saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-16 09:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'master' into metadata_azure

Browse source
This commit is contained in:
Gareth J. Greenaway 2023-02-09 09:45:51 -08:00 committed by GitHub
commit 800ca02398
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
994 changed files with 4652 additions and 7722 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
.github/actions/build-source-tarball/action.yml vendored
View file

@ -29,16 +29,22 @@ runs:
run: |
nox --version || python3 -m pip install nox==${{ inputs.nox-version }}
- name: Download Release Changes
- name: Download Release Patch
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
name: salt-${{ inputs.salt-version }}.patch
- name: Apply release changes
- name: Configure Git
shell: bash
run: |
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Apply Release Patch
shell: bash
run: |
git am --committer-date-is-author-date salt-${{ inputs.salt-version }}.patch
rm salt-${{ inputs.salt-version }}.patch
- name: Create Source Tarball
shell: bash

72
.github/actions/cached-virtualenv/action.yml vendored Normal file
View file

@ -0,0 +1,72 @@
---
name: cached-virtualenv
description: Setup a cached python virtual environment
inputs:
name:
required: true
type: string
description: The Virtualenv Name
cache-seed:
required: true
type: string
description: Seed used to invalidate caches
outputs:
cache-hit:
value: ${{ steps.cache-virtualenv.outputs.cache-hit }}
cache-key:
value: ${{ steps.setup-cache-key.outputs.cache-key }}
python-executable:
value: ${{ steps.define-python-executable.outputs.python-executable }}
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
steps:
- name: Get Python Version
shell: bash
id: get-python-version
run: |
PY_VERSION=$(python3 -c "import sys; sys.stdout.write('{}.{}'.format(*sys.version_info))")
echo "python-version=$PY_VERSION" >> "${GITHUB_OUTPUT}"
- name: Setup Cache Key
shell: bash
id: setup-cache-key
run: |
echo "cache-key=${{ inputs.cache-seed }}|${{ runner.os }}|${{ runner.arch }}|cached-venv|${{ steps.get-python-version.outputs.python-version }}|${{ inputs.name }}" >> "${GITHUB_OUTPUT}"
- name: Cache VirtualEnv
id: cache-virtualenv
uses: actions/cache@v3
with:
key: ${{ steps.setup-cache-key.outputs.cache-key }}
path: ${{ github.workspace }}/.venvs/py${{ steps.get-python-version.outputs.python-version }}/${{ inputs.name }}
- name: Create Virtualenv
shell: bash
if: ${{ steps.cache-virtualenv.outputs.cache-hit != 'true' }}
run: |
mkdir -p ${{ github.workspace }}/.venvs/py${{ steps.get-python-version.outputs.python-version }}
python3 -m venv --upgrade ${{ github.workspace }}/.venvs/py${{ steps.get-python-version.outputs.python-version }}/${{ inputs.name }}
- name: Define python executable output
shell: bash
id: define-python-executable
run: |
shopt -s nocasematch
if [[ "${{ runner.os }}" =~ "win" ]]; then
BIN_DIR="${{ github.workspace }}/.venvs/py${{ steps.get-python-version.outputs.python-version }}/${{ inputs.name }}/Scripts"
else
BIN_DIR="${{ github.workspace }}/.venvs/py${{ steps.get-python-version.outputs.python-version }}/${{ inputs.name }}/bin"
fi
shopt -u nocasematch
echo "python-executable=$BIN_DIR/python" >> "${GITHUB_OUTPUT}"
echo "${BIN_DIR}" >> "${GITHUB_PATH}"

39
.github/actions/download-artifact/action.yml vendored Normal file
View file

@ -0,0 +1,39 @@
# This actions was inspired by https://github.com/alehechka/download-tartifact
---
name: Download Tar Artifact
description: >
Download and extract a tar artifact that was previously uploaded in the
workflow by the upload-tartifact action
inputs:
name:
description: Artifact name
required: false
path:
description: Destination path
required: false
archive-name:
description: >
By default `inputs.name`(last resort, `archive`) is what's used to name the archive.
This parameter allows a customizing that archive name. This will allow uploading multiple
archives under the same 'name', like the underlying official action does
without overriding the existing archives.
required: false
runs:
using: composite
steps:
- uses: actions/download-artifact@v3
with:
name: ${{ inputs.name }}
path: ${{ inputs.path }}
- shell: bash
working-directory: ${{ inputs.path }}
run: |
tar -xvf ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz
- shell: bash
working-directory: ${{ inputs.path }}
run: |
rm -f ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz

48
.github/actions/setup-pre-commit/action.yml vendored Normal file
View file

@ -0,0 +1,48 @@
---
name: setup-pre-commit
description: Setup 'pre-commit'
inputs:
version:
type: string
description: Pre-commit version to install
required: true
default: 3.0.3
cache-seed:
required: true
type: string
description: Seed used to invalidate caches
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
steps:
- uses: ./.github/actions/cached-virtualenv
id: pre-commit-virtualenv
with:
name: pre-commit
cache-seed: ${{ inputs.cache-seed }}
- name: Install Pre-Commit
if: ${{ steps.pre-commit-virtualenv.outputs.cache-hit != 'true' }}
shell: bash
run: |
${{ steps.pre-commit-virtualenv.outputs.python-executable }} -m pip install pre-commit==${{ inputs.version }}
- name: Cache Pre-Commit Hooks
uses: actions/cache@v3
id: pre-commit-hooks-cache
with:
key: ${{ steps.pre-commit-virtualenv.outputs.cache-key }}|${{ inputs.version }}|${{ hashFiles('.pre-commit-config.yaml') }}
path: ~/.cache/pre-commit
- name: Install Pre-Commit Hooks
shell: bash
run: |
pre-commit install --install-hooks

6
.github/actions/setup-salt-version/action.yml vendored
View file

@ -12,6 +12,10 @@ inputs:
The Salt version to set prior to running tests or building packages.
If not set, it is discover at run time, like, for example, capturing
the output of running `python3 salt/version.py`
validate-version:
type: boolean
default: false
description: Validate the passed version.
outputs:
salt-version:
value: ${{ steps.setup-salt-version.outputs.salt-version }}
@ -32,4 +36,4 @@ runs:
if [ "${{ inputs.cwd }}" != "" ]; then
cd "${{ inputs.cwd }}"
fi
tools pkg set-salt-version ${{ inputs.salt-version }}
tools pkg set-salt-version ${{ inputs.validate-version == 'true' && '--validate-version' || '' }} ${{ inputs.salt-version }}

57
.github/actions/upload-artifact/action.yml vendored Normal file
View file

@ -0,0 +1,57 @@
# This actions was inspired by https://github.com/alehechka/upload-tartifact
---
name: Upload Tar Artifact
description: Compress files with tar prior to artifacting to keep file privileges.
inputs:
name:
description: Artifact name
default: artifact
required: false
path:
description: >
A file, directory or wildcard pattern that describes what to upload.
Note: The path provided will be maintained through tar, so after
download-tartifact, and subfolder structure will remain intact.
required: true
if-no-files-found:
description: >
The desired behavior if no files are found using the provided path.
Available Options:
warn: Output a warning but do not fail the action
error: Fail the action with an error message
ignore: Do not output any warnings or errors, the action does not fail
default: 'warn'
required: false
retention-days:
description: >
Duration after which artifact will expire in days. 0 means using default retention.
Minimum 1 day.
Maximum 90 days unless changed from the repository settings page.
required: false
archive-name:
description: >
By default `archive` is what's used to name the archive. This parameter
allows a customizing that archive name. This will allow uploading multiple
archives under the same 'name', like the underlying official action does
without overriding the existing archives.
required: false
runs:
using: composite
steps:
- shell: bash
run: |
shopt -s globstar || echo "'globstar' not available"
tar -cavf ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz ${{ inputs.path }}
- uses: actions/upload-artifact@v3
with:
name: ${{ inputs.name }}
path: ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz
if-no-files-found: ${{ inputs.if-no-files-found }}
retention-days: ${{ inputs.retention-days }}
- shell: bash
run: |
rm -f ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz

19
.github/workflows/build-deb-packages.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build Debian Packages
on:
workflow_call:
@ -43,18 +44,24 @@ jobs:
apt update
apt install -y python3 python3-venv python3-pip build-essential devscripts debhelper bash-completion git
- name: Download Release Changes
- name: Download Release Patch
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
name: salt-${{ inputs.salt-version }}.patch
path: pkgs/checkout/
- name: Apply release changes
- name: Configure Git
shell: bash
run: |
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Apply Release Patch
shell: bash
run: |
cd pkgs/checkout/
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
git am --committer-date-is-author-date salt-${{ inputs.salt-version }}.patch
rm salt-${{ inputs.salt-version }}.patch
- name: Build Deb
env:

35
.github/workflows/build-deb-repo.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Build DEB Apt Repository
on:
@ -39,39 +40,30 @@ jobs:
- distro: debian
version: "10"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: debian
version: "10"
arch: aarch64
key-id: 0E08A149DE57BFBE
- distro: debian
version: "11"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: debian
version: "11"
arch: aarch64
key-id: 0E08A149DE57BFBE
- distro: ubuntu
version: "18.04"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: ubuntu
version: "20.04"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: ubuntu
version: "20.04"
arch: aarch64
key-id: 0E08A149DE57BFBE
- distro: ubuntu
version: "22.04"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: ubuntu
version: "22.04"
arch: aarch64
key-id: 0E08A149DE57BFBE
steps:
- uses: actions/checkout@v3
@ -101,19 +93,18 @@ jobs:
pinentry-mode loopback
EOF
- name: Get Secrets
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text | jq .default_key -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text| jq .default_passphrase -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
@ -122,28 +113,18 @@ jobs:
run: |
mkdir -p artifacts/pkgs/repo
- name: Download `salt-archive-keyring.gpg`
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/salt-archive-keyring-gpg-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/salt-archive-keyring.gpg -d -
rm "${SECRETS_KEY_FILE}"
- name: Create Repository
run: |
tools pkg-repo deb --key-id=${{ matrix.key-id }} --distro-arch=${{ matrix.arch }} \
tools pkg repo create deb --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} \
${{ inputs.nightly-build && '--nightly-build' || '' }} --salt-version=${{ inputs.salt-version }} \
${{ inputs.rc-build && '--rc-build' || '' }} --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \
--incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo
- name: Upload Repository As An Artifact
uses: actions/upload-artifact@v3
uses: ./.github/actions/upload-artifact
with:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: artifacts/pkgs/repo/*
retention-days: 7
if-no-files-found: error
archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo

3
.github/workflows/build-deps-onedir.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build Packaging Dependencies Onedir
on:
workflow_call:

31
.github/workflows/build-macos-repo.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Build macOS Repository
on:
@ -31,12 +32,6 @@ jobs:
- self-hosted
- linux
- repo-${{ inputs.environment }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
key-id:
- "0E08A149DE57BFBE"
steps:
- uses: actions/checkout@v3
@ -67,12 +62,12 @@ jobs:
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text | jq .default_key -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text| jq .default_passphrase -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
@ -81,28 +76,18 @@ jobs:
run: |
mkdir -p artifacts/pkgs/repo
- name: Download `salt-archive-keyring.gpg`
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/salt-archive-keyring-gpg-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/salt-archive-keyring.gpg -d -
rm "${SECRETS_KEY_FILE}"
- name: Create Repository
run: |
tools pkg-repo macos --key-id=${{ matrix.key-id }} \
tools pkg repo create macos --key-id=64CBBC8173D76B3F \
${{ inputs.nightly-build && '--nightly-build' || '' }} --salt-version=${{ inputs.salt-version }} \
${{ inputs.rc-build && '--rc-build' || '' }} --incoming=artifacts/pkgs/incoming \
--repo-path=artifacts/pkgs/repo
- name: Upload Repository As An Artifact
uses: actions/upload-artifact@v3
uses: ./.github/actions/upload-artifact
with:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: artifacts/pkgs/repo/*
retention-days: 7
if-no-files-found: error
archive-name: macos-repo

