saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-16 09:40:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'upstream/master' into set_enable_fqdns_grains_false

Browse source
This commit is contained in:
Gareth J. Greenaway 2023-01-31 10:52:52 -08:00
commit c468546ecd
No known key found for this signature in database
GPG key ID: 10B62F8A7CAD7A41
62 changed files with 2949 additions and 704 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
.github/actionlint.yaml vendored Normal file
View file

@ -0,0 +1,7 @@
self-hosted-runner:
# Labels of self-hosted runner in array of string
labels:
- bastion
- x86_64
- arm64
- aarch64

10
.github/actions/build-onedir-deps/action.yml vendored
View file

@ -20,6 +20,13 @@ inputs:
type: string
description: Seed used to invalidate caches
env:
COLUMNS: 160
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
@ -52,9 +59,6 @@ runs:
fi
- name: Install Salt Onedir Package Dependencies
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
shell: bash
run: |
if [ "${{ inputs.platform }}" != "windows" ]; then

13
.github/actions/build-onedir-salt/action.yml vendored
View file

@ -20,6 +20,13 @@ inputs:
type: string
description: Seed used to invalidate caches
env:
COLUMNS: 160
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
@ -40,8 +47,6 @@ runs:
- name: Install Salt Into Onedir
if: ${{ inputs.platform != 'windows' }}
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
USE_STATIC_REQUIREMENTS: "1"
RELENV_PIP_DIR: "1"
shell: bash
@ -57,8 +62,6 @@ runs:
- name: Install Salt Into Onedir (Windows)
if: ${{ inputs.platform == 'windows' }}
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
USE_STATIC_REQUIREMENTS: "1"
shell: powershell
run: |
@ -96,6 +99,7 @@ runs:
name: ${{ inputs.package-name }}-${{ env.SALT_VERSION }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz
path: artifacts/${{ inputs.package-name }}-${{ env.SALT_VERSION }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz*
retention-days: 7
if-no-files-found: error
- name: Upload Onedir Zipfile as an Artifact
if: ${{ inputs.platform == 'windows' }}
@ -104,3 +108,4 @@ runs:
name: ${{ inputs.package-name }}-${{ env.SALT_VERSION }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.zip
path: artifacts/${{ inputs.package-name }}-${{ env.SALT_VERSION }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.zip*
retention-days: 7
if-no-files-found: error

27
.github/actions/build-source-tarball/action.yml vendored
View file

@ -2,12 +2,23 @@
name: build-source-tarball
description: Build Source Tarball
inputs:
salt-version:
type: string
required: true
description: The Salt version to set prior to building the tarball.
nox-version:
required: false
type: string
description: The version of Nox to install
default: "2022.8.7"
env:
COLUMNS: 160
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
@ -18,6 +29,17 @@ runs:
run: |
nox --version || python3 -m pip install nox==${{ inputs.nox-version }}
- name: Download Release Changes
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
- name: Apply release changes
shell: bash
run: |
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
- name: Create Source Tarball
shell: bash
run: |
@ -26,11 +48,12 @@ runs:
- name: Create Hash Files
shell: bash
run: |
tools pkg generate-hashes dist/salt-${{ env.SALT_VERSION }}.tar.gz
tools pkg generate-hashes dist/salt-${{ inputs.salt-version }}.tar.gz
- name: Upload Source Tarball as an Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ env.SALT_VERSION }}.tar.gz
name: salt-${{ inputs.salt-version }}.tar.gz
path: dist/salt-*.tar.gz*
retention-days: 7
if-no-files-found: error

29
.github/actions/setup-actionlint/action.yml vendored Normal file
View file

@ -0,0 +1,29 @@
---
name: setup-actionlint
description: Setup actionlint
inputs:
version:
description: The version of actionlint
default: v1.6.23
runs:
using: composite
steps:
- name: Cache actionlint Binary
uses: actions/cache@v3
with:
path: /usr/local/bin/actionlint
key: ${{ runner.os }}-${{ runner.arch }}-actionlint-${{ inputs.version }}
- name: Setup actionlint
shell: bash
run: |
if ! command -v actionlint; then
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/${{ inputs.version }}/scripts/download-actionlint.bash)
mv ./actionlint /usr/local/bin/actionlint
fi
- name: Show actionlint Version
shell: bash
run: |
actionlint --version

9
.github/actions/setup-python-tools-scripts/action.yml vendored
View file

@ -2,6 +2,12 @@
name: setup-python-tools-scripts
description: Setup 'python-tools-scripts'
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite
@ -9,9 +15,6 @@ runs:
- name: Install 'python-tools-scripts'
shell: bash
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
PY_VERSION=$(python3 -c "import sys; sys.stdout.write('{}.{}'.format(*sys.version_info))")
python3 -m pip install -r requirements/static/ci/py${PY_VERSION}/tools.txt

6
.github/actions/setup-relenv/action.yml vendored
View file

@ -15,6 +15,12 @@ inputs:
type: string
description: Seed used to invalidate caches
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
runs:
using: composite

3
.github/actions/setup-salt-version/action.yml vendored
View file

@ -17,6 +17,9 @@ outputs:
value: ${{ steps.setup-salt-version.outputs.salt-version }}
description: The Salt version written to `salt/_version.txt`
env:
COLUMNS: 160
runs:
using: composite

31
.github/actions/setup-shellcheck/action.yml vendored Normal file
View file

@ -0,0 +1,31 @@
---
name: setup-shellcheck
description: Setup shellcheck
inputs:
version:
description: The version of shellcheck
default: v0.9.0
runs:
using: composite
steps:
- name: Cache shellcheck Binary
uses: actions/cache@v3
with:
path: /usr/local/bin/shellcheck
key: ${{ runner.os }}-${{ runner.arch }}-shellcheck-${{ inputs.version }}
- name: Setup shellcheck
shell: bash
run: |
if ! command -v shellcheck; then
wget https://github.com/koalaman/shellcheck/releases/download/${{ inputs.version }}/shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz
tar xf shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz
mv shellcheck-${{ inputs.version }}/shellcheck /usr/local/bin/shellcheck
rm -rf shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz shellcheck-${{ inputs.version }}
fi
- name: Show shellcheck Version
shell: bash
run: |
shellcheck --version

44
.github/workflows/build-deb-packages.yml vendored
View file

@ -29,46 +29,50 @@ jobs:
steps:
- uses: actions/checkout@v3
with:
path: build-deb-pkg
path:
pkgs/checkout/
- name: Download Onedir Tarball as an Artifact
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz
path: build-deb-pkg/artifacts/
path: pkgs/checkout/artifacts/
- name: Download System Dependencies
run: |
apt update
apt install -y python3 python3-venv build-essential devscripts debhelper bash-completion
apt install -y python3 python3-venv python3-pip build-essential devscripts debhelper bash-completion git
- name: Download Release Changes
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
path: pkgs/checkout/
- name: Apply release changes
shell: bash
run: |
cd pkgs/checkout/
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
- name: Build Deb
env:
SALT_ONEDIR_ARCHIVE: "${{ github.workspace }}/build-deb-pkg/artifacts/salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz"
SALT_ONEDIR_ARCHIVE: "${{ github.workspace }}/pkgs/checkout/artifacts/salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz"
run: |
cd build-deb-pkg
cd pkgs/checkout/
echo "${{ inputs.salt-version }}" > salt/_version.txt
ln -sf pkg/debian/ .
sed -i 's/SALT_RELEASE_VERSION/${{ inputs.salt-version }}/g' debian/changelog
debuild -e SALT_ONEDIR_ARCHIVE -uc -us
- name: Cleanup
run: |
rm -rf pkgs/checkout/
- name: Upload DEBs
uses: actions/upload-artifact@v3
with:
name: salt-${{ matrix.arch }}-debs
path: ${{ github.workspace }}/*.deb
path: ${{ github.workspace }}/pkgs/*
retention-days: 7
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-linux-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

40
.github/workflows/build-deps-onedir.yml vendored
View file

@ -53,19 +53,6 @@ jobs:
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-linux-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
build-deps-windows:
name: Windows
@ -103,19 +90,6 @@ jobs:
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-windows-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
build-deps-macos:
name: macOS
@ -151,17 +125,3 @@ jobs:
platform: darwin
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-macos-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

15
.github/workflows/build-macos-packages.yml vendored
View file

@ -60,18 +60,5 @@ jobs:
with:
name: macOS ${{ matrix.arch }} Package
path: pkg/macos/*unsigned.pkg
if-no-files-found: error
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
retention-days: 7
if-no-files-found: error

38
.github/workflows/build-rpm-packages.yml vendored
View file

@ -8,6 +8,9 @@ on:
required: true
description: The Salt version to set prior to building packages.
env:
COLUMNS: 160
jobs:
build:
name: RPM
@ -29,24 +32,36 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: Download Release Changes
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
- name: Download System Dependencies
run: |
yum -y update
yum -y install python3 python3-pip openssl git rpmdevtools rpmlint systemd-units libxcrypt-compat git
- name: Download Onedir Tarball as an Artifact
uses: actions/download-artifact@v3
with:
name: salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz
path: artifacts/
- name: Download System Dependencies
- name: Apply release changes
shell: bash
run: |
yum -y update
yum -y install python3 python3-pip openssl git rpmdevtools rpmlint systemd-units libxcrypt-compat
git apply salt-${{ inputs.salt-version }}.diff
rm salt-${{ inputs.salt-version }}.diff
- name: Build RPM
env:
SALT_ONEDIR_ARCHIVE: "${{ github.workspace }}/artifacts/salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz"
run: |
echo "${{ inputs.salt-version }}" > salt/_version.txt
sed -i 's/^Version: \(.*\)$/Version: ${{ inputs.salt-version }}/g' pkg/rpm/salt.spec
rpmbuild -bb --define="_salt_src $(pwd)" $(pwd)/pkg/rpm/salt.spec
rpmbuild -bb --define="_salt_src $(pwd)" "$(pwd)/pkg/rpm/salt.spec"
- name: Upload RPMs
uses: actions/upload-artifact@v3
@ -54,17 +69,4 @@ jobs:
name: salt-${{ matrix.arch }}-rpms
path: ~/rpmbuild/RPMS/${{ matrix.arch }}/*.rpm
retention-days: 7
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-linux-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

40
.github/workflows/build-salt-onedir.yml vendored
View file

@ -60,19 +60,6 @@ jobs:
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-linux-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
build-salt-windows:
name: Windows
@ -115,19 +102,6 @@ jobs:
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-windows-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
build-salt-macos:
name: macOS
@ -167,17 +141,3 @@ jobs:
platform: darwin
arch: ${{ matrix.arch }}
cache-seed: ${{ inputs.cache-seed }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-macos-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

16
.github/workflows/build-windows-packages.yml vendored
View file

@ -57,6 +57,7 @@ jobs:
with:
name: Windows ${{ matrix.arch }} NSIS Package
path: pkg/windows/build/Salt-*.exe
retention-days: 7
if-no-files-found: error
- name: Upload ${{ matrix.arch }} MSI Package
@ -64,18 +65,5 @@ jobs:
with:
name: Windows ${{ matrix.arch }} MSI Package
path: pkg/windows/build/Salt-*.msi
if-no-files-found: error
- name: Set Exit Status
if: always()
run: |
py -3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ matrix.arch }}
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
retention-days: 7
if-no-files-found: error

