09 +03:00
|
|
|
"enforce_mine_cache": False,
|
2015-03-19 15:29:25 -05:00
|
|
|
"ipc_mode": _DFLT_IPC_MODE,
|
2015-08-09 02:52:05 -05:00
|
|
|
"ipc_write_buffer": _DFLT_IPC_WBUFFER,
|
2018-12-18 18:13:48 -05:00
|
|
|
# various subprocess niceness levels
|
|
|
|
|
"req_server_niceness": None,
|
|
|
|
|
"pub_server_niceness": None,
|
|
|
|
|
"fileserver_update_niceness": None,
|
|
|
|
|
"mworker_niceness": None,
|
|
|
|
|
"mworker_queue_niceness": None,
|
|
|
|
|
"maintenance_niceness": None,
|
|
|
|
|
"event_return_niceness": None,
|
|
|
|
|
"event_publisher_niceness": None,
|
|
|
|
|
"reactor_niceness": None,
|
2018-08-22 13:29:31 -05:00
|
|
|
"ipv6": None,
|
2015-08-09 02:52:05 -05:00
|
|
|
"tcp_master_pub_port": 4512,
|
|
|
|
|
"tcp_master_pull_port": 4513,
|
2015-03-19 15:29:25 -05:00
|
|
|
"tcp_master_publish_pull": 4514,
|
|
|
|
|
"tcp_master_workers": 4515,
|
2015-08-09 02:52:05 -05:00
|
|
|
"log_file": os.path.join(salt.syspaths.LOGS_DIR, "master"),
|
2017-02-09 10:50:45 -06:00
|
|
|
"log_level": "warning",
|
2013-01-17 16:58:42 +01:00
|
|
|
"log_level_logfile": None,
|
2021-06-28 12:07:24 +01:00
|
|
|
"log_datefmt": DFLT_LOG_DATEFMT,
|
|
|
|
|
"log_datefmt_logfile": DFLT_LOG_DATEFMT_LOGFILE,
|
|
|
|
|
"log_fmt_console": DFLT_LOG_FMT_CONSOLE,
|
|
|
|
|
"log_fmt_logfile": DFLT_LOG_FMT_LOGFILE,
|
|
|
|
|
"log_fmt_jid": DFLT_LOG_FMT_JID,
|
2017-08-16 18:45:25 -04:00
|
|
|
"log_granular_levels": {},
|
Windows: Add log file rotation support
An external log file rotation tool, such as `logrotate` will not work
with an operating system such as Windows. From the Python documentation
for `WatchedFileHandler` (which is used for log files in Salt):
"This handler is not appropriate for use under Windows, because under
Windows open log files cannot be moved or renamed - logging opens the
files with exclusive locks - and so there is no need for such a handler.
Furthermore, ST_INO is not supported under Windows; stat() always returns
zero for this value."
This also describes the problem with why an external utility such as
`logrotate` will not work for Windows, because files cannot be renamed
while in use, unlike on other operating systems, such as Linux.
Due to the above, the strategy for this change is to use the
`RotatingFileHandler` logger (when log file rotation is enabled) and to
allow only one process to do the file logging. Previously on Windows,
there was a file logger installed in the main process and another in the
logging listener process. This change changes the architecture in the
following way (on Windows only):
- Added two new configuration options, `log_rotate_max_bytes` and
`log_rotate_backup_count`. They both default to 0. When
`log_rotate_max_bytes` is non-zero, the `RotatingFileHandler` will be
used for file logging instead of the `WatchedFileHandler`.
- The only process that does file logging is the logging listener process
(if it exists)
- When the logging listener process does not exist, only the main process
does file logging.
- When the logging listener process exists, the main process will now set
up multiprocessing logging (which is the client to the logging listener).
- Since the logging listener does logging for extended logging, console,
and log file logging, do not use these types of logging in the main process
when there is a logging listener.
There is one observed caveat: when the log file is in use, and it is time
to rollover (rename the file), the rollover will fail. This has been
obversed when salt-call is running and has the `minion` log file open
for its own logging uses while the salt-minion is trying to rollover.
Luckily, it will recover and try to rollover again on the next log write,
and if the file is no longer in use, it will succeed this time. Hence,
having a log file open somewhere else will delay rollover until the file
is closed.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
2016-10-19 15:06:46 -05:00
|
|
|
"log_rotate_max_bytes": 0,
|
2013-11-08 13:29:47 -07:00
|
|
|
"log_rotate_backup_count": 0,
|
2015-11-13 10:20:48 -06:00
|
|
|
"pidfile": os.path.join(salt.syspaths.PIDFILE_DIR, "salt-master.pid"),
|
2017-03-20 11:36:01 -06:00
|
|
|
"publish_session": 86400,
|
2014-02-24 16:37:11 -07:00
|
|
|
"range_server": "range:80",
|
2013-03-04 12:13:05 +01:00
|
|
|
"reactor": [],
|
2014-02-24 16:37:11 -07:00
|
|
|
"reactor_refresh_interval": 60,
|
2015-11-12 11:20:05 -07:00
|
|
|
"reactor_worker_threads": 10,
|
2015-03-19 10:27:40 -06:00
|
|
|
"reactor_worker_hwm": 10000,
|
2016-08-22 15:25:04 -06:00
|
|
|
"engines": [],
|
2014-11-26 16:31:44 -07:00
|
|
|
"event_return": "",
|
2014-12-01 11:46:27 -07:00
|
|
|
"event_return_queue": 0,
|
2016-08-22 15:25:04 -06:00
|
|
|
"event_return_whitelist": [],
|
2014-12-01 13:05:21 -07:00
|
|
|
"event_return_blacklist": [],
|
2016-08-22 15:25:04 -06:00
|
|
|
"event_match_type": "startswith",
|
2018-01-07 14:48:45 -06:00
|
|
|
"runner_returns": True,
|
2020-04-02 20:10:20 -05:00
|
|
|
"serial": "msgpack",
|
2016-08-11 15:54:43 -06:00
|
|
|
"test": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"state_verbose": True,
|
|
|
|
|
"state_output": "full",
|
2015-07-28 16:03:08 -06:00
|
|
|
"state_output_diff": False,
|
2020-12-17 21:45:36 -06:00
|
|
|
"state_output_profile": True,
|
2013-08-20 11:52:56 -06:00
|
|
|
"state_auto_order": True,
|
2014-03-14 11:15:32 -06:00
|
|
|
"state_events": False,
|
2016-08-22 15:25:04 -06:00
|
|
|
"state_aggregate": False,
|
2014-02-20 03:03:16 -07:00
|
|
|
"search": "",
|
2013-05-28 05:40:07 +00:00
|
|
|
"loop_interval": 60,
|
2015-11-18 13:09:29 -07:00
|
|
|
"nodegroups": {},
|
2018-04-23 15:32:45 +08:00
|
|
|
"ssh_list_nodegroups": {},
|
2014-02-20 03:03:16 -07:00
|
|
|
"ssh_use_home_key": False,
|
2015-06-03 14:59:36 +03:00
|
|
|
"cython_enable": False,
|
2013-10-21 15:20:47 -06:00
|
|
|
"enable_gpu_grains": False,
|
2016-11-20 16:13:55 +02:00
|
|
|
# XXX: Remove 'key_logfile' support in 2014.1.0
|
|
|
|
|
"key_logfile": os.path.join(salt.syspaths.LOGS_DIR, "key"),
|
2013-01-17 16:58:42 +01:00
|
|
|
"verify_env": True,
|
2017-06-30 19:00:43 -07:00
|
|
|
"permissive_pki_access": False,
|
|
|
|
|
"key_pass": None,
|
|
|
|
|
"signing_key_pass": None,
|
2015-01-21 15:35:04 -07:00
|
|
|
"default_include": "master.d/*.conf",
|
2014-04-23 17:39:38 -06:00
|
|
|
"winrepo_dir": os.path.join(salt.syspaths.BASE_FILE_ROOTS_DIR, "win", "repo"),
|
2015-08-26 10:25:56 -06:00
|
|
|
"winrepo_dir_ng": os.path.join(
|
2014-04-23 17:39:38 -06:00
|
|
|
salt.syspaths.BASE_FILE_ROOTS_DIR, "win", "repo-ng"
|
2020-04-02 20:10:20 -05:00
|
|
|
),
|
2014-04-23 17:39:38 -06:00
|
|
|
"winrepo_cachefile": "winrepo.p",
|
|
|
|
|
"winrepo_remotes": ["https://github.com/saltstack/salt-winrepo.git"],
|
|
|
|
|
"winrepo_remotes_ng": ["https://github.com/saltstack/salt-winrepo-ng.git"],
|
2014-06-26 06:03:41 -07:00
|
|
|
"winrepo_branch": "master",
|
2020-06-26 13:23:26 -06:00
|
|
|
"winrepo_fallback": "",
|
2014-06-26 06:03:41 -07:00
|
|
|
"winrepo_ssl_verify": True,
|
2015-08-28 15:20:21 -05:00
|
|
|
"winrepo_user": "",
|
2014-06-26 06:03:41 -07:00
|
|
|
"winrepo_password": "",
|
|
|
|
|
"winrepo_insecure_auth": False,
|
2015-08-28 15:20:21 -05:00
|
|
|
"winrepo_privkey": "",
|
2014-06-26 06:03:41 -07:00
|
|
|
"winrepo_pubkey": "",
|
|
|
|
|
"winrepo_passphrase": "",
|
2017-02-09 10:50:45 -06:00
|
|
|
"winrepo_refspecs": _DFLT_REFSPECS,
|
2014-04-28 15:01:33 -06:00
|
|
|
"syndic_wait": 5,
|
2017-08-16 18:45:25 -04:00
|
|
|
"jinja_env": {},
|
2014-06-26 06:03:41 -07:00
|
|
|
"jinja_sls_env": {},
|
2014-07-09 16:01:43 -07:00
|
|
|
"jinja_lstrip_blocks": False,
|
2013-11-08 13:29:47 -07:00
|
|
|
"jinja_trim_blocks": False,
|
2013-01-17 16:58:42 +01:00
|
|
|
"tcp_keepalive": True,
|
|
|
|
|
"tcp_keepalive_idle": 300,
|
|
|
|
|
"tcp_keepalive_cnt": -1,
|
|
|
|
|
"tcp_keepalive_intvl": -1,
|
2017-03-20 11:36:01 -06:00
|
|
|
"sign_pub_messages": True,
|
2015-03-03 09:06:57 -07:00
|
|
|
"keysize": 2048,
|
2014-07-09 16:01:43 -07:00
|
|
|
"transport": "zeromq",
|
2015-11-12 11:20:05 -07:00
|
|
|
"gather_job_timeout": 10,
|
2014-02-04 14:42:04 +00:00
|
|
|
"syndic_event_forward_timeout": 0.5,
|
2015-03-19 10:27:40 -06:00
|
|
|
"syndic_jid_forward_cache_hwm": 100,
|
2017-03-16 20:32:10 +03:00
|
|
|
"regen_thin": False,
|
2020-04-02 20:10:20 -05:00
|
|
|
"ssh_passwd": "",
|
2018-04-23 15:32:45 +08:00
|
|
|
"ssh_priv_passwd": "",
|
2014-02-20 03:03:16 -07:00
|
|
|
"ssh_port": "22",
|
2013-11-20 19:01:11 +00:00
|
|
|
"ssh_sudo": False,
|
2016-08-05 02:33:01 +09:00
|
|
|
"ssh_sudo_user": "",
|
2014-02-20 03:03:16 -07:00
|
|
|
"ssh_timeout": 60,
|
|
|
|
|
"ssh_user": "root",
|
2014-11-25 11:52:23 -07:00
|
|
|
"ssh_scan_ports": "22",
|
|
|
|
|
"ssh_scan_timeout": 0.01,
|
2015-06-03 14:59:36 +03:00
|
|
|
"ssh_identities_only": False,
|
2014-07-09 16:01:43 -07:00
|
|
|
"ssh_log_file": os.path.join(salt.syspaths.LOGS_DIR, "ssh"),
|
2015-05-21 12:23:55 +03:00
|
|
|
"ssh_config_file": os.path.join(salt.syspaths.HOME_DIR, ".ssh", "config"),
|
|
|
|
|
"cluster_mode": False,
|
2014-08-29 12:51:10 +02:00
|
|
|
"sqlite_queue_dir": os.path.join(salt.syspaths.CACHE_DIR, "master", "queues"),
|
2014-04-23 17:39:38 -06:00
|
|
|
"queue_dirs": [],
|
2014-08-29 12:51:10 +02:00
|
|
|
"cli_summary": False,
|
|
|
|
|
"max_minions": 0,
|
2014-09-18 13:43:23 +02:00
|
|
|
"master_sign_key_name": "master_sign",
|
2014-10-20 13:54:13 +02:00
|
|
|
"master_sign_pubkey": False,
|
|
|
|
|
"master_pubkey_signature": "master_pubkey_signature",
|
2015-02-06 15:00:46 -07:00
|
|
|
"master_use_pubkey_signature": False,
|
2018-02-19 13:25:58 +01:00
|
|
|
"zmq_filtering": False,
|
|
|
|
|
"zmq_monitor": False,
|
|
|
|
|
"con_cache": False,
|
2015-08-18 13:46:27 +03:00
|
|
|
"rotate_aes_key": True,
|
|
|
|
|
"cache_sreqs": True,
|
2014-06-19 09:32:09 -07:00
|
|
|
"dummy_pub": False,
|
2015-08-18 13:46:27 +03:00
|
|
|
"http_connect_timeout": 20.0, # tornado default - 20 seconds
|
2015-10-30 14:05:13 -04:00
|
|
|
"http_request_timeout": 1 * 60 * 60.0, # 1 hour
|
2015-08-12 17:31:19 +03:00
|
|
|
"http_max_body": 100 * 1024 * 1024 * 1024, # 100GB
|
2016-08-11 18:00:45 +03:00
|
|
|
"cache": "localfs",
|
2017-03-28 19:21:58 +03:00
|
|
|
"memcache_expire_seconds": 0,
|
|
|
|
|
"memcache_max_items": 1024,
|
|
|
|
|
"memcache_full_cleanup": False,
|
|
|
|
|
"memcache_debug": False,
|
2016-09-14 16:16:35 +02:00
|
|
|
"thin_extra_mods": "",
|
|
|
|
|
"min_extra_mods": "",
|
2016-11-18 18:31:57 +03:00
|
|
|
"ssl": None,
|
2017-02-08 13:32:04 -06:00
|
|
|
"extmod_whitelist": {},
|
2017-02-13 12:19:55 -06:00
|
|
|
"extmod_blacklist": {},
|
2017-02-08 15:38:56 -06:00
|
|
|
"clean_dynamic_modules": True,
|
2017-01-22 15:12:32 +08:00
|
|
|
"django_auth_path": "",
|
|
|
|
|
"django_auth_settings": "",
|
2017-04-17 13:12:46 -06:00
|
|
|
"allow_minion_key_revoke": True,
|
2017-05-12 14:08:57 -05:00
|
|
|
"salt_cp_chunk_size": 98304,
|
2017-06-08 13:18:53 -06:00
|
|
|
"require_minion_sign_messages": False,
|
|
|
|
|
"drop_messages_signature_fail": False,
|
2018-01-11 16:59:33 +01:00
|
|
|
"discovery": False,
|
2017-11-02 11:01:44 -06:00
|
|
|
"schedule": {},
|
2018-01-05 09:31:55 -08:00
|
|
|
"auth_events": True,
|
2018-01-09 15:52:16 -07:00
|
|
|
"minion_data_cache_events": True,
|
2017-11-16 15:32:18 -07:00
|
|
|
"enable_ssh_minions": False,
|
2020-01-14 18:17:45 -08:00
|
|
|
"netapi_allow_raw_shell": False,
|
Merge 3003 changes forward to the master branch (#59879)
* Merge 3002.6 bugfix changes (#59822)
* Pass `CI_RUN` as an environment variable to the test run.
This allows us to know if we're running the test suite under a CI
environment or not and adapt/adjust if needed
* Migrate `unit.setup` to PyTest
* Backport ae36b15 just for test_install.py
* Only skip tests on CI runs
* Always store git sha in _version.py during installation
* Fix PEP440 compliance.
The wheel metadata version 1.2 states that the package version MUST be
PEP440 compliant.
This means that instead of `3002.2-511-g033c53eccb`, the salt version
string should look like `3002.2+511.g033c53eccb`, a post release of
`3002.2` ahead by 511 commits with the git sha `033c53eccb`
* Fix and migrate `tests/unit/test_version.py` to PyTest
* Skip test if `easy_install` is not available
* We also need to be PEP440 compliant when there's no git history
* Allow extra_filerefs as sanitized kwargs for SSH client
* Fix regression on cmd.run when passing tuples as cmd
Co-authored-by: Alexander Graul <agraul@suse.com>
* Add unit tests to ensure cmd.run accepts tuples
* Add unit test to check for extra_filerefs on SSH opts
* Add changelog file
* Fix comment for test case
* Fix unit test to avoid failing on Windows
* Skip failing test on windows
* Fix test to work on Windows
* Add all ssh kwargs to sanitize_kwargs method
* Run pre-commit
* Fix pylint
* Fix cmdmod loglevel and module_names tests
* Fix pre-commit
* Skip ssh tests if binary does not exist
* Use setup_loader for cmdmod test
* Prevent argument injection in restartcheck
* Add changelog for restartcheck fix
* docs_3002.6
* Add back tests removed in merge
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
* Remove glance state module in favor of glance_image
* update wording in changelog
* bump deprecation warning to Silicon.
* Updating warnutil version to Phosphorous.
* Update salt/modules/keystone.py
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
* Check $HOMEBREW_PREFIX when linking against libcrypto
When loading `libcrypto`, Salt checks for a Homebrew installation of `openssl`
at Homebrew's default prefix of `/usr/local`. However, on Apple Silicon Macs,
Homebrew's default installation prefix is `/opt/homebrew`. On all platforms,
the prefix is configurable. If Salt doesn't find one of those `libcrypto`s,
it will fall back on the un-versioned `/usr/lib/libcrypto.dylib`, which will
cause the following crash:
Application Specific Information:
/usr/lib/libcrypto.dylib
abort() called
Invalid dylib load. Clients should not load the unversioned libcrypto dylib as it does not have a stable ABI.
This commit checks $HOMEBREW_PREFIX instead of hard-coding `/usr/local`.
* Add test case
* Add changelog for 59808
* Add changelog entry
* Make _find_libcrypto fail on Big Sur if it can't find a library
Right now, if `_find_libcrypto` can't find any externally-managed versions of
libcrypto, it will fall back on the pre-Catalina un-versioned system libcrypto.
This does not exist on Big Sur and it would be better to raise an exception
here rather than crashing later when trying to open it.
* Update _find_libcrypto tests
This commit simplifies the unit tests for _find_libcrypto by mocking out the
host's filesystem and testing the common libcrypto installations (brew, ports,
etc.) on Big Sur. It simplifies the tests for falling back on system versions
of libcrypto on previous versions of macOS.
* Fix description of test_find_libcrypto_with_system_before_catalina
* Patch sys.platform for test_rsax931 tests
* modules/match: add missing "minion_id" in Pillar example
The documented Pillar example for `match.filter_by` lacks the `minion_id` parameter. Without it, the assignment won't work as expected.
- fix documentation
- add tests:
- to prove the misbehavior of the documented example
- to prove the proper behaviour when supplying `minion_id`
- to ensure some misbehaviour observed with compound matchers doesn't occur
* Fix for issue #59773
- When instantiating the loader grab values of grains and pillars if
they are NamedLoaderContext instances.
- The loader uses a copy of opts.
- Impliment deepcopy on NamedLoaderContext instances.
* Add changelog for #59773
* _get_initial_pillar function returns pillar
* Fix linter issues
* Clean up test
* Bump deprecation release for neutron
* Uncomment Sulfur release name
* Removing the _ext_nodes deprecation warning and alias.
* Adding changelog.
* Renaming changelog file.
* Update 59804.removed
* Initial pass at fips_mode config option
* Fix pre-commit
* Fix tests and add changelog
* update docs 3003
* update docs 3003 - newline
* Fix warts in changelog
Co-authored-by: Pedro Algarvio <pedro@algarvio.me>
Co-authored-by: Megan Wilhite <megan.wilhite@gmail.com>
Co-authored-by: Bryce Larson <brycel@vmware.com>
Co-authored-by: Pablo Suárez Hernández <psuarezhernandez@suse.com>
Co-authored-by: Alexander Graul <agraul@suse.com>
Co-authored-by: Frode Gundersen <fgundersen@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@saltstack.com>
Co-authored-by: Gareth J. Greenaway <gareth@wiked.org>
Co-authored-by: Hoa-Long Tam <hoalong@apple.com>
Co-authored-by: krionbsd <krion@freebsd.org>
Co-authored-by: Elias Probst <e.probst@ssc-services.de>
Co-authored-by: Frode Gundersen <frogunder@gmail.com>
2021-03-24 07:52:25 -07:00
|
|
|
"fips_mode": False,
|
2021-07-26 12:22:19 -04:00
|
|
|
"detect_remote_minions": False,
|
|
|
|
|
"remote_minions_port": 22,
|
2022-05-25 15:13:12 +02:00
|
|
|
"pass_variable_prefix": "",
|
|
|
|
|
"pass_strict_fetch": False,
|
|
|
|
|
"pass_gnupghome": "",
|
|
|
|
|
"pass_dir": "",
|
2020-11-03 21:29:38 +00:00
|
|
|
"netapi_enable_clients": [],
|
2023-04-11 13:32:44 -05:00
|
|
|
"maintenance_interval": 3600,
|
2023-03-23 17:23:26 -07:00
|
|
|
"fileserver_interval": 3600,
|
2024-01-30 11:26:39 +00:00
|
|
|
"features": {},
|
2024-05-25 15:55:23 -07:00
|
|
|
"publish_signing_algorithm": "PKCS1v15-SHA1",
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
2013-01-17 16:58:42 +01:00
|
|
|
|
2015-08-18 10:16:54 -06:00
|
|
|
|
|
|
|
|
# ----- Salt Proxy Minion Configuration Defaults ----------------------------------->
|
2017-05-11 15:09:27 -06:00
|
|
|
# These are merged with DEFAULT_MINION_OPTS since many of them also apply here.
|
2019-01-18 17:07:10 +00:00
|
|
|
DEFAULT_PROXY_MINION_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2015-08-18 10:16:54 -06:00
|
|
|
"conf_file": os.path.join(salt.syspaths.CONFIG_DIR, "proxy"),
|
|
|
|
|
"log_file": os.path.join(salt.syspaths.LOGS_DIR, "proxy"),
|
2016-03-01 12:56:00 -07:00
|
|
|
"add_proxymodule_to_opts": False,
|
2016-11-29 10:51:46 -07:00
|
|
|
"proxy_merge_grains_in_module": True,
|
2017-08-15 16:08:58 +00:00
|
|
|
"extension_modules": os.path.join(salt.syspaths.CACHE_DIR, "proxy", "extmods"),
|
|
|
|
|
"append_minionid_config_dirs": [
|
|
|
|
|
"cachedir",
|
|
|
|
|
"pidfile",
|
|
|
|
|
"default_include",
|
|
|
|
|
"extension_modules",
|
|
|
|
|
],
|
2016-06-03 10:11:34 -06:00
|
|
|
"default_include": "proxy.d/*.conf",
|
2017-07-05 10:14:50 +00:00
|
|
|
"proxy_merge_pillar_in_opts": False,
|
|
|
|
|
"proxy_deep_merge_pillar_in_opts": False,
|
|
|
|
|
"proxy_merge_pillar_in_opts_strategy": "smart",
|
2017-07-05 10:54:45 +00:00
|
|
|
"proxy_mines_pillar": True,
|
2017-03-21 12:17:56 +00:00
|
|
|
# By default, proxies will preserve the connection.
|
|
|
|
|
# If this option is set to False,
|
|
|
|
|
# the connection with the remote dumb device
|
|
|
|
|
# is closed after each command request.
|
|
|
|
|
"proxy_always_alive": True,
|
2017-02-02 11:35:40 -07:00
|
|
|
"proxy_keep_alive": True, # by default will try to keep alive the connection
|
2017-05-23 16:42:51 -06:00
|
|
|
"proxy_keep_alive_interval": 1, # frequency of the proxy keepalive in minutes
|
2022-09-27 19:45:56 +02:00
|
|
|
"pki_dir": os.path.join(salt.syspaths.LIB_STATE_DIR, "pki", "proxy"),
|
2017-05-05 15:32:16 -06:00
|
|
|
"cachedir": os.path.join(salt.syspaths.CACHE_DIR, "proxy"),
|
|
|
|
|
"sock_dir": os.path.join(salt.syspaths.SOCK_DIR, "proxy"),
|
2024-01-30 11:26:39 +00:00
|
|
|
"features": {},
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
# ----- Salt Cloud Configuration Defaults ----------------------------------->
|
2019-01-18 17:07:10 +00:00
|
|
|
DEFAULT_CLOUD_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2013-11-20 19:01:11 +00:00
|
|
|
"verify_env": True,
|
|
|
|
|
"default_include": "cloud.conf.d/*.conf",
|
|
|
|
|
# Global defaults
|
|
|
|
|
"ssh_auth": "",
|
2016-08-31 11:38:43 -05:00
|
|
|
"cachedir": os.path.join(salt.syspaths.CACHE_DIR, "cloud"),
|
2013-11-20 19:01:11 +00:00
|
|
|
"keysize": 4096,
|
|
|
|
|
"os": "",
|
|
|
|
|
"script": "bootstrap-salt",
|
|
|
|
|
"start_action": None,
|
|
|
|
|
"enable_hard_maps": False,
|
|
|
|
|
"delete_sshkeys": False,
|
|
|
|
|
# Custom deploy scripts
|
|
|
|
|
"deploy_scripts_search_path": "cloud.deploy.d",
|
|
|
|
|
# Logging defaults
|
2013-12-05 19:18:33 +00:00
|
|
|
"log_file": os.path.join(salt.syspaths.LOGS_DIR, "cloud"),
|
2016-06-08 09:43:26 -07:00
|
|
|
"log_level": "warning",
|
2013-11-20 19:01:11 +00:00
|
|
|
"log_level_logfile": None,
|
2021-06-28 12:07:24 +01:00
|
|
|
"log_datefmt": DFLT_LOG_DATEFMT,
|
|
|
|
|
"log_datefmt_logfile": DFLT_LOG_DATEFMT_LOGFILE,
|
|
|
|
|
"log_fmt_console": DFLT_LOG_FMT_CONSOLE,
|
|
|
|
|
"log_fmt_logfile": DFLT_LOG_FMT_LOGFILE,
|
|
|
|
|
"log_fmt_jid": DFLT_LOG_FMT_JID,
|
2013-11-20 19:01:11 +00:00
|
|
|
"log_granular_levels": {},
|
Windows: Add log file rotation support
An external log file rotation tool, such as `logrotate` will not work
with an operating system such as Windows. From the Python documentation
for `WatchedFileHandler` (which is used for log files in Salt):
"This handler is not appropriate for use under Windows, because under
Windows open log files cannot be moved or renamed - logging opens the
files with exclusive locks - and so there is no need for such a handler.