31
.github/workflows/build-onedir-repo.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Build Onedir Repository
on:
@ -31,12 +32,6 @@ jobs:
- self-hosted
- linux
- repo-${{ inputs.environment }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
key-id:
- "0E08A149DE57BFBE"
steps:
- uses: actions/checkout@v3
@ -109,12 +104,12 @@ jobs:
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text | jq .default_key -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text| jq .default_passphrase -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
@ -123,28 +118,18 @@ jobs:
run: |
mkdir -p artifacts/pkgs/repo
- name: Download `salt-archive-keyring.gpg`
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/salt-archive-keyring-gpg-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/salt-archive-keyring.gpg -d -
rm "${SECRETS_KEY_FILE}"
- name: Create Repository
run: |
tools pkg-repo onedir --key-id=${{ matrix.key-id }} \
tools pkg repo create onedir --key-id=64CBBC8173D76B3F \
${{ inputs.nightly-build && '--nightly-build' || '' }} --salt-version=${{ inputs.salt-version }} \
${{ inputs.rc-build && '--rc-build' || '' }} --incoming=artifacts/pkgs/incoming \
--repo-path=artifacts/pkgs/repo
- name: Upload Repository As An Artifact
uses: actions/upload-artifact@v3
uses: ./.github/actions/upload-artifact
with:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: artifacts/pkgs/repo/*
retention-days: 7
if-no-files-found: error
archive-name: onedir-repo

3
.github/workflows/build-packages.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build Packages
on:
workflow_call:

3
.github/workflows/build-repos.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build Repositories
on:
workflow_call:

26
.github/workflows/build-rpm-packages.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build RPM Packages
on:
workflow_call:
@ -32,11 +33,6 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: Download Release Changes
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
- name: Download System Dependencies
run: |
yum -y update
@ -48,11 +44,23 @@ jobs:
name: salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz
path: artifacts/
- name: Apply release changes
- name: Download Release Patch
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.patch
- name: Configure Git
shell: bash
run: |
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
git config --global --add safe.directory "$(pwd)"
- name: Apply Release Patch
shell: bash
run: |
git am --committer-date-is-author-date salt-${{ inputs.salt-version }}.patch
rm salt-${{ inputs.salt-version }}.patch
- name: Build RPM
env:

60
.github/workflows/build-rpm-repo.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Build RPM Repository
on:
@ -39,19 +40,15 @@ jobs:
- distro: amazon
version: "2"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: redhat
version: "7"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: redhat
version: "8"
arch: x86_64
key-id: 0E08A149DE57BFBE
- distro: redhat
version: "9"
arch: x86_64
key-id: 37A710479D30D7B6
steps:
- uses: actions/checkout@v3
@ -82,35 +79,17 @@ jobs:
EOF
- name: Get Secrets
if: ${{ matrix.key-id == '0E08A149DE57BFBE' }}
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text | jq .default_key -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text| jq .default_passphrase -r \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
- name: Get Secrets
if: ${{ matrix.key-id == '37A710479D30D7B6' }}
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256 \
--query SecretString --output text | jq .default_key -r \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256 \
--query SecretString --output text| jq .default_passphrase -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
@ -119,42 +98,19 @@ jobs:
run: |
mkdir -p artifacts/pkgs/repo
- name: Download `salt-archive-keyring.gpg`
if: ${{ matrix.key-id == '0E08A149DE57BFBE' }}
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/saltstack-gpg-key-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/SALTSTACK-GPG-KEY.pub -d -
rm "${SECRETS_KEY_FILE}"
- name: Download `salt-archive-keyring.gpg`
if: ${{ matrix.key-id == '37A710479D30D7B6' }}
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/saltstack-gpg-key2-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/SALTSTACK-GPG-KEY2.pub -d -
rm "${SECRETS_KEY_FILE}"
- name: Create Repository
run: |
tools pkg-repo rpm --key-id=${{ matrix.key-id }} --distro-arch=${{ matrix.arch }} \
tools pkg repo create rpm --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} \
${{ inputs.nightly-build && '--nightly-build' || '' }} --salt-version=${{ inputs.salt-version }} \
${{ inputs.rc-build && '--rc-build' || '' }} --distro=${{ matrix.distro }} \
--distro-version=${{ matrix.version }} \
--incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo
- name: Upload Repository As An Artifact
uses: actions/upload-artifact@v3
uses: ./.github/actions/upload-artifact
with:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: artifacts/pkgs/repo/*
retention-days: 7
if-no-files-found: error
archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo

3
.github/workflows/build-salt-onedir.yml vendored
View file

@ -1,4 +1,5 @@
name: Build Salt Packages
---
name: Build Salt Onedir
on:
workflow_call:

31
.github/workflows/build-windows-repo.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Build Windows Repository
on:
@ -31,12 +32,6 @@ jobs:
- self-hosted
- linux
- repo-${{ inputs.environment }}
strategy:
fail-fast: false
max-parallel: 2
matrix:
key-id:
- "0E08A149DE57BFBE"
steps:
- uses: actions/checkout@v3
@ -73,12 +68,12 @@ jobs:
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text | jq .default_key -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text | jq .default_key -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
| gpg --import -
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys \
--query SecretString --output text| jq .default_passphrase -r \
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
--query SecretString --output text| jq .default_passphrase -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
rm "$SECRETS_KEY_FILE"
echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
@ -87,28 +82,18 @@ jobs:
run: |
mkdir -p artifacts/pkgs/repo
- name: Download `salt-archive-keyring.gpg`
env:
SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
run: |
SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/salt-archive-keyring-gpg-file \
--query SecretString --output text| jq .base64 -r | base64 -d \
| gpg --passphrase-file "${SECRETS_KEY_FILE}" -o ~/salt-archive-keyring.gpg -d -
rm "${SECRETS_KEY_FILE}"
- name: Create Repository
run: |
tools pkg-repo windows --key-id=${{ matrix.key-id }} \
tools pkg repo create windows --key-id=64CBBC8173D76B3F \
${{ inputs.nightly-build && '--nightly-build' || '' }} --salt-version=${{ inputs.salt-version }} \
${{ inputs.rc-build && '--rc-build' || '' }} --incoming=artifacts/pkgs/incoming \
--repo-path=artifacts/pkgs/repo
- name: Upload Repository As An Artifact
uses: actions/upload-artifact@v3
uses: ./.github/actions/upload-artifact
with:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: artifacts/pkgs/repo/*
retention-days: 7
if-no-files-found: error
archive-name: windows-repo

41
.github/workflows/check-workflow-run.yml vendored Normal file
View file

@ -0,0 +1,41 @@
---
name: Check Workflow Run
on:
workflow_run:
types:
- completed
workflows:
- CI
- Nightly
- Scheduled
permissions:
actions: write
jobs:
restart-failed-workflow-runs:
name: "Restart Workflow (ID: ${{ github.event.workflow_run.id }}; Attempt: ${{ github.event.workflow_run.run_attempt }})"
if: ${{ github.event.workflow_run.conclusion == 'failure' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Pretty Print The GH Actions Event
run:
tools ci print-gh-event
- name: Restart Workflow
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
tools ci rerun-workflow

230
.github/workflows/ci.yml vendored
View file

@ -1,5 +1,5 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '.github/workflows/templates/ci.yml.j2'
# Instead, edit the template '.github/workflows/templates/ci.yml.jinja'
---
name: CI
on:
@ -8,7 +8,7 @@ on:
env:
COLUMNS: 160
CACHE_SEED: SEED-5 # Bump the number to invalidate all caches
CACHE_SEED: SEED-0 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
permissions:
@ -20,7 +20,7 @@ concurrency:
# not cancel previous builds.
# However, for every new build against the same pull request source branch,
# all older builds against that same branch get canceled.
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
@ -29,6 +29,7 @@ jobs:
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
runners: ${{ steps.runner-types.outputs.runners }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
@ -39,7 +40,7 @@ jobs:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
@ -97,6 +98,8 @@ jobs:
- cicd/golden-images.json
testrun:
- added|modified:
- *pkg_requirements
- *test_requirements
- *salt_added_modified
- *tests_added_modified
@ -117,34 +120,42 @@ jobs:
uses: ./.github/actions/setup-salt-version
with:
salt-version: ""
validate-version: true
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
- name: Define Runner Types
id: runner-types
run:
tools ci runner-types ${{ github.event_name }}
- name: Check Defined Runners
run:
echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.'
- name: Define Jobs
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
tools ci define-jobs ${{ github.event_name }} changed-files.json
- name: Check Collected Jobs
- name: Check Defined Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'
@ -173,28 +184,20 @@ jobs:
id: set-cache-seed
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
pre-commit:
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
pre-commit-version: "3.0.4"
lint:
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
@ -203,17 +206,123 @@ jobs:
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
runs-on: ubuntu-latest
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Cache Python Tools Virtualenvs
id: tools-venvs-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Cache Sphinx Doctrees
uses: actions/cache@v3
with:
path: doc/_build/doctrees/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|sphinx-doctrees|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Build Documentation
shell: bash
run: |
tools docs html --no-clean --archive salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
- name: Generate MAN Pages
shell: bash
run: |
tools docs man --no-clean
- name: Upload Built Documentation Archive
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
retention-days: 7
if-no-files-found: error
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Configure Git
shell: bash
run: |
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Setup Pre-Commit
uses: ./.github/actions/setup-pre-commit
with:
version: "3.0.4"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
- name: Commit Changes
shell: bash
run: |
# Run it twice so that pre-commit can fix anything that can be automatically fixed.
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Create release changes patch
shell: bash
run: |
git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
- name: Upload Changes Diff Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
retention-days: 7
if-no-files-found: error
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- prepare-release
@ -242,18 +351,19 @@ jobs:
build-deps-onedir:
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-salt-onedir:
name: Build Salt Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }}
needs:
- prepare-workflow
- build-deps-onedir
@ -262,23 +372,24 @@ jobs:
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-pkgs:
name: Build Salt Packages
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
windows-2016:
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -294,7 +405,7 @@ jobs:
windows-2019:
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -310,7 +421,7 @@ jobs:
windows-2022:
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -326,7 +437,7 @@ jobs:
macos-12:
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -342,7 +453,7 @@ jobs:
almalinux-8:
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -358,7 +469,7 @@ jobs:
almalinux-9:
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -374,7 +485,7 @@ jobs:
amazonlinux-2:
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -390,7 +501,7 @@ jobs:
archlinux-lts:
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -406,7 +517,7 @@ jobs:
centos-7:
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -422,7 +533,7 @@ jobs:
centosstream-8:
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -438,7 +549,7 @@ jobs:
centosstream-9:
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -454,7 +565,7 @@ jobs:
debian-10:
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -470,7 +581,7 @@ jobs:
debian-11:
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -486,7 +597,7 @@ jobs:
debian-11-arm64:
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -502,7 +613,7 @@ jobs:
fedora-36:
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -518,7 +629,7 @@ jobs:
opensuse-15:
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -534,7 +645,7 @@ jobs:
photonos-3:
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -550,7 +661,7 @@ jobs:
photonos-4:
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -566,7 +677,7 @@ jobs:
ubuntu-1804:
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -582,7 +693,7 @@ jobs:
ubuntu-2004:
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -598,7 +709,7 @@ jobs:
ubuntu-2004-arm64:
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -614,7 +725,7 @@ jobs:
ubuntu-2204:
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -630,7 +741,7 @@ jobs:
ubuntu-2204-arm64:
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -653,7 +764,6 @@ jobs:
needs:
- prepare-workflow
- pre-commit
- docs
- lint
- build-deps-onedir
- build-salt-onedir