411
.github/workflows/ci.yml vendored
View file

@ -1,28 +1,10 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '.github/workflows/templates/ci.yml.j2'
---
name: CI
on:
push: {}
pull_request: {}
schedule:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
- cron: '0 */8 * * *' # Run every 8 hours
workflow_dispatch:
inputs:
salt-version:
type: string
default: ""
description: >
The Salt version to set prior to running tests or building packages.
If not set, it is discover at run time, like, for example, capturing
the output of running `python3 salt/version.py`
testrun-type:
description: Type of test run
required: true
default: 'full'
type: choice
options:
- full
- changed
env:
COLUMNS: 160
@ -38,12 +20,12 @@ concurrency:
# not cancel previous builds.
# However, for every new build against the same pull request source branch,
# all older builds against that same branch get canceled.
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
prepare-ci:
name: Prepare CI
prepare-workflow:
name: Prepare Workflow Run
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
@ -134,7 +116,7 @@ jobs:
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ inputs.salt-version }}"
salt-version: ""
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
@ -192,52 +174,49 @@ jobs:
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
- name: Set Exit Status
if: always()
run: |
mkdir exitstatus
echo "${{ job.status }}" > exitstatus/${{ github.job }}-prepare-ci
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
pre-commit:
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-ci
- prepare-workflow
with:
changed-files: ${{ needs.prepare-ci.outputs.changed-files }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
name: Build Docs
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-ci
- prepare-workflow
with:
changed-files: ${{ needs.prepare-ci.outputs.changed-files }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
lint:
name: Lint
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-ci
- prepare-workflow
with:
changed-files: ${{ needs.prepare-ci.outputs.changed-files }}
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- prepare-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
@ -254,69 +233,56 @@ jobs:
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Build Source Tarball
uses: ./.github/actions/build-source-tarball
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-source-tarball
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-deps-onedir:
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-salt-onedir:
name: Build Salt Onedir
needs:
- prepare-ci
- prepare-workflow
- build-deps-onedir
- build-source-tarball
uses: ./.github/workflows/build-salt-onedir.yml
with:
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-pkgs:
name: Build Salt Packages
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
windows-2016:
name: Windows 2016
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -324,15 +290,15 @@ jobs:
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2019:
name: Windows 2019
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -340,15 +306,15 @@ jobs:
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2022:
name: Windows 2022
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -356,15 +322,15 @@ jobs:
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
macos-12:
name: macOS 12
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['github-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action-macos.yml
with:
@ -372,15 +338,15 @@ jobs:
nox-session: ci-test-onedir
platform: darwin
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-8:
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -388,15 +354,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-9:
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -404,15 +370,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
amazonlinux-2:
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -420,15 +386,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
archlinux-lts:
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -436,15 +402,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centos-7:
name: CentOS 7
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -452,15 +418,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-8:
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -468,15 +434,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-9:
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -484,15 +450,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-10:
name: Debian 10
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -500,15 +466,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11:
name: Debian 11
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -516,15 +482,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11-arm64:
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -532,15 +498,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
fedora-36:
name: Fedora 36
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -548,15 +514,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
opensuse-15:
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -564,15 +530,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photon-3:
photonos-3:
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -580,15 +546,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photon-4:
photonos-4:
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -596,15 +562,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-1804:
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -612,15 +578,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004:
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -628,15 +594,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004-arm64:
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -644,15 +610,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204:
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -660,15 +626,15 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204-arm64:
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-ci.outputs.jobs)['self-hosted-runners'] }}
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-ci
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
@ -676,23 +642,28 @@ jobs:
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-ci.outputs.testrun }}
salt-version: "${{ needs.prepare-ci.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-ci.outputs.cache-seed }}
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
set-pipeline-exit-status:
# This step is just so we can make github require this step, to pass checks
# on a pull request instead of requiring all
name: Set the ${{ github.workflow }} Pipeline Exit Status
runs-on: ubuntu-latest
if: always()
runs-on: ubuntu-latest
needs:
- prepare-workflow
- pre-commit
- docs
- lint
- build-deps-onedir
- build-salt-onedir
- build-pkgs
- windows-2016
- windows-2019
- windows-2022
- macos-12
- almalinux-8
- almalinux-9
- amazonlinux-2
@ -705,38 +676,28 @@ jobs:
- debian-11-arm64
- fedora-36
- opensuse-15
- photon-3
- photon-4
- photonos-3
- photonos-4
- ubuntu-1804
- ubuntu-2004
- ubuntu-2004-arm64
- ubuntu-2204
- ubuntu-2204-arm64
- windows-2016
- windows-2019
- windows-2022
- macos-12
steps:
- name: Download Exit Status Files
if: always()
uses: actions/download-artifact@v3
with:
name: exitstatus
path: exitstatus
- name: Get workflow information
id: get-workflow-info
uses: technote-space/workflow-conclusion-action@v3
- name: Delete Exit Status Artifacts
if: always()
uses: geekyeggo/delete-artifact@v2
with:
name: exitstatus
failOnError: false
- name: Set Pipeline Exit Status
shell: bash
run: |
if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then
exit 1
else
exit 0
fi
- name: Set Pipeline Exit Status
run: |
tree exitstatus
grep -RE 'failure|cancelled' exitstatus/ && exit 1 || exit 0
- name: Done
if: always()
run:
echo "All worflows finished"
- name: Done
if: always()
run:
echo "All worflows finished"

42
.github/workflows/docs-action.yml vendored
View file

@ -8,6 +8,12 @@ on:
type: string
description: JSON string containing information about changed files
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
Salt:
name: Build Salt Documentation
@ -30,15 +36,11 @@ jobs:
fetch-depth: 0
- name: Install Nox
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run:
nox --install-only --forcecolor -e 'docs-html(compress=False, clean=True)'
@ -55,20 +57,6 @@ jobs:
path: doc/_build/html
if-no-files-found: error
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-docs-html
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
Manpages:
name: Build Salt man Pages
runs-on: ubuntu-latest
@ -89,16 +77,12 @@ jobs:
- name: Install Nox
if: ${{ github.event_name == 'push' || fromJSON(inputs.changed-files)['docs'] }}
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
if: github.event_name == 'push' || fromJSON(inputs.changed-files)['docs']
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run:
nox --install-only --forcecolor -e 'docs-man(compress=False, update=False, clean=True)'
@ -116,17 +100,3 @@ jobs:
name: salt-man-pages
path: doc/_build/man
if-no-files-found: error
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-docs-man
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

43
.github/workflows/lint-action.yml vendored
View file

@ -8,6 +8,12 @@ on:
type: string
description: JSON string containing information about changed files
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
Salt:
name: Lint Salt's Source Code
@ -28,15 +34,11 @@ jobs:
- uses: actions/checkout@v3
- name: Install Nox
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run:
nox --install-only --forcecolor -e lint-salt
@ -54,24 +56,11 @@ jobs:
run: |
nox --forcecolor -e lint-salt
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-lint-salt
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
Tests:
name: Lint Salt's Test Suite
runs-on: ubuntu-latest
if: ${{ fromJSON(inputs.changed-files)['tests'] || fromJSON(inputs.changed-files)['lint'] }}
if: ${{ github.event_name == 'push' || github.event_name == 'schedule' || fromJSON(inputs.changed-files)['tests'] || fromJSON(inputs.changed-files)['lint'] }}
container:
image: python:3.8-slim-buster
@ -87,15 +76,11 @@ jobs:
- uses: actions/checkout@v3
- name: Install Nox
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run:
nox --install-only --forcecolor -e lint-tests
@ -112,17 +97,3 @@ jobs:
SKIP_REQUIREMENTS_INSTALL: YES
run: |
nox --forcecolor -e lint-tests
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-lint-salt
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

31
.github/workflows/pre-commit-action.yml vendored
View file

@ -8,6 +8,9 @@ on:
type: string
description: JSON string containing information about changed files
env:
PRE_COMMIT_VERSION: "2.21.0"
jobs:
Pre-Commit:
name: Run Pre-Commit Against Salt
@ -15,7 +18,7 @@ jobs:
runs-on: ubuntu-latest
container:
image: python:3.8.6-slim-buster
image: python:3.10-slim-buster
steps:
@ -23,17 +26,19 @@ jobs:
run: |
echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
apt-get update
apt-get install -y enchant git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev
apt-get install -y wget curl enchant git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev
apt-get install -y git/buster-backports
- uses: actions/checkout@v3
- uses: ./.github/actions/setup-actionlint
- uses: ./.github/actions/setup-shellcheck
- name: Install Pre-Commit
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
python -m pip install --upgrade pip
pip install pre-commit
pip install wheel "pre-commit==${PRE_COMMIT_VERSION}"
pre-commit install --install-hooks
- name: Check ALL Files On Branch
@ -53,21 +58,5 @@ jobs:
- name: Check Docs On Deleted Files
if: github.event_name == 'pull_request' && fromJSON(inputs.changed-files)['deleted']
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
pre-commit run --show-diff-on-failure --color=always check-docs --files ${{ join(fromJSON(inputs.changed-files)['deleted_files'], ' ') }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-pre-commit
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

98
.github/workflows/prepare-release.yml vendored Normal file
View file

@ -0,0 +1,98 @@
name: Prepare Release
on:
workflow_call:
inputs:
salt-version:
type: string
required: true
description: The Salt version to set prior to creating the release diff.
cache-seed:
required: true
type: string
description: Seed used to invalidate caches
python-version:
required: false
type: string
default: "3.10"
env:
COLUMNS: 160
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
build:
name: Create Release Diff
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python ${{ inputs.python-version }}
uses: actions/setup-python@v4
with:
python-version: "${{ inputs.python-version }}"
- name: Cache Python Tools Virtualenvs
id: nox-dependencies-cache
uses: actions/cache@v3
with:
path: .tools-venvs/
key: ${{ inputs.cache-seed }}|${{ github.workflow }}|tools-venvs|${{ inputs.python-version }}|${{ hashFiles('requirements/**/*.txt') }}
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ inputs.salt-version }}"
- name: Update Debian changelog
shell: bash
run: |
tools changelog update-deb --draft
tools changelog update-deb
- name: Update RPM changelog
shell: bash
run: |
tools changelog update-rpm --draft
tools changelog update-rpm
- name: Update Release Notes
shell: bash
run: |
tools changelog update-release-notes --draft
tools changelog update-release-notes
- name: Generate MAN Pages
shell: bash
run: |
tools docs man
- name: Update Changelog
shell: bash
run: |
tools changelog update-changelog-md --draft
tools changelog update-changelog-md
- name: Show Changes Diff
shell: bash
run: |
git diff --color
- name: Create release changes diff
shell: bash
run: |
git diff --no-color > salt-${{ inputs.salt-version }}.diff
- name: Upload Source Tarball as an Artifact
uses: actions/upload-artifact@v3
with:
name: salt-${{ inputs.salt-version }}.diff
path: salt-${{ inputs.salt-version }}.diff
retention-days: 7
if-no-files-found: error