Furthermore, ST_INO is not supported under Windows; stat() always returns
zero for this value."
This also describes the problem with why an external utility such as
`logrotate` will not work for Windows, because files cannot be renamed
while in use, unlike on other operating systems, such as Linux.
Due to the above, the strategy for this change is to use the
`RotatingFileHandler` logger (when log file rotation is enabled) and to
allow only one process to do the file logging. Previously on Windows,
there was a file logger installed in the main process and another in the
logging listener process. This change changes the architecture in the
following way (on Windows only):
- Added two new configuration options, `log_rotate_max_bytes` and
`log_rotate_backup_count`. They both default to 0. When
`log_rotate_max_bytes` is non-zero, the `RotatingFileHandler` will be
used for file logging instead of the `WatchedFileHandler`.
- The only process that does file logging is the logging listener process
(if it exists)
- When the logging listener process does not exist, only the main process
does file logging.
- When the logging listener process exists, the main process will now set
up multiprocessing logging (which is the client to the logging listener).
- Since the logging listener does logging for extended logging, console,
and log file logging, do not use these types of logging in the main process
when there is a logging listener.
There is one observed caveat: when the log file is in use, and it is time
to rollover (rename the file), the rollover will fail. This has been
obversed when salt-call is running and has the `minion` log file open
for its own logging uses while the salt-minion is trying to rollover.
Luckily, it will recover and try to rollover again on the next log write,
and if the file is no longer in use, it will succeed this time. Hence,
having a log file open somewhere else will delay rollover until the file
is closed.
Signed-off-by: Sergey Kizunov <sergey.kizunov@ni.com>
2016-10-19 15:06:46 -05:00
|
|
|
"log_rotate_max_bytes": 0,
|
|
|
|
|
"log_rotate_backup_count": 0,
|
2021-10-09 14:16:05 -07:00
|
|
|
"bootstrap_delay": 0,
|
2017-01-10 09:27:06 -07:00
|
|
|
"cache": "localfs",
|
2024-01-30 11:26:39 +00:00
|
|
|
"features": {},
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2019-01-18 17:07:10 +00:00
|
|
|
DEFAULT_API_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2013-03-04 17:26:35 +00:00
|
|
|
# ----- Salt master settings overridden by Salt-API --------------------->
|
2016-11-03 15:33:28 -06:00
|
|
|
"api_pidfile": os.path.join(salt.syspaths.PIDFILE_DIR, "salt-api.pid"),
|
|
|
|
|
"api_logfile": os.path.join(salt.syspaths.LOGS_DIR, "api"),
|
2015-06-19 18:41:15 +03:00
|
|
|
"rest_timeout": 300,
|
2013-03-04 17:26:35 +00:00
|
|
|
# <---- Salt master settings overridden by Salt-API ----------------------
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2019-01-18 17:07:10 +00:00
|
|
|
DEFAULT_SPM_OPTS = immutabletypes.freeze(
|
|
|
|
|
{
|
2015-06-18 08:12:57 -06:00
|
|
|
# ----- Salt master settings overridden by SPM --------------------->
|
2016-06-30 08:33:11 -06:00
|
|
|
"spm_conf_file": os.path.join(salt.syspaths.CONFIG_DIR, "spm"),
|
2018-05-04 17:41:57 -06:00
|
|
|
"formula_path": salt.syspaths.SPM_FORMULA_PATH,
|
|
|
|
|
"pillar_path": salt.syspaths.SPM_PILLAR_PATH,
|
|
|
|
|
"reactor_path": salt.syspaths.SPM_REACTOR_PATH,
|
2016-10-27 12:53:06 +03:00
|
|
|
"spm_logfile": os.path.join(salt.syspaths.LOGS_DIR, "spm"),
|
2016-06-30 08:33:11 -06:00
|
|
|
"spm_default_include": "spm.d/*.conf",
|
2015-06-18 08:12:57 -06:00
|
|
|
# spm_repos_config also includes a .d/ directory
|
|
|
|
|
"spm_repos_config": "/etc/salt/spm.repos",
|
|
|
|
|
"spm_cache_dir": os.path.join(salt.syspaths.CACHE_DIR, "spm"),
|
2018-05-04 17:41:57 -06:00
|
|
|
"spm_build_dir": os.path.join(salt.syspaths.SRV_ROOT_DIR, "spm_build"),
|
2015-08-28 16:34:37 +01:00
|
|
|
"spm_build_exclude": ["CVS", ".hg", ".git", ".svn"],
|
2015-06-23 10:19:48 -06:00
|
|
|
"spm_db": os.path.join(salt.syspaths.CACHE_DIR, "spm", "packages.db"),
|
2017-02-13 16:59:07 -07:00
|
|
|
"cache": "localfs",
|
2017-02-15 14:21:03 -07:00
|
|
|
"spm_repo_dups": "ignore",
|
2017-02-21 15:50:31 -07:00
|
|
|
# If set, spm_node_type will be either master or minion, but they should
|
|
|
|
|
# NOT be a default
|
|
|
|
|
"spm_node_type": "",
|
2017-02-28 11:41:29 -07:00
|
|
|
"spm_share_dir": os.path.join(salt.syspaths.SHARE_DIR, "spm"),
|
2015-06-18 08:12:57 -06:00
|
|
|
# <---- Salt master settings overridden by SPM ----------------------
|
2019-01-18 17:07:10 +00:00
|
|
|
}
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2019-01-18 17:07:10 +00:00
|
|
|
VM_CONFIG_DEFAULTS = immutabletypes.freeze(
|
2013-11-20 19:01:11 +00:00
|
|
|
{"default_include": "cloud.profiles.d/*.conf"}
|
2019-01-18 17:07:10 +00:00
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2019-01-18 17:07:10 +00:00
|
|
|
PROVIDER_CONFIG_DEFAULTS = immutabletypes.freeze(
|
2013-11-20 19:01:11 +00:00
|
|
|
{"default_include": "cloud.providers.d/*.conf"}
|
2019-01-18 17:07:10 +00:00
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
# <---- Salt Cloud Configuration Defaults ------------------------------------
|
|
|
|
|
|
2012-09-06 19:51:24 +01:00
|
|
|
|
2019-01-22 17:03:27 +00:00
|
|
|
def _normalize_roots(file_roots):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-01-22 17:03:27 +00:00
|
|
|
Normalize file or pillar roots.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2020-09-30 03:09:12 +02:00
|
|
|
for saltenv, dirs in file_roots.items():
|
|
|
|
|
normalized_saltenv = str(saltenv)
|
2015-11-17 14:06:30 -06:00
|
|
|
if normalized_saltenv != saltenv:
|
2017-01-23 23:30:34 +00:00
|
|
|
file_roots[normalized_saltenv] = file_roots.pop(saltenv)
|
2014-11-07 20:16:13 +00:00
|
|
|
if not isinstance(dirs, (list, tuple)):
|
2017-01-23 23:30:34 +00:00
|
|
|
file_roots[normalized_saltenv] = []
|
|
|
|
|
file_roots[normalized_saltenv] = _expand_glob_path(
|
|
|
|
|
file_roots[normalized_saltenv]
|
|
|
|
|
)
|
|
|
|
|
return file_roots
|
2012-02-08 14:30:20 -07:00
|
|
|
|
2012-05-23 13:33:59 -06:00
|
|
|
|
2019-01-22 17:03:27 +00:00
|
|
|
def _validate_pillar_roots(pillar_roots):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-01-22 17:03:27 +00:00
|
|
|
If the pillar_roots option has a key that is None then we will error out,
|
|
|
|
|
just replace it with an empty list
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-01-22 17:03:27 +00:00
|
|
|
if not isinstance(pillar_roots, dict):
|
|
|
|
|
log.warning(
|
2021-08-03 08:40:21 +01:00
|
|
|
"The pillar_roots parameter is not properly formatted, using defaults"
|
2019-01-22 17:03:27 +00:00
|
|
|
)
|
|
|
|
|
return {"base": _expand_glob_path([salt.syspaths.BASE_PILLAR_ROOTS_DIR])}
|
|
|
|
|
return _normalize_roots(pillar_roots)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def _validate_file_roots(file_roots):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-01-22 17:03:27 +00:00
|
|
|
If the file_roots option has a key that is None then we will error out,
|
|
|
|
|
just replace it with an empty list
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-01-22 17:03:27 +00:00
|
|
|
if not isinstance(file_roots, dict):
|
|
|
|
|
log.warning(
|
2021-08-03 08:40:21 +01:00
|
|
|
"The file_roots parameter is not properly formatted, using defaults"
|
2019-01-22 17:03:27 +00:00
|
|
|
)
|
|
|
|
|
return {"base": _expand_glob_path([salt.syspaths.BASE_FILE_ROOTS_DIR])}
|
|
|
|
|
return _normalize_roots(file_roots)
|
|
|
|
|
|
|
|
|
|
|
2014-11-02 03:20:20 +01:00
|
|
|
def _expand_glob_path(file_roots):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-11-02 03:20:20 +01:00
|
|
|
Applies shell globbing to a set of directories and returns
|
|
|
|
|
the expanded paths
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-11-02 03:20:20 +01:00
|
|
|
unglobbed_path = []
|
|
|
|
|
for path in file_roots:
|
2015-06-15 11:30:14 -06:00
|
|
|
try:
|
|
|
|
|
if glob.has_magic(path):
|
|
|
|
|
unglobbed_path.extend(glob.glob(path))
|
|
|
|
|
else:
|
|
|
|
|
unglobbed_path.append(path)
|
2020-01-02 13:42:37 +00:00
|
|
|
except Exception: # pylint: disable=broad-except
|
2014-11-07 20:16:13 +00:00
|
|
|
unglobbed_path.append(path)
|
2014-11-02 03:20:20 +01:00
|
|
|
return unglobbed_path
|
|
|
|
|
|
|
|
|
|
|
2013-05-29 19:13:34 +00:00
|
|
|
def _validate_opts(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-05-29 19:13:34 +00:00
|
|
|
Check that all of the types of values passed into the config are
|
|
|
|
|
of the right types
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
|
|
|
|
|
2016-03-24 14:45:23 -05:00
|
|
|
def format_multi_opt(valid_type):
|
|
|
|
|
try:
|
|
|
|
|
num_types = len(valid_type)
|
|
|
|
|
except TypeError:
|
|
|
|
|
# Bare type name won't have a length, return the name of the type
|
|
|
|
|
# passed.
|
|
|
|
|
return valid_type.__name__
|
|
|
|
|
else:
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-05-20 14:48:40 -06:00
|
|
|
def get_types(types, type_tuple):
|
|
|
|
|
for item in type_tuple:
|
|
|
|
|
if isinstance(item, tuple):
|
|
|
|
|
get_types(types, item)
|
|
|
|
|
else:
|
|
|
|
|
try:
|
|
|
|
|
types.append(item.__name__)
|
|
|
|
|
except AttributeError:
|
|
|
|
|
log.warning(
|
|
|
|
|
"Unable to interpret type %s while validating "
|
|
|
|
|
"configuration",
|
|
|
|
|
item,
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-05-20 14:48:40 -06:00
|
|
|
types = []
|
|
|
|
|
get_types(types, valid_type)
|
|
|
|
|
|
|
|
|
|
ret = ", ".join(types[:-1])
|
|
|
|
|
ret += " or " + types[-1]
|
|
|
|
|
return ret
|
2016-03-24 14:45:23 -05:00
|
|
|
|
2013-05-29 19:13:34 +00:00
|
|
|
errors = []
|
2016-03-24 14:45:23 -05:00
|
|
|
|
2018-01-09 13:40:07 -06:00
|
|
|
err = (
|
2020-09-30 03:09:12 +02:00
|
|
|
"Config option '{}' with value {} has an invalid type of {}, a "
|
|
|
|
|
"{} is required for this option"
|
2018-01-09 13:40:07 -06:00
|
|
|
)
|
2020-09-30 03:09:12 +02:00
|
|
|
for key, val in opts.items():
|
2013-05-29 19:13:34 +00:00
|
|
|
if key in VALID_OPTS:
|
2016-11-26 16:31:40 -06:00
|
|
|
if val is None:
|
|
|
|
|
if VALID_OPTS[key] is None:
|
|
|
|
|
continue
|
|
|
|
|
else:
|
|
|
|
|
try:
|
|
|
|
|
if None in VALID_OPTS[key]:
|
|
|
|
|
continue
|
|
|
|
|
except TypeError:
|
|
|
|
|
# VALID_OPTS[key] is not iterable and not None
|
|
|
|
|
pass
|
|
|
|
|
|
2022-03-24 15:37:28 -06:00
|
|
|
# int(True) evaluates to 1, int(False) evaluates to 0
|
|
|
|
|
# We want to make sure True and False are only valid for bool
|
|
|
|
|
if val is True or val is False:
|
|
|
|
|
if VALID_OPTS[key] is bool:
|
|
|
|
|
continue
|
|
|
|
|
elif isinstance(val, VALID_OPTS[key]):
|
2016-03-24 14:45:23 -05:00
|
|
|
continue
|
|
|
|
|
|
2016-11-08 14:57:47 -07:00
|
|
|
# We don't know what data type sdb will return at run-time so we
|
|
|
|
|
# simply cannot check it for correctness here at start-time.
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(val, str) and val.startswith("sdb://"):
|
2016-11-08 14:57:47 -07:00
|
|
|
continue
|
|
|
|
|
|
2022-03-24 15:37:28 -06:00
|
|
|
# Non-failing types that don't convert properly
|
|
|
|
|
nf_types = {
|
|
|
|
|
str: [list, tuple, dict],
|
|
|
|
|
list: [dict, str],
|
|
|
|
|
tuple: [dict, str],
|
|
|
|
|
bool: [list, tuple, str, int, float, dict, type(None)],
|
|
|
|
|
int: [bool, float],
|
|
|
|
|
float: [bool],
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Is this a single type (not a tuple of types)?
|
2016-03-24 14:45:23 -05:00
|
|
|
if hasattr(VALID_OPTS[key], "__call__"):
|
2022-03-24 15:37:28 -06:00
|
|
|
# This config option has a single defined type
|
2013-05-29 19:13:34 +00:00
|
|
|
try:
|
2022-03-24 15:37:28 -06:00
|
|
|
# This will try to evaluate the specified value type
|
2013-05-29 19:13:34 +00:00
|
|
|
VALID_OPTS[key](val)
|
2022-03-24 15:37:28 -06:00
|
|
|
|
|
|
|
|
# Since it evaluated properly, let's make sure it's valid
|
|
|
|
|
# Some value types don't evaluate properly. For example,
|
|
|
|
|
# running list on a string: `list("test")` will return
|
|
|
|
|
# a list of individual characters:`['t', 'e', 's', 't']` and
|
|
|
|
|
# therefore won't fail on evaluation
|
|
|
|
|
for nf_type in nf_types:
|
|
|
|
|
if VALID_OPTS[key] is nf_type:
|
|
|
|
|
# Is it one of the non-failing types that we don't
|
|
|
|
|
# want for this type
|
|
|
|
|
if isinstance(val, tuple(nf_types[nf_type])):
|
|
|
|
|
errors.append(
|
|
|
|
|
err.format(
|
2022-03-24 15:40:29 -06:00
|
|
|
key,
|
|
|
|
|
val,
|
|
|
|
|
type(val).__name__,
|
2022-03-24 16:04:37 -06:00
|
|
|
VALID_OPTS[key].__name__,
|
2022-03-24 15:37:28 -06:00
|
|
|
)
|
|
|
|
|
)
|
2016-03-24 14:45:23 -05:00
|
|
|
except (TypeError, ValueError):
|
2013-07-27 17:45:21 -06:00
|
|
|
errors.append(
|
2016-03-24 14:45:23 -05:00
|
|
|
err.format(
|
|
|
|
|
key, val, type(val).__name__, VALID_OPTS[key].__name__
|
|
|
|
|
)
|
2013-07-27 17:45:21 -06:00
|
|
|
)
|
2022-03-24 15:37:28 -06:00
|
|
|
else:
|
|
|
|
|
# This config option has multiple defined types (tuple of types)
|
|
|
|
|
if type(val) in VALID_OPTS[key]:
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
valid = []
|
|
|
|
|
for nf_type in nf_types:
|
|
|
|
|
try:
|
|
|
|
|
nf_type(val)
|
2016-03-24 14:45:23 -05:00
|
|
|
|
2022-03-24 15:37:28 -06:00
|
|
|
if nf_type in VALID_OPTS[key]:
|
|
|
|
|
nf = nf_types[nf_type]
|
|
|
|
|
for item in VALID_OPTS[key]:
|
|
|
|
|
if item in nf:
|
|
|
|
|
nf.remove(item)
|
|
|
|
|
if isinstance(val, tuple(nf)):
|
|
|
|
|
# Running str on any of the above types will succeed,
|
|
|
|
|
# however, it will change the value in such a way
|
|
|
|
|
# that it is invalid.
|
|
|
|
|
valid.append(False)
|
|
|
|
|
else:
|
|
|
|
|
valid.append(True)
|
|
|
|
|
except (TypeError, ValueError):
|
|
|
|
|
valid.append(False)
|
|
|
|
|
if True not in valid:
|
|
|
|
|
errors.append(
|
|
|
|
|
err.format(
|
2022-03-24 15:40:29 -06:00
|
|
|
key,
|
|
|
|
|
val,
|
|
|
|
|
type(val).__name__,
|
2022-03-24 16:04:37 -06:00
|
|
|
format_multi_opt(VALID_OPTS[key]),
|
2022-03-24 15:37:28 -06:00
|
|
|
)
|
|
|
|
|
)
|
2013-07-27 17:45:21 -06:00
|
|
|
|
2016-12-19 15:27:49 -07:00
|
|
|
# Convert list to comma-delimited string for 'return' config option
|
|
|
|
|
if isinstance(opts.get("return"), list):
|
|
|
|
|
opts["return"] = ",".join(opts["return"])
|
|
|
|
|
|
2013-05-29 19:13:34 +00:00
|
|
|
for error in errors:
|
2016-03-31 13:50:51 -06:00
|
|
|
log.warning(error)
|
2013-05-29 19:13:34 +00:00
|
|
|
if errors:
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2017-04-04 23:15:08 -05:00
|
|
|
def _validate_ssh_minion_opts(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-04-04 23:15:08 -05:00
|
|
|
Ensure we're not using any invalid ssh_minion_opts. We want to make sure
|
|
|
|
|
that the ssh_minion_opts does not override any pillar or fileserver options
|
|
|
|
|
inherited from the master config. To add other items, modify the if
|
|
|
|
|
statement in the for loop below.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-04-04 23:15:08 -05:00
|
|
|
ssh_minion_opts = opts.get("ssh_minion_opts", {})
|
|
|
|
|
if not isinstance(ssh_minion_opts, dict):
|
|
|
|
|
log.error("Invalidly-formatted ssh_minion_opts")
|
|
|
|
|
opts.pop("ssh_minion_opts")
|
|
|
|
|
|
|
|
|
|
for opt_name in list(ssh_minion_opts):
|
|
|
|
|
if (
|
|
|
|
|
re.match("^[a-z0-9]+fs_", opt_name, flags=re.IGNORECASE)
|
2018-05-06 21:15:58 +02:00
|
|
|
or ("pillar" in opt_name and not "ssh_merge_pillar" == opt_name)
|
2017-04-04 23:15:08 -05:00
|
|
|
or opt_name in ("fileserver_backend",)
|
|
|
|
|
):
|
|
|
|
|
log.warning(
|
|
|
|
|
"'%s' is not a valid ssh_minion_opts parameter, ignoring", opt_name
|
|
|
|
|
)
|
|
|
|
|
ssh_minion_opts.pop(opt_name)
|
|
|
|
|
|
|
|
|
|
|
2012-03-14 18:35:07 -07:00
|
|
|
def _append_domain(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-03-14 18:35:07 -07:00
|
|
|
Append a domain to the existing id if it doesn't already exist
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-03-14 18:35:07 -07:00
|
|
|
# Domain already exists
|
|
|
|
|
if opts["id"].endswith(opts["append_domain"]):
|
|
|
|
|
return opts["id"]