102
.github/workflows/docs-action.yml vendored
View file

@ -1,102 +0,0 @@
name: Docs
on:
workflow_call:
inputs:
changed-files:
required: true
type: string
description: JSON string containing information about changed files
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
Salt:
name: Build Salt Documentation
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' || github.event_name == 'schedule' || fromJSON(inputs.changed-files)['docs'] || fromJSON(inputs.changed-files)['salt'] }}
container:
image: python:3.8-slim-buster
steps:
- name: Install System Deps
run: |
echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
apt-get update
apt-get install -y enchant git gcc imagemagick make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev xz-utils
apt-get install -y git/buster-backports
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install Nox
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
run:
nox --install-only --forcecolor -e 'docs-html(compress=False, clean=True)'
- name: Build Docs
env:
SKIP_REQUIREMENTS_INSTALL: YES
run: |
nox --forcecolor -e 'docs-html(compress=False, clean=True)'
- name: Store Generated Documentation
uses: actions/upload-artifact@v3
with:
name: salt-html-docs
path: doc/_build/html
if-no-files-found: error
Manpages:
name: Build Salt man Pages
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' || fromJSON(inputs.changed-files)['docs'] }}
container:
image: python:3.8-slim-buster
steps:
- name: Install System Deps
run: |
echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
apt-get update
apt-get install -y enchant git gcc imagemagick make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev
apt-get install -y git/buster-backports
- uses: actions/checkout@v3
- name: Install Nox
if: ${{ github.event_name == 'push' || fromJSON(inputs.changed-files)['docs'] }}
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
if: github.event_name == 'push' || fromJSON(inputs.changed-files)['docs']
run:
nox --install-only --forcecolor -e 'docs-man(compress=False, update=False, clean=True)'
- name: Build Manpages
if: github.event_name == 'push' || fromJSON(inputs.changed-files)['docs']
env:
SKIP_REQUIREMENTS_INSTALL: YES
run: |
nox --forcecolor -e 'docs-man(compress=False, update=False, clean=True)'
- name: Store Generated Documentation
if: github.event_name == 'push' || fromJSON(inputs.changed-files)['docs']
uses: actions/upload-artifact@v3
with:
name: salt-man-pages
path: doc/_build/man
if-no-files-found: error

1
.github/workflows/lint-action.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Lint
on:

230
.github/workflows/nightly.yml vendored
View file

@ -1,5 +1,5 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '.github/workflows/templates/nightly.yml.j2'
# Instead, edit the template '.github/workflows/templates/nightly.yml.jinja'
---
name: Nightly
@ -10,7 +10,7 @@ on:
env:
COLUMNS: 160
CACHE_SEED: SEED-5 # Bump the number to invalidate all caches
CACHE_SEED: SEED-0 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
permissions:
@ -18,7 +18,7 @@ permissions:
pull-requests: read # for dorny/paths-filter to read pull requests
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
jobs:
@ -27,6 +27,7 @@ jobs:
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
runners: ${{ steps.runner-types.outputs.runners }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
@ -37,7 +38,7 @@ jobs:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
@ -95,6 +96,8 @@ jobs:
- cicd/golden-images.json
testrun:
- added|modified:
- *pkg_requirements
- *test_requirements
- *salt_added_modified
- *tests_added_modified
@ -115,34 +118,42 @@ jobs:
uses: ./.github/actions/setup-salt-version
with:
salt-version: ""
validate-version: true
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
- name: Define Runner Types
id: runner-types
run:
tools ci runner-types ${{ github.event_name }}
- name: Check Defined Runners
run:
echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.'
- name: Define Jobs
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
tools ci define-jobs ${{ github.event_name }} changed-files.json
- name: Check Collected Jobs
- name: Check Defined Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'
@ -171,28 +182,20 @@ jobs:
id: set-cache-seed
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
pre-commit:
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
pre-commit-version: "3.0.4"
lint:
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
@ -201,17 +204,123 @@ jobs:
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
runs-on: ubuntu-latest
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Cache Python Tools Virtualenvs
id: tools-venvs-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Cache Sphinx Doctrees
uses: actions/cache@v3
with:
path: doc/_build/doctrees/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|sphinx-doctrees|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Build Documentation
shell: bash
run: |
tools docs html --no-clean --archive salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
- name: Generate MAN Pages
shell: bash
run: |
tools docs man --no-clean
- name: Upload Built Documentation Archive
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
retention-days: 7
if-no-files-found: error
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Configure Git
shell: bash
run: |
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Setup Pre-Commit
uses: ./.github/actions/setup-pre-commit
with:
version: "3.0.4"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
- name: Commit Changes
shell: bash
run: |
# Run it twice so that pre-commit can fix anything that can be automatically fixed.
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Create release changes patch
shell: bash
run: |
git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
- name: Upload Changes Diff Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
retention-days: 7
if-no-files-found: error
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- prepare-release
@ -240,18 +349,19 @@ jobs:
build-deps-onedir:
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-salt-onedir:
name: Build Salt Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }}
needs:
- prepare-workflow
- build-deps-onedir
@ -260,23 +370,24 @@ jobs:
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-pkgs:
name: Build Salt Packages
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
windows-2016:
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -292,7 +403,7 @@ jobs:
windows-2019:
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -308,7 +419,7 @@ jobs:
windows-2022:
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -324,7 +435,7 @@ jobs:
macos-12:
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -340,7 +451,7 @@ jobs:
almalinux-8:
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -356,7 +467,7 @@ jobs:
almalinux-9:
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -372,7 +483,7 @@ jobs:
amazonlinux-2:
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -388,7 +499,7 @@ jobs:
archlinux-lts:
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -404,7 +515,7 @@ jobs:
centos-7:
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -420,7 +531,7 @@ jobs:
centosstream-8:
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -436,7 +547,7 @@ jobs:
centosstream-9:
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -452,7 +563,7 @@ jobs:
debian-10:
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -468,7 +579,7 @@ jobs:
debian-11:
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -484,7 +595,7 @@ jobs:
debian-11-arm64:
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -500,7 +611,7 @@ jobs:
fedora-36:
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -516,7 +627,7 @@ jobs:
opensuse-15:
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -532,7 +643,7 @@ jobs:
photonos-3:
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -548,7 +659,7 @@ jobs:
photonos-4:
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -564,7 +675,7 @@ jobs:
ubuntu-1804:
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -580,7 +691,7 @@ jobs:
ubuntu-2004:
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -596,7 +707,7 @@ jobs:
ubuntu-2004-arm64:
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -612,7 +723,7 @@ jobs:
ubuntu-2204:
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -628,7 +739,7 @@ jobs:
ubuntu-2204-arm64:
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -699,7 +810,6 @@ jobs:
needs:
- prepare-workflow
- pre-commit
- docs
- lint
- build-deps-onedir
- build-salt-onedir

24
.github/workflows/pre-commit-action.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Pre-Commit
on:
@ -7,9 +8,14 @@ on:
required: true
type: string
description: JSON string containing information about changed files
env:
PRE_COMMIT_VERSION: "2.21.0"
pre-commit-version:
required: true
type: string
description: The pre-commit version to install
cache-seed:
required: true
type: string
description: Seed used to invalidate caches
jobs:
Pre-Commit:
@ -32,14 +38,10 @@ jobs:
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-actionlint
- uses: ./.github/actions/setup-shellcheck
- name: Install Pre-Commit
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
pip install wheel "pre-commit==${PRE_COMMIT_VERSION}"
pre-commit install --install-hooks
- uses: ./.github/actions/setup-pre-commit
with:
version: ${{ inputs.pre-commit-version }}
cache-seed: ${{ inputs.cache-seed }}
- name: Check ALL Files On Branch
if: github.event_name != 'pull_request'

98
.github/workflows/prepare-release.yml vendored
View file

@ -1,98 +0,0 @@
name: Prepare Release
on:
workflow_call:
inputs:
salt-version:
type: string
required: true
description: The Salt version to set prior to creating the release diff.
cache-seed:
required: true
type: string
description: Seed used to invalidate caches
python-version:
required: false
type: string
default: "3.10"
env:
COLUMNS: 160
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
build:
name: Create Release Diff
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ inputs.python-version }}
uses: actions/setup-python@v4
with:
python-version: "${{ inputs.python-version }}"
- name: Cache Python Tools Virtualenvs
id: nox-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ inputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ inputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ inputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Generate MAN Pages
shell: bash
run: |
tools docs man
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Create release changes diff
shell: bash
run: |
git diff --no-color > salt-${{ inputs.salt-version }}.diff
- name: Upload Source Tarball as an Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
path: salt-${{ inputs.salt-version }}.diff
retention-days: 7
if-no-files-found: error

24
.github/workflows/publish-repositories.yml vendored
View file

@ -1,4 +1,5 @@
name: Deploy Nightly
---
name: Publish Repositories
on:
workflow_call:
@ -17,7 +18,7 @@ env:
jobs:
publish-repositories:
name: Publish Reporitories
name: Publish Repositories
runs-on:
- self-hosted
- linux
@ -25,6 +26,15 @@ jobs:
environment: ${{ inputs.environment }}
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Download Repository Artifact
uses: actions/download-artifact@v3
@ -32,10 +42,16 @@ jobs:
name: salt-${{ inputs.salt-version }}-${{ inputs.environment }}-repo
path: repo/
- name: Decompress Repository Artifacts
run: |
find repo/ -type f -name '*.tar.gz' -print -exec tar xvf {} \;
find repo/ -type f -name '*.tar.gz' -print -exec rm -f {} \;
- name: Show Repository
run: |
tree -a repo/
tree -a artifacts/pkgs/repo/
- name: Upload Repository Contents(${{ inputs.environment }})
run: |
aws s3 cp --acl bucket-owner-full-control --recursive repo/ s3://salt-project-prod-salt-artifacts-${{ inputs.environment }}
tools pkg repo publish ${{ inputs.environment }} \
${{ contains(inputs.salt-version, 'rc') && '--rc-build' || '' }} artifacts/pkgs/repo/

1
.github/workflows/release-tag.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Generate Tag and Github Release
on:

1
.github/workflows/release.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Generate Release Docs
on:

228
.github/workflows/scheduled.yml vendored
View file

@ -1,5 +1,5 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '.github/workflows/templates/scheduled.yml.j2'
# Instead, edit the template '.github/workflows/templates/scheduled.yml.jinja'
---
name: Scheduled
@ -10,7 +10,7 @@ on:
env:
COLUMNS: 160
CACHE_SEED: SEED-5 # Bump the number to invalidate all caches
CACHE_SEED: SEED-0 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
permissions:
@ -27,6 +27,7 @@ jobs:
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
runners: ${{ steps.runner-types.outputs.runners }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
@ -37,7 +38,7 @@ jobs:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
@ -95,6 +96,8 @@ jobs:
- cicd/golden-images.json
testrun:
- added|modified:
- *pkg_requirements
- *test_requirements
- *salt_added_modified
- *tests_added_modified
@ -115,34 +118,42 @@ jobs:
uses: ./.github/actions/setup-salt-version
with:
salt-version: ""
validate-version: true
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
- name: Define Runner Types
id: runner-types
run:
tools ci runner-types ${{ github.event_name }}
- name: Check Defined Runners
run:
echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.'
- name: Define Jobs
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
tools ci define-jobs ${{ github.event_name }} changed-files.json
- name: Check Collected Jobs
- name: Check Defined Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'
@ -171,28 +182,20 @@ jobs:
id: set-cache-seed
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
pre-commit:
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
pre-commit-version: "3.0.4"
lint:
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
@ -201,17 +204,123 @@ jobs:
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
runs-on: ubuntu-latest
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Cache Python Tools Virtualenvs
id: tools-venvs-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Cache Sphinx Doctrees
uses: actions/cache@v3
with:
path: doc/_build/doctrees/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|sphinx-doctrees|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Build Documentation
shell: bash
run: |
tools docs html --no-clean --archive salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
- name: Generate MAN Pages
shell: bash
run: |
tools docs man --no-clean
- name: Upload Built Documentation Archive
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
retention-days: 7
if-no-files-found: error
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Configure Git
shell: bash
run: |
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Setup Pre-Commit
uses: ./.github/actions/setup-pre-commit
with:
version: "3.0.4"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
- name: Commit Changes
shell: bash
run: |
# Run it twice so that pre-commit can fix anything that can be automatically fixed.
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Create release changes patch
shell: bash
run: |
git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
- name: Upload Changes Diff Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
retention-days: 7
if-no-files-found: error
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- prepare-release
@ -240,18 +349,19 @@ jobs:
build-deps-onedir:
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-salt-onedir:
name: Build Salt Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }}
needs:
- prepare-workflow
- build-deps-onedir
@ -260,23 +370,24 @@ jobs:
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
build-pkgs:
name: Build Salt Packages
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
windows-2016:
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -292,7 +403,7 @@ jobs:
windows-2019:
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -308,7 +419,7 @@ jobs:
windows-2022:
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -324,7 +435,7 @@ jobs:
macos-12:
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -340,7 +451,7 @@ jobs:
almalinux-8:
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -356,7 +467,7 @@ jobs:
almalinux-9:
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -372,7 +483,7 @@ jobs:
amazonlinux-2:
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -388,7 +499,7 @@ jobs:
archlinux-lts:
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -404,7 +515,7 @@ jobs:
centos-7:
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -420,7 +531,7 @@ jobs:
centosstream-8:
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -436,7 +547,7 @@ jobs:
centosstream-9:
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -452,7 +563,7 @@ jobs:
debian-10:
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -468,7 +579,7 @@ jobs:
debian-11:
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -484,7 +595,7 @@ jobs:
debian-11-arm64:
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -500,7 +611,7 @@ jobs:
fedora-36:
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -516,7 +627,7 @@ jobs:
opensuse-15:
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -532,7 +643,7 @@ jobs:
photonos-3:
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -548,7 +659,7 @@ jobs:
photonos-4:
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -564,7 +675,7 @@ jobs:
ubuntu-1804:
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -580,7 +691,7 @@ jobs:
ubuntu-2004:
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -596,7 +707,7 @@ jobs:
ubuntu-2004-arm64:
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -612,7 +723,7 @@ jobs:
ubuntu-2204:
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -628,7 +739,7 @@ jobs:
ubuntu-2204-arm64:
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -651,7 +762,6 @@ jobs:
needs:
- prepare-workflow
- pre-commit
- docs
- lint
- build-deps-onedir
- build-salt-onedir