6
.github/workflows/release-tag.yml vendored
View file

@ -16,6 +16,12 @@ on:
description: 'Re Tag (Deletes tag and release)'
default: false
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
permissions:
contents: read

18
.github/workflows/release.yml vendored
View file

@ -15,6 +15,12 @@ on:
default: "master"
required: false
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
permissions:
contents: read
@ -44,8 +50,6 @@ jobs:
fetch-depth: 0
- name: Install Nox
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
@ -61,8 +65,6 @@ jobs:
- doc/**
- name: Install Python Requirements
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
nox --install-only --forcecolor -e 'changelog(force=True, draft=False)' -- ${{ github.event.inputs.saltVersion }}
nox --install-only --forcecolor -e 'changelog(force=False, draft=True)' -- ${{ github.event.inputs.saltVersion }}
@ -123,16 +125,12 @@ jobs:
- name: Install Nox
if: github.event.inputs.manPages == 'true'
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run: |
python -m pip install --upgrade pip
pip install nox
- name: Install Python Requirements
if: github.event.inputs.manPages == 'true'
env:
PIP_EXTRA_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
run:
nox --install-only --forcecolor -e 'docs-man(compress=False, update=True, clean=True)'
@ -176,13 +174,13 @@ jobs:
- name: Download salt-man-pages
if: github.event.inputs.manPages == 'true'
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: salt-man-pages
path: doc/man/
- name: Download salt changelog
uses: actions/download-artifact@v2
uses: actions/download-artifact@v3
with:
name: salt-changelog

701
.github/workflows/scheduled.yml vendored Normal file
View file

@ -0,0 +1,701 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '.github/workflows/templates/scheduled.yml.j2'
---
name: Scheduled
on:
schedule:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
- cron: '0 */8 * * *' # Run every 8 hours
env:
COLUMNS: 160
CACHE_SEED: SEED-4 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
permissions:
contents: read # for dorny/paths-filter to fetch a list of changed files
pull-requests: read # for dorny/paths-filter to read pull requests
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
jobs:
prepare-workflow:
name: Prepare Workflow Run
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
token: ${{ github.token }}
list-files: json
filters: |
repo:
- added|modified:
- '**'
doc-requirements:
- added|modified: &doc_requirements
- requirements/static/ci/py3.*/docs.txt
lint-requirements:
- added|modified: &lint_requirements
- requirements/static/ci/py3.*/lint.txt
pkg_requirements:
- added|modified: &pkg_requirements
- requirements/static/pkg/py3.*/darwin.txt
- requirements/static/pkg/py3.*/linux.txt
- requirements/static/pkg/py3.*/freebsd.txt
- requirements/static/pkg/py3.*/windows.txt
test_requirements:
- added|modified: &test_requirements
- requirements/static/ci/py3.*/darwin.txt
- requirements/static/ci/py3.*/linux.txt
- requirements/static/ci/py3.*/freebsd.txt
- requirements/static/ci/py3.*/windows.txt
- requirements/static/ci/py3.*/darwin-crypto.txt
- requirements/static/ci/py3.*/linux-crypto.txt
- requirements/static/ci/py3.*/freebsd-crypto.txt
- requirements/static/ci/py3.*/windows-crypto.txt
deleted:
- deleted:
- '**'
docs:
- added|modified:
- doc/**
- *doc_requirements
salt:
- added|modified: &salt_added_modified
- setup.py
- noxfile.py
- salt/**/*.py
- tasks/**/*.py
- tools/**/*.py
tests:
- added|modified: &tests_added_modified
- tests/**/*.py
lint:
- added|modified:
- .pylintrc
- *lint_requirements
golden_images:
- added|modified:
- cicd/golden-images.json
testrun:
- added|modified:
- *salt_added_modified
- *tests_added_modified
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Pretty Print The GH Actions Event
run:
tools ci print-gh-event
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: ""
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
- name: Check Collected Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'
- name: Define Testrun
id: define-testrun
run:
tools ci define-testrun ${{ github.event_name }} changed-files.json
- name: Check Defined Test Run
run:
echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.'
- name: Check Contents of generated testrun-changed-files.txt
if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }}
run:
cat testrun-changed-files.txt || true
- name: Upload testrun-changed-files.txt
if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }}
uses: actions/upload-artifact@v3
with:
name: testrun-changed-files.txt
path: testrun-changed-files.txt
- name: Set Cache Seed Output
id: set-cache-seed
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
pre-commit:
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
lint:
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
- prepare-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Build Source Tarball
uses: ./.github/actions/build-source-tarball
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-deps-onedir:
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-salt-onedir:
name: Build Salt Onedir
needs:
- prepare-workflow
- build-deps-onedir
- build-source-tarball
uses: ./.github/workflows/build-salt-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-pkgs:
name: Build Salt Packages
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
windows-2016:
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2016
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2019:
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2019
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2022:
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2022
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
macos-12:
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action-macos.yml
with:
distro-slug: macos-12
nox-session: ci-test-onedir
platform: darwin
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-8:
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: almalinux-8
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-9:
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: almalinux-9
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
amazonlinux-2:
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: amazonlinux-2
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
archlinux-lts:
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: archlinux-lts
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centos-7:
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centos-7
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-8:
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centosstream-8
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-9:
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centosstream-9
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-10:
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-10
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11:
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-11
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11-arm64:
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-11-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
fedora-36:
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: fedora-36
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
opensuse-15:
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: opensuse-15
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photonos-3:
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: photonos-3
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photonos-4:
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: photonos-4
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-1804:
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-18.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004:
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-20.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004-arm64:
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-20.04-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204:
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-22.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204-arm64:
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-22.04-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
set-pipeline-exit-status:
# This step is just so we can make github require this step, to pass checks
# on a pull request instead of requiring all
name: Set the ${{ github.workflow }} Pipeline Exit Status
if: always()
runs-on: ubuntu-latest
needs:
- prepare-workflow
- pre-commit
- docs
- lint
- build-deps-onedir
- build-salt-onedir
- build-pkgs
- windows-2016
- windows-2019
- windows-2022
- macos-12
- almalinux-8
- almalinux-9
- amazonlinux-2
- archlinux-lts
- centos-7
- centosstream-8
- centosstream-9
- debian-10
- debian-11
- debian-11-arm64
- fedora-36
- opensuse-15
- photonos-3
- photonos-4
- ubuntu-1804
- ubuntu-2004
- ubuntu-2004-arm64
- ubuntu-2204
- ubuntu-2204-arm64
steps:
- name: Get workflow information
id: get-workflow-info
uses: technote-space/workflow-conclusion-action@v3
- name: Set Pipeline Exit Status
shell: bash
run: |
if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then
exit 1
else
exit 0
fi
- name: Done
if: always()
run:
echo "All worflows finished"

512
.github/workflows/templates/ci.yml.j2 vendored Normal file
View file

@ -0,0 +1,512 @@
<%- extends 'layout.yml.j2' %>
<%- block on %>
on:
push: {}
pull_request: {}
<%- endblock on %>
<%- block jobs %>
<{- super() }>
pre-commit:
<%- do conclusion_needs.append('pre-commit') %>
name: Pre-Commit
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/pre-commit-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
docs:
<%- do conclusion_needs.append('docs') %>
name: Build Docs
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/docs-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
lint:
<%- do conclusion_needs.append('lint') %>
name: Lint
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
uses: ./.github/workflows/lint-action.yml
needs:
- prepare-workflow
with:
changed-files: ${{ needs.prepare-workflow.outputs.changed-files }}
prepare-release:
name: Prepare Release
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/prepare-release.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-source-tarball:
name: Build Source Tarball
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
- prepare-release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
- name: Build Source Tarball
uses: ./.github/actions/build-source-tarball
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
build-deps-onedir:
<%- do conclusion_needs.append('build-deps-onedir') %>
name: Build Dependencies Onedir
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
uses: ./.github/workflows/build-deps-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-salt-onedir:
<%- do conclusion_needs.append('build-salt-onedir') %>
name: Build Salt Onedir
needs:
- prepare-workflow
- build-deps-onedir
- build-source-tarball
uses: ./.github/workflows/build-salt-onedir.yml
with:
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
build-pkgs:
<%- do conclusion_needs.append('build-pkgs') %>
name: Build Salt Packages
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/build-packages.yml
with:
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
windows-2016:
<%- do conclusion_needs.append('windows-2016') %>
name: Windows 2016
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2016
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2019:
<%- do conclusion_needs.append('windows-2019') %>
name: Windows 2019
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2019
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
windows-2022:
<%- do conclusion_needs.append('windows-2022') %>
name: Windows 2022
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: windows-2022
nox-session: ci-test-onedir
platform: windows
arch: amd64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
macos-12:
<%- do conclusion_needs.append('macos-12') %>
name: macOS 12
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['github-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action-macos.yml
with:
distro-slug: macos-12
nox-session: ci-test-onedir
platform: darwin
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-8:
<%- do conclusion_needs.append('almalinux-8') %>
name: Alma Linux 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: almalinux-8
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
almalinux-9:
<%- do conclusion_needs.append('almalinux-9') %>
name: Alma Linux 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: almalinux-9
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
amazonlinux-2:
<%- do conclusion_needs.append('amazonlinux-2') %>
name: Amazon Linux 2
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: amazonlinux-2
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
archlinux-lts:
<%- do conclusion_needs.append('archlinux-lts') %>
name: Arch Linux LTS
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: archlinux-lts
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centos-7:
<%- do conclusion_needs.append('centos-7') %>
name: CentOS 7
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centos-7
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-8:
<%- do conclusion_needs.append('centosstream-8') %>
name: CentOS Stream 8
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centosstream-8
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
centosstream-9:
<%- do conclusion_needs.append('centosstream-9') %>
name: CentOS Stream 9
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: centosstream-9
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-10:
<%- do conclusion_needs.append('debian-10') %>
name: Debian 10
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-10
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11:
<%- do conclusion_needs.append('debian-11') %>
name: Debian 11
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-11
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
debian-11-arm64:
<%- do conclusion_needs.append('debian-11-arm64') %>
name: Debian 11 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: debian-11-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
fedora-36:
<%- do conclusion_needs.append('fedora-36') %>
name: Fedora 36
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: fedora-36
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
opensuse-15:
<%- do conclusion_needs.append('opensuse-15') %>
name: Opensuse 15
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: opensuse-15
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photonos-3:
<%- do conclusion_needs.append('photonos-3') %>
name: Photon OS 3
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: photonos-3
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
photonos-4:
<%- do conclusion_needs.append('photonos-4') %>
name: Photon OS 4
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: photonos-4
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-1804:
<%- do conclusion_needs.append('ubuntu-1804') %>
name: Ubuntu 18.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-18.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004:
<%- do conclusion_needs.append('ubuntu-2004') %>
name: Ubuntu 20.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-20.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2004-arm64:
<%- do conclusion_needs.append('ubuntu-2004-arm64') %>
name: Ubuntu 20.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-20.04-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204:
<%- do conclusion_needs.append('ubuntu-2204') %>
name: Ubuntu 22.04
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-22.04
nox-session: ci-test-onedir
platform: linux
arch: x86_64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
ubuntu-2204-arm64:
<%- do conclusion_needs.append('ubuntu-2204-arm64') %>
name: Ubuntu 22.04 Arm64
if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['self-hosted-runners'] }}
needs:
- prepare-workflow
- build-salt-onedir
uses: ./.github/workflows/test-action.yml
with:
distro-slug: ubuntu-22.04-arm64
nox-session: ci-test-onedir
platform: linux
arch: aarch64
testrun: ${{ needs.prepare-workflow.outputs.testrun }}
salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}"
cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }}
<%- endblock jobs %>

