Without this change, importing map.jinja in config files (as opposed to
SLS files) causes a rendering error because `slspath` isn't defined.
The `salt_settings.key_url` variable gets used only in
`salt/pkgrepo/debian/init.sls`.
Jinja macros are not actually functions. The only thing they can return
is a string. In order to return structured data, the callee must
serialize it, and the caller must deserialize it. This state formula
uses YAML as the intermediary, hence the occurrence of both the
`|yaml` (callee) and `|load_yaml` (caller) filters in its code.
The post-render "mapping values are not allowed here" error in
*salt/formulas.sls* or the broken rendering of
*salt/files/master.d/f_defaults.conf* happens because invocations of the
`formulas_git_opt` macro in several Jinja `set` statements do not get
deserialized, resulting in the trailing newline followed by three dot
characters (`...`), which YAML uses to signal the end of a document.
Correcting these rendering errors requires adding the necessary
deserialization code at those locations (i.e., filtering the macro call
through `|load_yaml`).
With a simple pillar like this::
$ sudo salt-call --config-dir /srv/etc/bootstrap --pillar-root /srv/pillar pillar.get salt:pillar_roots
local:
----------
base:
- /srv/pillar
This was generated in /etc/salt/master.d/f_defaults.conf::
# highstate format, and is generally just key/value pairs.
pillar_roots:base:- /srv/pillar
#
Resulting in parse errors by salt::
$ sudo salt '*' state.highstate
[ERROR ] Error parsing configuration file: /etc/salt/master.d/f_defaults.conf - while scanning a simple key
in "<string>", line 531, column 1:
pillar_roots:base:- /srv/pillar
^
could not found expected ':'
in "<string>", line 532, column 1:
#
^
[ERROR ] Error parsing configuration file: /etc/salt/master.d/f_defaults.conf - while scanning a simple key
in "<string>", line 531, column 1:
pillar_roots:base:- /srv/pillar
^
could not found expected ':'
in "<string>", line 532, column 1:
#
^
This patch will fix it as such::
ID: salt-master
Function: file.recurse
Name: /etc/salt/master.d
Result: True
Comment: Recursively updated /etc/salt/master.d
Started: 11:37:12.946823
Duration: 6255.296 ms
Changes:
----------
/etc/salt/master.d/f_defaults.conf:
----------
diff:
---
+++
@@ -528,7 +528,9 @@
# Pillar is laid out in the same fashion as the file server, with environments,
# a top file and sls files. However, pillar data does not need to be in the
# highstate format, and is generally just key/value pairs.
-pillar_roots:base:- /srv/pillar
+pillar_roots:
+ base:
+ - /srv/pillar
#
Resulting in::
# highstate format, and is generally just key/value pairs.
pillar_roots:
base:
- /srv/pillar
#
This change tweaks the GitPython package installation state to support
alternate package names (on FreeBSD, it's called "py27-GitPython").
Also, on FreeBSD salt-ssh is included in the "py27-salt" package by
default, requiring an update to `distro_map`.
The syndic service was depending upon itself, which caused the salt run
to fail. This commit fixes that by depending on the salt-master service
rather than the salt-syndic service. I also made it more general by
using IDs to specify the provider rather than the name, which is a bit
less reliable.
* Install pygit from package
* Add Official Salt ZeroMQ 4 COPR repository
Note that Salt itself is assumed to already to be available to the system via yum, via EPEL for example
This commit fixes how `pillar_roots` are generated and after this fix the
generated configuration does not contain any unnecessary new lines:
```yaml
pillar_roots:
base:
/srv/salt/dir1
dev:
/srv/salt/dir2
/srv/salt/dir3
locale:
/srv/salt/dir4
```
Before this commit the pillar_roots in `f_defaults.conf` for master would be
generated with a lot of empty lines in between directories, like this:
```yaml
pillar_roots:
base:
/srv/salt/dir1
dev:
/srv/salt/dir2
/srv/salt/dir3
local:
/srv/salt/dir4
```
The minion configuration is not affected and renders fine.
The user will already have it's /etc/salt/minion file, so it doesn't need all this info, and it makes easier to know what has been generated and what not
As mentioned in issue #118, provider files may contain passwords
or API keys and should be restricted. Profiles/maps are probably
OK with the defaults.
These aren't intended to function; they're here to allow the use of
file.recurse on the provider folder, without requiring the user
to provide pillar data for templates they're not using.
Salt writes it's schedule file to /etc/salt/{minion,master}.d/_schedule.conf
We don't want to stomp all over Salt's files, but we do want a pristine
starting point to lay down our managed config. So we use clean: True on the
file.recurse call, but we tell it to ignore files that start with an _
We have to rename the current config file (_defaults.conf) because it will be
ignored by the rule that ignores Salt's _* config files.
This also means we need to clean up old config files (_defaults.conf) and
restart the service if we cleaned it up.
If you are installing Salt via git/pip, the formula will try to overwrite your
install with packaged versions. This setting makes it possible to avoid that.
New versions of Salt put config files in /etc/salt/{minion,master}.d. We don't
want to erase them by using a clean: True on the file.recurse. This is a
backward incompatible change, but it's necessary to avoid deleting Salt config
files.
Resolves#104
If those options are set in pillar data, the jinja template
salt/files/master.d/_defaults.conf would fail to compile trying to
evaluate non-existing variables.
Replace those variables with the corresponding dictionnary entries.
Most include do not expect salt to be something else than the usual salt
variable giving access to all the salt modules. Instead we use cfg_salt.
And for consistency we rename the master/minion variables to
cfg_master/cfg_minion too.
This commit also provides a more concrete example of a 'host' to
be saltified. Users can do
salt-cloud -p make_salty someinstance
or
salt-cloud -m /etc/salt/cloud.maps.d/foo.conf
Either which way the online docs should really be updated with more
concrete examples.
In Python 3, dict.items() is already an iterator while dict.iteritems() no
longer exits. In Python 2, dict.items() is not an iterator but it works
and the small performance hit doesn't really matter for the salt config
pillar data which is really small.
This state enables the official saltstack package repository in order to
always benefit from the latest version. This state currently only works on
Debian and Ubuntu, and aims to implement the installation recommendations
of the official documentation:
http://docs.saltstack.com/en/latest/topics/installation/index.html
Gitfs for the minion is possible with salt 2014.7
Updated config _defaults.conf and pillar with example
Tested it on Archlinux with salt-call --local state.highstate
Commit 2b51a6f0c3 introduced options for gitfs_remotes in a pillar by using a jinja test to see if a parameter is a mapping (dict etc.). This feature however is only available in jinja 2.6 or newer (see http://jinja.pocoo.org/docs/dev/templates/#mapping).
Although this version of Jinja is available on Ubuntu, other OS / package managers do provide older versions (2.2.1 in RedHat 6).
This change makes use of the "iterable" test which should do the exact same thing.