|
|
|
|
|
# Trailing dot should mean an FQDN that is terminated, leave it alone.
|
|
|
|
|
if opts["id"].endswith("."):
|
|
|
|
|
return opts["id"]
|
2013-03-24 11:27:07 +00:00
|
|
|
return "{0[id]}.{0[append_domain]}".format(opts)
|
2012-02-08 14:30:20 -07:00
|
|
|
|
2012-05-23 13:33:59 -06:00
|
|
|
|
2012-03-03 22:18:16 -08:00
|
|
|
def _read_conf_file(path):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-10-03 16:39:04 -06:00
|
|
|
Read in a config file from a given path and process it into a dictionary
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Reading configuration from %s", path)
|
2020-09-30 03:09:12 +02:00
|
|
|
append_file_suffix_YAMLError = False
|
2017-07-18 10:31:01 -06:00
|
|
|
with salt.utils.files.fopen(path, "r") as conf_file:
|
2014-04-09 23:25:30 +01:00
|
|
|
try:
|
2017-12-27 22:31:50 -06:00
|
|
|
conf_opts = salt.utils.yaml.safe_load(conf_file) or {}
|
|
|
|
|
except salt.utils.yaml.YAMLError as err:
|
2024-02-27 11:08:46 +00:00
|
|
|
message = f"Error parsing configuration file: {path} - {err}"
|
2016-07-12 17:14:20 +02:00
|
|
|
log.error(message)
|
2020-09-30 03:09:12 +02:00
|
|
|
if path.endswith("_schedule.conf"):
|
|
|
|
|
# Create empty dictionary of config options
|
|
|
|
|
conf_opts = {}
|
|
|
|
|
# Rename this file, once closed
|
|
|
|
|
append_file_suffix_YAMLError = True
|
2016-01-27 09:39:57 -07:00
|
|
|
else:
|
2020-09-30 03:09:12 +02:00
|
|
|
raise salt.exceptions.SaltConfigurationError(message)
|
|
|
|
|
|
|
|
|
|
if append_file_suffix_YAMLError:
|
|
|
|
|
message = "Renaming to {}".format(path + "YAMLError")
|
|
|
|
|
log.error(message)
|
|
|
|
|
os.replace(path, path + "YAMLError")
|
|
|
|
|
|
|
|
|
|
# only interpret documents as a valid conf, not things like strings,
|
|
|
|
|
# which might have been caused by invalid yaml syntax
|
|
|
|
|
if not isinstance(conf_opts, dict):
|
|
|
|
|
message = (
|
|
|
|
|
"Error parsing configuration file: {} - conf "
|
|
|
|
|
"should be a document, not {}.".format(path, type(conf_opts))
|
|
|
|
|
)
|
|
|
|
|
log.error(message)
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(message)
|
|
|
|
|
|
|
|
|
|
# allow using numeric ids: convert int to string
|
|
|
|
|
if "id" in conf_opts:
|
|
|
|
|
if not isinstance(conf_opts["id"], str):
|
|
|
|
|
conf_opts["id"] = str(conf_opts["id"])
|
|
|
|
|
else:
|
|
|
|
|
conf_opts["id"] = salt.utils.data.decode(conf_opts["id"])
|
|
|
|
|
return conf_opts
|
2012-03-03 22:18:16 -08:00
|
|
|
|
|
|
|
|
|
2014-06-23 00:06:28 +01:00
|
|
|
def _absolute_path(path, relative_to=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-06-23 00:06:28 +01:00
|
|
|
Return an absolute path. In case ``relative_to`` is passed and ``path`` is
|
|
|
|
|
not an absolute path, we try to prepend ``relative_to`` to ``path``and if
|
|
|
|
|
that path exists, return that one
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-06-23 00:06:28 +01:00
|
|
|
|
|
|
|
|
if path and os.path.isabs(path):
|
|
|
|
|
return path
|
|
|
|
|
if path and relative_to is not None:
|
|
|
|
|
_abspath = os.path.join(relative_to, path)
|
|
|
|
|
if os.path.isfile(_abspath):
|
|
|
|
|
log.debug(
|
2021-08-03 08:40:21 +01:00
|
|
|
"Relative path '%s' converted to existing absolute path '%s'",
|
2018-01-07 14:48:45 -06:00
|
|
|
path,
|
|
|
|
|
_abspath,
|
2014-06-23 00:06:28 +01:00
|
|
|
)
|
|
|
|
|
return _abspath
|
|
|
|
|
return path
|
|
|
|
|
|
|
|
|
|
|
2016-12-08 15:58:44 +02:00
|
|
|
def load_config(path, env_var, default_path=None, exit_on_config_errors=True):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-17 16:58:42 +01:00
|
|
|
Returns configuration dict from parsing either the file described by
|
2011-06-20 20:25:25 -05:00
|
|
|
``path`` or the environment variable described by ``env_var`` as YAML.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-12-15 02:01:40 +00:00
|
|
|
if path is None:
|
|
|
|
|
# When the passed path is None, we just want the configuration
|
|
|
|
|
# defaults, not actually loading the whole configuration.
|
2013-01-17 16:58:42 +01:00
|
|
|
return {}
|
2012-12-15 02:01:40 +00:00
|
|
|
|
2013-06-28 20:39:37 +01:00
|
|
|
if default_path is None:
|
2014-11-05 13:57:47 -08:00
|
|
|
# This is most likely not being used from salt, i.e., could be salt-cloud
|
2013-06-28 20:39:37 +01:00
|
|
|
# or salt-api which have not yet migrated to the new default_path
|
|
|
|
|
# argument. Let's issue a warning message that the environ vars won't
|
|
|
|
|
# work.
|
|
|
|
|
import inspect
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2013-06-28 20:39:37 +01:00
|
|
|
previous_frame = inspect.getframeinfo(inspect.currentframe().f_back)
|
|
|
|
|
log.warning(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The function '%s()' defined in '%s' is not yet using the "
|
2016-02-13 20:05:08 +00:00
|
|
|
"new 'default_path' argument to `salt.config.load_config()`. "
|
2018-01-07 14:48:45 -06:00
|
|
|
"As such, the '%s' environment variable will be ignored",
|
|
|
|
|
previous_frame.function,
|
|
|
|
|
previous_frame.filename,
|
|
|
|
|
env_var,
|
2013-06-28 20:39:37 +01:00
|
|
|
)
|
2014-07-13 13:43:33 -05:00
|
|
|
# In this case, maintain old behavior
|
2013-06-28 20:39:37 +01:00
|
|
|
default_path = DEFAULT_MASTER_OPTS["conf_file"]
|
|
|
|
|
|
2013-06-20 16:42:41 -06:00
|
|
|
# Default to the environment variable path, if it exists
|
|
|
|
|
env_path = os.environ.get(env_var, path)
|
|
|
|
|
if not env_path or not os.path.isfile(env_path):
|
|
|
|
|
env_path = path
|
2013-06-20 16:47:15 -06:00
|
|
|
# If non-default path from `-c`, use that over the env variable
|
2013-06-28 20:39:37 +01:00
|
|
|
if path != default_path:
|
2013-06-20 16:47:15 -06:00
|
|
|
env_path = path
|
2013-06-28 20:39:37 +01:00
|
|
|
|
2013-06-20 16:42:41 -06:00
|
|
|
path = env_path
|
|
|
|
|
|
2012-01-16 13:36:39 -06:00
|
|
|
# If the configuration file is missing, attempt to copy the template,
|
|
|
|
|
# after removing the first header line.
|
|
|
|
|
if not os.path.isfile(path):
|
2024-02-27 11:08:46 +00:00
|
|
|
template = f"{path}.template"
|
2012-01-16 13:36:39 -06:00
|
|
|
if os.path.isfile(template):
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Writing %s based on %s", path, template)
|
2017-07-18 10:31:01 -06:00
|
|
|
with salt.utils.files.fopen(path, "w") as out:
|
|
|
|
|
with salt.utils.files.fopen(template, "r") as ifile:
|
2012-12-28 14:07:22 +00:00
|
|
|
ifile.readline() # skip first line
|
|
|
|
|
out.write(ifile.read())
|
2011-06-20 20:25:25 -05:00
|
|
|
|
2016-12-08 15:58:44 +02:00
|
|
|
opts = {}
|
|
|
|
|
|
2014-04-10 00:04:21 +01:00
|
|
|
if salt.utils.validate.path.is_readable(path):
|
2016-07-12 17:29:04 +02:00
|
|
|
try:
|
|
|
|
|
opts = _read_conf_file(path)
|
|
|
|
|
opts["conf_file"] = path
|
|
|
|
|
except salt.exceptions.SaltConfigurationError as error:
|
2016-07-13 11:44:33 +02:00
|
|
|
log.error(error)
|
2016-12-08 15:58:44 +02:00
|
|
|
if exit_on_config_errors:
|
|
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
|
|
|
|
else:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Missing configuration file: %s", path)
|
2011-06-20 20:25:25 -05:00
|
|
|
|
2016-12-08 15:58:44 +02:00
|
|
|
return opts
|
2013-01-17 17:06:28 +01:00
|
|
|
|
2011-11-12 20:50:34 +00:00
|
|
|
|
2016-07-13 18:46:01 +02:00
|
|
|
def include_config(include, orig_path, verbose, exit_on_config_errors=False):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-06-26 20:53:27 +01:00
|
|
|
Parses extra configuration file(s) specified in an include list in the
|
2012-02-09 14:40:40 -07:00
|
|
|
main config file.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-06-26 20:53:27 +01:00
|
|
|
# Protect against empty option
|
|
|
|
|
if not include:
|
2013-01-17 16:58:42 +01:00
|
|
|
return {}
|
2012-07-26 03:42:20 +02:00
|
|
|
|
2012-12-15 02:01:40 +00:00
|
|
|
if orig_path is None:
|
|
|
|
|
# When the passed path is None, we just want the configuration
|
|
|
|
|
# defaults, not actually loading the whole configuration.
|
2013-01-17 16:58:42 +01:00
|
|
|
return {}
|
2012-12-15 02:01:40 +00:00
|
|
|
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(include, str):
|
2012-02-09 14:40:40 -07:00
|
|
|
include = [include]
|
2012-06-26 20:53:27 +01:00
|
|
|
|
2013-05-17 15:23:39 -07:00
|
|
|
configuration = {}
|
2012-02-09 14:40:40 -07:00
|
|
|
for path in include:
|
2013-03-18 23:41:36 +00:00
|
|
|
# Allow for includes like ~/foo
|
|
|
|
|
path = os.path.expanduser(path)
|
2012-02-09 14:40:40 -07:00
|
|
|
if not os.path.isabs(path):
|
|
|
|
|
path = os.path.join(os.path.dirname(orig_path), path)
|
2012-06-26 20:53:27 +01:00
|
|
|
|
2012-12-15 02:01:40 +00:00
|
|
|
# Catch situation where user typos path in configuration; also warns
|
|
|
|
|
# for empty include directory (which might be by design)
|
2019-01-16 16:04:51 -06:00
|
|
|
glob_matches = glob.glob(path)
|
|
|
|
|
if not glob_matches:
|
2012-12-04 17:46:32 +00:00
|
|
|
if verbose:
|
2016-02-13 20:05:08 +00:00
|
|
|
log.warning(
|
2012-12-04 17:46:32 +00:00
|
|
|
'Warning parsing configuration file: "include" path/glob '
|
2018-01-07 14:48:45 -06:00
|
|
|
"'%s' matches no files",
|
|
|
|
|
path,
|
2012-12-04 17:46:32 +00:00
|
|
|
)
|
2012-06-26 20:53:27 +01:00
|
|
|
|
2019-01-16 16:04:51 -06:00
|
|
|
for fn_ in sorted(glob_matches):
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Including configuration from '%s'", fn_)
|
2016-07-12 17:27:11 +02:00
|
|
|
try:
|
|
|
|
|
opts = _read_conf_file(fn_)
|
|
|
|
|
except salt.exceptions.SaltConfigurationError as error:
|
2016-07-13 11:44:33 +02:00
|
|
|
log.error(error)
|
2016-07-13 18:46:01 +02:00
|
|
|
if exit_on_config_errors:
|
|
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
2016-12-08 15:58:44 +02:00
|
|
|
else:
|
|
|
|
|
# Initialize default config if we wish to skip config errors
|
|
|
|
|
opts = {}
|
2017-05-26 18:36:03 +02:00
|
|
|
schedule = opts.get("schedule", {})
|
|
|
|
|
if schedule and "schedule" in configuration:
|
2017-05-26 22:34:41 +02:00
|
|
|
configuration["schedule"].update(schedule)
|
2015-10-16 17:04:55 +02:00
|
|
|
include = opts.get("include", [])
|
|
|
|
|
if include:
|
|
|
|
|
opts.update(include_config(include, fn_, verbose))
|
|
|
|
|
|
2017-01-06 21:18:30 +11:00
|
|
|
salt.utils.dictupdate.update(configuration, opts, True, True)
|
2015-10-16 17:04:55 +02:00
|
|
|
|
2013-05-17 15:23:39 -07:00
|
|
|
return configuration
|
2012-02-09 14:40:40 -07:00
|
|
|
|
|
|
|
|
|
2024-06-22 10:00:09 -07:00
|
|
|
def should_prepend_root_dir(key, opts):
|
|
|
|
|
return (
|
|
|
|
|
key in opts
|
2024-06-22 10:58:54 -07:00
|
|
|
and opts[key] is not None
|
2024-06-22 10:00:09 -07:00
|
|
|
and urllib.parse.urlparse(os.path.splitdrive(opts[key])[1]).scheme == ""
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2011-07-28 10:41:28 -06:00
|
|
|
def prepend_root_dir(opts, path_options):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2011-06-20 20:29:26 -05:00
|
|
|
Prepends the options that represent filesystem paths with value of the
|
|
|
|
|
'root_dir' option.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2012-07-26 04:16:43 +02:00
|
|
|
root_dir = os.path.abspath(opts["root_dir"])
|
2017-05-17 15:33:31 +01:00
|
|
|
def_root_dir = salt.syspaths.ROOT_DIR.rstrip(os.sep)
|
2011-06-20 20:29:26 -05:00
|
|
|
for path_option in path_options:
|
2011-12-20 22:19:42 -06:00
|
|
|
if path_option in opts:
|
2015-06-23 09:05:30 +02:00
|
|
|
path = opts[path_option]
|
2017-05-16 13:18:58 +01:00
|
|
|
tmp_path_def_root_dir = None
|
|
|
|
|
tmp_path_root_dir = None
|
2017-02-01 14:51:22 -07:00
|
|
|
# When running testsuite, salt.syspaths.ROOT_DIR is often empty
|
2017-05-17 15:33:31 +01:00
|
|
|
if path == def_root_dir or path.startswith(def_root_dir + os.sep):
|
2017-05-16 13:18:58 +01:00
|
|
|
# Remove the default root dir prefix
|
|
|
|
|
tmp_path_def_root_dir = path[len(def_root_dir) :]
|
2017-05-17 11:12:22 +01:00
|
|
|
if root_dir and (path == root_dir or path.startswith(root_dir + os.sep)):
|
2017-05-16 13:18:58 +01:00
|
|
|
# Remove the root dir prefix
|
|
|
|
|
tmp_path_root_dir = path[len(root_dir) :]
|
|
|
|
|
if tmp_path_def_root_dir and not tmp_path_root_dir:
|
|
|
|
|
# Just the default root dir matched
|
|
|
|
|
path = tmp_path_def_root_dir
|
|
|
|
|
elif tmp_path_root_dir and not tmp_path_def_root_dir:
|
|
|
|
|
# Just the root dir matched
|
|
|
|
|
path = tmp_path_root_dir
|
|
|
|
|
elif tmp_path_def_root_dir and tmp_path_root_dir:
|
|
|
|
|
# In this case both the default root dir and the override root
|
|
|
|
|
# dir matched; this means that either
|
|
|
|
|
# def_root_dir is a substring of root_dir or vice versa
|
|
|
|
|
# We must choose the most specific path
|
|
|
|
|
if def_root_dir in root_dir:
|
|
|
|
|
path = tmp_path_root_dir
|
|
|
|
|
else:
|
|
|
|
|
path = tmp_path_def_root_dir
|
2018-02-12 15:29:56 -07:00
|
|
|
elif salt.utils.platform.is_windows() and not os.path.splitdrive(path)[0]:
|
|
|
|
|
# In windows, os.path.isabs resolves '/' to 'C:\\' or whatever
|
|
|
|
|
# the root drive is. This elif prevents the next from being
|
|
|
|
|
# hit, so that the root_dir is prefixed in cases where the
|
|
|
|
|
# drive is not prefixed on a config option
|
|
|
|
|
pass
|
2017-05-17 11:05:19 +01:00
|
|
|
elif os.path.isabs(path):
|
2018-03-08 19:11:13 +01:00
|
|
|
# Absolute path (not default or overridden root_dir)
|
2017-01-12 12:28:13 +00:00
|
|
|
# No prepending required
|
|
|
|
|
continue
|
|
|
|
|
# Prepending the root dir
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
opts[path_option] = salt.utils.path.join(root_dir, path)
|
2011-06-20 20:29:26 -05:00
|
|
|
|
2011-11-12 20:50:34 +00:00
|
|
|
|
2014-05-16 14:59:50 -04:00
|
|
|
def insert_system_path(opts, paths):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-05-16 14:59:50 -04:00
|
|
|
Inserts path into python path taking into consideration 'root_dir' option.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(paths, str):
|
2014-05-16 14:59:50 -04:00
|
|
|
paths = [paths]
|
|
|
|
|
for path in paths:
|
|
|
|
|
path_options = {"path": path, "root_dir": opts["root_dir"]}
|
|
|
|
|
prepend_root_dir(path_options, path_options)
|
|
|
|
|
if os.path.isdir(path_options["path"]) and path_options["path"] not in sys.path:
|
|
|
|
|
sys.path.insert(0, path_options["path"])
|
2020-04-02 20:10:20 -05:00
|
|
|
|
|
|
|
|
|
2013-01-20 03:31:11 +00:00
|
|
|
def minion_config(
|
|
|
|
|
path,
|
|
|
|
|
env_var="SALT_MINION_CONFIG",
|
2013-05-09 11:43:19 -06:00
|
|
|
defaults=None,
|
2016-07-13 18:46:01 +02:00
|
|
|
cache_minion_id=False,
|
2016-08-03 12:16:22 -06:00
|
|
|
ignore_config_errors=True,
|
2017-12-06 14:46:58 -07:00
|
|
|
minion_id=None,
|
|
|
|
|
role="minion",
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2011-02-26 16:07:24 -07:00
|
|
|
Reads in the minion configuration file and sets up special options
|
2014-05-14 18:49:29 -06:00
|
|
|
|
|
|
|
|
This is useful for Minion-side operations, such as the
|
|
|
|
|
:py:class:`~salt.client.Caller` class, and manually running the loader
|
|
|
|
|
interface.
|
|
|
|
|
|
|
|
|
|
.. code-block:: python
|
|
|
|
|
|
2016-05-25 16:08:40 -04:00
|
|
|
import salt.config
|
2014-05-14 18:49:29 -06:00
|
|
|
minion_opts = salt.config.minion_config('/etc/salt/minion')
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-20 05:19:48 +00:00
|
|
|
if defaults is None:
|
2016-11-14 18:14:03 +02:00
|
|
|
defaults = DEFAULT_MINION_OPTS.copy()
|
2023-05-04 17:32:42 +01:00
|
|
|
if role == "master":
|
|
|
|
|
defaults["default_include"] = DEFAULT_MASTER_OPTS["default_include"]
|
2013-01-20 05:19:48 +00:00
|
|
|
|
2013-11-18 14:05:08 +00:00
|
|
|
if not os.environ.get(env_var, None):
|
|
|
|
|
# No valid setting was given using the configuration variable.
|
|
|
|
|
# Lets see is SALT_CONFIG_DIR is of any use
|
|
|
|
|
salt_config_dir = os.environ.get("SALT_CONFIG_DIR", None)
|
2013-11-18 22:34:24 +00:00
|
|
|
if salt_config_dir:
|
|
|
|
|
env_config_file_path = os.path.join(salt_config_dir, "minion")
|
|
|
|
|
if salt_config_dir and os.path.isfile(env_config_file_path):
|
|
|
|
|
# We can get a configuration file using SALT_CONFIG_DIR, let's
|
|
|
|
|
# update the environment with this information
|
|
|
|
|
os.environ[env_var] = env_config_file_path
|
2013-11-18 14:05:08 +00:00
|
|
|
|
2013-06-28 20:39:37 +01:00
|
|
|
overrides = load_config(path, env_var, DEFAULT_MINION_OPTS["conf_file"])
|
2013-01-20 03:12:23 +00:00
|
|
|
default_include = overrides.get("default_include", defaults["default_include"])
|
2013-01-17 16:58:42 +01:00
|
|
|
include = overrides.get("include", [])
|
2011-02-26 16:07:24 -07:00
|
|
|
|
2016-07-13 18:46:01 +02:00
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
default_include,
|
|
|
|
|
path,
|
|
|
|
|
verbose=False,
|
|
|
|
|
exit_on_config_errors=not ignore_config_errors,
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2016-07-13 18:46:01 +02:00
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
include, path, verbose=True, exit_on_config_errors=not ignore_config_errors
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2012-09-14 00:22:02 -06:00
|
|
|
|
2016-08-03 12:16:22 -06:00
|
|
|
opts = apply_minion_config(
|
|
|
|
|
overrides, defaults, cache_minion_id=cache_minion_id, minion_id=minion_id
|
|
|
|
|
)
|
2017-12-06 14:46:58 -07:00
|
|
|
opts["__role"] = role
|
2021-04-01 13:07:48 -06:00
|
|
|
if role != "master":
|
|
|
|
|
apply_sdb(opts)
|
|
|
|
|
_validate_opts(opts)
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2021-04-01 13:07:48 -06:00
|
|
|
return opts
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def mminion_config(path, overrides, ignore_config_errors=True):
|
|
|
|
|
opts = minion_config(path, ignore_config_errors=ignore_config_errors, role="master")
|
|
|
|
|
opts.update(overrides)
|
2016-11-06 14:29:40 +13:00
|
|
|
apply_sdb(opts)
|
2021-04-01 13:24:51 -06:00
|
|
|
|
2013-05-29 19:13:34 +00:00
|
|
|
_validate_opts(opts)
|
2021-04-01 13:07:48 -06:00
|
|
|
opts["grains"] = salt.loader.grains(opts)
|
|
|
|
|
opts["pillar"] = {}
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2013-05-29 19:13:34 +00:00
|
|
|
return opts
|
2011-02-26 16:07:24 -07:00
|
|
|
|
2012-07-26 03:42:20 +02:00
|
|
|
|
2017-05-05 15:32:16 -06:00
|
|
|
def proxy_config(
|
|
|
|
|
path,
|
|
|
|
|
env_var="SALT_PROXY_CONFIG",
|
|
|
|
|
defaults=None,
|
|
|
|
|
cache_minion_id=False,
|
|
|
|
|
ignore_config_errors=True,
|
|
|
|
|
minion_id=None,
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-05-05 15:32:16 -06:00
|
|
|
Reads in the proxy minion configuration file and sets up special options
|
|
|
|
|
|
|
|
|
|
This is useful for Minion-side operations, such as the
|
|
|
|
|
:py:class:`~salt.client.Caller` class, and manually running the loader
|
|
|
|
|
interface.