229
.github/workflows/templates/layout.yml.j2 vendored Normal file
View file

@ -0,0 +1,229 @@
# Do not edit these workflows directly as the changes made will be overwritten.
# Instead, edit the template '<{ template }>'
---
name: <{ workflow_name }>
<%- block on %>
on:
push: {}
pull_request: {}
<%- endblock on %>
<%- block env %>
env:
COLUMNS: 160
CACHE_SEED: SEED-4 # Bump the number to invalidate all caches
RELENV_DATA: "${{ github.workspace }}/.relenv"
<%- endblock env %>
<%- block permissions %>
permissions:
contents: read # for dorny/paths-filter to fetch a list of changed files
pull-requests: read # for dorny/paths-filter to read pull requests
<%- endblock permissions %>
<%- block concurrency %>
concurrency:
# Concurrency is defined in a way that concurrent builds against branches do
# not cancel previous builds.
# However, for every new build against the same pull request source branch,
# all older builds against that same branch get canceled.
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
<%- endblock concurrency %>
<%- block jobs %>
jobs:
<%- block prepare_workflow_job %>
<%- do conclusion_needs.append('prepare-workflow') %>
prepare-workflow:
name: Prepare Workflow Run
runs-on: ubuntu-latest
outputs:
jobs: ${{ steps.define-jobs.outputs.jobs }}
changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
testrun: ${{ steps.define-testrun.outputs.testrun }}
salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Full clone to also get the tags to get the right salt version
- name: Get Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: changed-files
uses: dorny/paths-filter@v2
with:
token: ${{ github.token }}
list-files: json
filters: |
repo:
- added|modified:
- '**'
doc-requirements:
- added|modified: &doc_requirements
- requirements/static/ci/py3.*/docs.txt
lint-requirements:
- added|modified: &lint_requirements
- requirements/static/ci/py3.*/lint.txt
pkg_requirements:
- added|modified: &pkg_requirements
- requirements/static/pkg/py3.*/darwin.txt
- requirements/static/pkg/py3.*/linux.txt
- requirements/static/pkg/py3.*/freebsd.txt
- requirements/static/pkg/py3.*/windows.txt
test_requirements:
- added|modified: &test_requirements
- requirements/static/ci/py3.*/darwin.txt
- requirements/static/ci/py3.*/linux.txt
- requirements/static/ci/py3.*/freebsd.txt
- requirements/static/ci/py3.*/windows.txt
- requirements/static/ci/py3.*/darwin-crypto.txt
- requirements/static/ci/py3.*/linux-crypto.txt
- requirements/static/ci/py3.*/freebsd-crypto.txt
- requirements/static/ci/py3.*/windows-crypto.txt
deleted:
- deleted:
- '**'
docs:
- added|modified:
- doc/**
- *doc_requirements
salt:
- added|modified: &salt_added_modified
- setup.py
- noxfile.py
- salt/**/*.py
- tasks/**/*.py
- tools/**/*.py
tests:
- added|modified: &tests_added_modified
- tests/**/*.py
lint:
- added|modified:
- .pylintrc
- *lint_requirements
golden_images:
- added|modified:
- cicd/golden-images.json
testrun:
- added|modified:
- *salt_added_modified
- *tests_added_modified
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Setup Python Tools Scripts
uses: ./.github/actions/setup-python-tools-scripts
- name: Pretty Print The GH Actions Event
run:
tools ci print-gh-event
- name: Setup Salt Version
id: setup-salt-version
uses: ./.github/actions/setup-salt-version
with:
salt-version: ""
- name: Write Changed Files To A Local File
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json
- name: Check Local Changed Files Contents
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
cat changed-files.json
- name: Process Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
id: process-changed-files
run:
tools ci process-changed-files ${{ github.event_name }} changed-files.json
- name: Check Collected Changed Files
if: ${{ github.event_name != 'schedule' && github.event_name != 'push'}}
run:
echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.'
- name: Define Jobs To Run
id: define-jobs
run:
tools ci define-jobs ${{ github.event_name }}
- name: Check Collected Jobs
run:
echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.'
- name: Define Testrun
id: define-testrun
run:
tools ci define-testrun ${{ github.event_name }} changed-files.json
- name: Check Defined Test Run
run:
echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.'
- name: Check Contents of generated testrun-changed-files.txt
if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }}
run:
cat testrun-changed-files.txt || true
- name: Upload testrun-changed-files.txt
if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }}
uses: actions/upload-artifact@v3
with:
name: testrun-changed-files.txt
path: testrun-changed-files.txt
- name: Set Cache Seed Output
id: set-cache-seed
run: |
echo "cache-seed=${{ env.CACHE_SEED }}" >> "$GITHUB_OUTPUT"
<%- endblock prepare_workflow_job %>
<%- endblock jobs %>
set-pipeline-exit-status:
# This step is just so we can make github require this step, to pass checks
# on a pull request instead of requiring all
name: Set the ${{ github.workflow }} Pipeline Exit Status
if: always()
runs-on: ubuntu-latest
needs:
<%- for need in conclusion_needs %>
- <{ need }>
<%- endfor %>
steps:
- name: Get workflow information
id: get-workflow-info
uses: technote-space/workflow-conclusion-action@v3
- name: Set Pipeline Exit Status
shell: bash
run: |
if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then
exit 1
else
exit 0
fi
- name: Done
if: always()
run:
echo "All worflows finished"

16
.github/workflows/templates/scheduled.yml.j2 vendored Normal file
View file

@ -0,0 +1,16 @@
<%- extends 'ci.yml.j2' %>
<%- block on %>
on:
schedule:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
- cron: '0 */8 * * *' # Run every 8 hours
<%- endblock %>
<%- block concurrency %>
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
<%- endblock %>

58
.github/workflows/test-action-macos.yml vendored
View file

@ -128,9 +128,6 @@ jobs:
- name: Install Nox
if: steps.nox-dependencies-cache.outputs.cache-hit != 'true'
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
python3 -m pip install 'nox==${{ env.NOX_VERSION }}'
@ -148,8 +145,6 @@ jobs:
env:
PRINT_TEST_SELECTION: "0"
PRINT_SYSTEM_INFO: "0"
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
run: |
export PYCURL_SSL_LIBRARY=openssl
export LDFLAGS="-L/usr/local/opt/openssl@3/lib"
@ -167,20 +162,6 @@ jobs:
run: |
nox -e compress-dependencies -- ${{ inputs.distro-slug }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-deps
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
test:
name: Test
runs-on: ${{ inputs.distro-slug }}
@ -312,13 +293,13 @@ jobs:
sudo chown -R "$(id -un)" .
- name: Combine Coverage Reports
if: always()
if: always() && job.status != 'cancelled'
run: |
nox -e combine-coverage
- name: Prepare Test Run Artifacts
id: download-artifacts-from-vm
if: always()
if: always() && job.status != 'cancelled'
run: |
# Delete the salt onedir, we won't need it anymore and it will prevent
# from it showing in the tree command below
@ -328,7 +309,7 @@ jobs:
echo "COVERAGE_FILE=artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ env.NOX_SESSION }}.${{ matrix.tests-chunk }}" >> GITHUB_ENV
- name: Upload Test Run Artifacts
if: always()
if: always() && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
@ -346,36 +327,23 @@ jobs:
# annotate_only: true
- name: Report Salt Code Coverage(${{ matrix.tests-chunk }})
if: always()
if: always() && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
- name: Report Tests Code Coverage(${{ matrix.tests-chunk }})
if: always()
if: always() && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage(${{ matrix.tests-chunk }})
continue-on-error: true
if: always()
if: always() && job.status != 'cancelled'
run: |
nox --force-color -e report-coverage
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}-${{ matrix.tests-chunk }}-tests
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
report:
name: Reports for ${{ inputs.distro-slug }}(${{ matrix.transport }})
@ -452,17 +420,3 @@ jobs:
check_name: Overall Test Results(${{ inputs.distro-slug }})
report_paths: 'artifacts/xml-unittests-output/*.xml'
annotate_only: true
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}-report
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

61
.github/workflows/test-action.yml vendored
View file

@ -43,6 +43,8 @@ env:
COLUMNS: 160
AWS_MAX_ATTEMPTS: "10"
AWS_RETRY_MODE: "adaptive"
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
jobs:
@ -175,20 +177,6 @@ jobs:
run: |
tools --timestamps vm destroy ${{ inputs.distro-slug }}
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-deps
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
test:
name: Test
runs-on:
@ -303,13 +291,13 @@ jobs:
${{ matrix.tests-chunk }} -- --run-slow
- name: Combine Coverage Reports
if: always() && steps.spin-up-vm.outcome == 'success'
if: always() && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled'
run: |
tools --timestamps vm combine-coverage ${{ inputs.distro-slug }}
- name: Download Test Run Artifacts
id: download-artifacts-from-vm
if: always() && steps.spin-up-vm.outcome == 'success'
if: always() && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled'
run: |
tools --timestamps vm download-artifacts ${{ inputs.distro-slug }}
# Delete the salt onedir, we won't need it anymore and it will prevent
@ -325,7 +313,7 @@ jobs:
tools --timestamps vm destroy ${{ inputs.distro-slug }} || true
- name: Upload Test Run Artifacts
if: always() && steps.download-artifacts-from-vm.outcome == 'success'
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
uses: actions/upload-artifact@v3
with:
name: testrun-artifacts-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}
@ -343,45 +331,28 @@ jobs:
# annotate_only: true
- name: Install Nox
if: always() && steps.download-artifacts-from-vm.outcome == 'success'
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
run: |
python3 -m pip install 'nox==${{ env.NOX_VERSION }}'
- name: Report Salt Code Coverage(${{ matrix.tests-chunk }})
if: always() && steps.download-artifacts-from-vm.outcome == 'success'
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- salt
- name: Report Tests Code Coverage(${{ matrix.tests-chunk }})
if: always() && steps.download-artifacts-from-vm.outcome == 'success'
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage -- tests
- name: Report Combined Code Coverage(${{ matrix.tests-chunk }})
if: always() && steps.download-artifacts-from-vm.outcome == 'success'
if: always() && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled'
continue-on-error: true
run: |
nox --force-color -e report-coverage
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}-${{ matrix.tests-chunk }}-tests
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error
report:
name: Reports for ${{ inputs.distro-slug }}(${{ matrix.transport }})
runs-on:
@ -460,17 +431,3 @@ jobs:
check_name: Overall Test Results(${{ inputs.distro-slug }})
report_paths: 'artifacts/xml-unittests-output/*.xml'
annotate_only: true
- name: Set Exit Status
if: always()
run: |
python3 -c "import os; os.makedirs('exitstatus', exist_ok=True)"
echo "${{ job.status }}" > exitstatus/${{ github.job }}-${{ inputs.distro-slug }}-${{ env.NOX_SESSION }}-report
- name: Upload Exit Status
if: always()
uses: actions/upload-artifact@v3
with:
name: exitstatus
path: exitstatus
if-no-files-found: error