20
.github/workflows/templates/README.md vendored Normal file
View file

@ -0,0 +1,20 @@
# Workflow Templates
The templates are used to generate the actual workflows that run on GitHub Actions.
They use [Jinja2](https://jinja.palletsprojects.com) as the template engine.
## To Note
Let's try to keep the Jinja usage to the bare minimum because, as time passes,
the complexity just piles up making it harder to read and interpret the templates.
### Changes To Default Jinja Syntax
By default Jinja uses `{% ... %}`, `{{ ... }}`, `{# ... #}`, etc to do it's magic.
In order not to clash with the GitHub Actions syntax, and to also avoid having to
add bunch of `{% raw %} ... {% endraw %}` blocks, we changed some things:
* Instead of `{%` and `%}` use `<%` and `%>`
* Instead of `{{` and `}}` use `<{` and `}>`
The rest of Jinja2 defaults apply.

45
.github/workflows/templates/check-workflow-run.yml.jinja vendored Normal file
View file

@ -0,0 +1,45 @@
{#- This workflow will restart failed workflow runs.
We should stop using this workflow once we remove the flakyness from
Salt's test suite
-#}
---
name: <{ workflow_name }>
on:
workflow_run:
types:
- completed
workflows:
<%- for workflow in check_workflows %>
- <{ workflow }>
<%- endfor %>
permissions:
actions: write
jobs:
restart-failed-workflow-runs:
name: "Restart Workflow (ID: ${{ github.event.workflow_run.id }}; Attempt: ${{ github.event.workflow_run.run_attempt }})"
if: ${{ github.event.workflow_run.conclusion == 'failure' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Pretty Print The GH Actions Event
run:
tools ci print-gh-event
- name: Restart Workflow
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
tools ci rerun-workflow

250
.github/workflows/templates/ci.yml.j2 → .github/workflows/templates/ci.yml.jinja vendored
View file

@ -1,4 +1,5 @@
<%- extends 'layout.yml.j2' %>
<%- extends 'layout.yml.jinja' %>
<%- set pre_commit_version = "3.0.4" %>
<%- block on %>
on:
@ -6,45 +7,34 @@ on:
pull_request: {}
<%- endblock on %>
<%- block jobs %>
<{- super() }>
<%- if includes.get('pre-commit', True) %>
pre-commit:
<%- do conclusion_needs.append('pre-commit') %>
<%- set job_name = "pre-commit" %>
<%- if includes.get(job_name, True) %>
<{ job_name }>:
<%- do conclusion_needs.append(job_name) %>
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
pre-commit-version: "<{ pre_commit_version }>"
<%- endif %>
<%- if includes.get('docs', True) %>
docs:
<%- do conclusion_needs.append('docs') %>
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
<%- endif %>
<%- if includes.get('lint', True) %>
<%- set job_name = "lint" %>
<%- if includes.get(job_name, True) %>
lint:
<%- do conclusion_needs.append('lint') %>
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
@ -54,26 +44,134 @@ on:
<%- endif %>
<%- if includes.get('prepare-release', True) %>
<%- set job_name = "prepare-release" %>
<%- if includes.get(job_name, True) %>
prepare-release:
<{ job_name }>:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
runs-on: ubuntu-latest
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
id: setup-python
with:
python-version: "3.10"
- name: Cache Python Tools Virtualenvs
id: tools-venvs-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Cache Sphinx Doctrees
uses: actions/cache@v3
with:
path: doc/_build/doctrees/
key: ${{ needs.prepare-workflow.outputs.cache-seed }}|${{ github.workflow }}|sphinx-doctrees|${{ steps.setup-python.outputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Build Documentation
shell: bash
run: |
tools docs html --no-clean --archive salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
- name: Generate MAN Pages
shell: bash
run: |
tools docs man --no-clean
- name: Upload Built Documentation Archive
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs.tar.xz
retention-days: 7
if-no-files-found: error
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Configure Git
shell: bash
run: |
git config --global user.name "Salt Project Packaging"
git config --global user.email saltproject-packaging@vmware.com
- name: Setup Pre-Commit
uses: ./.github/actions/setup-pre-commit
with:
version: "<{ pre_commit_version }>"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
- name: Commit Changes
shell: bash
run: |
# Run it twice so that pre-commit can fix anything that can be automatically fixed.
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \
git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Create release changes patch
shell: bash
run: |
git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
- name: Upload Changes Diff Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch
retention-days: 7
if-no-files-found: error
<%- endif %>
<%- if includes.get('build-source-tarball', True) %>
<%- set job_name = "build-source-tarball" %>
<%- if includes.get(job_name, True) %>
build-source-tarball:
<{ job_name }>:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- prepare-release
@ -103,29 +201,32 @@ on:
<%- endif %>
<%- if includes.get('build-deps-onedir', True) %>
<%- set job_name = "build-deps-onedir" %>
<%- if includes.get(job_name, True) %>
build-deps-onedir:
<%- do conclusion_needs.append('build-deps-onedir') %>
<{ job_name }>:
<%- do conclusion_needs.append(job_name) %>
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
<%- endif %>
<%- if includes.get('build-salt-onedir', True) %>
<%- set job_name = "build-salt-onedir" %>
<%- if includes.get(job_name, True) %>
build-salt-onedir:
<%- do conclusion_needs.append('build-salt-onedir') %>
<{ job_name }>:
<%- do conclusion_needs.append(job_name) %>
name: Build Salt Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] }}
needs:
- prepare-workflow
- build-deps-onedir
@ -134,35 +235,38 @@ on:
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
<%- endif %>
<%- if includes.get('build-pkgs', True) %>
<%- set job_name = "build-pkgs" %>
<%- if includes.get(job_name, True) %>
build-pkgs:
<%- do conclusion_needs.append('build-pkgs') %>
<{ job_name }>:
<%- do conclusion_needs.append(job_name) %>
name: Build Salt Packages
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
<%- endif %>
<%- if includes.get('salt-tests', True) %>
<%- set job_name = "salt-tests" %>
<%- if includes.get(job_name, True) %>
windows-2016:
<%- do test_salt_needs.append('windows-2016') %>
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -179,7 +283,7 @@ on:
windows-2019:
<%- do test_salt_needs.append('windows-2019') %>
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -196,7 +300,7 @@ on:
windows-2022:
<%- do test_salt_needs.append('windows-2022') %>
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -213,7 +317,7 @@ on:
macos-12:
<%- do test_salt_needs.append('macos-12') %>
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -230,7 +334,7 @@ on:
almalinux-8:
<%- do test_salt_needs.append('almalinux-8') %>
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -247,7 +351,7 @@ on:
almalinux-9:
<%- do test_salt_needs.append('almalinux-9') %>
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -264,7 +368,7 @@ on:
amazonlinux-2:
<%- do test_salt_needs.append('amazonlinux-2') %>
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -281,7 +385,7 @@ on:
archlinux-lts:
<%- do test_salt_needs.append('archlinux-lts') %>
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -298,7 +402,7 @@ on:
centos-7:
<%- do test_salt_needs.append('centos-7') %>
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -315,7 +419,7 @@ on:
centosstream-8:
<%- do test_salt_needs.append('centosstream-8') %>
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -332,7 +436,7 @@ on:
centosstream-9:
<%- do test_salt_needs.append('centosstream-9') %>
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -349,7 +453,7 @@ on:
debian-10:
<%- do test_salt_needs.append('debian-10') %>
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -366,7 +470,7 @@ on:
debian-11:
<%- do test_salt_needs.append('debian-11') %>
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -383,7 +487,7 @@ on:
debian-11-arm64:
<%- do test_salt_needs.append('debian-11-arm64') %>
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -400,7 +504,7 @@ on:
fedora-36:
<%- do test_salt_needs.append('fedora-36') %>
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -417,7 +521,7 @@ on:
opensuse-15:
<%- do test_salt_needs.append('opensuse-15') %>
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -434,7 +538,7 @@ on:
photonos-3:
<%- do test_salt_needs.append('photonos-3') %>
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -451,7 +555,7 @@ on:
photonos-4:
<%- do test_salt_needs.append('photonos-4') %>
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -468,7 +572,7 @@ on:
ubuntu-1804:
<%- do test_salt_needs.append('ubuntu-1804') %>
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -485,7 +589,7 @@ on:
ubuntu-2004:
<%- do test_salt_needs.append('ubuntu-2004') %>
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -502,7 +606,7 @@ on:
ubuntu-2004-arm64:
<%- do test_salt_needs.append('ubuntu-2004-arm64') %>
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -519,7 +623,7 @@ on:
ubuntu-2204:
<%- do test_salt_needs.append('ubuntu-2204') %>
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir
@ -536,7 +640,7 @@ on:
ubuntu-2204-arm64:
<%- do test_salt_needs.append('ubuntu-2204-arm64') %>
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }}
needs:
- prepare-workflow
- build-salt-onedir

31
.github/workflows/templates/layout.yml.j2 → .github/workflows/templates/layout.yml.jinja vendored
View file

@ -16,7 +16,7 @@ on:
env:
COLUMNS: 160
CACHE_SEED: SEED-5 # Bump the number to invalidate all caches
CACHE_SEED: SEED-0 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
<%- endblock env %>
@ -36,7 +36,7 @@ concurrency:
# not cancel previous builds.
# However, for every new build against the same pull request source branch,
# all older builds against that same branch get canceled.
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
<%- endblock concurrency %>
@ -52,6 +52,7 @@ jobs:
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
runners: ${{ steps.runner-types.outputs.runners }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
@ -62,7 +63,7 @@ jobs:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
@ -120,6 +121,8 @@ jobs:
- cicd/golden-images.json
testrun:
- added|modified:
- *pkg_requirements
- *test_requirements
- *salt_added_modified
- *tests_added_modified
@ -140,34 +143,42 @@ jobs:
uses: ./.github/actions/setup-salt-version
with:
salt-version: "<{ prepare_workflow_salt_version_input }>"
validate-version: true
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
if: ${{ github.event_name == 'pull_request' }}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
- name: Define Runner Types
id: runner-types
run:
tools ci runner-types ${{ github.event_name }}
- name: Check Defined Runners
run:
echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.'
- name: Define Jobs
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
tools ci define-jobs ${{ github.event_name }} changed-files.json
- name: Check Collected Jobs
- name: Check Defined Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'

