saltstack-formulas/openssh-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(map): config.get lookups from configurable roots

Browse Source 
We avoid compatibility break with user pillars by looking up
configuration values using `config.get` in configurable roots.

We provide a new parameter `map_jinja:config_get_roots` in the formula
`parameters/defaults.yaml`to retrives values not only from
`tplroot=openssh` but from `sshd_config` and `ssh_config` too.

We need to update the `_mapdata` reference files to include the new
`map_jinja:config_get_roots`.
This commit is contained in:
Daniel Dehennin 2020-07-31 12:59:33 +02:00
parent df477b25c2
commit ad4385b077
16 changed files with 143 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
openssh/map.jinja
View File

@ -47,6 +47,31 @@
~ map_sources
) %}
{#- Lookup with `config.get` from configurable roots #}
{%- do salt["log.debug"](
"map.jinja: initialise 'config.get' roots with 'tplroot' "
~ tplroot
) %}
{%- set config_get_roots = [tplroot] %}
{#- Configure `config.get` from defaults.yaml #}
{%- set config_get_roots = default_settings | traverse(
"values:map_jinja:config_get_roots",
config_get_roots
) %}
{#- Lookup global `config.get` roots #}
{%- set config_get_roots = salt["config.get"](
"map_jinja:config_get_roots",
config_get_roots
) %}
{#- Lookup per formula `config.get` roots #}
{%- set config_get_roots = salt["config.get"](
tplroot ~ ":map_jinja:config_get_roots",
config_get_roots,
) %}
{%- do salt["log.debug"](
"map.jinja: load parameters with 'config.get' from roots "
~ config_get_roots
) %}
{#- Work around assignment inside for loop #}
{#- load configuration values used in `config.get` merging strategies #}
@ -85,47 +110,50 @@
{#- process each `map.jinja` source #}
{%- for map_source in map_sources %}
{%- if map_source in ["config_get", "config_get_lookup"] %}
{%- set _config_key = {
"config_get": tplroot,
"config_get_lookup": tplroot ~ ":lookup",
}.get(map_source) %}
{%- set _config_type = {
"config_get": "configuration",
"config_get_lookup": "lookup",
}.get(map_source) %}
{%- for _config_root in config_get_roots %}
{%- set _config_key = {
"config_get": _config_root,
"config_get_lookup": _config_root ~ ":lookup",
}.get(map_source) %}
{%- do salt["log.debug"](
"map.jinja: retrieve formula "
~ _config_type
~ " with 'config.get'"
~ _config["merge_msg"]
) %}
{%- set _config_get = salt["config.get"](
_config_key, default={}, **_config["merge_opt"]
) %}
{%- do salt["log.debug"](
"map.jinja: retrieve '"
~ _config_key
~ "' with 'config.get'"
~ _config["merge_msg"]
) %}
{%- set _config_get = salt["config.get"](
_config_key, default={}, **_config["merge_opt"]
) %}
{#- `slsutil.merge` defaults to `smart` instead of `None` for `config.get` #}
{%- set _strategy = _config["merge_strategy"] | default("smart", boolean=True) %}
{%- do salt["log.debug"](
"map.jinja: merge formula "
~ _config_type
~ " retrieved with 'config.get'"
~ ", merge: strategy='"
~ _strategy
~ "', lists='"
~ _config["merge_lists"]
~ "'"
) %}
{%- do _config.update(
{
"stack": salt["slsutil.merge"](
_config["stack"],
_config_get,
strategy=_strategy,
merge_lists=_config["merge_lists"],
)
}
) %}
{#- `slsutil.merge` defaults to `smart` instead of `None` for `config.get` #}
{%- set _strategy = _config["merge_strategy"] | default("smart", boolean=True) %}
{%- do salt["log.debug"](
"map.jinja: merge '"
~ _config_key
~ "' retrieved with 'config.get'"
~ ", merge: strategy='"
~ _strategy
~ "', lists='"
~ _config["merge_lists"]
~ "'"
) %}
{#- Keep values under each root key when there are more than one #}
{%- if config_get_roots|length > 1 %}
{%- set _config_get = { _config_root: _config_get } %}
{%- endif %}
{%- do _config.update(
{
"stack": salt["slsutil.merge"](
_config["stack"],
_config_get,
strategy=_strategy,
merge_lists=_config["merge_lists"],
)
}
) %}
{%- endfor %}
{%- else %}
{#- Lookup the grain/pillar/... #}
{#- Fallback to use the source name as a direct filename #}

6
openssh/parameters/defaults.yaml
View File

@ -2,6 +2,12 @@
# vim: ft=yaml
---
values:
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
sshd_enable: true
sshd_binary: /usr/sbin/sshd

5
test/integration/default/files/_mapdata/amazonlinux-1.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Amazon Linux AMI-2018
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/amazonlinux-2.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Amazon Linux-2
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/arch-base-latest.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Arch
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/centos-6.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# CentOS-6
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/centos-7.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-7
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/centos-8.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-8
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/debian-10.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Debian-10
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/debian-9.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Debian-9
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/fedora-31.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-31
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/fedora-32.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-32
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/opensuse-15.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Leap-15
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/ubuntu-16.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-16.04
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/ubuntu-18.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-18.04
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false

5
test/integration/default/files/_mapdata/ubuntu-20.yaml
View File

@ -1,6 +1,11 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-20.04
---
map_jinja:
config_get_roots:
- openssh
- sshd_config
- ssh_config
openssh:
absent_dsa_keys: false
absent_ecdsa_keys: false