6
.github/workflows/triage.yml vendored
View file

@ -4,6 +4,12 @@ on:
issues:
types: [opened]
env:
PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/
PIP_EXTRA_INDEX_URL: https://pypi.org/simple
permissions:
contents: read

38
.pre-commit-config.yaml
View file

@ -1,8 +1,38 @@
default_language_version:
python: python3
python: python3
exclude: ^(doc/_static/.*|doc/_themes/.*)$
repos:
- repo: https://github.com/s0undt3ch/python-tools-scripts
rev: "0.10.1"
hooks:
- id: tools
alias: generate-workflows
name: Generate GitHub Workflow Templates
files: ^.github/workflows/templates/.*$
pass_filenames: false
args:
- pre-commit
- generate-workflows
additional_dependencies:
- boto3==1.21.46
- pyyaml==6.0
- jinja2==3.1.2
- id: tools
alias: actionlint
name: Lint GitHub Actions Workflows
files: "^.github/workflows/"
types:
- yaml
args:
- pre-commit
- actionlint
additional_dependencies:
- boto3==1.21.46
- pyyaml==6.0
- jinja2==3.1.2
- repo: https://github.com/saltstack/pip-tools-compile-impersonate
rev: "4.6"
hooks:
@ -1082,7 +1112,7 @@ repos:
args: [--silent, -E, fix_asserts, -E, fix_docstrings]
- repo: https://github.com/timothycrosley/isort
rev: 5.10.1
rev: 5.12.0
hooks:
- id: isort
additional_dependencies: ['toml']
@ -1126,7 +1156,7 @@ repos:
- id: bandit
alias: bandit-salt
name: Run bandit against Salt
args: [--silent, -lll, --skip, B701]
args: [--silent, -lll, --skip, "B701,B324"]
exclude: >
(?x)^(
templates/.*|
@ -1140,7 +1170,7 @@ repos:
- id: bandit
alias: bandit-tests
name: Run bandit against the test suite
args: [--silent, -lll, --skip, B701]
args: [--silent, -lll, --skip, "B701,B324"]
files: ^tests/.*
exclude: ^tests/minionswarm\.py
additional_dependencies: ['importlib_metadata<5']

15
cicd/jenkins/pr-pre-commit
View file

@ -1,15 +0,0 @@
@Library('salt@master-1.11') _
if (env.CHANGE_ID) {
// This is a PR
pre_commit_skips = ''
} else {
// This is a branch build
pre_commit_skips = ''
}
runPreCommit(
env: env,
pre_commit_skips: pre_commit_skips)
// vim: ft=groovy

8
doc/conf.py
View file

@ -205,11 +205,11 @@ rst_prolog = """\
extlinks = {
"blob": (
"https://github.com/saltstack/salt/blob/%s/%%s" % repo_primary_branch,
None,
"%s",
),
"issue": ("https://github.com/saltstack/salt/issues/%s", "issue #"),
"pull": ("https://github.com/saltstack/salt/pull/%s", "PR #"),
"formula_url": ("https://github.com/saltstack-formulas/%s", ""),
"issue": ("https://github.com/saltstack/salt/issues/%s", "issue %s"),
"pull": ("https://github.com/saltstack/salt/pull/%s", "PR %s"),
"formula_url": ("https://github.com/saltstack-formulas/%s", "url %s"),
}

1
doc/contents.rst
View file

@ -27,6 +27,7 @@ Salt Table of Contents
topics/proxyminion/index
topics/network_automation/index
topics/virt/index
topics/packaging/index
ref/cli/index
ref/pillar/index
ref/tops/index

5
doc/ref/configuration/master.rst
View file

@ -2134,6 +2134,11 @@ worker_threads value.
Worker threads should not be put below 3 when using the peer system, but can
drop down to 1 worker otherwise.
Standards for busy environments:
* Use one worker thread per 200 minions.
* The value of worker_threads should not exceed 1½ times the available CPU cores.
.. note::
When the master daemon starts, it is expected behaviour to see
multiple salt-master processes, even if 'worker_threads' is set to '1'. At

100
doc/topics/netapi/index.rst
View file

@ -4,56 +4,76 @@
``netapi`` modules
==================
Introduction to netapi modules
==============================
netapi modules provide API access to Salt functionality over the network.
netapi modules provide API-centric access to Salt. Usually externally-facing
services such as REST or WebSockets, XMPP, XMLRPC, etc.
The included :ref:`netapi modules <all-netapi-modules>` support REST (over
HTTP and WSGI) and WebSockets.
In general netapi modules bind to a port and start a service. They are
purposefully open-ended. A single module can be configured to run as well as
multiple modules simultaneously.
Modules expose functions from the :py:class:`NetapiClient <salt.netapi.NetapiClient>`
and give access to the same functionality as the Salt commandline tools
(:command:`salt`, :command:`salt-run`, etc).
netapi modules are enabled by adding configuration to your Salt Master config
file and then starting the :command:`salt-api` daemon. Check the docs for each
module to see external requirements and configuration settings.
Communication with Salt and Salt satellite projects is done using Salt's own
:ref:`Python API <python-api>`. A list of available client interfaces is below.
.. admonition:: salt-api
Prior to Salt's 2014.7.0 release, netapi modules lived in the separate sister
projected ``salt-api``. That project has been merged into the main Salt
project.
.. seealso:: :ref:`The full list of netapi modules <all-netapi-modules>`
Client interfaces
=================
Salt's client interfaces expose executing functions by crafting a dictionary of
values that are mapped to function arguments. This allows calling functions
simply by creating a data structure. (And this is exactly how much of Salt's
own internals work!)
Salt's client interfaces provide the ability to execute functions from
execution, runnner, and wheel modules.
The client interfaces available via netapi modules are defined in the
:py:class:`NetapiClient <salt.netapi.NetapiClient>`, which is a
limited version of the :ref:`Python API <python-api>`.
The client interfaces accept a dictionary with values for the function
and its arguments.
Available interfaces:
* local - run execution modules on minions
* local_subset - run execution modules on a subset of minions
* runner - run runner modules on master
* ssh - run salt-ssh commands
* wheel - run wheel modules
The local, runner, and wheel clients also have async variants to run
modules asynchronously.
Configuration
=============
The :conf_master:`netapi_enable_clients` list in the master config sets which
clients are available. It is recommended to only enable the clients required
to complete the tasks needed to reduce the amount of Salt functionality exposed
via the netapi. Enabling the local clients will provide the same functionality as
the :command:`salt` command.
.. admonition:: :conf_master:`netapi_enable_clients`
Prior to Salt's 3006.0 release all clients were enabled and it was not possible
to disable clients individually.
.. autoclass:: salt.netapi.NetapiClient
:members: local, local_async, local_subset, ssh, runner, runner_async,
wheel, wheel_async
client interfaces are available. It is recommended to only enable the client
interfaces required to complete the tasks needed to reduce the amount of Salt
functionality exposed via the netapi. See the
:ref:`netapi_enable clients <netapi-enable-clients>` documentation.
.. toctree::
writing
netapi-enable-clients
Individual netapi modules can be enabled by adding the module configuration
section to the master config. The required configuration and dependencies are
documented for each :ref:`module <all-netapi-modules>`.
The :command:`salt-api` daemon manages netapi modules instances and must be
started to enable the configured netapi modules. It is possible to run
multiple netapi modules and multiple instances of each module.
.. admonition:: :conf_master:`netapi_enable_clients`
Prior to Salt's 3006.0 release all client interfaces were enabled and it
was not possible to disable clients individually.
Developing modules
==================
Developing custom netapi modules for new transports or protocols is documented in
the :ref:`Writing netapi modules <netapi-writing>` and :ref:`NetapiClient <netapi-client>`
documentation.
.. toctree::
writing
netapiclient

183
doc/topics/netapi/netapi-enable-clients.rst Normal file
View file

@ -0,0 +1,183 @@
.. _netapi-enable-clients:
=================================
Enabling netapi client interfaces
=================================
From Salt's 3006.0 release onwards, all netapi client interfaces are disabled by default.
To enable netapi/:command:`salt-api` functionality, users should follow the process in this
documentation. If the :conf_master:`netapi_enable_clients` configuration is not added to the
Salt master configuration, then the netapi/:command:`salt-api` will not function.
.. admonition:: Breaking change in Salt 3006.0 and above
Users of netapi/:command:`salt-api` upgrading to Salt 3006.0 **must** follow the process in
this documentation to enable the required netapi client interfaces. If the
:conf_master:`netapi_enable_clients` configuration is not added to the Salt master
configuration netapi/:command:`salt-api` will not function
Steps to enable netapi client interfaces
========================================
1. :ref:`netapi-enable-clients-select`
2. :ref:`netapi-enable-clients-update`
3. :ref:`netapi-enable-clients-restart`
4. :ref:`netapi-enable-clients-verify`
.. _netapi-enable-clients-select:
Select client interfaces to enable
----------------------------------
Salt's client interfaces provide the ability to execute functions from execution, runner,
wheel modules, and via the salt-ssh system.
It is recommended to only enable the client interfaces required to complete the tasks needed
to reduce the amount of Salt functionality exposed via the netapi. For example, if the
salt-ssh system is not in use, not enabling the ssh client interface will help protect
the Salt master from attacks which look to exploit salt-ssh.
The main client interfaces are:
* local - run execution modules on minions
* local_subset - run execution modules on a subset of minions
* runner - run runner modules on master
* ssh - run salt-ssh commands
* wheel - run wheel modules
The local, runner, and wheel clients also have async variants to run modules asynchronously.
See :conf_master:`netapi_enable_clients` for the complete list.
Most scenarios will require enabling the local client (and potentially its local_subset and
local_async variants). The local client is equivalent to the :command:`salt` command line
tool and is required to run execution modules against minions.
Many deployments may also require the ability to call runner functions on the master (for
example, where orchestrations are used), but the runner client should only be enabled if
this is the case.
As there is not a standard netapi client application, existing users will need to assess
which client interfaces are in use. Where an application or tool is making a request to
a netapi module, it will usually pass an option indicating which client to use and it
should be possible to inspect the source of any tools to understand which client interfaces
should be enabled.
For common command line clients, such as `pepper <https://github.com/saltstack/pepper>`_
they will normally default to using the local client interface unless passed an
option to specify a different client interface.
.. _netapi-enable-clients-update:
Update Salt master config
-------------------------
Once it has been established which client interfaces will be required or are currently
in use, those should be listed in the Salt master config, under the
:conf_master:`netapi_enable_clients` key.
Example configuration to enable only the local client interfaces:
netapi_enable_clients:
- local
- local_async
- local_batch
- local_subset
Example configuration to enable local client functionality and runners:
netapi_enable_clients:
- local
- local_async
- local_batch
- local_subset
- runner
- runner_async
See :conf_master:`netapi_enable_clients` for the full list of available client interfaces.
.. _netapi-enable-clients-restart:
Restart salt-master and salt-api
--------------------------------
Changes to the Salt master configuration require a restart of the :command:`salt-master`
service. The :command:`salt-api` service should also be restarted.
.. _netapi-enable-clients-verify:
Verify required functionality
-----------------------------
Testing that the required functionality is available can be done using curl.
It is recommended to also check that client interfaces that are not
required are not enabled.
.. admonition:: Examples
Examples will have to be adjusted to set the correct username, password and
:ref:`external authentication <acl-eauth>` values for the user's system.
Checking that the local client is enabled:
.. code-block:: bash
curl -sSKi https://localhost:8000/run \
-H 'Accept: application/x-yaml' \
-d client='local' \
-d tgt='*' \
-d fun='test.ping' \
-d username='saltdev' \
-d password='saltdev' \
-d eauth='auto'
HTTP/1.1 200 OK
Content-Type: application/x-yaml
Server: CherryPy/18.8.0
Date: Mon, 23 Jan 2023 14:54:58 GMT
Allow: GET, HEAD, POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: GET, POST
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Content-Length: 25
return:
- saltdev1: true
Checking that the runner client is **not** enabled:
.. code-block:: bash
curl -sSKi https://localhost:8000/run \
-H 'Accept: application/x-yaml' \
-d client='runner' \
-d fun='test.arg' \
-d arg='test arg' \
-d username='saltdev' \
-d password='saltdev' \
-d eauth='auto'
HTTP/1.1 400 Bad Request
Content-Type: text/html;charset=utf-8
Server: CherryPy/18.8.0
Date: Mon, 23 Jan 2023 14:59:33 GMT
Allow: GET, HEAD, POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: GET, POST
Access-Control-Allow-Credentials: true
Content-Length: 750
Vary: Accept-Encoding
...
Further examples are available in the
:ref:`neatpi modules <all-netapi-modules>` documentation.