4
.github/workflows/templates/nightly.yml.j2 → .github/workflows/templates/nightly.yml.jinja vendored
View file

@ -1,5 +1,5 @@
<%- set gh_environment = gh_environment|default("nightly") %>
<%- extends 'ci.yml.j2' %>
<%- extends 'ci.yml.jinja' %>
<%- block on %>
@ -13,7 +13,7 @@ on:
<%- block concurrency %>
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
<%- endblock concurrency %>

2
.github/workflows/templates/scheduled.yml.j2 → .github/workflows/templates/scheduled.yml.jinja vendored
View file

@ -1,4 +1,4 @@
<%- extends 'ci.yml.j2' %>
<%- extends 'ci.yml.jinja' %>
<%- block on %>

105
.github/workflows/test-action-macos.yml vendored
View file

@ -1,4 +1,5 @@
name: Test Artifact
---
name: Test Artifact(macOS)
on:
workflow_call:
@ -308,54 +309,42 @@ jobs:
mv artifacts/coverage/.coverage artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ env.NOX_SESSION }}.${{ matrix.tests-chunk }}
echo "COVERAGE_FILE=artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ env.NOX_SESSION }}.${{ matrix.tests-chunk }}" >> GITHUB_ENV
- name: Upload Test Run Artifacts
if: always() && job.status != 'cancelled'
- name: Upload Code Coverage Test Run Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts
!artifacts/salt/*
!artifacts/salt-*.tar.*
artifacts/coverage/
# - name: Publish Test Report
# uses: mikepenz/action-junit-report@v3
# if: always() && steps.download-artifacts-from-vm.outcome == 'success'
# with:
# check_name: Test Results(${{ inputs.distro-slug }} ${{ matrix.tests-chunk }})
# report_paths: 'artifacts/xml-unittests-output/*.xml'
# annotate_only: true
- name: Upload JUnit XML Test Run Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts/xml-unittests-output/
- name: Report Salt Code Coverage(${{ matrix.tests-chunk }})
if: always() && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
- name: Report Tests Code Coverage(${{ matrix.tests-chunk }})
if: always() && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage(${{ matrix.tests-chunk }})
continue-on-error: true
if: always() && job.status != 'cancelled'
run: |
nox --force-color -e report-coverage
- name: Upload Test Run Log Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-log-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts/logs
report:
name: Reports for ${{ inputs.distro-slug }}(${{ matrix.transport }})
if: always() && needs.test.result != 'cancelled' && needs.test.result != 'skipped'
runs-on: ubuntu-latest
needs:
- test
- generate-matrix
if: always() && needs.test.result != 'cancelled' && needs.test.result != 'skipped'
- test
strategy:
fail-fast: false
matrix:
include: ${{ fromJSON(needs.generate-matrix.outputs.matrix-include) }}
include: ${{ fromJSON(needs.generate-matrix.outputs.transport-matrix-include) }}
steps:
- name: Checkout Source Code
@ -364,30 +353,29 @@ jobs:
- name: Define Nox Session
run: |
if [ "${{ matrix.transport }}" != "tcp" ]; then
echo NOX_SESSION=${{ inputs.nox-session}} >> "$GITHUB_ENV"
echo NOX_SESSION=${{ inputs.nox-session }} >> "$GITHUB_ENV"
else
echo NOX_SESSION=${{ inputs.nox-session}}-tcp >> "$GITHUB_ENV"
echo NOX_SESSION=${{ inputs.nox-session }}-tcp >> "$GITHUB_ENV"
fi
- name: Download Test Run Artifacts
id: download-test-run-artifacts
- name: Download Code Coverage Test Run Artifacts
uses: actions/download-artifact@v3
id: download-coverage-artifacts
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts
name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts/coverage/
- name: Show Test Run Artifacts
if: always() && steps.download-test-run-artifacts.outcome == 'success'
- name: Download JUnit XML Test Run Artifacts
uses: actions/download-artifact@v3
id: download-junit-artifacts
with:
name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts/xml-unittests-output/
- name: Show Downloaded Test Run Artifacts
run: |
tree -a artifacts
- name: Upload Code Coverage DB
if: always() && steps.download-test-run-artifacts.outcome == 'success'
uses: actions/upload-artifact@v3
with:
name: code-coverage
path: artifacts/coverage
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
@ -397,17 +385,32 @@ jobs:
run: |
python3 -m pip install 'nox==${{ env.NOX_VERSION }}'
- name: Combine Code Coverage
continue-on-error: true
run: |
nox --force-color -e combine-coverage
- name: Upload Code Coverage DB
if: always() && steps.download-coverage-artifacts.outcome == 'success'
uses: actions/upload-artifact@v3
with:
name: code-coverage
path: artifacts/coverage
- name: Report Salt Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
- name: Report Tests Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage
@ -415,8 +418,8 @@ jobs:
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
# always run even if the previous steps fails
if: always() && github.event_name == 'push' && steps.download-test-run-artifacts.outcome == 'success'
if: always() && github.event_name == 'push' && steps.download-junit-artifacts.outcome == 'success'
with:
check_name: Overall Test Results(${{ inputs.distro-slug }})
check_name: Test Results(${{ inputs.distro-slug }})
report_paths: 'artifacts/xml-unittests-output/*.xml'
annotate_only: true

97
.github/workflows/test-action.yml vendored
View file

@ -1,3 +1,4 @@
---
name: Test Artifact
on:
@ -312,61 +313,45 @@ jobs:
run: |
tools --timestamps vm destroy ${{ inputs.distro-slug }} || true
- name: Upload Test Run Artifacts
- name: Upload Code Coverage Test Run Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts
!artifacts/salt/*
!artifacts/salt-*.tar.*
artifacts/coverage/
# - name: Publish Test Report
# uses: mikepenz/action-junit-report@v3
# if: always() && steps.download-artifacts-from-vm.outcome == 'success'
# with:
# check_name: Test Results(${{ inputs.distro-slug }} ${{ matrix.tests-chunk }})
# report_paths: 'artifacts/xml-unittests-output/*.xml'
# annotate_only: true
- name: Install Nox
- name: Upload JUnit XML Test Run Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
run: |
python3 -m pip install 'nox==${{ env.NOX_VERSION }}'
uses: actions/upload-artifact@v3
with:
name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts/xml-unittests-output/
- name: Report Salt Code Coverage(${{ matrix.tests-chunk }})
- name: Upload Test Run Log Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
uses: actions/upload-artifact@v3
with:
name: testrun-log-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: |
artifacts/logs
- name: Report Tests Code Coverage(${{ matrix.tests-chunk }})
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage(${{ matrix.tests-chunk }})
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage
report:
name: Reports for ${{ inputs.distro-slug }}(${{ matrix.transport }})
if: always() && needs.test.result != 'cancelled' && needs.test.result != 'skipped'
runs-on:
- self-hosted
- linux
- x86_64
if: always() && needs.test.result != 'cancelled' && needs.test.result != 'skipped'
needs:
- test
- generate-matrix
- test
strategy:
fail-fast: false
matrix:
include: ${{ fromJSON(needs.generate-matrix.outputs.matrix-include) }}
include: ${{ fromJSON(needs.generate-matrix.outputs.transport-matrix-include) }}
steps:
- name: Checkout Source Code
@ -380,25 +365,24 @@ jobs:
echo NOX_SESSION=${{ inputs.nox-session }}-tcp >> "$GITHUB_ENV"
fi
- name: Download Test Run Artifacts
id: download-test-run-artifacts
- name: Download Code Coverage Test Run Artifacts
uses: actions/download-artifact@v3
id: download-coverage-artifacts
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts
name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts/coverage/
- name: Show Test Run Artifacts
if: always() && steps.download-test-run-artifacts.outcome == 'success'
- name: Download JUnit XML Test Run Artifacts
uses: actions/download-artifact@v3
id: download-junit-artifacts
with:
name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
path: artifacts/xml-unittests-output/
- name: Show Downloaded Test Run Artifacts
run: |
tree -a artifacts
- name: Upload Code Coverage DB
if: always() && steps.download-test-run-artifacts.outcome == 'success'
uses: actions/upload-artifact@v3
with:
name: code-coverage
path: artifacts/coverage
- name: Set up Python 3.9
uses: actions/setup-python@v4
with:
@ -408,17 +392,32 @@ jobs:
run: |
python3 -m pip install 'nox==${{ env.NOX_VERSION }}'
- name: Combine Code Coverage
continue-on-error: true
run: |
nox --force-color -e combine-coverage
- name: Upload Code Coverage DB
if: always() && steps.download-coverage-artifacts.outcome == 'success'
uses: actions/upload-artifact@v3
with:
name: code-coverage
path: artifacts/coverage
- name: Report Salt Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
- name: Report Tests Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage
if: always() && steps.download-coverage-artifacts.outcome == 'success'
continue-on-error: true
run: |
nox --force-color -e report-coverage
@ -426,8 +425,8 @@ jobs:
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
# always run even if the previous steps fails
if: always() && github.event_name == 'push' && steps.download-test-run-artifacts.outcome == 'success'
if: always() && github.event_name == 'push' && steps.download-junit-artifacts.outcome == 'success'
with:
check_name: Overall Test Results(${{ inputs.distro-slug }})
check_name: Test Results(${{ inputs.distro-slug }})
report_paths: 'artifacts/xml-unittests-output/*.xml'
annotate_only: true

1
.github/workflows/triage.yml vendored
View file

@ -1,3 +1,4 @@
---
name: New Issues Triage Assignment
concurrency: 1
on:

1
.mention-bot
View file

@ -14,4 +14,3 @@
"skipTitle": "Merge forward",
"userBlacklist": ["cvrebert", "markusgattol", "olliewalsh", "basepi"]
}