|
|
|
|
|
|
|
|
|
|
.. code-block:: python
|
|
|
|
|
|
|
|
|
|
import salt.config
|
|
|
|
|
proxy_opts = salt.config.proxy_config('/etc/salt/proxy')
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-05-11 15:09:27 -06:00
|
|
|
if defaults is None:
|
|
|
|
|
defaults = DEFAULT_MINION_OPTS.copy()
|
|
|
|
|
|
|
|
|
|
defaults.update(DEFAULT_PROXY_MINION_OPTS)
|
2017-05-05 15:32:16 -06:00
|
|
|
|
|
|
|
|
if not os.environ.get(env_var, None):
|
|
|
|
|
# No valid setting was given using the configuration variable.
|
|
|
|
|
# Lets see is SALT_CONFIG_DIR is of any use
|
|
|
|
|
salt_config_dir = os.environ.get("SALT_CONFIG_DIR", None)
|
|
|
|
|
if salt_config_dir:
|
|
|
|
|
env_config_file_path = os.path.join(salt_config_dir, "proxy")
|
|
|
|
|
if salt_config_dir and os.path.isfile(env_config_file_path):
|
|
|
|
|
# We can get a configuration file using SALT_CONFIG_DIR, let's
|
|
|
|
|
# update the environment with this information
|
|
|
|
|
os.environ[env_var] = env_config_file_path
|
|
|
|
|
|
|
|
|
|
overrides = load_config(path, env_var, DEFAULT_PROXY_MINION_OPTS["conf_file"])
|
|
|
|
|
default_include = overrides.get("default_include", defaults["default_include"])
|
|
|
|
|
include = overrides.get("include", [])
|
|
|
|
|
|
|
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
default_include,
|
|
|
|
|
path,
|
|
|
|
|
verbose=False,
|
|
|
|
|
exit_on_config_errors=not ignore_config_errors,
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2017-05-05 15:32:16 -06:00
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
include, path, verbose=True, exit_on_config_errors=not ignore_config_errors
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2017-05-05 15:32:16 -06:00
|
|
|
|
|
|
|
|
opts = apply_minion_config(
|
|
|
|
|
overrides, defaults, cache_minion_id=cache_minion_id, minion_id=minion_id
|
|
|
|
|
)
|
2020-09-08 16:14:42 -07:00
|
|
|
|
|
|
|
|
# Update opts with proxy specific configuration
|
|
|
|
|
# with the updated default_include.
|
|
|
|
|
default_include = opts.get("default_include", defaults["default_include"])
|
|
|
|
|
include = opts.get("include", [])
|
|
|
|
|
|
|
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
default_include,
|
|
|
|
|
path,
|
|
|
|
|
verbose=False,
|
|
|
|
|
exit_on_config_errors=not ignore_config_errors,
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
include, path, verbose=True, exit_on_config_errors=not ignore_config_errors
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
opts = apply_minion_config(
|
|
|
|
|
overrides, defaults, cache_minion_id=cache_minion_id, minion_id=minion_id
|
|
|
|
|
)
|
|
|
|
|
|
2017-05-05 15:32:16 -06:00
|
|
|
apply_sdb(opts)
|
|
|
|
|
_validate_opts(opts)
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2017-05-05 15:32:16 -06:00
|
|
|
return opts
|
|
|
|
|
|
|
|
|
|
|
2013-07-13 19:53:11 +00:00
|
|
|
def syndic_config(
|
|
|
|
|
master_config_path,
|
|
|
|
|
minion_config_path,
|
|
|
|
|
master_env_var="SALT_MASTER_CONFIG",
|
|
|
|
|
minion_env_var="SALT_MINION_CONFIG",
|
2013-07-19 13:05:47 +01:00
|
|
|
minion_defaults=None,
|
|
|
|
|
master_defaults=None,
|
|
|
|
|
):
|
|
|
|
|
|
|
|
|
|
if minion_defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
minion_defaults = DEFAULT_MINION_OPTS.copy()
|
2013-07-19 13:05:47 +01:00
|
|
|
|
|
|
|
|
if master_defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
master_defaults = DEFAULT_MASTER_OPTS.copy()
|
2013-07-19 13:05:47 +01:00
|
|
|
|
2013-07-13 19:53:11 +00:00
|
|
|
opts = {}
|
2013-07-19 13:05:47 +01:00
|
|
|
master_opts = master_config(master_config_path, master_env_var, master_defaults)
|
|
|
|
|
minion_opts = minion_config(minion_config_path, minion_env_var, minion_defaults)
|
2013-07-13 19:53:11 +00:00
|
|
|
opts["_minion_conf_file"] = master_opts["conf_file"]
|
|
|
|
|
opts["_master_conf_file"] = minion_opts["conf_file"]
|
|
|
|
|
opts.update(master_opts)
|
|
|
|
|
opts.update(minion_opts)
|
|
|
|
|
syndic_opts = {
|
2014-07-15 10:28:16 -06:00
|
|
|
"__role": "syndic",
|
2013-12-05 19:18:33 +00:00
|
|
|
"root_dir": opts.get("root_dir", salt.syspaths.ROOT_DIR),
|
2013-07-19 13:05:47 +01:00
|
|
|
"pidfile": opts.get("syndic_pidfile", "salt-syndic.pid"),
|
|
|
|
|
"log_file": opts.get("syndic_log_file", "salt-syndic.log"),
|
2016-08-23 18:12:27 +08:00
|
|
|
"log_level": master_opts["log_level"],
|
2013-07-13 19:53:11 +00:00
|
|
|
"id": minion_opts["id"],
|
|
|
|
|
"pki_dir": minion_opts["pki_dir"],
|
|
|
|
|
"master": opts["syndic_master"],
|
2015-04-16 16:57:44 -06:00
|
|
|
"interface": master_opts["interface"],
|
2013-07-13 19:53:11 +00:00
|
|
|
"master_port": int(
|
|
|
|
|
opts.get(
|
2013-07-19 13:05:47 +01:00
|
|
|
# The user has explicitly defined the syndic master port
|
2013-07-13 19:53:11 +00:00
|
|
|
"syndic_master_port",
|
2013-07-19 13:05:47 +01:00
|
|
|
opts.get(
|
|
|
|
|
# No syndic_master_port, grab master_port from opts
|
2013-07-19 13:44:36 +01:00
|
|
|
"master_port",
|
|
|
|
|
# No master_opts, grab from the provided minion defaults
|
|
|
|
|
minion_defaults.get(
|
2013-07-19 13:05:47 +01:00
|
|
|
"master_port",
|
2013-07-19 13:44:36 +01:00
|
|
|
# Not on the provided minion defaults, load from the
|
|
|
|
|
# static minion defaults
|
|
|
|
|
DEFAULT_MINION_OPTS["master_port"],
|
2013-07-19 13:05:47 +01:00
|
|
|
),
|
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
),
|
2013-07-13 19:53:11 +00:00
|
|
|
"user": opts.get("syndic_user", opts["user"]),
|
|
|
|
|
"sock_dir": os.path.join(
|
2013-07-19 13:05:47 +01:00
|
|
|
opts["cachedir"], opts.get("syndic_sock_dir", opts["sock_dir"])
|
|
|
|
|
),
|
2017-05-31 14:45:48 +09:00
|
|
|
"sock_pool_size": master_opts["sock_pool_size"],
|
2015-03-18 14:26:14 -06:00
|
|
|
"cachedir": master_opts["cachedir"],
|
2013-07-13 19:53:11 +00:00
|
|
|
}
|
|
|
|
|
opts.update(syndic_opts)
|
|
|
|
|
# Prepend root_dir to other paths
|
|
|
|
|
prepend_root_dirs = [
|
Revert "Separates key_dir from cache_dir, The key files (i.e. '.root_key', '.sudo_...') must not be shared with other masters."
This reverts commit 20bf4eed1d34cf8edfa41a73a9769ffa7a977449.
This change breaks publisher_acls.
1) The key_dir's permissions are controlled by `permissive_pki_access` which is
not required by publisher_acls. By default, it is also changed back to 700
each time that the salt-master restarts, so it will have to be chmodded each
time.
2) The default directory for these keys is changed, which will break a lot of
users publisher_acls setups on an upgrade to Oxygen, and require them to go
back in to chmod new directories.
I was going through and switching out the key dir to default back to
/var/cache/salt/master, and allow it to be changed, and also be able to specify
that it is a sensitive dir, but once I ran across the `permissive_pki_access`
stuff, I thought it was better to just revert this change and try again against
Fluorine, since we do not have a lot of tests in this area around publisher_acl.
2018-02-08 12:48:18 -07:00
|
|
|
"pki_dir",
|
|
|
|
|
"cachedir",
|
|
|
|
|
"pidfile",
|
|
|
|
|
"sock_dir",
|
|
|
|
|
"extension_modules",
|
2017-10-10 15:03:18 +02:00
|
|
|
"autosign_file",
|
|
|
|
|
"autoreject_file",
|
|
|
|
|
"token_dir",
|
|
|
|
|
"autosign_grains_dir",
|
2013-07-13 19:53:11 +00:00
|
|
|
]
|
2017-08-10 16:59:11 -06:00
|
|
|
for config_key in ("log_file", "key_logfile", "syndic_log_file"):
|
2015-05-04 13:06:19 -06:00
|
|
|
# If this is not a URI and instead a local path
|
2024-06-22 10:58:54 -07:00
|
|
|
if should_prepend_root_dir(config_key, opts):
|
2013-07-13 19:53:11 +00:00
|
|
|
prepend_root_dirs.append(config_key)
|
|
|
|
|
prepend_root_dir(opts, prepend_root_dirs)
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2013-07-13 19:53:11 +00:00
|
|
|
return opts
|
|
|
|
|
|
|
|
|
|
|
2014-06-18 16:59:05 -05:00
|
|
|
def apply_sdb(opts, sdb_opts=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-06-18 16:15:06 -05:00
|
|
|
Recurse for sdb:// links for opts
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-06-23 15:32:21 -07:00
|
|
|
# Late load of SDB to keep CLI light
|
|
|
|
|
import salt.utils.sdb
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2014-06-18 16:59:05 -05:00
|
|
|
if sdb_opts is None:
|
2014-06-18 17:42:53 -05:00
|
|
|
sdb_opts = opts
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(sdb_opts, str) and sdb_opts.startswith("sdb://"):
|
2014-06-18 19:35:32 -05:00
|
|
|
return salt.utils.sdb.sdb_get(sdb_opts, opts)
|
2014-06-18 19:14:08 -05:00
|
|
|
elif isinstance(sdb_opts, dict):
|
2020-09-30 03:09:12 +02:00
|
|
|
for key, value in sdb_opts.items():
|
2014-06-18 19:14:08 -05:00
|
|
|
if value is None:
|
|
|
|
|
continue
|
2014-06-18 18:36:23 -05:00
|
|
|
sdb_opts[key] = apply_sdb(opts, value)
|
2014-06-18 16:15:06 -05:00
|
|
|
elif isinstance(sdb_opts, list):
|
|
|
|
|
for key, value in enumerate(sdb_opts):
|
2014-06-18 19:14:08 -05:00
|
|
|
if value is None:
|
|
|
|
|
continue
|
2014-06-18 18:36:23 -05:00
|
|
|
sdb_opts[key] = apply_sdb(opts, value)
|
2014-06-18 16:15:06 -05:00
|
|
|
|
|
|
|
|
return sdb_opts
|
|
|
|
|
|
|
|
|
|
|
2016-11-06 14:29:40 +13:00
|
|
|
# ----- Salt Cloud Configuration Functions ---------------------------------->
|
2013-11-20 19:01:11 +00:00
|
|
|
def cloud_config(
|
|
|
|
|
path,
|
|
|
|
|
env_var="SALT_CLOUD_CONFIG",
|
|
|
|
|
defaults=None,
|
|
|
|
|
master_config_path=None,
|
|
|
|
|
master_config=None,
|
|
|
|
|
providers_config_path=None,
|
|
|
|
|
providers_config=None,
|
2013-11-25 11:46:16 +00:00
|
|
|
profiles_config_path=None,
|
|
|
|
|
profiles_config=None,
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-11-15 14:25:31 +02:00
|
|
|
Read in the Salt Cloud config and return the dict
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-08-31 11:38:43 -05:00
|
|
|
if path:
|
|
|
|
|
config_dir = os.path.dirname(path)
|
|
|
|
|
else:
|
|
|
|
|
config_dir = salt.syspaths.CONFIG_DIR
|
|
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
# Load the cloud configuration
|
2016-08-31 11:38:43 -05:00
|
|
|
overrides = load_config(path, env_var, os.path.join(config_dir, "cloud"))
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if defaults is None:
|
2016-11-15 14:25:31 +02:00
|
|
|
defaults = DEFAULT_CLOUD_OPTS.copy()
|
|
|
|
|
|
|
|
|
|
# Set defaults early to override Salt Master's default config values later
|
|
|
|
|
defaults.update(overrides)
|
|
|
|
|
overrides = defaults
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
# Load cloud configuration from any default or provided includes
|
|
|
|
|
overrides.update(
|
2016-11-15 14:25:31 +02:00
|
|
|
salt.config.include_config(overrides["default_include"], path, verbose=False)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
include = overrides.get("include", [])
|
2015-09-09 16:19:52 +01:00
|
|
|
overrides.update(salt.config.include_config(include, path, verbose=True))
|
2013-11-20 19:01:11 +00:00
|
|
|
|
2013-11-25 13:15:04 +00:00
|
|
|
# The includes have been evaluated, let's see if master, providers and
|
|
|
|
|
# profiles configuration settings have been included and if not, set the
|
|
|
|
|
# default value
|
|
|
|
|
if "master_config" in overrides and master_config_path is None:
|
|
|
|
|
# The configuration setting is being specified in the main cloud
|
|
|
|
|
# configuration file
|
|
|
|
|
master_config_path = overrides["master_config"]
|
|
|
|
|
elif (
|
|
|
|
|
"master_config" not in overrides
|
|
|
|
|
and not master_config
|
2014-10-03 16:39:04 -06:00
|
|
|
and not master_config_path
|
|
|
|
|
):
|
2013-11-25 13:15:04 +00:00
|
|
|
# The configuration setting is not being provided in the main cloud
|
|
|
|
|
# configuration file, and
|
|
|
|
|
master_config_path = os.path.join(config_dir, "master")
|
|
|
|
|
|
2014-06-23 00:06:28 +01:00
|
|
|
# Convert relative to absolute paths if necessary
|
|
|
|
|
master_config_path = _absolute_path(master_config_path, config_dir)
|
|
|
|
|
|
2013-11-25 13:15:04 +00:00
|
|
|
if "providers_config" in overrides and providers_config_path is None:
|
|
|
|
|
# The configuration setting is being specified in the main cloud
|
|
|
|
|
# configuration file
|
|
|
|
|
providers_config_path = overrides["providers_config"]
|
|
|
|
|
elif (
|
|
|
|
|
"providers_config" not in overrides
|
|
|
|
|
and not providers_config
|
2014-10-03 16:39:04 -06:00
|
|
|
and not providers_config_path
|
|
|
|
|
):
|
2013-11-25 13:15:04 +00:00
|
|
|
providers_config_path = os.path.join(config_dir, "cloud.providers")
|
|
|
|
|
|
2014-06-23 00:06:28 +01:00
|
|
|
# Convert relative to absolute paths if necessary
|
|
|
|
|
providers_config_path = _absolute_path(providers_config_path, config_dir)
|
|
|
|
|
|
2013-12-03 18:58:57 +00:00
|
|
|
if "profiles_config" in overrides and profiles_config_path is None:
|
2013-11-25 13:15:04 +00:00
|
|
|
# The configuration setting is being specified in the main cloud
|
|
|
|
|
# configuration file
|
2013-12-03 18:58:57 +00:00
|
|
|
profiles_config_path = overrides["profiles_config"]
|
|
|
|
|
elif (
|
|
|
|
|
"profiles_config" not in overrides
|
|
|
|
|
and not profiles_config
|
|
|
|
|
and not profiles_config_path
|
|
|
|
|
):
|
|
|
|
|
profiles_config_path = os.path.join(config_dir, "cloud.profiles")
|
2013-11-25 13:15:04 +00:00
|
|
|
|
2014-06-23 00:06:28 +01:00
|
|
|
# Convert relative to absolute paths if necessary
|
|
|
|
|
profiles_config_path = _absolute_path(profiles_config_path, config_dir)
|
|
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
# Prepare the deploy scripts search path
|
|
|
|
|
deploy_scripts_search_path = overrides.get(
|
|
|
|
|
"deploy_scripts_search_path",
|
|
|
|
|
defaults.get("deploy_scripts_search_path", "cloud.deploy.d"),
|
|
|
|
|
)
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(deploy_scripts_search_path, str):
|
2013-11-20 19:01:11 +00:00
|
|
|
deploy_scripts_search_path = [deploy_scripts_search_path]
|
|
|
|
|
|
|
|
|
|
# Check the provided deploy scripts search path removing any non existing
|
|
|
|
|
# entries.
|
|
|
|
|
for idx, entry in enumerate(deploy_scripts_search_path[:]):
|
|
|
|
|
if not os.path.isabs(entry):
|
2015-06-17 15:27:39 -06:00
|
|
|
# Let's try adding the provided path's directory name turns the
|
2013-11-20 19:01:11 +00:00
|
|
|
# entry into a proper directory
|
|
|
|
|
entry = os.path.join(os.path.dirname(path), entry)
|
|
|
|
|
|
|
|
|
|
if os.path.isdir(entry):
|
2014-04-30 12:06:27 -07:00
|
|
|
# Path exists, let's update the entry (its path might have been
|
2013-11-20 19:01:11 +00:00
|
|
|
# made absolute)
|
|
|
|
|
deploy_scripts_search_path[idx] = entry
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# It's not a directory? Remove it from the search path
|
|
|
|
|
deploy_scripts_search_path.pop(idx)
|
|
|
|
|
|
2014-04-30 12:06:27 -07:00
|
|
|
# Add the built-in scripts directory to the search path (last resort)
|
2013-11-20 19:01:11 +00:00
|
|
|
deploy_scripts_search_path.append(
|
2013-11-27 20:25:10 +00:00
|
|
|
os.path.abspath(
|
|
|
|
|
os.path.join(os.path.dirname(__file__), "..", "cloud", "deploy")
|
|
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Let's make the search path a tuple and add it to the overrides.
|
|
|
|
|
overrides.update(deploy_scripts_search_path=tuple(deploy_scripts_search_path))
|
|
|
|
|
|
|
|
|
|
# Grab data from the 4 sources
|
|
|
|
|
# 1st - Master config
|
|
|
|
|
if master_config_path is not None and master_config is not None:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2013-11-20 19:01:11 +00:00
|
|
|
"Only pass `master_config` or `master_config_path`, not both."
|
|
|
|
|
)
|
|
|
|
|
elif master_config_path is None and master_config is None:
|
|
|
|
|
master_config = salt.config.master_config(
|
|
|
|
|
overrides.get(
|
|
|
|
|
# use the value from the cloud config file
|
|
|
|
|
"master_config",
|
|
|
|
|
# if not found, use the default path
|
2013-12-05 19:18:33 +00:00
|
|
|
os.path.join(salt.syspaths.CONFIG_DIR, "master"),
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
elif master_config_path is not None and master_config is None:
|
|
|
|
|
master_config = salt.config.master_config(master_config_path)
|
|
|
|
|
|
2017-05-24 11:40:44 +02:00
|
|
|
# cloud config has a separate cachedir
|
2016-08-31 11:38:43 -05:00
|
|
|
del master_config["cachedir"]
|
|
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
# 2nd - salt-cloud configuration which was loaded before so we could
|
|
|
|
|
# extract the master configuration file if needed.
|
|
|
|
|
|
|
|
|
|
# Override master configuration with the salt cloud(current overrides)
|
|
|
|
|
master_config.update(overrides)
|
|
|
|
|
# We now set the overridden master_config as the overrides
|
|
|
|
|
overrides = master_config
|
|
|
|
|
|
|
|
|
|
if providers_config_path is not None and providers_config is not None:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2021-08-03 08:40:21 +01:00
|
|
|
"Only pass `providers_config` or `providers_config_path`, not both."
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
elif providers_config_path is None and providers_config is None:
|
|
|
|
|
providers_config_path = overrides.get(
|
|
|
|
|
# use the value from the cloud config file
|
|
|
|
|
"providers_config",
|
|
|
|
|
# if not found, use the default path
|
2013-12-05 19:18:33 +00:00
|
|
|
os.path.join(salt.syspaths.CONFIG_DIR, "cloud.providers"),
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
|
2013-11-25 11:46:16 +00:00
|
|
|
if profiles_config_path is not None and profiles_config is not None:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2013-11-25 11:46:16 +00:00
|
|
|
"Only pass `profiles_config` or `profiles_config_path`, not both."
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
2013-11-25 11:46:16 +00:00
|
|
|
elif profiles_config_path is None and profiles_config is None:
|
|
|
|
|
profiles_config_path = overrides.get(
|
2013-11-20 19:01:11 +00:00
|
|
|
# use the value from the cloud config file
|
2013-11-25 11:46:16 +00:00
|
|
|
"profiles_config",
|
2013-11-20 19:01:11 +00:00
|
|
|
# if not found, use the default path
|
2013-12-05 19:18:33 +00:00
|
|
|
os.path.join(salt.syspaths.CONFIG_DIR, "cloud.profiles"),
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Apply the salt-cloud configuration
|
|
|
|
|
opts = apply_cloud_config(overrides, defaults)
|
|
|
|
|
|
|
|
|
|
# 3rd - Include Cloud Providers
|
|
|
|
|
if "providers" in opts:
|
|
|
|
|
if providers_config is not None:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2013-11-20 19:01:11 +00:00
|
|
|
"Do not mix the old cloud providers configuration with "
|
|
|
|
|
"the passing a pre-configured providers configuration "
|
|
|
|
|
"dictionary."
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if providers_config_path is not None:
|
|
|
|
|
providers_confd = os.path.join(
|
|
|
|
|
os.path.dirname(providers_config_path), "cloud.providers.d", "*"
|
|
|
|
|
)
|
|
|
|
|
|
2013-12-02 16:18:27 +07:00
|
|
|
if os.path.isfile(providers_config_path) or glob.glob(providers_confd):
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2013-11-20 19:01:11 +00:00
|
|
|
"Do not mix the old cloud providers configuration with "
|
|
|
|
|
"the new one. The providers configuration should now go "
|
2013-11-25 11:11:23 +00:00
|
|
|
"in the file `{0}` or a separate `*.conf` file within "
|
|
|
|
|
"`cloud.providers.d/` which is relative to `{0}`.".format(
|
2013-12-05 19:18:33 +00:00
|
|
|
os.path.join(salt.syspaths.CONFIG_DIR, "cloud.providers")
|
2013-11-25 11:11:23 +00:00
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
# No exception was raised? It's the old configuration alone
|
|
|
|
|
providers_config = opts["providers"]
|
|
|
|
|
|
|
|
|
|
elif providers_config_path is not None:
|
|
|
|
|
# Load from configuration file, even if that files does not exist since
|
|
|
|
|
# it will be populated with defaults.
|
|
|
|
|
providers_config = cloud_providers_config(providers_config_path)
|
|
|
|
|
|
|
|
|
|
# Let's assign back the computed providers configuration
|
|
|
|
|
opts["providers"] = providers_config
|
|
|
|
|
|
|
|
|
|
# 4th - Include VM profiles config
|
2013-12-03 18:32:14 +00:00
|
|
|
if profiles_config is None:
|
2013-11-20 19:01:11 +00:00
|
|
|
# Load profiles configuration from the provided file
|
2013-12-03 18:32:14 +00:00
|
|
|
profiles_config = vm_profiles_config(profiles_config_path, providers_config)
|
|
|
|
|
opts["profiles"] = profiles_config
|
2013-11-20 19:01:11 +00:00
|
|
|
|
2014-06-18 16:15:06 -05:00
|
|
|
# recurse opts for sdb configs
|
2014-06-18 17:42:53 -05:00
|
|
|
apply_sdb(opts)
|
2014-06-18 16:15:06 -05:00
|
|
|
|
2016-08-31 11:38:43 -05:00
|
|
|
# prepend root_dir
|
2018-06-18 19:37:03 +03:00
|
|
|
prepend_root_dirs = ["cachedir"]
|
2024-06-22 10:00:09 -07:00
|
|
|
if should_prepend_root_dir("log_file", opts):
|
2024-06-22 03:22:17 -07:00
|
|
|
prepend_root_dirs.append("log_file")
|
2016-08-31 11:38:43 -05:00
|
|
|
prepend_root_dir(opts, prepend_root_dirs)
|
|
|
|
|
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2013-11-20 19:01:11 +00:00
|
|
|
# Return the final options
|
|
|
|
|
return opts
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def apply_cloud_config(overrides, defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-10-03 16:39:04 -06:00
|
|
|
Return a cloud config
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
if defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
defaults = DEFAULT_CLOUD_OPTS.copy()
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
config = defaults.copy()
|
|
|
|
|
if overrides:
|
|
|
|
|
config.update(overrides)
|
|
|
|
|
|
|
|
|
|
# If the user defined providers in salt cloud's main configuration file, we
|
|
|
|
|
# need to take care for proper and expected format.
|
|
|
|
|
if "providers" in config:
|
|
|
|
|
# Keep a copy of the defined providers
|
|
|
|
|
providers = config["providers"].copy()
|
|
|
|
|
# Reset the providers dictionary
|
|
|
|
|
config["providers"] = {}
|
|
|
|
|
# Populate the providers dictionary
|
2020-09-30 03:09:12 +02:00
|
|
|
for alias, details in providers.items():
|
2013-11-20 19:01:11 +00:00
|
|
|
if isinstance(details, list):
|
|
|
|
|
for detail in details:
|
2016-12-08 13:18:51 -07:00
|
|
|
if "driver" not in detail:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2020-09-30 03:09:12 +02:00
|
|
|
"The cloud provider alias '{}' has an entry "
|
2016-12-08 13:18:51 -07:00
|
|
|
"missing the required setting of 'driver'.".format(alias)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
2016-12-08 13:18:51 -07:00
|
|
|
|
|
|
|
|
driver = detail["driver"]
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if ":" in driver:
|
|
|
|
|
# Weird, but...
|
|
|
|
|
alias, driver = driver.split(":")
|
|
|
|
|
|
|
|
|
|
if alias not in config["providers"]:
|
|
|
|
|
config["providers"][alias] = {}
|
|
|
|
|
|
2024-02-27 11:08:46 +00:00
|
|
|
detail["provider"] = f"{alias}:{driver}"
|
2013-11-20 19:01:11 +00:00
|
|
|
config["providers"][alias][driver] = detail
|
|
|
|
|
elif isinstance(details, dict):
|
2016-12-08 13:18:51 -07:00
|
|
|
if "driver" not in details:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2020-09-30 03:09:12 +02:00
|
|
|
"The cloud provider alias '{}' has an entry "
|
2016-12-08 13:18:51 -07:00
|
|
|
"missing the required setting of 'driver'".format(alias)
|
2015-06-17 15:27:39 -06:00
|
|
|
)
|
2016-12-08 13:18:51 -07:00
|
|
|
|
|
|
|
|
driver = details["driver"]
|
|
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
if ":" in driver:
|
|
|
|
|
# Weird, but...
|
|
|
|
|
alias, driver = driver.split(":")
|
|
|
|
|
if alias not in config["providers"]:
|
|
|
|
|
config["providers"][alias] = {}
|
|
|
|
|
|
2024-02-27 11:08:46 +00:00
|
|
|
details["provider"] = f"{alias}:{driver}"
|
2013-11-20 19:01:11 +00:00
|
|
|
config["providers"][alias][driver] = details
|
|
|
|
|
|
|
|
|
|
# Migrate old configuration
|
|
|
|
|
config = old_to_new(config)
|
|
|
|
|
|
|
|
|
|
return config
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def old_to_new(opts):
|
|
|
|
|
providers = (
|
|
|
|
|
"AWS",
|
|
|
|
|
"CLOUDSTACK",
|
2017-09-19 12:47:16 -06:00
|
|
|
"DIGITALOCEAN",
|
2013-11-20 19:01:11 +00:00
|
|
|
"EC2",
|
|
|
|
|
"GOGRID",
|
|
|
|
|
"IBMSCE",
|
|
|
|
|
"JOYENT",
|
|
|
|
|
"LINODE",
|
|
|
|
|
"OPENSTACK",
|
|
|
|
|
"PARALLELS",
|
|
|
|
|
"RACKSPACE",
|
|
|
|
|
"SALTIFY",
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
for provider in providers:
|
|
|
|
|
|
|
|
|
|
provider_config = {}
|
2015-02-17 12:59:08 -05:00
|
|
|
for opt, val in opts.items():
|
|
|
|
|
if provider in opt:
|
2015-02-18 09:35:21 -05:00
|
|
|
value = val
|
|
|
|
|
name = opt.split(".", 1)[1]
|
|
|
|
|
provider_config[name] = value
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
lprovider = provider.lower()
|
|
|
|
|
if provider_config:
|
|
|
|
|
provider_config["provider"] = lprovider
|
|
|
|
|
opts.setdefault("providers", {})
|
|
|
|
|
# provider alias
|
|
|
|
|
opts["providers"][lprovider] = {}
|
|
|
|
|
# provider alias, provider driver
|
|
|
|
|
opts["providers"][lprovider][lprovider] = provider_config
|
|
|
|
|
return opts
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def vm_profiles_config(path, providers, env_var="SALT_CLOUDVM_CONFIG", defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
Read in the salt cloud VM config file
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
if defaults is None:
|
|
|
|
|
defaults = VM_CONFIG_DEFAULTS
|
|
|
|
|
|
2013-11-25 11:12:49 +00:00
|
|
|
overrides = salt.config.load_config(
|
2013-12-05 19:18:33 +00:00
|
|
|
path, env_var, os.path.join(salt.syspaths.CONFIG_DIR, "cloud.profiles")
|
2013-11-25 11:12:49 +00:00
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
default_include = overrides.get("default_include", defaults["default_include"])
|
|
|
|
|
include = overrides.get("include", [])
|
|
|
|
|
|
|
|
|
|
overrides.update(salt.config.include_config(default_include, path, verbose=False))
|
|
|
|
|
overrides.update(salt.config.include_config(include, path, verbose=True))
|
|
|
|
|
return apply_vm_profiles_config(providers, overrides, defaults)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def apply_vm_profiles_config(providers, overrides, defaults=None):
|
|
|
|
|
if defaults is None:
|
|
|
|
|
defaults = VM_CONFIG_DEFAULTS
|
|
|
|
|
|
|
|
|
|
config = defaults.copy()
|
|
|
|
|
if overrides:
|
|
|
|
|
config.update(overrides)
|
|
|
|
|
|
|
|
|
|
vms = {}
|
|
|
|
|
|
2020-09-30 03:09:12 +02:00
|
|
|
for key, val in config.items():
|
2014-01-29 18:42:58 +00:00
|
|
|
if key in ("conf_file", "include", "default_include", "user"):
|
2013-11-20 19:01:11 +00:00
|
|
|
continue
|
|
|
|
|
if not isinstance(val, dict):
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2015-08-26 23:26:06 -05:00
|
|
|
"The VM profiles configuration found in '{0[conf_file]}' is "
|
2013-11-20 19:01:11 +00:00
|
|
|
"not in the proper format".format(config)
|
|
|
|
|
)
|
|
|
|
|
val["profile"] = key
|
|
|
|
|
vms[key] = val
|
|
|
|
|
|
|
|
|
|
# Is any VM profile extending data!?
|
2020-09-30 03:09:12 +02:00
|
|
|
for profile, details in vms.copy().items():
|
2013-11-20 19:01:11 +00:00
|
|
|
if "extends" not in details:
|
|
|
|
|
if ":" in details["provider"]:
|
|
|
|
|
alias, driver = details["provider"].split(":")
|
|
|
|
|
if alias not in providers or driver not in providers[alias]:
|
2014-09-15 20:10:05 -06:00
|
|
|
log.trace(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The profile '%s' is defining '%s' "
|
2015-08-26 23:26:06 -05:00
|
|
|
"as the provider. Since there is no valid "
|
|
|
|
|
"configuration for that provider, the profile will be "
|
2018-01-07 14:48:45 -06:00
|
|
|
"removed from the available listing",
|
|
|
|
|
profile,
|
|
|
|
|
details["provider"],
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
vms.pop(profile)
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if "profiles" not in providers[alias][driver]:
|
|
|
|
|
providers[alias][driver]["profiles"] = {}
|
|
|
|
|
providers[alias][driver]["profiles"][profile] = details
|
|
|
|
|
|
|
|
|
|
if details["provider"] not in providers:
|
2014-09-15 20:10:05 -06:00
|
|
|
log.trace(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The profile '%s' is defining '%s' as the "
|
2015-08-26 23:26:06 -05:00
|
|
|
"provider. Since there is no valid configuration for "
|
2013-11-20 19:01:11 +00:00
|
|
|
"that provider, the profile will be removed from the "
|
2018-01-07 14:48:45 -06:00
|
|
|
"available listing",
|
|
|
|
|
profile,
|
|
|
|
|
details["provider"],
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
vms.pop(profile)
|
|
|
|
|
continue
|
|
|
|
|
|
2014-11-10 20:10:06 -07:00
|
|
|
driver = next(iter(list(providers[details["provider"]].keys())))
|
2013-11-20 19:01:11 +00:00
|
|
|
providers[details["provider"]][driver].setdefault("profiles", {}).update(
|
|
|
|
|
{profile: details}
|
|
|
|
|
)
|
|
|
|
|
details["provider"] = "{0[provider]}:{1}".format(details, driver)
|
|
|
|
|
vms[profile] = details
|
|
|
|
|
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
extends = details.pop("extends")
|
|
|
|
|
if extends not in vms:
|
|
|
|
|
log.error(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The '%s' profile is trying to extend data from '%s' "
|
|
|
|
|
"though '%s' is not defined in the salt profiles loaded "
|
|
|
|
|
"data. Not extending and removing from listing!",
|
|
|
|
|
profile,
|
|
|
|
|
extends,
|
|
|
|
|
extends,
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
vms.pop(profile)
|
|
|
|
|
continue
|
|
|
|
|
|
2016-12-26 01:36:45 -05:00
|
|
|
extended = deepcopy(vms.get(extends))
|
2013-11-20 19:01:11 +00:00
|
|
|
extended.pop("profile")
|
2016-12-26 01:36:45 -05:00
|
|
|
# Merge extended configuration with base profile
|
|
|
|
|
extended = salt.utils.dictupdate.update(extended, details)
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if ":" not in extended["provider"]:
|
|
|
|
|
if extended["provider"] not in providers:
|
2014-09-15 20:10:05 -06:00
|
|
|
log.trace(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The profile '%s' is defining '%s' as the "
|
2015-08-26 23:26:06 -05:00
|
|
|
"provider. Since there is no valid configuration for "
|
2013-11-20 19:01:11 +00:00
|
|
|
"that provider, the profile will be removed from the "
|
2018-01-07 14:48:45 -06:00
|
|
|
"available listing",
|
|
|
|
|
profile,
|
|
|
|
|
extended["provider"],
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
vms.pop(profile)
|
|
|
|
|
continue
|
|
|
|
|
|
2014-11-10 20:10:06 -07:00
|
|
|
driver = next(iter(list(providers[extended["provider"]].keys())))
|
2013-11-20 19:01:11 +00:00
|
|
|
providers[extended["provider"]][driver].setdefault("profiles", {}).update(
|
|
|
|
|
{profile: extended}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
extended["provider"] = "{0[provider]}:{1}".format(extended, driver)
|
|
|
|
|
else:
|
|
|
|
|
alias, driver = extended["provider"].split(":")
|
|
|
|
|
if alias not in providers or driver not in providers[alias]:
|
2014-09-15 20:10:05 -06:00
|
|
|
log.trace(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The profile '%s' is defining '%s' as "
|
2015-08-26 23:26:06 -05:00
|
|
|
"the provider. Since there is no valid configuration "
|
|
|
|
|
"for that provider, the profile will be removed from "
|
2018-01-07 14:48:45 -06:00
|
|
|
"the available listing",
|
|
|
|
|
profile,
|
|
|
|
|
extended["provider"],
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
vms.pop(profile)
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
providers[alias][driver].setdefault("profiles", {}).update(
|
|
|
|
|
{profile: extended}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
# Update the profile's entry with the extended data
|
|
|
|
|
vms[profile] = extended
|
|
|
|
|
|
|
|
|
|
return vms
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def cloud_providers_config(path, env_var="SALT_CLOUD_PROVIDERS_CONFIG", defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
Read in the salt cloud providers configuration file
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
if defaults is None:
|
|
|
|
|
defaults = PROVIDER_CONFIG_DEFAULTS
|
|
|
|
|
|
2013-11-25 11:12:49 +00:00
|
|
|
overrides = salt.config.load_config(
|
2013-12-05 19:18:33 +00:00
|
|
|
path, env_var, os.path.join(salt.syspaths.CONFIG_DIR, "cloud.providers")
|
2013-11-25 11:12:49 +00:00
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
default_include = overrides.get("default_include", defaults["default_include"])
|
|
|
|
|
include = overrides.get("include", [])
|
|
|
|
|
|
|
|
|
|
overrides.update(salt.config.include_config(default_include, path, verbose=False))
|
|
|
|
|
overrides.update(salt.config.include_config(include, path, verbose=True))
|
|
|
|
|
return apply_cloud_providers_config(overrides, defaults)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def apply_cloud_providers_config(overrides, defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
Apply the loaded cloud providers configuration.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
if defaults is None:
|
|
|
|
|
defaults = PROVIDER_CONFIG_DEFAULTS
|
|
|
|
|
|
|
|
|
|
config = defaults.copy()
|
|
|
|
|
if overrides:
|
|
|
|
|
config.update(overrides)
|
|
|
|
|
|
|
|
|
|
# Is the user still using the old format in the new configuration file?!
|
2020-09-30 03:09:12 +02:00
|
|
|
for name, settings in config.copy().items():
|
2013-11-20 19:01:11 +00:00
|
|
|
if "." in name:
|
|
|
|
|
log.warning("Please switch to the new providers configuration syntax")
|
|
|
|
|
|
|
|
|
|
# Let's help out and migrate the data
|
|
|
|
|
config = old_to_new(config)
|
|
|
|
|
|
|
|
|
|
# old_to_new will migrate the old data into the 'providers' key of
|
|
|
|
|
# the config dictionary. Let's map it correctly
|
2020-09-30 03:09:12 +02:00
|
|
|
for prov_name, prov_settings in config.pop("providers").items():
|
2013-11-20 19:01:11 +00:00
|
|
|
config[prov_name] = prov_settings
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
providers = {}
|
2014-06-17 12:55:03 -06:00
|
|
|
ext_count = 0
|
2020-09-30 03:09:12 +02:00
|
|
|
for key, val in config.items():
|
2014-01-29 18:42:58 +00:00
|
|
|
if key in ("conf_file", "include", "default_include", "user"):
|
2013-11-20 19:01:11 +00:00
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if not isinstance(val, (list, tuple)):
|
|
|
|
|
val = [val]
|
|
|
|
|
else:
|
|
|
|
|
# Need to check for duplicate cloud provider entries per "alias" or
|
|
|
|
|
# we won't be able to properly reference it.
|
|
|
|
|
handled_providers = set()
|
|
|
|
|
for details in val:
|
2016-12-08 13:18:51 -07:00
|
|
|
if "driver" not in details:
|
2013-11-20 19:01:11 +00:00
|
|
|
if "extends" not in details:
|
|
|
|
|
log.error(
|
|
|
|
|
"Please check your cloud providers configuration. "
|
2016-12-08 13:18:51 -07:00
|
|
|
"There's no 'driver' nor 'extends' definition "
|
|
|
|
|
"referenced."
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
continue
|
2015-06-18 14:02:13 -06:00
|
|
|
|
|
|
|
|
if details["driver"] in handled_providers:
|
2013-11-20 19:01:11 +00:00
|
|
|
log.error(
|
|
|
|
|
"You can only have one entry per cloud provider. For "
|
|
|
|
|
"example, if you have a cloud provider configuration "
|
|
|
|
|
"section named, 'production', you can only have a "
|
|
|
|
|
"single entry for EC2, Joyent, Openstack, and so "
|
|
|
|
|
"forth."
|
|
|
|
|
)
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2015-08-26 23:26:06 -05:00
|
|
|
"The cloud provider alias '{0}' has multiple entries "
|
|
|
|
|
"for the '{1[driver]}' driver.".format(key, details)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
2015-06-18 14:02:13 -06:00
|
|
|
handled_providers.add(details["driver"])
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
for entry in val:
|
2015-06-17 15:27:39 -06:00
|
|
|
|
|
|
|
|
if "driver" not in entry:
|
2024-02-27 11:08:46 +00:00
|
|
|
entry["driver"] = f"-only-extendable-{ext_count}"
|
2014-06-17 12:55:03 -06:00
|
|
|
ext_count += 1
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if key not in providers:
|
|
|
|
|
providers[key] = {}
|
|
|
|
|
|
2015-06-17 15:27:39 -06:00
|
|
|
provider = entry["driver"]
|
2014-06-17 12:55:03 -06:00
|
|
|
if provider not in providers[key]:
|
2013-11-20 19:01:11 +00:00
|
|
|
providers[key][provider] = entry
|
|
|
|
|
|
|
|
|
|
# Is any provider extending data!?
|
|
|
|
|
while True:
|
|
|
|
|
keep_looping = False
|
2020-09-30 03:09:12 +02:00
|
|
|
for provider_alias, entries in providers.copy().items():
|
|
|
|
|
for driver, details in entries.items():
|
2013-11-20 19:01:11 +00:00
|
|
|
# Set a holder for the defined profiles
|
|
|
|
|
providers[provider_alias][driver]["profiles"] = {}
|
|
|
|
|
|
|
|
|
|
if "extends" not in details:
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
extends = details.pop("extends")
|
|
|
|
|
|
|
|
|
|
if ":" in extends:
|
|
|
|
|
alias, provider = extends.split(":")
|
|
|
|
|
if alias not in providers:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2015-08-26 23:26:06 -05:00
|
|
|
"The '{0}' cloud provider entry in '{1}' is "
|
|
|
|
|
"trying to extend data from '{2}' though "
|
|
|
|
|
"'{2}' is not defined in the salt cloud "
|
|
|
|
|
"providers loaded data.".format(
|
2013-11-20 19:01:11 +00:00
|
|
|
details["driver"], provider_alias, alias
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
if provider not in providers.get(alias):
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2015-08-26 23:26:06 -05:00
|
|
|
"The '{0}' cloud provider entry in '{1}' is "
|
2013-11-20 19:01:11 +00:00
|
|
|
"trying to extend data from '{2}:{3}' though "
|
2015-08-26 23:26:06 -05:00
|
|
|
"'{3}' is not defined in '{1}'".format(
|
2013-11-20 19:01:11 +00:00
|
|
|
details["driver"], provider_alias, alias, provider
|
|
|
|
|
)
|
|
|
|
|
)
|
2024-02-27 11:08:46 +00:00
|
|
|
details["extends"] = f"{alias}:{provider}"
|
2015-08-26 23:26:06 -05:00
|
|
|
# change provider details '-only-extendable-' to extended
|
|
|
|
|
# provider name
|
2015-06-18 14:02:13 -06:00
|
|
|
details["driver"] = provider
|
2014-06-18 17:15:15 -06:00
|
|
|
elif providers.get(extends):
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2020-09-30 03:09:12 +02:00
|
|
|
"The '{}' cloud provider entry in '{}' is "
|
|
|
|
|
"trying to extend from '{}' and no provider was "
|
2015-08-26 23:26:06 -05:00
|
|
|
"specified. Not extending!".format(
|
2015-06-18 14:02:13 -06:00
|
|
|
details["driver"], provider_alias, extends
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
elif extends not in providers:
|
2014-09-03 12:30:28 -06:00
|
|
|
raise salt.exceptions.SaltCloudConfigError(
|
2015-08-26 23:26:06 -05:00
|
|
|
"The '{0}' cloud provider entry in '{1}' is "
|
|
|
|
|
"trying to extend data from '{2}' though '{2}' "
|
|
|
|
|
"is not defined in the salt cloud providers loaded "
|
2015-06-18 14:02:13 -06:00
|
|
|
"data.".format(details["driver"], provider_alias, extends)
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
if driver in providers.get(extends):
|
2024-02-27 11:08:46 +00:00
|
|
|
details["extends"] = f"{extends}:{driver}"
|
2014-06-18 17:15:15 -06:00
|
|
|
elif "-only-extendable-" in providers.get(extends):
|
2020-09-30 03:09:12 +02:00
|
|
|
details["extends"] = "{}:{}".format(
|
2024-02-27 11:08:46 +00:00
|
|
|
extends, f"-only-extendable-{ext_count}"
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
# We're still not aware of what we're trying to extend
|
|
|
|
|
# from. Let's try on next iteration
|
|
|
|
|
details["extends"] = extends
|
|
|
|
|
keep_looping = True
|
|
|
|
|
if not keep_looping:
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
while True:
|
|
|
|
|
# Merge provided extends
|
|
|
|
|
keep_looping = False
|
2020-09-30 03:09:12 +02:00
|
|
|
for alias, entries in providers.copy().items():
|
|
|
|
|
for driver in list(entries.keys()):
|
Fix RuntimeError: dictionary keys changed during iteration
The following unit tests fail on Python 3.8:
```
======================================================================
ERROR: test_state_config (unit.renderers.test_stateconf.StateConfigRendererTestCase)
[CPU:0.0%|MEM:56.6%]
----------------------------------------------------------------------
Traceback (most recent call last):
File "/<<PKGBUILDDIR>>/tests/unit/renderers/test_stateconf.py", line 74, in test_state_config
result = self._render_sls('''
File "/<<PKGBUILDDIR>>/tests/unit/renderers/test_stateconf.py", line 66, in _render_sls
return self._renderers['stateconf'](
File "/<<PKGBUILDDIR>>/salt/renderers/stateconf.py", line 227, in render
for k in six.iterkeys(tmplctx): # iterate over a copy of keys
RuntimeError: dictionary keys changed during iteration
======================================================================
ERROR: test_apply_cloud_providers_config_extend (unit.test_config.ConfigTestCase)
[CPU:0.0%|MEM:56.6%]
----------------------------------------------------------------------
Traceback (most recent call last):
File "/<<PKGBUILDDIR>>/tests/unit/test_config.py", line 1243, in test_apply_cloud_providers_config_extend
salt.config.apply_cloud_providers_config(
File "/<<PKGBUILDDIR>>/salt/config/__init__.py", line 3196, in apply_cloud_providers_config
for driver, details in six.iteritems(entries):
RuntimeError: dictionary keys changed during iteration
======================================================================
ERROR: test_apply_cloud_providers_config_extend_multiple (unit.test_config.ConfigTestCase)
[CPU:0.0%|MEM:56.6%]
----------------------------------------------------------------------
Traceback (most recent call last):
File "/<<PKGBUILDDIR>>/tests/unit/test_config.py", line 1334, in test_apply_cloud_providers_config_extend_multiple
self.assertEqual(ret, salt.config.apply_cloud_providers_config(overrides, defaults=DEFAULT))
File "/<<PKGBUILDDIR>>/salt/config/__init__.py", line 3196, in apply_cloud_providers_config
for driver, details in six.iteritems(entries):
RuntimeError: dictionary keys changed during iteration
======================================================================
```
Replace the affected for loop of the first case by a dictionary
comprehension to construct the modified dictionary. For the remaining
cases, switch from `iteritems` to `iterkeys`, since the dictionary
values will be modified.