13
doc/topics/netapi/netapiclient.rst Normal file
View file

@ -0,0 +1,13 @@
.. _netapi-client:
============
NetapiClient
============
The :py:class:`NetapiClient` class provides access to
:ref:`Python API client interfaces <client-interfaces>` when
:ref:`developing netapi modules <netapi-writing>`
.. autoclass:: salt.netapi.NetapiClient
:members: local, local_async, local_subset, ssh, runner, runner_async,
wheel, wheel_async, run

2
doc/topics/netapi/writing.rst
View file

@ -1,3 +1,5 @@
.. _netapi-writing:
======================
Writing netapi modules
======================

38
doc/topics/packaging/index.rst Normal file
View file

@ -0,0 +1,38 @@
.. _pkging-introduction:
================
Onedir Packaging
================
Relenv onedir packaging
=======================
Starting in 3006, only onedir packaging will be available. The 3006 onedir packages
are built with the `relenv <https://github.com/saltstack/relative-environment-for-python>`_ tool.
How to build rpm packages
=========================
You only need to run rpmbuild in the Salt repo:
.. code-block:: bash
# rpmbuild -bb --define="_salt_src $(pwd)" $(pwd)/pkg/rpm/salt.spec
How to build deb packages
=========================
You only need to add a symlink and run debuild in the Salt repo:
.. code-block:: bash
# ln -s pkg/deb/debian debian
# debuild -uc -us
How to access python binary
===========================
The python library is available in the install directory of the onedir package. For example
on linux the default location would be ``/opt/saltstack/salt/bin/python3``.

3
doc/topics/releases/3006.0.rst
View file

@ -35,7 +35,8 @@ All netapi clients, which provide the functionality to ``salt-api``, will now
be disabled by default as a security precaution. If you use ``salt-api``, you
must add the new ``netapi_enable_clients`` option to your salt master config.
This is a breaking change and the ``salt-api`` will not function without this
new configuration option. See :ref:`netapi-introduction` for more information.
new configuration option. See :ref:`netapi-enable-clients` for more
information.
How do I migrate to the onedir packages?

2
doc/topics/tutorials/autoaccept_grains.rst
View file

@ -28,6 +28,8 @@ accept minions based on their ``uuid`` create a file named ``/etc/salt/autosign_
8f7d68e2-30c5-40c6-b84a-df7e978a03ee
1d3c5473-1fbc-479e-b0c7-877705a0730f
If already running, the master must be restarted for these config changes to take effect.
The master is now setup to accept minions with either of the two specified uuids.
Multiple values must always be written into separate lines.
Lines starting with a ``#`` are ignored.

1
pkg/common/env-cleanup-rules.yml
View file

@ -258,7 +258,6 @@ pkg:
- *ci_windows_file_patterns
- "**/Scripts/py.exe"
- "**/Scripts/pyw.exe"
- "**/Scripts/pythonw.exe"
- "**/Scripts/venvlauncher.exe"
- "**/Scripts/venvwlauncher.exe"
- "**/Scripts/wheel*"

5
pkg/debian/changelog
View file

@ -1,5 +0,0 @@
salt (SALT_RELEASE_VERSION) stable; urgency=medium
* Build of Salt with Relenv
-- SaltStack Packaging Team <packaging@saltstack.com> Mon, 03 Jul 2017 20:44:29 +0000

29
pkg/rpm/salt.spec
View file

@ -189,6 +189,21 @@ install -d -m 0700 %{buildroot}%{_sysconfdir}/salt/cloud.providers.d
install -d -m 0755 %{buildroot}%{_sysconfdir}/salt/proxy.d
install -d -m 0755 %{buildroot}%{_bindir}
install -m 0755 %{buildroot}/opt/saltstack/salt/salt %{buildroot}%{_bindir}/salt
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-call %{buildroot}%{_bindir}/salt-call
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-master %{buildroot}%{_bindir}/salt-master
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-minion %{buildroot}%{_bindir}/salt-minion
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-api %{buildroot}%{_bindir}/salt-api
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-cp %{buildroot}%{_bindir}/salt-cp
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-key %{buildroot}%{_bindir}/salt-key
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-run %{buildroot}%{_bindir}/salt-run
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-cloud %{buildroot}%{_bindir}/salt-cloud
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-ssh %{buildroot}%{_bindir}/salt-ssh
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-syndic %{buildroot}%{_bindir}/salt-syndic
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-proxy %{buildroot}%{_bindir}/salt-proxy
install -m 0755 %{buildroot}/opt/saltstack/salt/spm %{buildroot}%{_bindir}/spm
install -m 0755 %{buildroot}/opt/saltstack/salt/salt-pip %{buildroot}%{_bindir}/salt-pip
# Add the config files
install -p -m 0640 %{_salt_src}/conf/minion %{buildroot}%{_sysconfdir}/salt/minion
install -p -m 0640 %{_salt_src}/conf/master %{buildroot}%{_sysconfdir}/salt/master
@ -249,6 +264,8 @@ rm -rf %{buildroot}
%dir %{_var}/cache/salt
%dir %{_var}/log/salt
%doc %{_mandir}/man1/spm.1*
%{_bindir}/spm
%{_bindir}/salt-pip
/opt/saltstack/salt
%dir %{_sysconfdir}/salt
%dir %{_sysconfdir}/salt/pki
@ -264,6 +281,11 @@ rm -rf %{buildroot}
%doc %{_mandir}/man1/salt-key.1*
%doc %{_mandir}/man1/salt-master.1*
%doc %{_mandir}/man1/salt-run.1*
%{_bindir}/salt
%{_bindir}/salt-cp
%{_bindir}/salt-key
%{_bindir}/salt-master
%{_bindir}/salt-run
%{_unitdir}/salt-master.service
%config(noreplace) %{_sysconfdir}/salt/master
%dir %{_sysconfdir}/salt/master.d
@ -274,6 +296,9 @@ rm -rf %{buildroot}
%doc %{_mandir}/man1/salt-call.1*
%doc %{_mandir}/man1/salt-minion.1*
%doc %{_mandir}/man1/salt-proxy.1*
%{_bindir}/salt-minion
%{_bindir}/salt-call
%{_bindir}/salt-proxy
%{_unitdir}/salt-minion.service
%{_unitdir}/salt-proxy@.service
%config(noreplace) %{_sysconfdir}/salt/minion
@ -283,15 +308,18 @@ rm -rf %{buildroot}
%files syndic
%doc %{_mandir}/man1/salt-syndic.1*
%{_bindir}/salt-syndic
%{_unitdir}/salt-syndic.service
%files api
%defattr(-,root,root)
%doc %{_mandir}/man1/salt-api.1*
%{_bindir}/salt-api
%{_unitdir}/salt-api.service
%files cloud
%doc %{_mandir}/man1/salt-cloud.1*
%{_bindir}/salt-cloud
%{_sysconfdir}/salt/cloud.conf.d
%{_sysconfdir}/salt/cloud.deploy.d
%{_sysconfdir}/salt/cloud.maps.d
@ -301,6 +329,7 @@ rm -rf %{buildroot}
%files ssh
%doc %{_mandir}/man1/salt-ssh.1*
%{_bindir}/salt-ssh
%config(noreplace) %{_sysconfdir}/salt/roster

1
pkg/windows/prep_salt.ps1
View file

@ -193,7 +193,6 @@ if ( $PKG ) {
$binaries = @(
"py.exe",
"pyw.exe",
"pythonw.exe",
"venvlauncher.exe",
"venvwlauncher.exe"
)

3
requirements/static/ci/docs.in
View file

@ -1,2 +1,3 @@
sphinx>=3.5.1
sphinx>=3.5.1; python_version < '3.10'
sphinx>=4.1.2; python_version >= '3.10'
jinja2<3.1

12
requirements/static/ci/py3.10/docs.txt
View file

@ -414,7 +414,7 @@ dnspython==2.1.0
# python-etcd
docker==5.0.0
# via -r requirements/static/ci/common.in
docutils==0.16
docutils==0.19
# via sphinx
etcd3-py==0.1.6 ; python_version >= "3.6"
# via -r requirements/static/ci/common.in
@ -441,7 +441,7 @@ idna==2.8
# etcd3-py
# requests
# yarl
imagesize==1.2.0
imagesize==1.4.1
# via sphinx
immutables==0.15
# via contextvars
@ -658,7 +658,7 @@ pycryptodomex==3.9.8
# via -r requirements/crypto.txt
pygit2==1.9.1 ; python_version >= "3.10"
# via -r requirements/static/ci/linux.in
pygments==2.8.1
pygments==2.14.0
# via sphinx
pyiface==0.0.11
# via -r requirements/static/ci/linux.in
@ -809,19 +809,19 @@ smmap==4.0.0
# via gitdb
snowballstemmer==2.1.0
# via sphinx
sphinx==3.5.2
sphinx==6.1.3 ; python_version >= "3.10"
# via -r requirements/static/ci/docs.in
sphinxcontrib-applehelp==1.0.2
# via sphinx
sphinxcontrib-devhelp==1.0.2
# via sphinx
sphinxcontrib-htmlhelp==1.0.3
sphinxcontrib-htmlhelp==2.0.0
# via sphinx
sphinxcontrib-jsmath==1.0.1
# via sphinx
sphinxcontrib-qthelp==1.0.3
# via sphinx
sphinxcontrib-serializinghtml==1.1.4
sphinxcontrib-serializinghtml==1.1.5
# via sphinx
sqlparse==0.4.2
# via -r requirements/static/ci/common.in

