saltstack-formulas/prometheus-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(user/group): fixing user and group limitations from Arch

Browse Source
This commit is contained in:
Corey Hammerton 2022-09-07 14:46:14 -04:00
parent 2f52af7e18
commit ada3aa3f06
6 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
prometheus/archive/install.sls
View File

@ -98,8 +98,8 @@ prometheus-archive-install-{{ name }}-file-directory:
- name: {{ p.dir.var }}{{ p.div }}{{ name }}
- makedirs: True
{%- if grains.os != 'Windows' %}
- user: {{ name|truncate(32) }}
- group: {{ name|truncate(32) }}
- user: {{ name|truncate(32, False, "") }}
- group: {{ name|truncate(16, False, "") }}
- mode: '0755'
- require:
- user: prometheus-config-users-install-{{ name }}-user-present
@ -123,8 +123,8 @@ prometheus-archive-install-{{ name }}-managed-service:
- context:
desc: prometheus - {{ name }} service
name: {{ name }}
user: {{ name|truncate(32) }}
group: {{ name|truncate(32) }}
user: {{ name|truncate(32, False, "") }}
group: {{ name|truncate(16, False, "") }}
env: {{ p.pkg.component[name]['service'].get('env', [])|tojson }}
workdir: {{ p.dir.var }}/{{ name }}
stop: ''

4
prometheus/config/clean.sls
View File

@ -19,12 +19,12 @@ prometheus-config-clean-{{ name }}:
- name: {{ name }}_environ
{%- endif %}
user.absent:
- name: {{ name|truncate(32) }}
- name: {{ name|truncate(32, False, "") }}
{%- if grains.os_family == 'MacOS' %}
- onlyif: /usr/bin/dscl . list /Users | grep {{ name }} >/dev/null 2>&1
{%- endif %}
group.absent:
- name: {{ name|truncate(32) }}
- name: {{ name|truncate(16, False, "") }}
- require:
- {{ sls_config_clean }}

6
prometheus/config/users.sls
View File

@ -8,16 +8,16 @@
prometheus-config-users-install-{{ name }}-group-present:
group.present:
- name: {{ name|truncate(32) }}
- name: {{ name|truncate(16, False, "") }}
- system: true
- require_in:
- user: prometheus-config-users-install-{{ name }}-user-present
prometheus-config-users-install-{{ name }}-user-present:
user.present:
- name: {{ name|truncate(32) }}
- name: {{ name|truncate(32, False, "") }}
- groups:
- {{ name|truncate(32) }}
- {{ name|truncate(16, False, "") }}
{%- if grains.os != 'Windows' %}
- shell: {{ p.shell }}
{%- if grains.kernel|lower == 'linux' %}

4
prometheus/exporters/node_exporter/textfile_collectors/init.sls
View File

@ -18,8 +18,8 @@ prometheus-exporters-{{ name }}-collector-textfile-dir:
- name: {{ p.pkg.component[name]['service']['args']['collector.textfile.directory'] }}
{%- if grains.os != 'Windows' %}
- mode: 755
- user: {{ name|truncate(32) }}
- group: {{ name|truncate(32) }}
- user: {{ name|truncate(32, False, "") }}
- group: {{ name|truncate(16, False, "") }}
{%- endif %}
- makedirs: True
- require:

4
prometheus/service/args/install.sls
View File

@ -25,8 +25,8 @@ include:
prometheus-service-args-{{ name }}-data-dir:
file.directory:
- name: {{ args['storage.tsdb.path'] }}
- user: {{ name|truncate(32) }}
- group: {{ name|truncate(32) }}
- user: {{ name|truncate(32, False, "") }}
- group: {{ name|truncate(16, False, "") }}
- makedirs: True
- watch_in:
- service: prometheus-service-running-{{ name }}

6
test/integration/default/controls/archive_spec.rb
View File

@ -53,10 +53,10 @@ control 'prometheus components' do
describe user('mysqld_exporter') do
it { should exist }
end
describe group('prometheus_bigquery_remote_st...') do
describe group('prometheus_bigqu') do
it { should exist }
end
describe user('prometheus_bigquery_remote_st...') do
describe user('prometheus_bigquery_remote_stora') do
it { should exist }
end
describe directory('/var/lib/prometheus') do
@ -173,7 +173,7 @@ control 'prometheus components' do
end
describe directory('/var/lib/prometheus/prometheus_bigquery_remote_storage_adapter') do # rubocop:disable Layout/LineLength
it { should exist }
its('group') { should eq 'prometheus_bigquery_remote_st...' }
its('group') { should eq 'prometheus_bigqu' }
end
describe file("#{service_dir}/prometheus-bigquery-backend.service") do
it { should exist }