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
2020-01-31 12:28:40 +01:00
|
|
|
# Don't use iteritems, because the values of the dictionary will be changed
|
|
|
|
|
details = entries[driver]
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if "extends" not in details:
|
|
|
|
|
# Extends resolved or non existing, continue!
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if "extends" in details["extends"]:
|
|
|
|
|
# Since there's a nested extends, resolve this one in the
|
|
|
|
|
# next iteration
|
|
|
|
|
keep_looping = True
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# Let's get a reference to what we're supposed to extend
|
|
|
|
|
extends = details.pop("extends")
|
|
|
|
|
# Split the setting in (alias, driver)
|
|
|
|
|
ext_alias, ext_driver = extends.split(":")
|
|
|
|
|
# Grab a copy of what should be extended
|
|
|
|
|
extended = providers.get(ext_alias).get(ext_driver).copy()
|
|
|
|
|
# Merge the data to extend with the details
|
2016-12-26 01:36:45 -05:00
|
|
|
extended = salt.utils.dictupdate.update(extended, details)
|
2013-11-20 19:01:11 +00:00
|
|
|
# Update the providers dictionary with the merged data
|
|
|
|
|
providers[alias][driver] = extended
|
2014-06-17 12:55:03 -06:00
|
|
|
# Update name of the driver, now that it's populated with extended information
|
|
|
|
|
if driver.startswith("-only-extendable-"):
|
|
|
|
|
providers[alias][ext_driver] = providers[alias][driver]
|
|
|
|
|
# Delete driver with old name to maintain dictionary size
|
|
|
|
|
del providers[alias][driver]
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
if not keep_looping:
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
# Now clean up any providers entry that was just used to be a data tree to
|
|
|
|
|
# extend from
|
2020-09-30 03:09:12 +02:00
|
|
|
for provider_alias, entries in providers.copy().items():
|
|
|
|
|
for driver, details in entries.copy().items():
|
2014-06-17 12:55:03 -06:00
|
|
|
if not driver.startswith("-only-extendable-"):
|
2013-11-20 19:01:11 +00:00
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
log.info(
|
2018-01-07 14:48:45 -06:00
|
|
|
"There's at least one cloud driver under the '%s' "
|
2013-11-20 19:01:11 +00:00
|
|
|
"cloud provider alias which does not have the required "
|
2016-02-13 20:05:08 +00:00
|
|
|
"'driver' setting. Removing it from the available "
|
2018-01-07 14:48:45 -06:00
|
|
|
"providers listing.",
|
|
|
|
|
provider_alias,
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
providers[provider_alias].pop(driver)
|
|
|
|
|
|
|
|
|
|
if not providers[provider_alias]:
|
|
|
|
|
providers.pop(provider_alias)
|
|
|
|
|
|
|
|
|
|
return providers
|
|
|
|
|
|
|
|
|
|
|
2013-11-21 20:42:59 +00:00
|
|
|
def get_cloud_config_value(name, vm_, opts, default=None, search_global=True):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
Search and return a setting in a known order:
|
|
|
|
|
|
|
|
|
|
1. In the virtual machine's configuration
|
|
|
|
|
2. In the virtual machine's profile configuration
|
|
|
|
|
3. In the virtual machine's provider configuration
|
|
|
|
|
4. In the salt cloud configuration if global searching is enabled
|
|
|
|
|
5. Return the provided default
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
# As a last resort, return the default
|
|
|
|
|
value = default
|
|
|
|
|
|
|
|
|
|
if search_global is True and opts.get(name, None) is not None:
|
|
|
|
|
# The setting name exists in the cloud(global) configuration
|
|
|
|
|
value = deepcopy(opts[name])
|
|
|
|
|
|
|
|
|
|
if vm_ and name:
|
|
|
|
|
# Let's get the value from the profile, if present
|
2013-11-30 13:02:12 -07:00
|
|
|
if "profile" in vm_ and vm_["profile"] is not None:
|
|
|
|
|
if name in opts["profiles"][vm_["profile"]]:
|
|
|
|
|
if isinstance(value, dict):
|
|
|
|
|
value.update(opts["profiles"][vm_["profile"]][name].copy())
|
|
|
|
|
else:
|
|
|
|
|
value = deepcopy(opts["profiles"][vm_["profile"]][name])
|
2013-11-20 19:01:11 +00:00
|
|
|
|
2015-06-17 15:27:39 -06:00
|
|
|
# Let's get the value from the provider, if present.
|
|
|
|
|
if ":" in vm_["driver"]:
|
|
|
|
|
# The provider is defined as <provider-alias>:<driver-name>
|
|
|
|
|
alias, driver = vm_["driver"].split(":")
|
2013-11-20 19:01:11 +00:00
|
|
|
if alias in opts["providers"] and driver in opts["providers"][alias]:
|
|
|
|
|
details = opts["providers"][alias][driver]
|
|
|
|
|
if name in details:
|
|
|
|
|
if isinstance(value, dict):
|
|
|
|
|
value.update(details[name].copy())
|
|
|
|
|
else:
|
|
|
|
|
value = deepcopy(details[name])
|
2015-06-17 15:27:39 -06:00
|
|
|
elif len(opts["providers"].get(vm_["driver"], ())) > 1:
|
|
|
|
|
# The provider is NOT defined as <provider-alias>:<driver-name>
|
2013-11-20 19:01:11 +00:00
|
|
|
# and there's more than one entry under the alias.
|
|
|
|
|
# WARN the user!!!!
|
|
|
|
|
log.error(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The '%s' cloud provider definition has more than one "
|
2013-11-20 19:01:11 +00:00
|
|
|
"entry. Your VM configuration should be specifying the "
|
2018-01-07 14:48:45 -06:00
|
|
|
"provider as 'driver: %s:<driver-engine>'. Since "
|
2016-02-13 20:05:08 +00:00
|
|
|
"it's not, we're returning the first definition which "
|
2018-01-07 14:48:45 -06:00
|
|
|
"might not be what you intended.",
|
|
|
|
|
vm_["driver"],
|
|
|
|
|
vm_["driver"],
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
|
2015-06-17 15:27:39 -06:00
|
|
|
if vm_["driver"] in opts["providers"]:
|
2013-11-20 19:01:11 +00:00
|
|
|
# There's only one driver defined for this provider. This is safe.
|
2015-06-17 15:27:39 -06:00
|
|
|
alias_defs = opts["providers"].get(vm_["driver"])
|
2014-11-10 20:10:06 -07:00
|
|
|
provider_driver_defs = alias_defs[next(iter(list(alias_defs.keys())))]
|
2013-11-20 19:01:11 +00:00
|
|
|
if name in provider_driver_defs:
|
|
|
|
|
# The setting name exists in the VM's provider configuration.
|
|
|
|
|
# Return it!
|
|
|
|
|
if isinstance(value, dict):
|
|
|
|
|
value.update(provider_driver_defs[name].copy())
|
|
|
|
|
else:
|
|
|
|
|
value = deepcopy(provider_driver_defs[name])
|
|
|
|
|
|
|
|
|
|
if name and vm_ and name in vm_:
|
|
|
|
|
# The setting name exists in VM configuration.
|
2015-07-14 14:28:07 +10:00
|
|
|
if isinstance(vm_[name], types.GeneratorType):
|
2015-07-14 15:03:55 +10:00
|
|
|
value = next(vm_[name], "")
|
2013-11-20 19:01:11 +00:00
|
|
|
else:
|
2018-05-23 07:50:06 -05:00
|
|
|
if isinstance(value, dict) and isinstance(vm_[name], dict):
|
2015-07-14 14:28:07 +10:00
|
|
|
value.update(vm_[name].copy())
|
|
|
|
|
else:
|
|
|
|
|
value = deepcopy(vm_[name])
|
2013-11-20 19:01:11 +00:00
|
|
|
|
|
|
|
|
return value
|
|
|
|
|
|
|
|
|
|
|
2018-06-18 12:46:39 -05:00
|
|
|
def is_provider_configured(
|
|
|
|
|
opts, provider, required_keys=(), log_message=True, aliases=()
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
Check and return the first matching and fully configured cloud provider
|
|
|
|
|
configuration.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-11-20 19:01:11 +00:00
|
|
|
if ":" in provider:
|
|
|
|
|
alias, driver = provider.split(":")
|
|
|
|
|
if alias not in opts["providers"]:
|
|
|
|
|
return False
|
|
|
|
|
if driver not in opts["providers"][alias]:
|
|
|
|
|
return False
|
|
|
|
|
for key in required_keys:
|
|
|
|
|
if opts["providers"][alias][driver].get(key, None) is None:
|
2017-11-27 16:06:15 -07:00
|
|
|
if log_message is True:
|
|
|
|
|
# There's at least one require configuration key which is not
|
|
|
|
|
# set.
|
|
|
|
|
log.warning(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The required '%s' configuration setting is missing "
|
|
|
|
|
"from the '%s' driver, which is configured under the "
|
|
|
|
|
"'%s' alias.",
|
|
|
|
|
key,
|
|
|
|
|
provider,
|
|
|
|
|
alias,
|
2017-11-27 16:06:15 -07:00
|
|
|
)
|
2013-11-20 19:01:11 +00:00
|
|
|
return False
|
2015-08-26 23:26:06 -05:00
|
|
|
# If we reached this far, there's a properly configured provider.
|
|
|
|
|
# Return it!
|
2013-11-20 19:01:11 +00:00
|
|
|
return opts["providers"][alias][driver]
|
|
|
|
|
|
2020-09-30 03:09:12 +02:00
|
|
|
for alias, drivers in opts["providers"].items():
|
|
|
|
|
for driver, provider_details in drivers.items():
|
2018-06-18 12:46:39 -05:00
|
|
|
if driver != provider and driver not in aliases:
|
2013-11-20 19:01:11 +00:00
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# If we reached this far, we have a matching provider, let's see if
|
2015-06-22 16:33:16 -06:00
|
|
|
# all required configuration keys are present and not None.
|
2013-11-20 19:01:11 +00:00
|
|
|
skip_provider = False
|
|
|
|
|
for key in required_keys:
|
|
|
|
|
if provider_details.get(key, None) is None:
|
2017-11-27 16:06:15 -07:00
|
|
|
if log_message is True:
|
|
|
|
|
# This provider does not include all necessary keys,
|
|
|
|
|
# continue to next one.
|
|
|
|
|
log.warning(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The required '%s' configuration setting is "
|
|
|
|
|
"missing from the '%s' driver, which is configured "
|
|
|
|
|
"under the '%s' alias.",
|
|
|
|
|
key,
|
|
|
|
|
provider,
|
|
|
|
|
alias,
|
2013-11-20 19:01:11 +00:00
|
|
|
)
|
|
|
|
|
skip_provider = True
|
|
|
|
|
break
|
|
|
|
|
|
|
|
|
|
if skip_provider:
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
# If we reached this far, the provider included all required keys
|
|
|
|
|
return provider_details
|
|
|
|
|
|
|
|
|
|
# If we reached this point, the provider is not configured.
|
|
|
|
|
return False
|
2015-06-22 16:57:44 -06:00
|
|
|
|
|
|
|
|
|
2016-02-11 10:13:37 -07:00
|
|
|
def is_profile_configured(opts, provider, profile_name, vm_=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-06-22 16:57:44 -06:00
|
|
|
Check if the requested profile contains the minimum required parameters for
|
|
|
|
|
a profile.
|
|
|
|
|
|
2015-07-13 10:20:07 -06:00
|
|
|
Required parameters include image and provider for all drivers, while some
|
|
|
|
|
drivers also require size keys.
|
2015-06-22 16:57:44 -06:00
|
|
|
|
2015-07-08 11:11:29 -06:00
|
|
|
.. versionadded:: 2015.8.0
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-07-08 19:48:59 -06:00
|
|
|
# Standard dict keys required by all drivers.
|
2015-08-10 09:56:05 -04:00
|
|
|
required_keys = ["provider"]
|
2015-06-22 16:57:44 -06:00
|
|
|
alias, driver = provider.split(":")
|
2015-07-08 19:43:31 -06:00
|
|
|
|
2015-08-10 09:56:05 -04:00
|
|
|
# Most drivers need an image to be specified, but some do not.
|
2017-12-11 21:25:03 +01:00
|
|
|
non_image_drivers = [
|
|
|
|
|
"nova",
|
|
|
|
|
"virtualbox",
|
|
|
|
|
"libvirt",
|
|
|
|
|
"softlayer",
|
|
|
|
|
"oneandone",
|
|
|
|
|
"profitbricks",
|
|
|
|
|
]
|
2015-08-10 09:56:05 -04:00
|
|
|
|
2015-07-08 19:48:59 -06:00
|
|
|
# Most drivers need a size, but some do not.
|
2015-10-10 16:45:51 -06:00
|
|
|
non_size_drivers = [
|
|
|
|
|
"opennebula",
|
|
|
|
|
"parallels",
|
|
|
|
|
"proxmox",
|
|
|
|
|
"scaleway",
|
2016-05-27 18:45:53 +00:00
|
|
|
"softlayer",
|
|
|
|
|
"softlayer_hw",
|
|
|
|
|
"vmware",
|
|
|
|
|
"vsphere",
|
2018-05-09 03:51:35 +02:00
|
|
|
"virtualbox",
|
|
|
|
|
"libvirt",
|
|
|
|
|
"oneandone",
|
|
|
|
|
"profitbricks",
|
|
|
|
|
]
|
2015-07-08 19:43:31 -06:00
|
|
|
|
2015-12-16 13:25:20 -06:00
|
|
|
provider_key = opts["providers"][alias][driver]
|
|
|
|
|
profile_key = opts["providers"][alias][driver]["profiles"][profile_name]
|
|
|
|
|
|
2016-01-21 10:29:48 -07:00
|
|
|
# If cloning on Linode, size and image are not necessary.
|
|
|
|
|
# They are obtained from the to-be-cloned VM.
|
2016-04-04 18:43:38 -04:00
|
|
|
if driver == "linode" and profile_key.get("clonefrom", False):
|
2016-01-21 10:29:48 -07:00
|
|
|
non_image_drivers.append("linode")
|
|
|
|
|
non_size_drivers.append("linode")
|
2020-09-30 03:09:12 +02:00
|
|
|
elif driver == "gce" and "sourceImage" in str(vm_.get("ex_disks_gce_struct")):
|
2017-01-04 07:08:04 -07:00
|
|
|
non_image_drivers.append("gce")
|
2016-01-21 10:29:48 -07:00
|
|
|
|
2016-04-01 19:36:06 -04:00
|
|
|
# If cloning on VMware, specifying image is not necessary.
|
2016-08-03 12:16:26 +01:00
|
|
|
if driver == "vmware" and "image" not in list(profile_key.keys()):
|
2016-04-01 19:36:06 -04:00
|
|
|
non_image_drivers.append("vmware")
|
|
|
|
|
|
2015-08-10 09:56:05 -04:00
|
|
|
if driver not in non_image_drivers:
|
|
|
|
|
required_keys.append("image")
|
2016-04-01 19:36:06 -04:00
|
|
|
if driver == "vmware":
|
|
|
|
|
required_keys.append("datastore")
|
2016-10-24 13:16:51 -06:00
|
|
|
elif driver in ["linode", "virtualbox"]:
|
2015-08-10 09:56:05 -04:00
|
|
|
required_keys.append("clonefrom")
|
2015-12-16 13:25:20 -06:00
|
|
|
elif driver == "nova":
|
2016-02-16 15:43:51 -06:00
|
|
|
nova_image_keys = [
|
|
|
|
|
"image",
|
|
|
|
|
"block_device_mapping",
|
|
|
|
|
"block_device",
|
|
|
|
|
"boot_volume",
|
|
|
|
|
]
|
2015-12-16 13:25:20 -06:00
|
|
|
if not any([key in provider_key for key in nova_image_keys]) and not any(
|
|
|
|
|
[key in profile_key for key in nova_image_keys]
|
|
|
|
|
):
|
|
|
|
|
required_keys.extend(nova_image_keys)
|
2015-08-10 09:56:05 -04:00
|
|
|
|
2015-07-08 19:48:59 -06:00
|
|
|
if driver not in non_size_drivers:
|
2015-07-08 19:43:31 -06:00
|
|
|
required_keys.append("size")
|
|
|
|
|
|
2016-04-01 19:36:06 -04:00
|
|
|
# Check if required fields are supplied in the provider config. If they
|
|
|
|
|
# are present, remove it from the required_keys list.
|
2016-02-11 10:13:37 -07:00
|
|
|
for item in list(required_keys):
|
2015-06-23 16:28:16 -06:00
|
|
|
if item in provider_key:
|
|
|
|
|
required_keys.remove(item)
|
|
|
|
|
|
2016-02-11 10:13:37 -07:00
|
|
|
# If a vm_ dict was passed in, use that information to get any other configs
|
|
|
|
|
# that we might have missed thus far, such as a option provided in a map file.
|
|
|
|
|
if vm_:
|
|
|
|
|
for item in list(required_keys):
|
|
|
|
|
if item in vm_:
|
|
|
|
|
required_keys.remove(item)
|
|
|
|
|
|
2015-06-23 16:28:16 -06:00
|
|
|
# Check for remaining required parameters in the profile config.
|
2015-06-22 16:57:44 -06:00
|
|
|
for item in required_keys:
|
|
|
|
|
if profile_key.get(item, None) is None:
|
|
|
|
|
# There's at least one required configuration item which is not set.
|
|
|
|
|
log.error(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The required '%s' configuration setting is missing from "
|
|
|
|
|
"the '%s' profile, which is configured under the '%s' alias.",
|
|
|
|
|
item,
|
|
|
|
|
profile_name,
|
|
|
|
|
alias,
|
2015-06-22 16:57:44 -06:00
|
|
|
)
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
return True
|
2015-08-26 12:03:01 -06:00
|
|
|
|
|
|
|
|
|
2015-08-26 12:09:35 -06:00
|
|
|
def check_driver_dependencies(driver, dependencies):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-08-26 12:03:01 -06:00
|
|
|
Check if the driver's dependencies are available.
|
|
|
|
|
|
|
|
|
|
.. versionadded:: 2015.8.0
|
|
|
|
|
|
|
|
|
|
driver
|
|
|
|
|
The name of the driver.
|
|
|
|
|
|
|
|
|
|
dependencies
|
|
|
|
|
The dictionary of dependencies to check.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-08-26 12:03:01 -06:00
|
|
|
ret = True
|
2020-09-30 03:09:12 +02:00
|
|
|
for key, value in dependencies.items():
|
2015-08-26 12:03:01 -06:00
|
|
|
if value is False:
|
|
|
|
|
log.warning(
|
2018-01-07 14:48:45 -06:00
|
|
|
"Missing dependency: '%s'. The %s driver requires "
|
2018-11-01 16:36:31 +01:00
|
|
|
"'%s' to be installed.",
|
|
|
|
|
key,
|
|
|
|
|
driver,
|
|
|
|
|
key,
|
2015-08-26 12:03:01 -06:00
|
|
|
)
|
|
|
|
|
ret = False
|
|
|
|
|
|
|
|
|
|
return ret
|
|
|
|
|
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2013-11-20 19:01:11 +00:00
|
|
|
# <---- Salt Cloud Configuration Functions -----------------------------------
|
|
|
|
|
|
|
|
|
|
|
2013-12-02 16:18:27 +07:00
|
|
|
def _cache_id(minion_id, cache_file):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-12-02 16:18:27 +07:00
|
|
|
Helper function, writes minion id to a cache file.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-10-05 16:28:27 +05:30
|
|
|
path = os.path.dirname(cache_file)
|
|
|
|
|
try:
|
2017-10-07 11:11:38 +05:30
|
|
|
if not os.path.isdir(path):
|
|
|
|
|
os.makedirs(path)
|
2017-10-06 22:02:06 +05:30
|
|
|
except OSError as exc:
|
2017-10-07 11:11:38 +05:30
|
|
|
# Handle race condition where dir is created after os.path.isdir check
|
2017-10-05 16:28:27 +05:30
|
|
|
if os.path.isdir(path):
|
|
|
|
|
pass
|
|
|
|
|
else:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.error("Failed to create dirs to minion_id file: %s", exc)
|
2017-10-05 16:28:27 +05:30
|
|
|
|
2013-12-02 16:18:27 +07:00
|
|
|
try:
|
2017-07-18 10:31:01 -06:00
|
|
|
with salt.utils.files.fopen(cache_file, "w") as idf:
|
2013-12-02 16:18:27 +07:00
|
|
|
idf.write(minion_id)
|
2020-09-30 03:09:12 +02:00
|
|
|
except OSError as exc:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.error("Could not cache minion ID: %s", exc)
|
2013-12-02 16:18:27 +07:00
|
|
|
|
|
|
|
|
|
2017-07-06 06:28:08 -05:00
|
|
|
def call_id_function(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-07-05 16:09:16 -05:00
|
|
|
Evaluate the function that determines the ID if the 'id_function'
|
|
|
|
|
option is set and return the result
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-07-05 16:09:16 -05:00
|
|
|
if opts.get("id"):
|
2017-06-06 09:58:06 -05:00
|
|
|
return opts["id"]
|
|
|
|
|
|
2017-06-15 14:05:21 -05:00
|
|
|
# Import 'salt.loader' here to avoid a circular dependency
|
2017-06-06 09:58:06 -05:00
|
|
|
import salt.loader as loader
|
|
|
|
|
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(opts["id_function"], str):
|
2017-07-05 16:09:16 -05:00
|
|
|
mod_fun = opts["id_function"]
|
|
|
|
|
fun_kwargs = {}
|
|
|
|
|
elif isinstance(opts["id_function"], dict):
|
2020-09-30 03:09:12 +02:00
|
|
|
mod_fun, fun_kwargs = next(iter(opts["id_function"].items()))
|
2017-07-05 16:09:16 -05:00
|
|
|
if fun_kwargs is None:
|
|
|
|
|
fun_kwargs = {}
|
|
|
|
|
else:
|
2017-07-06 06:28:08 -05:00
|
|
|
log.error("'id_function' option is neither a string nor a dictionary")
|
2017-07-05 16:09:16 -05:00
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
|
|
|
|
|
2017-06-06 09:58:06 -05:00
|
|
|
# split module and function and try loading the module
|
|
|
|
|
mod, fun = mod_fun.split(".")
|
|
|
|
|
if not opts.get("grains"):
|
|
|
|
|
# Get grains for use by the module
|
|
|
|
|
opts["grains"] = loader.grains(opts)
|
|
|
|
|
|
|
|
|
|
try:
|
2017-07-05 16:09:16 -05:00
|
|
|
id_mod = loader.raw_mod(opts, mod, fun)
|
|
|
|
|
if not id_mod:
|
2017-06-06 09:58:06 -05:00
|
|
|
raise KeyError
|
|
|
|
|
# we take whatever the module returns as the minion ID
|
2017-07-05 16:09:16 -05:00
|
|
|
newid = id_mod[mod_fun](**fun_kwargs)
|
2020-09-30 03:09:12 +02:00
|
|
|
if not isinstance(newid, str) or not newid:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.error(
|
|
|
|
|
'Function %s returned value "%s" of type %s instead of string',
|
|
|
|
|
mod_fun,
|
|
|
|
|
newid,
|
|
|
|
|
type(newid),
|
2017-06-06 09:58:06 -05:00
|
|
|
)
|
|
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
2021-08-05 15:34:58 -07:00
|
|
|
log.info("Evaluated minion ID from module: %s %s", mod_fun, newid)
|
2017-06-06 09:58:06 -05:00
|
|
|
return newid
|
2017-07-05 16:09:16 -05:00
|
|
|
except TypeError:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.error(
|
|
|
|
|
"Function arguments %s are incorrect for function %s", fun_kwargs, mod_fun
|
2017-07-05 16:09:16 -05:00
|
|
|
)
|
|
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
2017-06-06 09:58:06 -05:00
|
|
|
except KeyError:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.error("Failed to load module %s", mod_fun)
|
2017-06-06 09:58:06 -05:00
|
|
|
sys.exit(salt.defaults.exitcodes.EX_GENERIC)
|
|
|
|
|
|
|
|
|
|
|
2019-09-18 17:37:18 -07:00
|
|
|
def remove_domain_from_fqdn(opts, newid):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-09-18 17:37:18 -07:00
|
|
|
Depending on the values of `minion_id_remove_domain`,
|
|
|
|
|
remove all domains or a single domain from a FQDN, effectivly generating a hostname.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2019-09-18 17:37:18 -07:00
|
|
|
opt_domain = opts.get("minion_id_remove_domain")
|
|
|
|
|
if opt_domain is True:
|
|
|
|
|
if "." in newid:
|
|
|
|
|
# Remove any domain
|
|
|
|
|
newid, xdomain = newid.split(".", 1)
|
|
|
|
|
log.debug("Removed any domain (%s) from minion id.", xdomain)
|
|
|
|
|
else:
|
|
|
|
|
# Must be string type
|
|
|
|
|
if newid.upper().endswith("." + opt_domain.upper()):
|
|
|
|
|
# Remove single domain
|
|
|
|
|
newid = newid[: -len("." + opt_domain)]
|
|
|
|
|
log.debug("Removed single domain %s from minion id.", opt_domain)
|
|
|
|
|
return newid
|
|
|
|
|
|
|
|
|
|
|
2015-04-15 14:58:42 -06:00
|
|
|
def get_id(opts, cache_minion_id=False):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-04-07 20:35:26 -07:00
|
|
|
Guess the id of the minion.
|
|
|
|
|
|
2014-05-02 22:24:13 -04:00
|
|
|
If CONFIG_DIR/minion_id exists, use the cached minion ID from that file.
|
|
|
|
|
If no minion id is configured, use multiple sources to find a FQDN.
|
|
|
|
|
If no FQDN is found you may get an ip address.
|
2013-10-08 12:17:33 -06:00
|
|
|
|
2013-08-15 16:25:24 -05:00
|
|
|
Returns two values: the detected ID, and a boolean value noting whether or
|
|
|
|
|
not an IP address is being used for the ID.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-07-14 12:45:26 -06:00
|
|
|
if opts["root_dir"] is None:
|
2013-12-05 19:18:33 +00:00
|
|
|
root_dir = salt.syspaths.ROOT_DIR
|
2014-07-14 12:45:26 -06:00
|
|
|
else:
|
|
|
|
|
root_dir = opts["root_dir"]
|
2013-04-07 20:35:26 -07:00
|
|
|
|
2013-12-05 19:18:33 +00:00
|
|
|
config_dir = salt.syspaths.CONFIG_DIR
|
|
|
|
|
if config_dir.startswith(salt.syspaths.ROOT_DIR):
|
|
|
|
|
config_dir = config_dir.split(salt.syspaths.ROOT_DIR, 1)[-1]
|
2013-10-27 16:36:25 -06:00
|
|
|
|
2013-10-08 13:17:52 -06:00
|
|
|
# Check for cached minion ID
|
2013-10-10 10:18:08 -06:00
|
|
|
id_cache = os.path.join(root_dir, config_dir.lstrip(os.path.sep), "minion_id")
|
2013-11-07 10:40:43 -06:00
|
|
|
|
2014-07-14 12:45:26 -06:00
|
|
|
if opts.get("minion_id_caching", True):
|
2013-11-13 09:35:17 -07:00
|
|
|
try:
|
2017-07-18 10:31:01 -06:00
|
|
|
with salt.utils.files.fopen(id_cache) as idf:
|
2018-03-01 12:51:36 -05:00
|
|
|
name = salt.utils.stringutils.to_unicode(idf.readline().strip())
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
bname = salt.utils.stringutils.to_bytes(name)
|
2015-06-06 07:47:52 -06:00
|
|
|
if bname.startswith(codecs.BOM): # Remove BOM if exists
|
Use explicit unicode strings + break up salt.utils
This PR is part of what will be an ongoing effort to use explicit
unicode strings in Salt. Because Python 3 does not suport Python 2's raw
unicode string syntax (i.e. `ur'\d+'`), we must use
`salt.utils.locales.sdecode()` to ensure that the raw string is unicode.