8
requirements/static/ci/py3.10/tools.txt
View file

@ -16,15 +16,19 @@ botocore==1.24.46
# s3transfer
commonmark==0.9.1
# via rich
jinja2==3.1.2
# via -r requirements/static/ci/tools.in
jmespath==1.0.1
# via
# boto3
# botocore
markupsafe==2.1.2
# via jinja2
pygments==2.13.0
# via rich
python-dateutil==2.8.2
# via botocore
python-tools-scripts==0.9.6
python-tools-scripts==0.10.1
# via -r requirements/static/ci/tools.in
pyyaml==6.0
# via -r requirements/static/ci/tools.in
@ -34,5 +38,7 @@ s3transfer==0.5.2
# via boto3
six==1.16.0
# via python-dateutil
typing-extensions==4.4.0
# via python-tools-scripts
urllib3==1.26.12
# via botocore

2
requirements/static/ci/py3.6/docs.txt
View file

@ -825,7 +825,7 @@ slack-sdk==3.19.5
# via slack-bolt
snowballstemmer==2.1.0
# via sphinx
sphinx==3.5.2
sphinx==3.5.2 ; python_version < "3.10"
# via -r requirements/static/ci/docs.in
sphinxcontrib-applehelp==1.0.2
# via sphinx

2
requirements/static/ci/py3.7/docs.txt
View file

@ -857,7 +857,7 @@ smmap==4.0.0
# via gitdb
snowballstemmer==2.1.0
# via sphinx
sphinx==3.5.2
sphinx==3.5.2 ; python_version < "3.10"
# via -r requirements/static/ci/docs.in
sphinxcontrib-applehelp==1.0.2
# via sphinx

2
requirements/static/ci/py3.8/docs.txt
View file

@ -849,7 +849,7 @@ smmap==4.0.0
# via gitdb
snowballstemmer==2.1.0
# via sphinx
sphinx==3.5.2
sphinx==3.5.2 ; python_version < "3.10"
# via -r requirements/static/ci/docs.in
sphinxcontrib-applehelp==1.0.2
# via sphinx

2
requirements/static/ci/py3.9/docs.txt
View file

@ -850,7 +850,7 @@ smmap==4.0.0
# via gitdb
snowballstemmer==2.1.0
# via sphinx
sphinx==3.5.2
sphinx==3.5.2 ; python_version < "3.10"
# via -r requirements/static/ci/docs.in
sphinxcontrib-applehelp==1.0.2
# via sphinx

8
requirements/static/ci/py3.9/tools.txt
View file

@ -16,15 +16,19 @@ botocore==1.24.46
# s3transfer
commonmark==0.9.1
# via rich
jinja2==3.1.2
# via -r requirements/static/ci/tools.in
jmespath==1.0.1
# via
# boto3
# botocore
markupsafe==2.1.2
# via jinja2
pygments==2.13.0
# via rich
python-dateutil==2.8.2
# via botocore
python-tools-scripts==0.9.6
python-tools-scripts==0.10.1
# via -r requirements/static/ci/tools.in
pyyaml==6.0
# via -r requirements/static/ci/tools.in
@ -34,5 +38,7 @@ s3transfer==0.5.2
# via boto3
six==1.16.0
# via python-dateutil
typing-extensions==4.4.0
# via python-tools-scripts
urllib3==1.26.12
# via botocore

3
requirements/static/ci/tools.in
View file

@ -1,4 +1,5 @@
python-tools-scripts >= 0.9.6
python-tools-scripts >= 0.10.1
attrs
boto3
pyyaml
jinja2

17
salt/modules/bsd_shadow.py
View file

@ -220,22 +220,7 @@ def del_password(name):
def set_password(name, password):
"""
Set the password for a named user. The password must be a properly defined
hash. The password hash can be generated with this command:
``python -c "import crypt; print crypt.crypt('password', ciphersalt)"``
.. note::
When constructing the ``ciphersalt`` string, you must escape any dollar
signs, to avoid them being interpolated by the shell.
``'password'`` is, of course, the password for which you want to generate
a hash.
``ciphersalt`` is a combination of a cipher identifier, an optional number
of rounds, and the cryptographic salt. The arrangement and format of these
fields depends on the cipher and which flavor of BSD you are using. For
more information on this, see the manpage for ``crpyt(3)``. On NetBSD,
additional information is available in ``passwd.conf(5)``.
hash. A password hash can be generated with :py:func:`gen_password`.
It is important to make sure that a supported cipher is used.

11
salt/modules/linux_shadow.py
View file

@ -339,16 +339,7 @@ def unlock_password(name, root=None):
def set_password(name, password, use_usermod=False, root=None):
"""
Set the password for a named user. The password must be a properly defined
hash. The password hash can be generated with this command:
``python -c "import crypt; print crypt.crypt('password',
'\\$6\\$SALTsalt')"``
``SALTsalt`` is the 8-character crpytographic salt. Valid characters in the
salt are ``.``, ``/``, and any alphanumeric character.
Keep in mind that the $6 represents a sha512 hash, if your OS is using a
different hashing algorithm this needs to be changed accordingly
hash. A password hash can be generated with :py:func:`gen_password`.
name
User to set the password

3
tools/__init__.py
View file

@ -1,7 +1,10 @@
import logging
import tools.changelog
import tools.ci
import tools.docs
import tools.pkg
import tools.pre_commit
import tools.vm
for name in ("boto3", "botocore", "urllib3"):

284
tools/changelog.py Normal file
View file

@ -0,0 +1,284 @@
"""
These commands are used manage Salt's changelog.
"""
# pylint: disable=resource-leakage,broad-except
from __future__ import annotations
import datetime
import logging
import os
import pathlib
import subprocess
import sys
import textwrap
from ptscripts import Context, command_group
log = logging.getLogger(__name__)
REPO_ROOT = pathlib.Path(__file__).resolve().parent.parent
# Define the command group
cl = command_group(
name="changelog",
help="Changelog tools",
description=__doc__,
venv_config={
"requirements_files": [
REPO_ROOT
/ "requirements"
/ "static"
/ "ci"
/ "py{}.{}".format(*sys.version_info)
/ "changelog.txt"
],
},
)
def _get_changelog_contents(ctx: Context, version: str):
"""
Return the full changelog generated by towncrier.
"""
return ctx.run(
"towncrier",
"build",
"--draft",
f"--version={version}",
capture=True,
).stdout.decode()
def _get_pkg_changelog_contents(ctx: Context, version: str):
"""
Return a version of the changelog entries suitable for packaged changelogs.
"""
changes = _get_changelog_contents(ctx, version)
changes = "\n".join(changes.split("\n")[2:])
changes = changes.replace(
textwrap.dedent(
"""
Removed
-------
"""
),
"",
)
changes = changes.replace(
textwrap.dedent(
"""
Deprecated
----------
"""
),
"",
)
changes = changes.replace(
textwrap.dedent(
"""
Changed
-------
"""
),
"",
)
changes = changes.replace(
textwrap.dedent(
"""
Fixed
-----
"""
),
"",
)
changes = changes.replace(
textwrap.dedent(
"""
Added
-----
"""
),
"",
)
return changes
def _get_salt_version():
return (
subprocess.run(
["python3", "salt/version.py"], stdout=subprocess.PIPE, check=True
)
.stdout.decode()
.strip()
)
@cl.command(
name="update-rpm",
arguments={
"salt_version": {
"help": (
"The salt package version. If not passed "
"it will be discovered by running 'python3 salt/version.py'."
),
"nargs": "?",
"default": None,
},
"draft": {
"help": "Do not make any changes, instead output what would be changed.",
},
},
)
def update_rpm(ctx: Context, salt_version: str, draft: bool = False):
if salt_version is None:
salt_version = _get_salt_version()
changes = _get_pkg_changelog_contents(ctx, salt_version)
ctx.info("Salt version is %s", salt_version)
orig = ctx.run(
"sed",
f"s/Version: .*/Version: {salt_version}/g",
"pkg/rpm/salt.spec",
capture=True,
check=True,
).stdout.decode()
dt = datetime.datetime.utcnow()
date = dt.strftime("%a %b %d %Y")
header = f"* {date} Salt Project Packaging <saltproject-packaging@vmware.com> - {salt_version}\n"
parts = orig.split("%changelog")
tmpspec = "pkg/rpm/salt.spec.1"
with open(tmpspec, "w") as wfp:
wfp.write(parts[0])
wfp.write("%changelog\n")
wfp.write(header)
wfp.write(changes)
wfp.write(parts[1])
try:
with open(tmpspec) as rfp:
if draft:
ctx.info(rfp.read())
else:
with open("pkg/rpm/salt.spec", "w") as wfp:
wfp.write(rfp.read())
finally:
os.remove(tmpspec)
@cl.command(
name="update-deb",
arguments={
"salt_version": {
"help": (
"The salt package version. If not passed "
"it will be discovered by running 'python3 salt/version.py'."
),
"nargs": "?",
"default": None,
},
"draft": {
"help": "Do not make any changes, instead output what would be changed.",
},
},
)
def update_deb(ctx: Context, salt_version: str, draft: bool = False):
if salt_version is None:
salt_version = _get_salt_version()
changes = _get_pkg_changelog_contents(ctx, salt_version)
formated = "\n".join([f" {_.replace('-', '*', 1)}" for _ in changes.split("\n")])
dt = datetime.datetime.utcnow()
date = dt.strftime("%a, %d %b %Y %H:%M:%S +0000")
tmpchanges = "pkg/rpm/salt.spec.1"
with open(tmpchanges, "w") as wfp:
wfp.write(f"salt ({salt_version}) stable; urgency=medium\n\n")
wfp.write(formated)
wfp.write(
f"\n -- Salt Project Packaging <saltproject-packaging@vmware.com> {date}\n\n"
)
with open("pkg/debian/changelog") as rfp:
wfp.write(rfp.read())
try:
with open(tmpchanges) as rfp:
if draft:
ctx.info(rfp.read())
else:
with open("pkg/debian/changelog", "w") as wfp:
wfp.write(rfp.read())
finally:
os.remove(tmpchanges)
@cl.command(
name="update-release-notes",
arguments={
"salt_version": {
"help": (
"The salt version used to generate the release notes. If not passed "
"it will be discovered by running 'python3 salt/version.py'."
),
"nargs": "?",
"default": None,
},
"draft": {
"help": "Do not make any changes, instead output what would be changed.",
},
},
)
def update_release_notes(ctx: Context, salt_version: str, draft: bool = False):
if salt_version is None:
salt_version = _get_salt_version()
if "+" in salt_version:
major_version = salt_version.split("+", 1)[0]
else:
major_version = salt_version
changes = _get_changelog_contents(ctx, salt_version)
changes = "\n".join(changes.split("\n")[2:])
tmpnotes = f"doc/topics/releases/{salt_version}.rst.tmp"
try:
with open(f"doc/topics/releases/{major_version}.rst") as rfp:
existing = rfp.read()
except FileNotFoundError:
existing = ""
with open(tmpnotes, "w") as wfp:
wfp.write(existing)
wfp.write(changes)
try:
with open(tmpnotes) as rfp:
if draft:
ctx.info(rfp.read())
else:
with open(f"doc/topics/releases/{salt_version}.rst", "w") as wfp:
wfp.write(rfp.read())
finally:
os.remove(tmpnotes)
@cl.command(
name="update-changelog-md",
arguments={
"salt_version": {
"help": (
"The salt version to use in the changelog. If not passed "
"it will be discovered by running 'python3 salt/version.py'."
),
"nargs": "?",
"default": None,
},
"draft": {
"help": "Do not make any changes, instead output what would be changed.",
},
},
)
def generate_changelog_md(ctx: Context, salt_version: str, draft: bool = False):
if salt_version is None:
salt_version = _get_salt_version()
cmd = ["towncrier", "build", f"--version={salt_version}"]
if draft:
cmd += ["--draft"]
else:
cmd += ["--yes"]
ctx.run(*cmd, check=True)
ctx.run("git", "restore", "--staged", "CHANGELOG.md", "changelog/", check=True)