67
.pre-commit-config.yaml
View file

@ -1,16 +1,57 @@
---
default_language_version:
python: python3
exclude: ^(doc/_static/.*|doc/_themes/.*)$
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.4.0
hooks:
- id: check-merge-conflict # Check for files that contain merge conflict strings.
- id: trailing-whitespace # Trims trailing whitespace.
args:
- --markdown-linebreak-ext=md
exclude: >
(?x)^(
pkg/macos/pkg-resources/.*\.rtf
)$
- id: mixed-line-ending # Replaces or checks mixed line ending.
args:
- --fix=lf
- id: end-of-file-fixer # Makes sure files end in a newline and only a newline.
- id: check-ast # Simply check whether files parse as valid python.
exclude: >
(?x)^(
templates/.*
)$
- id: check-case-conflict # Check for files with names that would conflict on a
# case-insensitive filesystem like MacOS HFS+ or Windows FAT.
- id: check-json # Attempts to load all json files to verify syntax.
- id: check-symlinks # Checks for symlinks which do not point to anything.
- id: debug-statements # Check for debugger imports and py37+ breakpoint() calls in python source.
exclude: >
(?x)^(
templates/.*
)$
- id: fix-byte-order-marker # removes UTF-8 byte order marker
- id: forbid-submodules # forbids any submodules in the repository.
- id: fix-encoding-pragma # Remove `# -*- coding: utf-8 -*-` from the top of python files.
args:
- --remove
exclude: >
(?x)^(
salt/ext/.*
)$
- repo: https://github.com/s0undt3ch/python-tools-scripts
rev: "0.10.1"
rev: "0.10.2"
hooks:
- id: tools
alias: generate-workflows
name: Generate GitHub Workflow Templates
files: ^.github/workflows/templates/.*$
files: ^(tools/pre_commit\.py|.github/workflows/templates/.*)$
pass_filenames: false
args:
- pre-commit
@ -36,7 +77,7 @@ repos:
- packaging==23.0
- repo: https://github.com/saltstack/pip-tools-compile-impersonate
rev: "4.6"
rev: "4.8"
hooks:
# ----- Packaging Requirements ------------------------------------------------------------------------------------>
@ -776,10 +817,6 @@ repos:
- --platform=linux
- --include=requirements/base.txt
- --include=requirements/zeromq.txt
- --include=requirements/static/pkg/linux.in
- --include=requirements/static/ci/linux.in
- --include=requirements/static/ci/common.in
- --pip-args=--constraint=requirements/static/ci/py{py_version}/linux.txt
- requirements/static/ci/docs.in
- id: pip-tools-compile
@ -793,10 +830,6 @@ repos:
- --platform=linux
- --include=requirements/base.txt
- --include=requirements/zeromq.txt
- --include=requirements/static/pkg/linux.in
- --include=requirements/static/ci/linux.in
- --include=requirements/static/ci/common.in
- --pip-args=--constraint=requirements/static/ci/py{py_version}/linux.txt
- requirements/static/ci/docs.in
- id: pip-tools-compile
@ -810,10 +843,6 @@ repos:
- --platform=linux
- --include=requirements/base.txt
- --include=requirements/zeromq.txt
- --include=requirements/static/pkg/linux.in
- --include=requirements/static/ci/linux.in
- --include=requirements/static/ci/common.in
- --pip-args=--constraint=requirements/static/ci/py{py_version}/linux.txt
- requirements/static/ci/docs.in
- id: pip-tools-compile
@ -827,10 +856,6 @@ repos:
- --platform=linux
- --include=requirements/base.txt
- --include=requirements/zeromq.txt
- --include=requirements/static/pkg/linux.in
- --include=requirements/static/ci/linux.in
- --include=requirements/static/ci/common.in
- --pip-args=--constraint=requirements/static/ci/py{py_version}/linux.txt
- requirements/static/ci/docs.in
- id: pip-tools-compile
@ -844,10 +869,6 @@ repos:
- --platform=linux
- --include=requirements/base.txt
- --include=requirements/zeromq.txt
- --include=requirements/static/pkg/linux.in
- --include=requirements/static/ci/linux.in
- --include=requirements/static/ci/common.in
- --pip-args=--constraint=requirements/static/ci/py{py_version}/linux.txt
- requirements/static/ci/docs.in
# <---- Doc CI Requirements ----------------------------------------------------------------------------------------

24
CONTRIBUTING.rst
View file

@ -272,7 +272,7 @@ contributions! But your PR will be labeled ``Needs Testcase`` and
``Help Wanted`` until someone can get to write the tests/documentation.
Of course, if you have a desire but just lack the skill we are more than
happy to collaborate and help out! There's the `documentation working
group <https://saltstack.gitlab.io/open/docs/docs-hub/topics/home.html>`__
group <https://saltstack.gitlab.io/open/docs/docs-hub/topics/home.html>`__
and the `testing working group <https://github.com/saltstack/community/tree/master/working_groups/wg-Testing>`__.
We also regularly stream our test clinic `live on
Twitch <https://www.twitch.tv/saltprojectoss>`__ every Tuesday afternoon
@ -289,7 +289,7 @@ the ``salt/doc`` folder for documentation. Sphinx is used to generate the
documentation, and does require ``imagemagick``. See `Set up imagemagick`_ for
more information.
Before submitting a documentation PR, it helps to first build the Salt docs
Before submitting a documentation PR, it helps to first build the Salt docs
locally on your machine and preview them. Local previews helps you:
- Debug potential documentation output errors before submitting a PR.
@ -297,30 +297,30 @@ locally on your machine and preview them. Local previews helps you:
more than 30 minutes to run on a PR.
- Ensures the final output looks the way you intended it to look.
To set up your local environment to preview the core Salt and module
To set up your local environment to preview the core Salt and module
documentation:
#. Install the documentation dependencies. For example, on Ubuntu:
::
sudo apt-get update
sudo apt-get install -y enchant-2 git gcc imagemagick make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev xz-utils inkscape
#. Navigate to the folder where you store your Salt repository and remove any
#. Navigate to the folder where you store your Salt repository and remove any
`.nox` directories that might be in that folder:
::
rm -rf .nox
#. Install `pyenv` for the version of Python needed to run the docs. As of the
#. Install `pyenv` for the version of Python needed to run the docs. As of the
time of writing, the Salt docs theme is not compatible with Python 3.10, so
you'll need to run 3.9 or earlier. For example:
::
pyenv install 3.7.15
pyenv virtualenv 3.7.15 salt-docs
echo 'salt-docs' > .python-version
@ -328,14 +328,14 @@ documentation:
#. Activate `pyenv` if it's not auto-activated:
::
pyenv exec pip install -U pip setuptools wheel
#. Install `nox` into your pyenv environment, which is the utility that will
build the Salt documentation:
::
pyenv exec pip install nox
@ -346,7 +346,7 @@ with this one-liner:
python -m nox -e 'docs-html(compress=False, clean=False)'; cd doc/_build/html; python -m webbrowser http://localhost:8000/contents.html; python -m http.server
The first time you build the docs, it will take a while because there are a
The first time you build the docs, it will take a while because there are a
*lot* of modules. Maybe you should go grab some dessert if you already finished
that sandwich. But once nox and Sphinx are done building the docs, python should
launch your default browser with the URL
@ -581,7 +581,7 @@ When you open your PR, a reviewer will get automatically assigned. If
your PR is submitted during the week you should be able to expect some
kind of communication within that business day. If your tests are
passing and we're not in a code freeze, ideally your code will be merged
that week or month. If you haven't heard from your assigned reviewer, ping them
that week or month. If you haven't heard from your assigned reviewer, ping them
on GitHub, `irc <https://web.libera.chat/#salt>`__, or Community Slack.
It's likely that your reviewer will leave some comments that need

52
README.rst
View file

@ -41,54 +41,54 @@
About Salt
==========
Built on Python, Salt is an event-driven automation tool and framework to
deploy, configure, and manage complex IT systems. Use Salt to automate common
infrastructure administration tasks and ensure that all the components of your
Built on Python, Salt is an event-driven automation tool and framework to
deploy, configure, and manage complex IT systems. Use Salt to automate common
infrastructure administration tasks and ensure that all the components of your
infrastructure are operating in a consistent desired state.
Salt has many possible uses, including configuration management, which involves:
* Managing operating system deployment and configuration.
* Installing and configuring software applications and services.
* Managing servers, virtual machines, containers, databases, web servers,
* Managing servers, virtual machines, containers, databases, web servers,
network devices, and more.
* Ensuring consistent configuration and preventing configuration drift.
Salt is ideal for configuration management because it is pluggable,
customizable, and plays well with many existing technologies. Salt enables you
to deploy and manage applications that use any tech stack running on nearly any
`operating system <https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_,
including different types of network devices such as switches and routers from a
Salt is ideal for configuration management because it is pluggable,
customizable, and plays well with many existing technologies. Salt enables you
to deploy and manage applications that use any tech stack running on nearly any
`operating system <https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_,
including different types of network devices such as switches and routers from a
variety of vendors.
In addition to configuration management Salt can also:
* Automate and orchestrate routine IT processes, such as common required tasks
* Automate and orchestrate routine IT processes, such as common required tasks
for scheduled server downtimes or upgrading operating systems or applications.
* Create self-aware, self-healing systems that can automatically respond to
* Create self-aware, self-healing systems that can automatically respond to
outages, common administration problems, or other important events.
About our sponsors
==================
Salt powers VMware's `vRealize Automation SaltStack Config`_, and can be found
under the hood of products from Juniper, Cisco, Cloudflare, Nutanix, SUSE, and
Salt powers VMware's `vRealize Automation SaltStack Config`_, and can be found
under the hood of products from Juniper, Cisco, Cloudflare, Nutanix, SUSE, and
Tieto, to name a few.
The original sponsor of our community, SaltStack, was `acquired by VMware in 2020 <https://www.vmware.com/company/acquisitions/saltstack.html>`_.
The Salt Project remains an open source ecosystem that VMware supports and
contributes to. VMware ensures the code integrity and quality of the Salt
modules by acting as the official sponsor and manager of the Salt project. Many
of the core Salt Project contributors are also VMware employees. This team
carefully reviews and enhances the Salt modules to ensure speed, quality, and
contributes to. VMware ensures the code integrity and quality of the Salt
modules by acting as the official sponsor and manager of the Salt project. Many
of the core Salt Project contributors are also VMware employees. This team
carefully reviews and enhances the Salt modules to ensure speed, quality, and
security.
Download and install Salt
=========================
Salt is tested and packaged to run on CentOS, Debian, RHEL, Ubuntu, MacOS,
Windows, and more. Download Salt and get started now. See
`supported operating systems <https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_
Windows, and more. Download Salt and get started now. See
`supported operating systems <https://docs.saltproject.io/salt/install-guide/en/latest/topics/salt-supported-operating-systems.html>`_
for more information.
To download and install Salt, see:
@ -100,8 +100,8 @@ Technical support
=================
Report bugs or problems using Salt by opening an issue: `<https://github.com/saltstack/salt/issues>`_
To join our community forum where you can exchange ideas, best practices,
discuss technical support questions, and talk to project maintainers, join our
To join our community forum where you can exchange ideas, best practices,
discuss technical support questions, and talk to project maintainers, join our
Slack workspace: `Salt Project Community Slack`_
@ -137,11 +137,11 @@ refer to the `SECURITY.md`_ file found in this repository.
Join our community
==================
Salt is built by the Salt Project community, which includes more than 3,000
contributors working in roles just like yours. This well-known and trusted
community works together to improve the underlying technology and extend Salt by
creating a variety of execution and state modules to accomplish the most common
tasks or solve the most important problems that people in your role are likely
Salt is built by the Salt Project community, which includes more than 3,000
contributors working in roles just like yours. This well-known and trusted
community works together to improve the underlying technology and extend Salt by
creating a variety of execution and state modules to accomplish the most common
tasks or solve the most important problems that people in your role are likely
to face.
If you want to help extend Salt or solve a problem with Salt, you can join our

1
SUPPORT.rst
View file

@ -30,4 +30,3 @@ guidelines for filing bug reports:
**SaltStack Support** - If you need dedicated, prioritized support, please
consider a SaltStack Support package that fits your needs:
`<http://www.saltstack.com/support>`_

2
changelog/59439.changed
View file

@ -1 +1 @@
Improve support for listing macOS brew casks
Improve support for listing macOS brew casks

2
changelog/59917.removed
View file

@ -1 +1 @@
Remove and deprecate the __orchestration__ key from salt.runner and salt.wheel return data. To get it back, set features.enable_deprecated_orchestration_flag master configuration option to True. The flag will be completely removed in Salt 3008 Argon.
Remove and deprecate the __orchestration__ key from salt.runner and salt.wheel return data. To get it back, set features.enable_deprecated_orchestration_flag master configuration option to True. The flag will be completely removed in Salt 3008 Argon.

2
changelog/60430.added
View file

@ -1 +1 @@
Added ability for `salt.wait_for_event` to handle `event_id`s that have a list value.
Added ability for `salt.wait_for_event` to handle `event_id`s that have a list value.

2
changelog/60722.added
View file

@ -1 +1 @@
Added .0 back to our versioning scheme for future versions (e.g. 3006.0)
Added .0 back to our versioning scheme for future versions (e.g. 3006.0)

2
changelog/60915.fixed
View file

@ -1 +1 @@
Fixed parsing new format of terraform states in roster.terraform
Fixed parsing new format of terraform states in roster.terraform

2
changelog/61727.fixed
View file

@ -1 +1 @@
Fix SoftLayer configuration not raising an exception when a domain is missing
Fix SoftLayer configuration not raising an exception when a domain is missing

2
changelog/62220.fixed
View file

@ -1 +1 @@
Added EndeavourOS to the Arch os_family.
Added EndeavourOS to the Arch os_family.

2
changelog/62281.fixed
View file

@ -1 +1 @@
Fix Salt Package Manager (SPM) exception when calling spm create_repo .
Fix Salt Package Manager (SPM) exception when calling spm create_repo .