However, because of how `salt/utils/__init__.py` has evolved into the
hulking monstrosity it is today, this means importing a large module in
places where it is not needed, which could negatively impact
performance. For this reason, this PR also breaks out some of the
functions from `salt/utils/__init__.py` into new/existing modules under
`salt/utils/`. The long term goal will be that the modules within this
directory do not depend on importing `salt.utils`.
A summary of the changes in this PR is as follows:
* Moves the following functions from `salt.utils` to new locations
(including a deprecation warning if invoked from `salt.utils`):
`to_bytes`, `to_str`, `to_unicode`, `str_to_num`, `is_quoted`,
`dequote`, `is_hex`, `is_bin_str`, `rand_string`,
`contains_whitespace`, `clean_kwargs`, `invalid_kwargs`, `which`,
`which_bin`, `path_join`, `shlex_split`, `rand_str`, `is_windows`,
`is_proxy`, `is_linux`, `is_darwin`, `is_sunos`, `is_smartos`,
`is_smartos_globalzone`, `is_smartos_zone`, `is_freebsd`, `is_netbsd`,
`is_openbsd`, `is_aix`
* Moves the functions already deprecated by @rallytime to the bottom of
`salt/utils/__init__.py` for better organization, so we can keep the
deprecated ones separate from the ones yet to be deprecated as we
continue to break up `salt.utils`
* Updates `salt/*.py` and all files under `salt/client/` to use explicit
unicode string literals.
* Gets rid of implicit imports of `salt.utils` (e.g. `from salt.utils
import foo` becomes `import salt.utils.foo as foo`).
* Renames the `test.rand_str` function to `test.random_hash` to more
accurately reflect what it does
* Modifies `salt.utils.stringutils.random()` (née `salt.utils.rand_string()`)
such that it returns a string matching the passed size. Previously
this function would get `size` bytes from `os.urandom()`,
base64-encode it, and return the result, which would in most cases not
be equal to the passed size.
2017-07-24 20:47:15 -05:00
|
|
|
name = salt.utils.stringutils.to_str(
|
|
|
|
|
bname.replace(codecs.BOM, "", 1)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2016-06-15 14:15:41 +02:00
|
|
|
if name and name != "localhost":
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Using cached minion ID from %s: %s", id_cache, name)
|
2013-11-13 09:35:17 -07:00
|
|
|
return name, False
|
2020-09-30 03:09:12 +02:00
|
|
|
except OSError:
|
2013-11-13 09:35:17 -07:00
|
|
|
pass
|
2015-04-13 13:41:53 -06:00
|
|
|
if "__role" in opts and opts.get("__role") == "minion":
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug(
|
|
|
|
|
"Guessing ID. The id can be explicitly set in %s",
|
|
|
|
|
os.path.join(salt.syspaths.CONFIG_DIR, "minion"),
|
|
|
|
|
)
|
2013-10-08 12:24:13 -06:00
|
|
|
|
2017-07-05 16:09:16 -05:00
|
|
|
if opts.get("id_function"):
|
2017-07-06 06:28:08 -05:00
|
|
|
newid = call_id_function(opts)
|
2017-06-06 09:58:06 -05:00
|
|
|
else:
|
|
|
|
|
newid = salt.utils.network.generate_minion_id()
|
2017-05-20 15:10:25 +02:00
|
|
|
|
2017-05-22 20:29:10 +02:00
|
|
|
if opts.get("minion_id_lowercase"):
|
2017-05-20 15:10:25 +02:00
|
|
|
newid = newid.lower()
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Changed minion id %s to lowercase.", newid)
|
2019-09-18 17:37:18 -07:00
|
|
|
|
|
|
|
|
# Optionally remove one or many domains in a generated minion id
|
|
|
|
|
if opts.get("minion_id_remove_domain"):
|
|
|
|
|
newid = remove_domain_from_fqdn(opts, newid)
|
|
|
|
|
|
2015-04-13 13:41:53 -06:00
|
|
|
if "__role" in opts and opts.get("__role") == "minion":
|
2017-07-06 06:28:08 -05:00
|
|
|
if opts.get("id_function"):
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug(
|
|
|
|
|
"Found minion id from external function %s: %s",
|
|
|
|
|
opts["id_function"],
|
|
|
|
|
newid,
|
|
|
|
|
)
|
2017-07-06 06:28:08 -05:00
|
|
|
else:
|
2018-01-07 14:48:45 -06:00
|
|
|
log.debug("Found minion id from generate_minion_id(): %s", newid)
|
2015-04-15 14:58:42 -06:00
|
|
|
if cache_minion_id and opts.get("minion_id_caching", True):
|
2014-05-02 22:24:13 -04:00
|
|
|
_cache_id(newid, id_cache)
|
2016-06-23 19:37:28 +02:00
|
|
|
is_ipv4 = salt.utils.network.is_ipv4(newid)
|
2014-05-02 22:24:13 -04:00
|
|
|
return newid, is_ipv4
|
2013-04-07 20:35:26 -07:00
|
|
|
|
|
|
|
|
|
2016-11-18 18:31:57 +03:00
|
|
|
def _update_ssl_config(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-11-18 18:31:57 +03:00
|
|
|
Resolves string names to integer constant in ssl configuration.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-02-22 14:06:26 +03:00
|
|
|
if opts["ssl"] in (None, False):
|
|
|
|
|
opts["ssl"] = None
|
|
|
|
|
return
|
|
|
|
|
if opts["ssl"] is True:
|
|
|
|
|
opts["ssl"] = {}
|
2016-11-18 18:31:57 +03:00
|
|
|
return
|
|
|
|
|
import ssl
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-11-18 18:31:57 +03:00
|
|
|
for key, prefix in (("cert_reqs", "CERT_"), ("ssl_version", "PROTOCOL_")):
|
|
|
|
|
val = opts["ssl"].get(key)
|
|
|
|
|
if val is None:
|
|
|
|
|
continue
|
2017-05-31 19:18:40 -06:00
|
|
|
if (
|
2020-09-30 03:09:12 +02:00
|
|
|
not isinstance(val, str)
|
2017-05-31 19:18:40 -06:00
|
|
|
or not val.startswith(prefix)
|
|
|
|
|
or not hasattr(ssl, val)
|
|
|
|
|
):
|
2020-09-30 03:09:12 +02:00
|
|
|
message = "SSL option '{}' must be set to one of the following values: '{}'.".format(
|
2021-08-03 08:40:21 +01:00
|
|
|
key,
|
|
|
|
|
"', '".join([val for val in dir(ssl) if val.startswith(prefix)]),
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2016-11-18 18:31:57 +03:00
|
|
|
log.error(message)
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(message)
|
|
|
|
|
opts["ssl"][key] = getattr(ssl, val)
|
|
|
|
|
|
|
|
|
|
|
2017-04-28 11:19:25 +01:00
|
|
|
def _adjust_log_file_override(overrides, default_log_file):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-04-28 11:19:25 +01:00
|
|
|
Adjusts the log_file based on the log_dir override
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-04-28 11:19:25 +01:00
|
|
|
if overrides.get("log_dir"):
|
|
|
|
|
# Adjust log_file if a log_dir override is introduced
|
|
|
|
|
if overrides.get("log_file"):
|
2018-02-12 15:29:56 -07:00
|
|
|
if not os.path.isabs(overrides["log_file"]):
|
2017-04-28 11:19:25 +01:00
|
|
|
# Prepend log_dir if log_file is relative
|
|
|
|
|
overrides["log_file"] = os.path.join(
|
|
|
|
|
overrides["log_dir"], overrides["log_file"]
|
|
|
|
|
)
|
|
|
|
|
else:
|
|
|
|
|
# Create the log_file override
|
|
|
|
|
overrides["log_file"] = os.path.join(
|
|
|
|
|
overrides["log_dir"], os.path.basename(default_log_file)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2017-04-28 11:19:25 +01:00
|
|
|
|
|
|
|
|
|
2013-10-10 11:09:43 -06:00
|
|
|
def apply_minion_config(
|
2016-08-03 12:16:22 -06:00
|
|
|
overrides=None, defaults=None, cache_minion_id=False, minion_id=None
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-17 16:58:42 +01:00
|
|
|
Returns minion configurations dict.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-20 03:31:11 +00:00
|
|
|
if defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
defaults = DEFAULT_MINION_OPTS.copy()
|
2018-04-13 13:44:55 -05:00
|
|
|
if overrides is None:
|
|
|
|
|
overrides = {}
|
2013-01-20 03:31:11 +00:00
|
|
|
|
|
|
|
|
opts = defaults.copy()
|
2014-07-15 10:28:16 -06:00
|
|
|
opts["__role"] = "minion"
|
2017-04-28 11:19:25 +01:00
|
|
|
_adjust_log_file_override(overrides, defaults["log_file"])
|
2013-01-17 16:58:42 +01:00
|
|
|
if overrides:
|
|
|
|
|
opts.update(overrides)
|
|
|
|
|
|
2017-12-07 03:20:08 -06:00
|
|
|
if "environment" in opts:
|
2018-04-13 13:44:55 -05:00
|
|
|
if opts["saltenv"] is not None:
|
2017-11-29 22:09:09 -06:00
|
|
|
log.warning(
|
2017-12-07 03:20:08 -06:00
|
|
|
"The 'saltenv' and 'environment' minion config options "
|
|
|
|
|
"cannot both be used. Ignoring 'environment' in favor of "
|
2019-12-31 15:13:58 +01:00
|
|
|
"'saltenv'."
|
2017-11-29 22:09:09 -06:00
|
|
|
)
|
|
|
|
|
# Set environment to saltenv in case someone's custom module is
|
|
|
|
|
# refrencing __opts__['environment']
|
2017-12-07 03:20:08 -06:00
|
|
|
opts["environment"] = opts["saltenv"]
|
2017-11-29 22:09:09 -06:00
|
|
|
else:
|
|
|
|
|
log.warning(
|
2017-12-07 03:20:08 -06:00
|
|
|
"The 'environment' minion config option has been renamed "
|
|
|
|
|
"to 'saltenv'. Using %s as the 'saltenv' config value.",
|
|
|
|
|
opts["environment"],
|
2017-11-29 22:09:09 -06:00
|
|
|
)
|
2017-12-07 03:20:08 -06:00
|
|
|
opts["saltenv"] = opts["environment"]
|
2017-11-29 22:09:09 -06:00
|
|
|
|
2017-12-04 23:57:28 -06:00
|
|
|
for idx, val in enumerate(opts["fileserver_backend"]):
|
|
|
|
|
if val in ("git", "hg", "svn", "minion"):
|
|
|
|
|
new_val = val + "fs"
|
|
|
|
|
log.debug(
|
|
|
|
|
"Changed %s to %s in minion opts' fileserver_backend list", val, new_val
|
|
|
|
|
)
|
|
|
|
|
opts["fileserver_backend"][idx] = new_val
|
|
|
|
|
|
2018-02-27 09:29:51 -06:00
|
|
|
opts["__cli"] = salt.utils.stringutils.to_unicode(os.path.basename(sys.argv[0]))
|
2015-10-23 12:42:00 -06:00
|
|
|
|
2013-04-07 20:35:26 -07:00
|
|
|
# No ID provided. Will getfqdn save us?
|
|
|
|
|
using_ip_for_id = False
|
2015-10-29 22:04:28 -06:00
|
|
|
if not opts.get("id"):
|
2016-08-03 12:16:22 -06:00
|
|
|
if minion_id:
|
|
|
|
|
opts["id"] = minion_id
|
|
|
|
|
else:
|
|
|
|
|
opts["id"], using_ip_for_id = get_id(opts, cache_minion_id=cache_minion_id)
|
2013-04-07 20:35:26 -07:00
|
|
|
|
|
|
|
|
# it does not make sense to append a domain to an IP based id
|
|
|
|
|
if not using_ip_for_id and "append_domain" in opts:
|
2012-03-14 18:35:07 -07:00
|
|
|
opts["id"] = _append_domain(opts)
|
|
|
|
|
|
2016-08-03 12:16:22 -06:00
|
|
|
for directory in opts.get("append_minionid_config_dirs", []):
|
2017-03-23 18:04:46 +00:00
|
|
|
if directory in ("pki_dir", "cachedir", "extension_modules"):
|
2016-08-03 12:16:22 -06:00
|
|
|
newdirectory = os.path.join(opts[directory], opts["id"])
|
|
|
|
|
opts[directory] = newdirectory
|
2017-03-24 12:30:12 +00:00
|
|
|
elif directory == "default_include" and directory in opts:
|
2017-03-23 18:04:46 +00:00
|
|
|
include_dir = os.path.dirname(opts[directory])
|
|
|
|
|
new_include_dir = os.path.join(
|
|
|
|
|
include_dir, opts["id"], os.path.basename(opts[directory])
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2017-03-23 18:04:46 +00:00
|
|
|
opts[directory] = new_include_dir
|
2016-08-03 12:16:22 -06:00
|
|
|
|
2016-11-17 12:34:46 -07:00
|
|
|
# pidfile can be in the list of append_minionid_config_dirs, but pidfile
|
|
|
|
|
# is the actual path with the filename, not a directory.
|
|
|
|
|
if "pidfile" in opts.get("append_minionid_config_dirs", []):
|
|
|
|
|
newpath_list = os.path.split(opts["pidfile"])
|
|
|
|
|
opts["pidfile"] = os.path.join(
|
|
|
|
|
newpath_list[0], "salt", opts["id"], newpath_list[1]
|
|
|
|
|
)
|
|
|
|
|
|
2016-08-03 12:16:22 -06:00
|
|
|
if len(opts["sock_dir"]) > len(opts["cachedir"]) + 10:
|
|
|
|
|
opts["sock_dir"] = os.path.join(opts["cachedir"], ".salt-unix")
|
|
|
|
|
|
2012-02-28 16:01:48 -08:00
|
|
|
# Enabling open mode requires that the value be set to True, and
|
|
|
|
|
# nothing else!
|
2012-01-11 13:18:44 +08:00
|
|
|
opts["open_mode"] = opts["open_mode"] is True
|
2017-01-23 23:30:34 +00:00
|
|
|
opts["file_roots"] = _validate_file_roots(opts["file_roots"])
|
2019-01-22 11:22:12 -07:00
|
|
|
opts["pillar_roots"] = _validate_pillar_roots(opts["pillar_roots"])
|
2016-05-25 09:19:41 -06:00
|
|
|
# Make sure ext_mods gets set if it is an untrue value
|
|
|
|
|
# (here to catch older bad configs)
|
|
|
|
|
opts["extension_modules"] = opts.get("extension_modules") or os.path.join(
|
|
|
|
|
opts["cachedir"], "extmods"
|
|
|
|
|
)
|
2014-05-16 14:59:50 -04:00
|
|
|
# Set up the utils_dirs location from the extension_modules location
|
|
|
|
|
opts["utils_dirs"] = opts.get("utils_dirs") or [
|
|
|
|
|
os.path.join(opts["extension_modules"], "utils")
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# Insert all 'utils_dirs' directories to the system path
|
|
|
|
|
insert_system_path(opts, opts["utils_dirs"])
|
|
|
|
|
|
2012-03-06 21:20:47 -08:00
|
|
|
# Prepend root_dir to other paths
|
2012-12-03 11:58:26 +00:00
|
|
|
prepend_root_dirs = [
|
2012-12-21 20:36:12 +11:00
|
|
|
"pki_dir",
|
|
|
|
|
"cachedir",
|
|
|
|
|
"sock_dir",
|
|
|
|
|
"extension_modules",
|
|
|
|
|
"pidfile",
|
2012-12-03 11:58:26 +00:00
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# These can be set to syslog, so, not actual paths on the system
|
|
|
|
|
for config_key in ("log_file", "key_logfile"):
|
2024-06-22 10:58:54 -07:00
|
|
|
if should_prepend_root_dir(config_key, opts):
|
2012-12-03 11:58:26 +00:00
|
|
|
prepend_root_dirs.append(config_key)
|
|
|
|
|
|
|
|
|
|
prepend_root_dir(opts, prepend_root_dirs)
|
2014-06-09 23:38:49 -07:00
|
|
|
|
2015-04-17 11:10:20 -07:00
|
|
|
# if there is no beacons option yet, add an empty beacons dict
|
|
|
|
|
if "beacons" not in opts:
|
|
|
|
|
opts["beacons"] = {}
|
|
|
|
|
|
2018-04-13 13:44:55 -05:00
|
|
|
if overrides.get("ipc_write_buffer", "") == "dynamic":
|
2016-07-19 14:45:51 -06:00
|
|
|
opts["ipc_write_buffer"] = _DFLT_IPC_WBUFFER
|
|
|
|
|
if "ipc_write_buffer" not in overrides:
|
2016-07-19 15:50:23 -06:00
|
|
|
opts["ipc_write_buffer"] = 0
|
2015-04-17 11:10:20 -07:00
|
|
|
|
2016-04-05 09:30:07 -06:00
|
|
|
# Make sure hash_type is lowercase
|
|
|
|
|
opts["hash_type"] = opts["hash_type"].lower()
|
|
|
|
|
|
2016-11-18 18:31:57 +03:00
|
|
|
# Check and update TLS/SSL configuration
|
|
|
|
|
_update_ssl_config(opts)
|
2018-01-11 17:09:37 +01:00
|
|
|
_update_discovery_config(opts)
|
2016-11-18 18:31:57 +03:00
|
|
|
|
2024-05-25 15:51:16 -07:00
|
|
|
if opts["encryption_algorithm"] not in salt.crypt.VALID_ENCRYPTION_ALGORITHMS:
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(
|
|
|
|
|
f"The encryption algorithm '{opts['encryption_algorithm']}' is not valid. "
|
|
|
|
|
f"Please specify one of {','.join(salt.crypt.VALID_ENCRYPTION_ALGORITHMS)}."
|
|
|
|
|
)
|
|
|
|
|
if opts["signing_algorithm"] not in salt.crypt.VALID_SIGNING_ALGORITHMS:
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(
|
|
|
|
|
f"The signging algorithm '{opts['signing_algorithm']}' is not valid. "
|
|
|
|
|
f"Please specify one of {','.join(salt.crypt.VALID_SIGNING_ALGORITHMS)}."
|
|
|
|
|
)
|
|
|
|
|
|
2011-07-28 10:41:28 -06:00
|
|
|
return opts
|
|
|
|
|
|
2011-11-12 20:50:34 +00:00
|
|
|
|
2018-01-17 19:16:52 +01:00
|
|
|
def _update_discovery_config(opts):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2018-01-11 17:09:37 +01:00
|
|
|
Update discovery config for all instances.
|
|
|
|
|
|
|
|
|
|
:param opts:
|
|
|
|
|
:return:
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2018-01-11 17:09:37 +01:00
|
|
|
if opts.get("discovery") not in (None, False):
|
|
|
|
|
if opts["discovery"] is True:
|
|
|
|
|
opts["discovery"] = {}
|
|
|
|
|
discovery_config = {
|
|
|
|
|
"attempts": 3,
|
|
|
|
|
"pause": 5,
|
|
|
|
|
"port": 4520,
|
|
|
|
|
"match": "any",
|
|
|
|
|
"mapping": {},
|
|
|
|
|
}
|
2018-01-17 19:16:52 +01:00
|
|
|
for key in opts["discovery"]:
|
2018-01-11 17:09:37 +01:00
|
|
|
if key not in discovery_config:
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(
|
2024-02-27 11:08:46 +00:00
|
|
|
f"Unknown discovery option: {key}"
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2018-01-17 19:16:52 +01:00
|
|
|
if opts.get("__role") != "minion":
|
2018-01-11 17:09:37 +01:00
|
|
|
for key in ["attempts", "pause", "match"]:
|
|
|
|
|
del discovery_config[key]
|
|
|
|
|
opts["discovery"] = salt.utils.dictupdate.update(
|
|
|
|
|
discovery_config, opts["discovery"], True, True
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2016-07-13 19:20:27 +02:00
|
|
|
def master_config(
|
|
|
|
|
path, env_var="SALT_MASTER_CONFIG", defaults=None, exit_on_config_errors=False
|
|
|
|
|
):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2011-02-26 16:07:24 -07:00
|
|
|
Reads in the master configuration file and sets up default options
|
2014-05-14 18:49:29 -06:00
|
|
|
|
|
|
|
|
This is useful for running the actual master daemon. For running
|
|
|
|
|
Master-side client interfaces that need the master opts see
|
|
|
|
|
:py:func:`salt.client.client_config`.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-20 05:19:48 +00:00
|
|
|
if defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
defaults = DEFAULT_MASTER_OPTS.copy()
|
2011-02-26 16:07:24 -07:00
|
|
|
|
2013-11-18 14:05:08 +00:00
|
|
|
if not os.environ.get(env_var, None):
|
|
|
|
|
# No valid setting was given using the configuration variable.
|
|
|
|
|
# Lets see is SALT_CONFIG_DIR is of any use
|
|
|
|
|
salt_config_dir = os.environ.get("SALT_CONFIG_DIR", None)
|
2013-11-18 22:34:24 +00:00
|
|
|
if salt_config_dir:
|
|
|
|
|
env_config_file_path = os.path.join(salt_config_dir, "master")
|
|
|
|
|
if salt_config_dir and os.path.isfile(env_config_file_path):
|
|
|
|
|
# We can get a configuration file using SALT_CONFIG_DIR, let's
|
|
|
|
|
# update the environment with this information
|
|
|
|
|
os.environ[env_var] = env_config_file_path
|
2013-11-18 14:05:08 +00:00
|
|
|
|
2013-06-28 20:39:37 +01:00
|
|
|
overrides = load_config(path, env_var, DEFAULT_MASTER_OPTS["conf_file"])
|
2013-01-20 03:12:23 +00:00
|
|
|
default_include = overrides.get("default_include", defaults["default_include"])
|
2013-01-17 16:58:42 +01:00
|
|
|
include = overrides.get("include", [])
|
2012-09-17 14:26:59 -06:00
|
|
|
|
2018-03-01 13:43:41 -06:00
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
default_include,
|
|
|
|
|
path,
|
|
|
|
|
verbose=False,
|
|
|
|
|
exit_on_config_errors=exit_on_config_errors,
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2018-03-01 13:43:41 -06:00
|
|
|
overrides.update(
|
|
|
|
|
include_config(
|
|
|
|
|
include, path, verbose=True, exit_on_config_errors=exit_on_config_errors
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
)
|
2013-05-29 19:13:34 +00:00
|
|
|
opts = apply_master_config(overrides, defaults)
|
2017-04-04 23:15:08 -05:00
|
|
|
_validate_ssh_minion_opts(opts)
|
2013-05-29 19:13:34 +00:00
|
|
|
_validate_opts(opts)
|
2013-06-12 12:34:44 -05:00
|
|
|
# If 'nodegroups:' is uncommented in the master config file, and there are
|
|
|
|
|
# no nodegroups defined, opts['nodegroups'] will be None. Fix this by
|
|
|
|
|
# reverting this value to the default, as if 'nodegroups:' was commented
|
|
|
|
|
# out or not present.
|
|
|
|
|
if opts.get("nodegroups") is None:
|
|
|
|
|
opts["nodegroups"] = DEFAULT_MASTER_OPTS.get("nodegroups", {})
|
2017-10-09 12:53:31 -05:00
|
|
|
if salt.utils.data.is_dictlist(opts["nodegroups"]):
|
|
|
|
|
opts["nodegroups"] = salt.utils.data.repack_dictlist(opts["nodegroups"])
|
2016-11-06 14:29:40 +13:00
|
|
|
apply_sdb(opts)
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2013-05-29 19:13:34 +00:00
|
|
|
return opts
|
2011-05-25 09:29:48 +01:00
|
|
|
|
2013-01-20 03:12:23 +00:00
|
|
|
|
2013-01-20 03:31:11 +00:00
|
|
|
def apply_master_config(overrides=None, defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-17 16:58:42 +01:00
|
|
|
Returns master configurations dict.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-20 03:31:11 +00:00
|
|
|
if defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
defaults = DEFAULT_MASTER_OPTS.copy()
|
2018-04-13 13:44:55 -05:00
|
|
|
if overrides is None:
|
|
|
|
|
overrides = {}
|
2013-01-20 03:31:11 +00:00
|
|
|
|
|
|
|
|
opts = defaults.copy()
|
2014-07-15 10:28:16 -06:00
|
|
|
opts["__role"] = "master"
|
2024-02-05 18:44:28 -06:00
|
|
|
|
2024-02-08 07:47:26 -06:00
|
|
|
# Suppress fileserver update in FSChan, for FSClient instances generated
|
2024-02-05 18:44:28 -06:00
|
|
|
# during Pillar compilation. The master daemon already handles FS updates
|
|
|
|
|
# in its maintenance thread. Refreshing during Pillar compilation slows
|
|
|
|
|
# down Pillar considerably (even to the point of timeout) when there are
|
|
|
|
|
# many gitfs remotes.
|
|
|
|
|
opts["__fs_update"] = True
|
|
|
|
|
|
2017-04-28 11:19:25 +01:00
|
|
|
_adjust_log_file_override(overrides, defaults["log_file"])
|
2013-01-17 16:58:42 +01:00
|
|
|
if overrides:
|
|
|
|
|
opts.update(overrides)
|
2022-12-08 23:00:47 +01:00
|
|
|
# `keep_acl_in_token` will be forced to True when using external authentication
|
|
|
|
|
# for REST API (`rest` is present under `external_auth`). This is because the REST API
|
|
|
|
|
# does not store the password, and can therefore not retroactively fetch the ACL, so
|
|
|
|
|
# the ACL must be stored in the token.
|
|
|
|
|
if "rest" in opts.get("external_auth", {}):
|
|
|
|
|
# Check current value and print out warning
|
|
|
|
|
if opts["keep_acl_in_token"] is False:
|
|
|
|
|
log.warning(
|
|
|
|
|
"The 'rest' external_auth backend requires 'keep_acl_in_token' to be True. "
|
|
|
|
|
"Setting 'keep_acl_in_token' to True."