72
tools/docs.py Normal file
View file

@ -0,0 +1,72 @@
"""
These commands are used to generate Salt's manpages.
"""
# pylint: disable=resource-leakage,broad-except
from __future__ import annotations
import logging
import os
import pathlib
import shutil
import sys
from ptscripts import Context, command_group
log = logging.getLogger(__name__)
REPO_ROOT = pathlib.Path(__file__).resolve().parent.parent
# Define the command group
docs = command_group(
name="docs",
help="Manpages tools",
description=__doc__,
venv_config={
"requirements_files": [
REPO_ROOT
/ "requirements"
/ "static"
/ "ci"
/ "py{}.{}".format(*sys.version_info)
/ "docs.txt"
],
},
)
@docs.command(
name="man",
)
def man(ctx: Context):
ctx.run("make", "clean", cwd="doc/", check=True)
ctx.run("make", "man", "SHPINXOPTS=-W", cwd="doc/", check=True)
for root, dirs, files in os.walk("doc/_build/man"):
for file in files:
shutil.copy(os.path.join(root, file), os.path.join("doc/man", file))
@docs.command(
name="html",
)
def html(ctx: Context):
ctx.run("make", "clean", cwd="doc/", check=True)
ctx.run("make", "html", "SHPINXOPTS=-W", cwd="doc/", check=True)
@docs.command(
name="epub",
)
def epub(ctx: Context):
ctx.run("make", "clean", cwd="doc/", check=True)
ctx.run("make", "epub", "SHPINXOPTS=-W", cwd="doc/", check=True)
@docs.command(
name="pdf",
)
def pdf(ctx: Context):
if not shutil.which("inkscape"):
ctx.warn("No inkscape binary found")
ctx.exit(1)
ctx.run("make", "clean", cwd="doc/", check=True)
ctx.run("make", "pdf", "SHPINXOPTS=-W", cwd="doc/", check=True)

110
tools/pkg.py
View file

@ -5,6 +5,7 @@ These commands are used to build Salt packages.
from __future__ import annotations
import fnmatch
import gzip
import hashlib
import json
import logging
@ -12,6 +13,8 @@ import os
import pathlib
import shutil
import sys
import tarfile
import tempfile
import yaml
from ptscripts import Context, command_group
@ -24,6 +27,63 @@ REPO_ROOT = pathlib.Path(__file__).resolve().parent.parent
pkg = command_group(name="pkg", help="Packaging Related Commands", description=__doc__)
class Recompress:
"""
Helper class to re-compress a ``.tag.gz`` file to make it reproducible.
"""
def __init__(self, mtime):
self.mtime = int(mtime)
def tar_reset(self, tarinfo):
"""
Reset user, group, mtime, and mode to create reproducible tar.
"""
tarinfo.uid = tarinfo.gid = 0
tarinfo.uname = tarinfo.gname = "root"
tarinfo.mtime = self.mtime
if tarinfo.type == tarfile.DIRTYPE:
tarinfo.mode = 0o755
else:
tarinfo.mode = 0o644
if tarinfo.pax_headers:
raise ValueError(tarinfo.name, tarinfo.pax_headers)
return tarinfo
def recompress(self, targz):
"""
Re-compress the passed path.
"""
tempd = pathlib.Path(tempfile.mkdtemp()).resolve()
d_src = tempd.joinpath("src")
d_src.mkdir()
d_tar = tempd.joinpath(targz.stem)
d_targz = tempd.joinpath(targz.name)
with tarfile.open(d_tar, "w|") as wfile:
with tarfile.open(targz, "r:gz") as rfile:
rfile.extractall(d_src)
extracted_dir = next(pathlib.Path(d_src).iterdir())
for name in sorted(extracted_dir.rglob("*")):
wfile.add(
str(name),
filter=self.tar_reset,
recursive=False,
arcname=str(name.relative_to(d_src)),
)
with open(d_tar, "rb") as rfh:
with gzip.GzipFile(
fileobj=open(d_targz, "wb"), mode="wb", filename="", mtime=self.mtime
) as gz: # pylint: disable=invalid-name
while True:
chunk = rfh.read(1024)
if not chunk:
break
gz.write(chunk)
targz.unlink()
shutil.move(str(d_targz), str(targz))
@pkg.command(
name="set-salt-version",
arguments={
@ -211,7 +271,7 @@ def generate_hashes(ctx: Context, files: list[pathlib.Path]):
if size == 0:
break # EOF
digest.update(view[:size])
digest_file_path = fpath.parent / f"{fpath.name}.{hash_name}"
digest_file_path = fpath.parent / f"{fpath.name}.{hash_name.upper()}"
hexdigest = digest.hexdigest()
ctx.info(f" * Writing {digest_file_path} ...")
digest_file_path.write_text(digest.hexdigest())
@ -220,3 +280,51 @@ def generate_hashes(ctx: Context, files: list[pathlib.Path]):
ctx.info(f" * Writing {hashes_json_path} ...")
hashes_json_path.write_text(json.dumps(hashes))
ctx.info("Done")
@pkg.command(
name="source-tarball",
venv_config={
"requirements_files": [
REPO_ROOT / "requirements" / "build.txt",
]
},
)
def source_tarball(ctx: Context):
shutil.rmtree("dist/", ignore_errors=True)
timestamp = ctx.run(
"git",
"show",
"-s",
"--format=%at",
"HEAD",
capture=True,
).stdout.strip()
env = {
**os.environ,
**{
"SOURCE_DATE_EPOCH": str(timestamp),
},
}
ctx.run(
"python3",
"-m",
"build",
"--sdist",
str(REPO_ROOT),
env=env,
check=True,
)
# Recreate sdist to be reproducible
recompress = Recompress(timestamp)
for targz in REPO_ROOT.joinpath("dist").glob("*.tar.gz"):
ctx.info(f"Re-compressing {targz.relative_to(REPO_ROOT)} ...")
recompress.recompress(targz)
sha256sum = shutil.which("sha256sum")
if sha256sum:
packages = [
str(pkg.relative_to(REPO_ROOT))
for pkg in REPO_ROOT.joinpath("dist").iterdir()
]
ctx.run("sha256sum", *packages)
ctx.run("python3", "-m", "twine", "check", "dist/*", check=True)

105
tools/pre_commit.py Normal file
View file

@ -0,0 +1,105 @@
"""
These commands are used by pre-commit.
"""
# pylint: disable=resource-leakage,broad-except
from __future__ import annotations
import logging
import pathlib
import shutil
from jinja2 import Environment, FileSystemLoader
from ptscripts import Context, command_group
log = logging.getLogger(__name__)
REPO_ROOT = pathlib.Path(__file__).resolve().parent.parent
WORKFLOWS = REPO_ROOT / ".github" / "workflows"
TEMPLATES = WORKFLOWS / "templates"
# Define the command group
cgroup = command_group(
name="pre-commit", help="Pre-Commit Related Commands", description=__doc__
)
class NoDuplicatesList(list):
def append(self, need):
if need not in self:
super().append(need)
@cgroup.command(
name="generate-workflows",
)
def generate_workflows(ctx: Context):
"""
Generate GitHub Actions Workflows
"""
workflows = {
"CI": {
"template": "ci.yml",
},
"Scheduled": {
"template": "scheduled.yml",
},
}
env = Environment(
block_start_string="<%",
block_end_string="%>",
variable_start_string="<{",
variable_end_string="}>",
extensions=[
"jinja2.ext.do",
],
loader=FileSystemLoader(str(TEMPLATES)),
)
for workflow_name, details in workflows.items():
template = details["template"]
workflow_path = WORKFLOWS / template
template_path = TEMPLATES / f"{template}.j2"
ctx.info(
f"Generating '{workflow_path.relative_to(REPO_ROOT)}' from "
f"template '{template_path.relative_to(REPO_ROOT)}' ..."
)
context = {
"template": template_path.relative_to(REPO_ROOT),
"workflow_name": workflow_name,
"conclusion_needs": NoDuplicatesList(),
}
loaded_template = env.get_template(f"{template}.j2")
rendered_template = loaded_template.render(**context)
workflow_path.write_text(rendered_template.rstrip() + "\n")
@cgroup.command(
name="actionlint",
arguments={
"files": {
"help": "Files to run actionlint against",
"nargs": "*",
},
"no_color": {
"help": "Disable colors in output",
},
},
)
def actionlint(ctx: Context, files: list[str], no_color: bool = False):
"""
Run `actionlint`
"""
actionlint = shutil.which("actionlint")
if not actionlint:
ctx.warn("Could not find the 'actionlint' binary")
ctx.exit(0)
cmdline = [actionlint]
if no_color is False:
cmdline.append("-color")
shellcheck = shutil.which("shellcheck")
if shellcheck:
cmdline.append(f"-shellcheck={shellcheck}")
pyflakes = shutil.which("pyflakes")
if pyflakes:
cmdline.append(f"-pyflakes={pyflakes}")
ret = ctx.run(*cmdline, *files, check=False)
ctx.exit(ret.returncode)

5
tools/vm.py
View file

@ -1088,8 +1088,9 @@ class VM:
cmd += ["--"] + session_args
if env is None:
env = {}
if "CI" in os.environ:
env["CI"] = os.environ["CI"]
for key in ("CI", "PIP_INDEX_URL", "PIP_EXTRA_INDEX_URL"):
if key in os.environ:
env[key] = os.environ[key]
env["PYTHONUTF8"] = "1"
env["OUTPUT_COLUMNS"] = str(self.ctx.console.width)
env["GITHUB_ACTIONS_PIPELINE"] = "1"