1
changelog/62578.added
View file

@ -1,2 +1 @@
Adds __env__substitution to ext_pillar.stack; followup of #61531, improved exception handling for stacked template (jinja) template rendering and yaml parsing in ext_pillar.stack

2
changelog/62624.fixed
View file

@ -1 +1 @@
updated rest_cherry/app to properly detect arg sent as a string as curl will do when only one arg is supplied.
updated rest_cherry/app to properly detect arg sent as a string as curl will do when only one arg is supplied.

2
changelog/62761.added
View file

@ -1 +1 @@
Added "connected_devices" feature to netbox pillar module. It contains extra information about devices connected to the minion
Added "connected_devices" feature to netbox pillar module. It contains extra information about devices connected to the minion

2
changelog/63050.changed
View file

@ -1,5 +1,5 @@
netapi_enable_clients option to allow enabling/disabling of clients in salt-api.
By default all clients will now be disabled. Users of salt-api will need
to update their master config to enable the clients that they use. Not adding
the netapi_enable_clients option with required clients to the master config will
the netapi_enable_clients option with required clients to the master config will
disable salt-api.

2
changelog/63067.added
View file

@ -1 +1 @@
salt-cloud support IMDSv2 tokens when using 'use-instance-role-credentials'
salt-cloud support IMDSv2 tokens when using 'use-instance-role-credentials'

32
cicd/amis.yml
View file

@ -1,16 +1,16 @@
alma-8-x86_64: ami-06a0308b91cb200a9
amazon-2-x86_64: ami-0c90093e3bd780a39
arch-lts-x86_64: ami-06add6fca560d2eb4
centos-7-x86_64: ami-0ebd831e01bac517e
centosstream-9-x86_64: ami-0fb16e7ca51a4a2ce
debian-10-amd64: ami-0921776a91e318079
debian-11-arm64: ami-0cee49983fb18e3c6
debian-11-amd64: ami-0254b7daa13b2e771
opensuse-15-x86_64: ami-054f02d7bdc81a344
photon-3-x86_64: ami-0339c0cccf30b6ffb
ubuntu-1804-amd64: ami-04aff0098ebd2e3f2
ubuntu-2004-arm64: ami-0a910a24b6179c172
ubuntu-2004-amd64: ami-05cd617cfcc4c2e2d
ubuntu-2204-amd64: ami-04098f5c44c12ffc5
windows-2016-x64: ami-0b4c01a38d46cd809
windows-2019-x64: ami-033defff9aa227eb3
alma-8-x86_64: ami-04415112e2c1dbb18
amazon-2-x86_64: ami-08d28a75c4ca6c213
arch-lts-x86_64: ami-01bef72c85cb42b49
centos-7-x86_64: ami-000e0bb0e3e3e3eb9
centosstream-9-x86_64: ami-061b4deba22f2e193
debian-10-amd64: ami-0d283b7f523dc79a1
debian-11-arm64: ami-04e4cf9e06c8507fd
debian-11-amd64: ami-0bdd4ad44797176d5
opensuse-15-x86_64: ami-0f082f48aaf8d7025
photon-3-x86_64: ami-0796b16d4f04f5f39
ubuntu-1804-amd64: ami-025d583cda1198992
ubuntu-2004-arm64: ami-0274b3bc5e9f97e25
ubuntu-2004-amd64: ami-09721ea22726563cd
ubuntu-2204-amd64: ami-007efe8c00884373a
windows-2016-x64: ami-0578169cd1e58e660
windows-2019-x64: ami-0cfdf16ad0f616c61

90
cicd/golden-images.json
View file

@ -1,8 +1,8 @@
{
"almalinux-8": {
"ami": "ami-06a0308b91cb200a9",
"ami": "ami-04415112e2c1dbb18",
"ami_description": "CI Image of AlmaLinux 8 x86_64",
"ami_name": "salt-project/ci/almalinux/8/x86_64/20230124.1205",
"ami_name": "salt-project/ci/almalinux/8/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -10,9 +10,9 @@
"ssh_username": "ec2-user"
},
"almalinux-9": {
"ami": "ami-040d4b7558be06356",
"ami": "ami-05b7179c5f7966411",
"ami_description": "CI Image of AlmaLinux 9 x86_64",
"ami_name": "salt-project/ci/almalinux/9/x86_64/20230124.1205",
"ami_name": "salt-project/ci/almalinux/9/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -20,9 +20,9 @@
"ssh_username": "ec2-user"
},
"amazonlinux-2": {
"ami": "ami-0c90093e3bd780a39",
"ami": "ami-08d28a75c4ca6c213",
"ami_description": "CI Image of AmazonLinux 2 x86_64",
"ami_name": "salt-project/ci/amazonlinux/2/x86_64/20230124.1205",
"ami_name": "salt-project/ci/amazonlinux/2/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -30,9 +30,9 @@
"ssh_username": "ec2-user"
},
"archlinux-lts": {
"ami": "ami-06add6fca560d2eb4",
"ami": "ami-01bef72c85cb42b49",
"ami_description": "CI Image of ArchLinux lts x86_64",
"ami_name": "salt-project/ci/archlinux/lts/x86_64/20230124.1205",
"ami_name": "salt-project/ci/archlinux/lts/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "false",
"instance_type": "t3a.large",
@ -40,9 +40,9 @@
"ssh_username": "arch"
},
"centos-7": {
"ami": "ami-0ebd831e01bac517e",
"ami": "ami-000e0bb0e3e3e3eb9",
"ami_description": "CI Image of CentOS 7 x86_64",
"ami_name": "salt-project/ci/centos/7/x86_64/20230124.1205",
"ami_name": "salt-project/ci/centos/7/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -50,9 +50,9 @@
"ssh_username": "centos"
},
"centosstream-8": {
"ami": "ami-0bcdc694f4891301b",
"ami": "ami-0ccaa4d2c0668ea49",
"ami_description": "CI Image of CentOSStream 8 x86_64",
"ami_name": "salt-project/ci/centosstream/8/x86_64/20230124.1205",
"ami_name": "salt-project/ci/centosstream/8/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -60,9 +60,9 @@
"ssh_username": "cloud-user"
},
"centosstream-9": {
"ami": "ami-0fb16e7ca51a4a2ce",
"ami": "ami-061b4deba22f2e193",
"ami_description": "CI Image of CentOSStream 9 x86_64",
"ami_name": "salt-project/ci/centosstream/9/x86_64/20230124.1205",
"ami_name": "salt-project/ci/centosstream/9/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -70,9 +70,9 @@
"ssh_username": "ec2-user"
},
"debian-10": {
"ami": "ami-0921776a91e318079",
"ami": "ami-0d283b7f523dc79a1",
"ami_description": "CI Image of Debian 10 x86_64",
"ami_name": "salt-project/ci/debian/10/x86_64/20230124.1205",
"ami_name": "salt-project/ci/debian/10/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -80,9 +80,9 @@
"ssh_username": "admin"
},
"debian-11-arm64": {
"ami": "ami-0cee49983fb18e3c6",
"ami": "ami-04e4cf9e06c8507fd",
"ami_description": "CI Image of Debian 11 arm64",
"ami_name": "salt-project/ci/debian/11/arm64/20230124.1205",
"ami_name": "salt-project/ci/debian/11/arm64/20230204.1612",
"arch": "arm64",
"cloudwatch-agent-available": "false",
"instance_type": "m6g.large",
@ -90,9 +90,9 @@
"ssh_username": "admin"
},
"debian-11": {
"ami": "ami-0254b7daa13b2e771",
"ami": "ami-0bdd4ad44797176d5",
"ami_description": "CI Image of Debian 11 x86_64",
"ami_name": "salt-project/ci/debian/11/x86_64/20230124.1205",
"ami_name": "salt-project/ci/debian/11/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -100,9 +100,9 @@
"ssh_username": "admin"
},
"fedora-36": {
"ami": "ami-02b765791005ea7a9",
"ami": "ami-0f5ebcd96a626bb0b",
"ami_description": "CI Image of Fedora 36 x86_64",
"ami_name": "salt-project/ci/fedora/36/x86_64/20230124.1205",
"ami_name": "salt-project/ci/fedora/36/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -110,9 +110,9 @@
"ssh_username": "fedora"
},
"opensuse-15": {
"ami": "ami-054f02d7bdc81a344",
"ami": "ami-0f082f48aaf8d7025",
"ami_description": "CI Image of Opensuse 15 x86_64",
"ami_name": "salt-project/ci/opensuse/15/x86_64/20230124.1205",
"ami_name": "salt-project/ci/opensuse/15/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -120,9 +120,9 @@
"ssh_username": "ec2-user"
},
"photonos-3": {
"ami": "ami-0339c0cccf30b6ffb",
"ami": "ami-0796b16d4f04f5f39",
"ami_description": "CI Image of PhotonOS 3 x86_64",
"ami_name": "salt-project/ci/photonos/3/x86_64/20230124.1204",
"ami_name": "salt-project/ci/photonos/3/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -130,9 +130,9 @@
"ssh_username": "root"
},
"photonos-4": {
"ami": "ami-0ce4f660efb81cbb6",
"ami": "ami-0c9b8fd4721434fe2",
"ami_description": "CI Image of PhotonOS 4 x86_64",
"ami_name": "salt-project/ci/photonos/4/x86_64/20230124.1205",
"ami_name": "salt-project/ci/photonos/4/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -140,9 +140,9 @@
"ssh_username": "root"
},
"ubuntu-18.04": {
"ami": "ami-04aff0098ebd2e3f2",
"ami": "ami-025d583cda1198992",
"ami_description": "CI Image of Ubuntu 18.04 x86_64",
"ami_name": "salt-project/ci/ubuntu/18.04/x86_64/20230124.1205",
"ami_name": "salt-project/ci/ubuntu/18.04/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -150,9 +150,9 @@
"ssh_username": "ubuntu"
},
"ubuntu-20.04-arm64": {
"ami": "ami-0a910a24b6179c172",
"ami": "ami-0274b3bc5e9f97e25",
"ami_description": "CI Image of Ubuntu 20.04 arm64",
"ami_name": "salt-project/ci/ubuntu/20.04/arm64/20230124.1205",
"ami_name": "salt-project/ci/ubuntu/20.04/arm64/20230204.1612",
"arch": "arm64",
"cloudwatch-agent-available": "true",
"instance_type": "m6g.large",
@ -160,9 +160,9 @@
"ssh_username": "ubuntu"
},
"ubuntu-20.04": {
"ami": "ami-05cd617cfcc4c2e2d",
"ami": "ami-09721ea22726563cd",
"ami_description": "CI Image of Ubuntu 20.04 x86_64",
"ami_name": "salt-project/ci/ubuntu/20.04/x86_64/20230124.1205",
"ami_name": "salt-project/ci/ubuntu/20.04/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -170,9 +170,9 @@
"ssh_username": "ubuntu"
},
"ubuntu-22.04-arm64": {
"ami": "ami-0414bc0dc4e151967",
"ami": "ami-023c955ff71745dd3",
"ami_description": "CI Image of Ubuntu 22.04 arm64",
"ami_name": "salt-project/ci/ubuntu/22.04/arm64/20230124.1205",
"ami_name": "salt-project/ci/ubuntu/22.04/arm64/20230204.1612",
"arch": "arm64",
"cloudwatch-agent-available": "true",
"instance_type": "m6g.large",
@ -180,9 +180,9 @@
"ssh_username": "ubuntu"
},
"ubuntu-22.04": {
"ami": "ami-04098f5c44c12ffc5",
"ami": "ami-007efe8c00884373a",
"ami_description": "CI Image of Ubuntu 22.04 x86_64",
"ami_name": "salt-project/ci/ubuntu/22.04/x86_64/20230124.1205",
"ami_name": "salt-project/ci/ubuntu/22.04/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.large",
@ -190,9 +190,9 @@
"ssh_username": "ubuntu"
},
"windows-2016": {
"ami": "ami-0b4c01a38d46cd809",
"ami": "ami-0578169cd1e58e660",
"ami_description": "CI Image of Windows 2016 x86_64",
"ami_name": "salt-project/ci/windows/2016/x86_64/20230124.1205",
"ami_name": "salt-project/ci/windows/2016/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.xlarge",
@ -200,9 +200,9 @@
"ssh_username": "Administrator"
},
"windows-2019": {
"ami": "ami-033defff9aa227eb3",
"ami": "ami-0cfdf16ad0f616c61",
"ami_description": "CI Image of Windows 2019 x86_64",
"ami_name": "salt-project/ci/windows/2019/x86_64/20230124.1205",
"ami_name": "salt-project/ci/windows/2019/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.xlarge",
@ -210,13 +210,13 @@
"ssh_username": "Administrator"
},
"windows-2022": {
"ami": "ami-01b8005f68b79a901",
"ami": "ami-0c9a536790bcb1293",
"ami_description": "CI Image of Windows 2022 x86_64",
"ami_name": "salt-project/ci/windows/2022/x86_64/20230124.1205",
"ami_name": "salt-project/ci/windows/2022/x86_64/20230204.1612",
"arch": "x86_64",
"cloudwatch-agent-available": "true",
"instance_type": "t3a.xlarge",
"is_windows": "true",
"ssh_username": "Administrator"
}
}
}