|
|
|
|
|
)
|
|
|
|
|
opts["keep_acl_in_token"] = True
|
2012-07-26 03:42:20 +02:00
|
|
|
|
2018-04-20 15:04:54 -04:00
|
|
|
opts["__cli"] = salt.utils.stringutils.to_unicode(os.path.basename(sys.argv[0]))
|
2018-04-17 15:00:43 -05:00
|
|
|
|
2017-12-07 03:20:08 -06:00
|
|
|
if "environment" in opts:
|
2018-04-13 13:44:55 -05:00
|
|
|
if opts["saltenv"] is not None:
|
2017-11-29 22:09:09 -06:00
|
|
|
log.warning(
|
2017-12-07 03:20:08 -06:00
|
|
|
"The 'saltenv' and 'environment' master config options "
|
|
|
|
|
"cannot both be used. Ignoring 'environment' in favor of "
|
2019-12-31 15:13:58 +01:00
|
|
|
"'saltenv'."
|
2017-11-29 22:09:09 -06:00
|
|
|
)
|
|
|
|
|
# Set environment to saltenv in case someone's custom runner is
|
|
|
|
|
# refrencing __opts__['environment']
|
2017-12-07 03:20:08 -06:00
|
|
|
opts["environment"] = opts["saltenv"]
|
2017-11-29 22:09:09 -06:00
|
|
|
else:
|
|
|
|
|
log.warning(
|
2017-12-07 03:20:08 -06:00
|
|
|
"The 'environment' master config option has been renamed "
|
|
|
|
|
"to 'saltenv'. Using %s as the 'saltenv' config value.",
|
|
|
|
|
opts["environment"],
|
2017-11-29 22:09:09 -06:00
|
|
|
)
|
2017-12-07 03:20:08 -06:00
|
|
|
opts["saltenv"] = opts["environment"]
|
2017-11-29 22:09:09 -06:00
|
|
|
|
2017-12-04 23:57:28 -06:00
|
|
|
for idx, val in enumerate(opts["fileserver_backend"]):
|
|
|
|
|
if val in ("git", "hg", "svn", "minion"):
|
|
|
|
|
new_val = val + "fs"
|
|
|
|
|
log.debug(
|
|
|
|
|
"Changed %s to %s in master opts' fileserver_backend list", val, new_val
|
|
|
|
|
)
|
|
|
|
|
opts["fileserver_backend"][idx] = new_val
|
|
|
|
|
|
2013-01-17 16:58:42 +01:00
|
|
|
if len(opts["sock_dir"]) > len(opts["cachedir"]) + 10:
|
|
|
|
|
opts["sock_dir"] = os.path.join(opts["cachedir"], ".salt-unix")
|
2012-02-09 14:40:40 -07:00
|
|
|
|
2017-08-23 11:28:02 +03:00
|
|
|
opts["token_dir"] = os.path.join(opts["cachedir"], "tokens")
|
|
|
|
|
opts["syndic_dir"] = os.path.join(opts["cachedir"], "syndics")
|
|
|
|
|
# Make sure ext_mods gets set if it is an untrue value
|
|
|
|
|
# (here to catch older bad configs)
|
2013-01-20 03:12:23 +00:00
|
|
|
opts["extension_modules"] = opts.get("extension_modules") or os.path.join(
|
|
|
|
|
opts["cachedir"], "extmods"
|
|
|
|
|
)
|
2017-08-23 11:28:02 +03:00
|
|
|
# Set up the utils_dirs location from the extension_modules location
|
|
|
|
|
opts["utils_dirs"] = opts.get("utils_dirs") or [
|
|
|
|
|
os.path.join(opts["extension_modules"], "utils")
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# Insert all 'utils_dirs' directories to the system path
|
|
|
|
|
insert_system_path(opts, opts["utils_dirs"])
|
|
|
|
|
|
2018-04-13 13:44:55 -05:00
|
|
|
if overrides.get("ipc_write_buffer", "") == "dynamic":
|
2016-07-19 14:45:51 -06:00
|
|
|
opts["ipc_write_buffer"] = _DFLT_IPC_WBUFFER
|
|
|
|
|
if "ipc_write_buffer" not in overrides:
|
2016-07-19 15:50:23 -06:00
|
|
|
opts["ipc_write_buffer"] = 0
|
2014-09-17 13:56:55 -06:00
|
|
|
using_ip_for_id = False
|
|
|
|
|
append_master = False
|
2015-10-29 22:04:28 -06:00
|
|
|
if not opts.get("id"):
|
2014-09-17 13:56:55 -06:00
|
|
|
opts["id"], using_ip_for_id = get_id(opts, cache_minion_id=None)
|
|
|
|
|
append_master = True
|
|
|
|
|
|
|
|
|
|
# it does not make sense to append a domain to an IP based id
|
|
|
|
|
if not using_ip_for_id and "append_domain" in opts:
|
|
|
|
|
opts["id"] = _append_domain(opts)
|
|
|
|
|
if append_master:
|
|
|
|
|
opts["id"] += "_master"
|
|
|
|
|
|
2011-06-20 20:29:26 -05:00
|
|
|
# Prepend root_dir to other paths
|
2012-12-31 02:37:19 +00:00
|
|
|
prepend_root_dirs = [
|
Revert "Separates key_dir from cache_dir, The key files (i.e. '.root_key', '.sudo_...') must not be shared with other masters."
This reverts commit 20bf4eed1d34cf8edfa41a73a9769ffa7a977449.
This change breaks publisher_acls.
1) The key_dir's permissions are controlled by `permissive_pki_access` which is
not required by publisher_acls. By default, it is also changed back to 700
each time that the salt-master restarts, so it will have to be chmodded each
time.
2) The default directory for these keys is changed, which will break a lot of
users publisher_acls setups on an upgrade to Oxygen, and require them to go
back in to chmod new directories.
I was going through and switching out the key dir to default back to
/var/cache/salt/master, and allow it to be changed, and also be able to specify
that it is a sensitive dir, but once I ran across the `permissive_pki_access`
stuff, I thought it was better to just revert this change and try again against
Fluorine, since we do not have a lot of tests in this area around publisher_acl.
2018-02-08 12:48:18 -07:00
|
|
|
"pki_dir",
|
|
|
|
|
"cachedir",
|
|
|
|
|
"pidfile",
|
|
|
|
|
"sock_dir",
|
|
|
|
|
"extension_modules",
|
2015-04-17 16:29:38 -06:00
|
|
|
"autosign_file",
|
|
|
|
|
"autoreject_file",
|
|
|
|
|
"token_dir",
|
|
|
|
|
"syndic_dir",
|
2017-10-10 15:03:18 +02:00
|
|
|
"sqlite_queue_dir",
|
|
|
|
|
"autosign_grains_dir",
|
2012-12-31 02:37:19 +00:00
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# These can be set to syslog, so, not actual paths on the system
|
2017-02-25 17:49:36 +00:00
|
|
|
for config_key in ("log_file", "key_logfile", "ssh_log_file"):
|
2024-06-22 10:58:54 -07:00
|
|
|
if should_prepend_root_dir(config_key, opts):
|
2012-12-31 02:37:19 +00:00
|
|
|
prepend_root_dirs.append(config_key)
|
|
|
|
|
|
|
|
|
|
prepend_root_dir(opts, prepend_root_dirs)
|
2011-06-20 20:29:26 -05:00
|
|
|
|
2012-02-28 16:01:48 -08:00
|
|
|
# Enabling open mode requires that the value be set to True, and
|
|
|
|
|
# nothing else!
|
2012-01-11 13:18:44 +08:00
|
|
|
opts["open_mode"] = opts["open_mode"] is True
|
|
|
|
|
opts["auto_accept"] = opts["auto_accept"] is True
|
2017-01-23 23:30:34 +00:00
|
|
|
opts["file_roots"] = _validate_file_roots(opts["file_roots"])
|
|
|
|
|
opts["pillar_roots"] = _validate_file_roots(opts["pillar_roots"])
|
2012-12-09 22:58:04 -05:00
|
|
|
|
|
|
|
|
if opts["file_ignore_regex"]:
|
|
|
|
|
# If file_ignore_regex was given, make sure it's wrapped in a list.
|
|
|
|
|
# Only keep valid regex entries for improved performance later on.
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(opts["file_ignore_regex"], str):
|
2012-12-18 13:35:13 +00:00
|
|
|
ignore_regex = [opts["file_ignore_regex"]]
|
2012-12-09 22:58:04 -05:00
|
|
|
elif isinstance(opts["file_ignore_regex"], list):
|
|
|
|
|
ignore_regex = opts["file_ignore_regex"]
|
|
|
|
|
|
|
|
|
|
opts["file_ignore_regex"] = []
|
2012-12-28 14:07:22 +00:00
|
|
|
for regex in ignore_regex:
|
2012-12-09 22:58:04 -05:00
|
|
|
try:
|
2012-12-18 13:35:13 +00:00
|
|
|
# Can't store compiled regex itself in opts (breaks
|
|
|
|
|
# serialization)
|
2012-12-28 14:07:22 +00:00
|
|
|
re.compile(regex)
|
|
|
|
|
opts["file_ignore_regex"].append(regex)
|
2020-01-02 13:42:37 +00:00
|
|
|
except Exception: # pylint: disable=broad-except
|
2018-01-07 14:48:45 -06:00
|
|
|
log.warning("Unable to parse file_ignore_regex. Skipping: %s", regex)
|
2012-12-09 22:58:04 -05:00
|
|
|
|
|
|
|
|
if opts["file_ignore_glob"]:
|
|
|
|
|
# If file_ignore_glob was given, make sure it's wrapped in a list.
|
2020-09-30 03:09:12 +02:00
|
|
|
if isinstance(opts["file_ignore_glob"], str):
|
2012-12-18 13:35:13 +00:00
|
|
|
opts["file_ignore_glob"] = [opts["file_ignore_glob"]]
|
2012-12-09 22:58:04 -05:00
|
|
|
|
2015-01-06 19:55:28 -05:00
|
|
|
# Let's make sure `worker_threads` does not drop below 3 which has proven
|
2013-04-29 08:15:51 +01:00
|
|
|
# to make `salt.modules.publish` not work under the test-suite.
|
2013-05-01 12:03:43 +01:00
|
|
|
if opts["worker_threads"] < 3 and opts.get("peer", None):
|
2013-04-29 08:15:51 +01:00
|
|
|
log.warning(
|
2018-01-07 14:48:45 -06:00
|
|
|
"The 'worker_threads' setting in '%s' cannot be lower than "
|
|
|
|
|
"3. Resetting it to the default value of 3.",
|
|
|
|
|
opts["conf_file"],
|
2013-04-29 08:15:51 +01:00
|
|
|
)
|
|
|
|
|
opts["worker_threads"] = 3
|
2014-04-09 06:39:46 +02:00
|
|
|
|
|
|
|
|
opts.setdefault("pillar_source_merging_strategy", "smart")
|
|
|
|
|
|
2016-04-05 09:30:07 -06:00
|
|
|
# Make sure hash_type is lowercase
|
|
|
|
|
opts["hash_type"] = opts["hash_type"].lower()
|
|
|
|
|
|
2016-11-18 18:31:57 +03:00
|
|
|
# Check and update TLS/SSL configuration
|
|
|
|
|
_update_ssl_config(opts)
|
2018-01-17 19:16:52 +01:00
|
|
|
_update_discovery_config(opts)
|
2016-11-18 18:31:57 +03:00
|
|
|
|
2024-05-25 21:32:45 -07:00
|
|
|
if opts["publish_signing_algorithm"] not in salt.crypt.VALID_SIGNING_ALGORITHMS:
|
|
|
|
|
raise salt.exceptions.SaltConfigurationError(
|
|
|
|
|
f"The publish signging algorithm '{opts['publish_signing_algorithm']}' is not valid. "
|
|
|
|
|
f"Please specify one of {','.join(salt.crypt.VALID_SIGNING_ALGORITHMS)}."
|
|
|
|
|
)
|
|
|
|
|
|
2011-02-26 16:07:24 -07:00
|
|
|
return opts
|
2012-10-06 16:54:47 -06:00
|
|
|
|
|
|
|
|
|
2013-01-20 05:53:01 +00:00
|
|
|
def client_config(path, env_var="SALT_CLIENT_CONFIG", defaults=None):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2014-05-14 18:49:29 -06:00
|
|
|
Load Master configuration data
|
|
|
|
|
|
|
|
|
|
Usage:
|
|
|
|
|
|
|
|
|
|
.. code-block:: python
|
|
|
|
|
|
|
|
|
|
import salt.config
|
|
|
|
|
master_opts = salt.config.client_config('/etc/salt/master')
|
|
|
|
|
|
|
|
|
|
Returns a dictionary of the Salt Master configuration file with necessary
|
|
|
|
|
options needed to communicate with a locally-running Salt Master daemon.
|
|
|
|
|
This function searches for client specific configurations and adds them to
|
|
|
|
|
the data from the master configuration.
|
|
|
|
|
|
|
|
|
|
This is useful for master-side operations like
|
|
|
|
|
:py:class:`~salt.client.LocalClient`.
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2013-01-20 05:53:01 +00:00
|
|
|
if defaults is None:
|
2019-01-16 19:02:03 +00:00
|
|
|
defaults = DEFAULT_MASTER_OPTS.copy()
|
2013-01-20 05:53:01 +00:00
|
|
|
|
2014-06-11 13:56:41 -05:00
|
|
|
xdg_dir = salt.utils.xdg.xdg_config_dir()
|
|
|
|
|
if os.path.isdir(xdg_dir):
|
|
|
|
|
client_config_dir = xdg_dir
|
|
|
|
|
saltrc_config_file = "saltrc"
|
|
|
|
|
else:
|
2015-05-18 22:40:23 +02:00
|
|
|
client_config_dir = os.path.expanduser("~")
|
2014-06-11 13:56:41 -05:00
|
|
|
saltrc_config_file = ".saltrc"
|
2014-05-12 13:58:02 -05:00
|
|
|
|
2013-01-20 05:53:01 +00:00
|
|
|
# Get the token file path from the provided defaults. If not found, specify
|
|
|
|
|
# our own, sane, default
|
|
|
|
|
opts = {
|
|
|
|
|
"token_file": defaults.get(
|
2014-05-12 13:58:02 -05:00
|
|
|
"token_file", os.path.join(client_config_dir, "salt_token")
|
2013-01-20 05:53:01 +00:00
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
# Update options with the master configuration, either from the provided
|
|
|
|
|
# path, salt's defaults or provided defaults
|
|
|
|
|
opts.update(master_config(path, defaults=defaults))
|
|
|
|
|
# Update with the users salt dot file or with the environment variable
|
2014-06-11 13:56:41 -05:00
|
|
|
saltrc_config = os.path.join(client_config_dir, saltrc_config_file)
|
2014-05-12 13:58:02 -05:00
|
|
|
opts.update(load_config(saltrc_config, env_var, saltrc_config))
|
2013-01-20 05:53:01 +00:00
|
|
|
# Make sure we have a proper and absolute path to the token file
|
2012-10-06 16:54:47 -06:00
|
|
|
if "token_file" in opts:
|
2013-01-20 05:53:01 +00:00
|
|
|
opts["token_file"] = os.path.abspath(os.path.expanduser(opts["token_file"]))
|
|
|
|
|
# If the token file exists, read and store the contained token
|
2012-10-09 00:17:34 -06:00
|
|
|
if os.path.isfile(opts["token_file"]):
|
2014-02-07 08:38:52 -08:00
|
|
|
# Make sure token is still valid
|
|
|
|
|
expire = opts.get("token_expire", 43200)
|
2014-02-07 08:53:33 -08:00
|
|
|
if os.stat(opts["token_file"]).st_mtime + expire > time.mktime(
|
|
|
|
|
time.localtime()
|
|
|
|
|
):
|
2017-07-18 10:31:01 -06:00
|
|
|
with salt.utils.files.fopen(opts["token_file"]) as fp_:
|
2014-02-07 08:38:52 -08:00
|
|
|
opts["token"] = fp_.read().strip()
|
2013-12-28 18:51:07 -07:00
|
|
|
# On some platforms, like OpenBSD, 0.0.0.0 won't catch a master running on localhost
|
|
|
|
|
if opts["interface"] == "0.0.0.0":
|
|
|
|
|
opts["interface"] = "127.0.0.1"
|
2022-04-30 02:08:34 +07:00
|
|
|
elif opts["interface"] == "::":
|
|
|
|
|
opts["interface"] = "::1"
|
2013-12-27 09:24:11 -07:00
|
|
|
|
|
|
|
|
# Make sure the master_uri is set
|
|
|
|
|
if "master_uri" not in opts:
|
2014-05-08 13:13:52 +02:00
|
|
|
opts["master_uri"] = "tcp://{ip}:{port}".format(
|
2022-04-30 02:08:34 +07:00
|
|
|
ip=salt.utils.network.ip_bracket(opts["interface"]), port=opts["ret_port"]
|
2014-05-08 13:13:52 +02:00
|
|
|
)
|
|
|
|
|
|
2013-01-20 05:53:01 +00:00
|
|
|
# Return the client options
|
2013-05-29 19:13:34 +00:00
|
|
|
_validate_opts(opts)
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2012-10-06 16:54:47 -06:00
|
|
|
return opts
|
2014-06-18 21:27:49 -06:00
|
|
|
|
2012-09-18 17:56:29 -06:00
|
|
|
|
|
|
|
|
def api_config(path):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2016-11-16 10:49:49 +02:00
|
|
|
Read in the Salt Master config file and add additional configs that
|
2012-10-09 17:15:40 -06:00
|
|
|
need to be stubbed out for salt-api
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2017-01-03 13:28:35 +01:00
|
|
|
# Let's grab a copy of salt-api's required defaults
|
2019-01-16 19:02:03 +00:00
|
|
|
opts = DEFAULT_API_OPTS.copy()
|
2017-01-03 13:28:35 +01:00
|
|
|
|
|
|
|
|
# Let's override them with salt's master opts
|
2019-01-16 19:02:03 +00:00
|
|
|
opts.update(client_config(path, defaults=DEFAULT_MASTER_OPTS.copy()))
|
2017-01-03 13:28:35 +01:00
|
|
|
|
2017-01-05 10:22:05 -05:00
|
|
|
# Let's set the pidfile and log_file values in opts to api settings
|
|
|
|
|
opts.update(
|
|
|
|
|
{
|
2016-11-16 10:49:49 +02:00
|
|
|
"pidfile": opts.get("api_pidfile", DEFAULT_API_OPTS["api_pidfile"]),
|
2017-01-04 10:55:13 -07:00
|
|
|
"log_file": opts.get("api_logfile", DEFAULT_API_OPTS["api_logfile"]),
|
2016-11-16 10:49:49 +02:00
|
|
|
}
|
|
|
|
|
)
|
2020-04-02 20:10:20 -05:00
|
|
|
|
2016-12-12 21:30:35 -07:00
|
|
|
prepend_root_dir(opts, ["api_pidfile", "api_logfile", "log_file", "pidfile"])
|
2024-01-30 11:26:39 +00:00
|
|
|
salt.features.setup_features(opts)
|
2016-11-03 15:33:28 -06:00
|
|
|
return opts
|
2015-06-18 08:12:57 -06:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def spm_config(path):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-06-18 08:12:57 -06:00
|
|
|
Read in the salt master config file and add additional configs that
|
|
|
|
|
need to be stubbed out for spm
|
2015-06-19 16:33:01 -06:00
|
|
|
|
2015-07-08 11:11:29 -06:00
|
|
|
.. versionadded:: 2015.8.0
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-06-18 08:12:57 -06:00
|
|
|
# Let's grab a copy of salt's master default opts
|
2016-11-14 18:14:03 +02:00
|
|
|
defaults = DEFAULT_MASTER_OPTS.copy()
|
2015-06-18 08:12:57 -06:00
|
|
|
# Let's override them with spm's required defaults
|
|
|
|
|
defaults.update(DEFAULT_SPM_OPTS)
|
|
|
|
|
|
2016-06-30 08:33:11 -06:00
|
|
|
overrides = load_config(path, "SPM_CONFIG", DEFAULT_SPM_OPTS["spm_conf_file"])
|
|
|
|
|
default_include = overrides.get(
|
|
|
|
|
"spm_default_include", defaults["spm_default_include"]
|
|
|
|
|
)
|
2015-09-09 16:19:52 +01:00
|
|
|
include = overrides.get("include", [])
|
|
|
|
|
|
|
|
|
|
overrides.update(include_config(default_include, path, verbose=False))
|
|
|
|
|
overrides.update(include_config(include, path, verbose=True))
|
|
|
|
|
defaults = apply_master_config(overrides, defaults)
|
|
|
|
|
defaults = apply_spm_config(overrides, defaults)
|
2015-06-29 10:05:54 -06:00
|
|
|
return client_config(path, env_var="SPM_CONFIG", defaults=defaults)
|
2015-09-09 16:19:52 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
def apply_spm_config(overrides, defaults):
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-09-09 16:19:52 +01:00
|
|
|
Returns the spm configurations dict.
|
2015-09-10 08:42:33 -06:00
|
|
|
|
|
|
|
|
.. versionadded:: 2015.8.1
|
2020-04-02 20:10:20 -05:00
|
|
|
"""
|
2015-09-09 16:19:52 +01:00
|
|
|
opts = defaults.copy()
|
2017-04-28 11:19:25 +01:00
|
|
|
_adjust_log_file_override(overrides, defaults["log_file"])
|
2015-09-09 16:19:52 +01:00
|
|
|
if overrides:
|
|
|
|
|
opts.update(overrides)
|
|
|
|
|
|
|
|
|
|
# Prepend root_dir to other paths
|
|
|
|
|
prepend_root_dirs = [
|
|
|
|
|
"formula_path",
|
|
|
|
|
"pillar_path",
|
|
|
|
|
"reactor_path",
|
|
|
|
|
"spm_cache_dir",
|
|
|
|
|
"spm_build_dir",
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
# These can be set to syslog, so, not actual paths on the system
|
|
|
|
|
for config_key in ("spm_logfile",):
|
2024-06-22 10:58:54 -07:00
|
|
|
if should_prepend_root_dir(config_key, opts):
|
2015-09-09 16:19:52 +01:00
|
|
|
prepend_root_dirs.append(config_key)
|
|
|
|
|
|
|
|
|
|
prepend_root_dir(opts, prepend_root_dirs)
|
|
|
|
|
return opts
|