6
cicd/jenkins/pr-docs
View file

@ -1,6 +0,0 @@
@Library('salt@master-1.11') _
runDocs(
env: env)
// vim: ft=groovy

1
cicd/kitchen_template.yml
View file

@ -47,4 +47,3 @@
- artifacts/
- .kitchen/
expire_in: 6 months

1
conf/roster
View file

@ -6,4 +6,3 @@
# sudo: True # Whether to sudo to root, not enabled by default
#web2:
# host: 192.168.42.2

8
conf/suse/master
View file

@ -538,8 +538,8 @@ syndic_user: salt
# variable_end_string: '}}'
# comment_start_string: '{#'
# comment_end_string: '#}'
# line_statement_prefix:
# line_comment_prefix:
# line_statement_prefix:
# line_comment_prefix:
# trim_blocks: False
# lstrip_blocks: False
# newline_sequence: '\n'
@ -553,8 +553,8 @@ syndic_user: salt
# variable_end_string: '}}'
# comment_start_string: '{#'
# comment_end_string: '#}'
# line_statement_prefix:
# line_comment_prefix:
# line_statement_prefix:
# line_comment_prefix:
# trim_blocks: False
# lstrip_blocks: False
# newline_sequence: '\n'

2
doc/_incl/extend_with_require_watch.rst
View file

@ -1,4 +1,4 @@
.. admonition:: Using extend with require or watch
The ``extend`` statement works differently for ``require`` or ``watch``.
It appends to, rather than replacing the requisite component.
It appends to, rather than replacing the requisite component.

2
doc/_incl/grains_passwords.rst
View file

@ -3,4 +3,4 @@
Grains can be set by users that have access to the minion configuration files on
the local system, making them less secure than other identifiers in Salt. Avoid
storing sensitive data, such as passwords or keys, on minions. Instead, make
use of :ref:`pillar` and/or :ref:`sdb`.
use of :ref:`pillar` and/or :ref:`sdb`.

2
doc/_incl/jinja_security.rst
View file

@ -3,4 +3,4 @@
:ref:`Jinja <understanding-jinja>` supports a `secure, sandboxed template execution environment
<https://jinja.palletsprojects.com/en/2.11.x/sandbox/>`__ that Salt
takes advantage of. Other text :ref:`renderers` do not support this
functionality, so Salt highly recommends usage of ``jinja`` / ``jinja|yaml``.
functionality, so Salt highly recommends usage of ``jinja`` / ``jinja|yaml``.

6
doc/_incl/requisite_incl.rst
View file

@ -1,10 +1,10 @@
**Before continuing** make sure you have a working Salt installation by
following the instructions in the
following the instructions in the
`Salt install guide <https://docs.saltproject.io/salt/install-guide/en/latest/>`_.
.. admonition:: Stuck?
The Salt Project community can help offer advice and help troubleshoot
The Salt Project community can help offer advice and help troubleshoot
technical issues as you're learning about Salt. One of the best places to
talk to the community is on the
talk to the community is on the
`Salt Project Slack workspace <https://saltstackcommunity.slack.com/>`_.

2
doc/_templates/autosummary.rst.tmpl vendored
View file

@ -3,4 +3,4 @@
{{ underline }}
.. automodule:: {{ fullname }}
:members:
:members:

1
doc/cheatsheet/salt.tex
View file

@ -283,4 +283,3 @@ vm.swappiness:
\end{multicols}
\end{document}

5
doc/conf.py
View file

@ -169,7 +169,10 @@ autosummary_generate = True
autosummary_generate_overwrite = False
# In case building docs throws import errors, please add the top level package name below
autodoc_mock_imports = []
autodoc_mock_imports = [
"cherrypy",
"xmltodict",
]
# strip git rev as there won't necessarily be a release based on it
stripped_release = re.sub(r"-\d+-g[0-9a-f]+$", "", release)

1
doc/gen_gource
View file

@ -4,4 +4,3 @@
#
#
gource -1280x720 -s 0.5 --stop-at-end --hide filenames --highlight-all-users --file-filter po -a 5 --camera-mode overview --disable-progress --disable-bloom --output-ppm-stream - --output-framerate 30 -o - | ffmpeg -y -r 60 -f image2pipe -vcodec ppm -i - -vcodec libvpx -b 10000K gource.webm

3
doc/glossary.rst
View file

@ -99,7 +99,7 @@ Glossary
<salt.runners.jobs>`.
Job Cache
A storage location for job results, which may then be queried by a
A storage location for job results, which may then be queried by a
salt runner or an external system. May be local to a salt master
or stored externally.
@ -272,4 +272,3 @@ Glossary
A master process which can send notices and receive replies from
minions. *See also*:
:conf_master:`worker_threads`.

1376
doc/man/salt.7
View file

File diff suppressed because it is too large Load diff

2
doc/ref/auth/all/salt.auth.auto.rst
View file

@ -2,4 +2,4 @@ salt.auth.auto
==============
.. automodule:: salt.auth.auto
:members:
:members:

2
doc/ref/auth/all/salt.auth.django.rst
View file

@ -2,4 +2,4 @@ salt.auth.django
================
.. automodule:: salt.auth.django
:members:
:members:

2
doc/ref/auth/all/salt.auth.keystone.rst
View file

@ -2,4 +2,4 @@ salt.auth.keystone
==================
.. automodule:: salt.auth.keystone
:members:
:members:

2
doc/ref/auth/all/salt.auth.ldap.rst
View file

@ -2,4 +2,4 @@ salt.auth.ldap
==============
.. automodule:: salt.auth.ldap
:members:
:members:

2
doc/ref/auth/all/salt.auth.mysql.rst
View file

@ -2,4 +2,4 @@ salt.auth.mysql
===============
.. automodule:: salt.auth.mysql
:members:
:members:

2
doc/ref/auth/all/salt.auth.pam.rst
View file

@ -2,4 +2,4 @@ salt.auth.pam
=============
.. automodule:: salt.auth.pam
:members:
:members:

2
doc/ref/auth/all/salt.auth.pki.rst
View file

@ -2,4 +2,4 @@ salt.auth.pki
=============
.. automodule:: salt.auth.pki
:members:
:members:

2
doc/ref/auth/all/salt.auth.sharedsecret.rst
View file

@ -2,4 +2,4 @@ salt.auth.sharedsecret
======================
.. automodule:: salt.auth.sharedsecret
:members:
:members:

2
doc/ref/auth/all/salt.auth.yubico.rst
View file

@ -2,4 +2,4 @@ salt.auth.yubico
================
.. automodule:: salt.auth.yubico
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.btmp.rst
View file

@ -2,4 +2,4 @@ salt.beacons.btmp
=================
.. automodule:: salt.beacons.btmp
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.diskusage.rst
View file

@ -2,4 +2,4 @@ salt.beacons.diskusage
======================
.. automodule:: salt.beacons.diskusage
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.inotify.rst
View file

@ -2,4 +2,4 @@ salt.beacons.inotify
====================
.. automodule:: salt.beacons.inotify
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.journald.rst
View file

@ -2,4 +2,4 @@ salt.beacons.journald
=====================
.. automodule:: salt.beacons.journald
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.load.rst
View file

@ -2,4 +2,4 @@ salt.beacons.load
=================
.. automodule:: salt.beacons.load
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.network_info.rst
View file

@ -2,4 +2,4 @@ salt.beacons.network_info
=========================
.. automodule:: salt.beacons.network_info
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.pkg.rst
View file

@ -2,4 +2,4 @@ salt.beacons.pkg
================
.. automodule:: salt.beacons.pkg
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.salt_monitor.rst
View file

@ -3,4 +3,4 @@ salt.beacons.salt_monitor
=========================
.. automodule:: salt.beacons.salt_monitor
:members:
:members:

10
doc/ref/beacons/all/salt.beacons.sensehat.rst
View file

@ -1,5 +1,5 @@
salt.beacons.sensehat module
============================
.. automodule:: salt.beacons.sensehat
:members:
salt.beacons.sensehat module
============================
.. automodule:: salt.beacons.sensehat
:members:

2
doc/ref/beacons/all/salt.beacons.service.rst
View file

@ -2,4 +2,4 @@ salt.beacons.service
====================
.. automodule:: salt.beacons.service
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.sh.rst
View file

@ -2,4 +2,4 @@ salt.beacons.sh
===============
.. automodule:: salt.beacons.sh
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.twilio_txt_msg.rst
View file

@ -2,4 +2,4 @@ salt.beacons.twilio_txt_msg
===========================
.. automodule:: salt.beacons.twilio_txt_msg
:members:
:members:

2
doc/ref/beacons/all/salt.beacons.wtmp.rst
View file

@ -2,4 +2,4 @@ salt.beacons.wtmp
=================
.. automodule:: salt.beacons.wtmp
:members:
:members:

2
doc/ref/cli/_includes/common-options.rst
View file

@ -14,4 +14,4 @@
The location of the Salt configuration directory. This directory contains
the configuration files for Salt master and minions. The default location
on most systems is ``/etc/salt``.
on most systems is ``/etc/salt``.

2
doc/ref/cli/_includes/daemon-options.rst
View file

@ -8,4 +8,4 @@
.. option:: --pid-file PIDFILE
Specify the location of the pidfile. Default: /var/run/|salt-daemon|.pid
Specify the location of the pidfile. Default: /var/run/|salt-daemon|.pid

2
doc/ref/cli/_includes/extended-target-selection.rst
View file

@ -14,4 +14,4 @@
.. option:: -S, --ipcidr
Match based on Subnet (CIDR notation) or IPv4 address.
Match based on Subnet (CIDR notation) or IPv4 address.

2
doc/ref/cli/_includes/logging-options.rst
View file

@ -19,4 +19,4 @@ Logging options which override any settings defined on the configuration files.
Logfile logging log level. One of ``all``, ``garbage``, ``trace``,
``debug``, ``info``, ``warning``, ``error``, ``quiet``. Default:
|loglevel|.
|loglevel|.

1
doc/ref/cli/_includes/target-selection-ssh.rst
View file

@ -8,4 +8,3 @@ minion id. See https://docs.python.org/3/library/fnmatch.html#module-fnmatch.
The target expression will be interpreted as a PCRE regular expression
rather than a shell glob.

2
doc/ref/cli/_includes/timeout-option.rst
View file

@ -2,4 +2,4 @@
The timeout in seconds to wait for replies from the Salt minions. The
timeout number specifies how long the command line client will wait to
query the minions and check on running jobs. Default: |timeout|
query the minions and check on running jobs. Default: |timeout|

2
doc/ref/cli/salt-api.rst
View file

@ -40,4 +40,4 @@ See also
:manpage:`salt-api(7)`
:manpage:`salt(7)`
:manpage:`salt-master(1)`
:manpage:`salt-master(1)`

Some files were not shown because too many files have changed in this diff Show more