Browse Source

Merge pull request #566 from sticky-note/feat/repos

feat(pkgrepo): impl new logic after migration to `packages.broadcom.com`
tags/v1.13.0
sticky-note 1 month ago
parent
commit
bf52207a9b
No account linked to committer's email address
9 changed files with 43 additions and 58 deletions
  1. +3
    -3
      docs/README.rst
  2. +12
    -9
      pillar.example
  3. +9
    -15
      salt/osfamilymap.yaml
  4. +4
    -9
      salt/osfingermap.yaml
  5. +10
    -18
      salt/osmap.yaml
  6. +1
    -1
      salt/pkgrepo/debian/absent.sls
  7. +1
    -1
      salt/pkgrepo/debian/clean.sls
  8. +1
    -1
      salt/pkgrepo/debian/install.sls
  9. +2
    -1
      salt/pkgrepo/redhat/install.sls

+ 3
- 3
docs/README.rst View File

'saltmain': 'saltmain':
- salt.formulas - salt.formulas
- salt.master - salt.master


Pillar data can be used to customize all paths, URLs, etc. Here's a minimal pillar sample installing two formulas in the base environment: Pillar data can be used to customize all paths, URLs, etc. Here's a minimal pillar sample installing two formulas in the base environment:


:: ::


install_packages: True install_packages: True
version: 2017.7.4
salt_minion_pkg_source: https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg
version: 3006.9
salt_minion_pkg_source: https://packages.broadcom.com/artifactory/saltproject-generic/macos/3006.9/salt-3006.9-py3-x86_64.pkg


install_packages must indicate that the installation of a package is desired. If so, version will be used to compare the version of the installed .pkg against the downloaded one. If version is not set and a salt.pkg is already installed the .pkg will not be installed again. install_packages must indicate that the installation of a package is desired. If so, version will be used to compare the version of the installed .pkg against the downloaded one. If version is not set and a salt.pkg is already installed the .pkg will not be installed again.



+ 12
- 9
pillar.example View File

install_packages: true install_packages: true


# Optional: set salt version (if install_packages is set to true) # Optional: set salt version (if install_packages is set to true)
version: 2017.7.2-1.el7
version: '3006.9'


# Pin version provided under 'version' key by using apt-pinning # Pin version provided under 'version' key by using apt-pinning
# available only on Debian family OS-es # available only on Debian family OS-es
salt_ssh: 'salt-ssh' salt_ssh: 'salt-ssh'
pyinotify: 'python-pyinotify' # the package to be installed for pyinotify pyinotify: 'python-pyinotify' # the package to be installed for pyinotify


# Set which salt repository to use, default to https://repo.saltproject.io
# For older releases use https://archive.repo.saltproject.io
repo: 'https://archive.repo.saltproject.io'
# Set which salt repository to use
# -> defaults to https://packages.broadcom.com/artifactory
repo: 'https://packages.broadcom.com/artifactory'
# yamllint disable rule:line-length
repo_key_url: 'https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public'
# yamllint enable rule:line-length


# Set which release of SaltStack to use, default to 'latest' # Set which release of SaltStack to use, default to 'latest'
# To get the available releases: # To get the available releases:
# * http://repo.saltproject.io/yum/redhat/7/x86_64/
# * http://repo.saltproject.io/apt/debian/8/amd64/
release: '2018.3'
# * https://packages.broadcom.com/artifactory/saltproject-rpm/
# * https://packages.broadcom.com/artifactory/saltproject-deb
release: '3006'


# MacOS has no package management. # MacOS has no package management.
# Instead, we use file.managed to download an appropriate .pkg file and # Instead, we use file.managed to download an appropriate .pkg file and
# NOTE: salt_minion_pkg_hash, if set, will be passed into file.managed's # NOTE: salt_minion_pkg_hash, if set, will be passed into file.managed's
# source_hash, use URL or hash string # source_hash, use URL or hash string
# yamllint disable rule:line-length # yamllint disable rule:line-length
salt_minion_pkg_source: 'https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg'
salt_minion_pkg_hash: 'https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg.md5'
salt_minion_pkg_source: 'https://packages.broadcom.com/artifactory/saltproject-generic/macos/3006.9/salt-3006.9-py3-x86_64.pkg'
salt_minion_pkg_hash: 'sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
# yamllint enable rule:line-length # yamllint enable rule:line-length


# tofs: # tofs:

+ 9
- 15
salt/osfamilymap.yaml View File

{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %} {%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}


{%- set osrelease = salt['grains.get']('osrelease', '') %} {%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set osfamily_lower = salt['grains.get']('os_family')|lower %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set oscodename = salt['grains.get']('oscodename') %}
{%- set opensuse_repo_suffix = 'Leap_' ~ osrelease if salt['grains.get']('osfinger', '') == 'Leap-15' else 'Tumbleweed' %} {%- set opensuse_repo_suffix = 'Leap_' ~ osrelease if salt['grains.get']('osfinger', '') == 'Leap-15' else 'Tumbleweed' %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}


#from template-formula #from template-formula
{%- if grains.os_family == 'MacOS' %} {%- if grains.os_family == 'MacOS' %}




Debian: Debian:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] {{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ osfamily_lower }}/{{ osmajorrelease }}/amd64/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ osfamily_lower }}/{{ osmajorrelease }}/amd64/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo_keyring_hash: sha256=ea38e0cdbd8dc53e1af154a8d711a2a321a69f81188062dc5cde9d54df2b8c47
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=amd64] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'
pkgrepo_keyring_hash: sha256=36decef986477acb8ba2a1fc4041bcf9f22229ef6c939d0317c9e36a9d142b34
libgit2: libgit2-22 libgit2: libgit2-22
pyinotify: python-pyinotify pyinotify: python-pyinotify
gitfs: gitfs:
install_from_source: false install_from_source: false


RedHat: RedHat:
pkgrepo_name: saltstack
pkgrepo_humanname: SaltStack repo for RHEL/CentOS $releasever
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/$releasever/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/$releasever/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo_name: salt-repo-latest
pkgrepo_humanname: Salt Repo for Salt LATEST release
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'
pygit2: python-pygit2 pygit2: python-pygit2
python_git: GitPython python_git: GitPython
gitfs: gitfs:

+ 4
- 9
salt/osfingermap.yaml View File

# vim: ft=yaml # vim: ft=yaml
--- ---


{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}

{%- set osrelease = salt['grains.get']('osrelease', '') %} {%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %} {%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}


Oracle Linux Server-7: Oracle Linux Server-7:
pkgrepo_humanname: SaltStack repo for RHEL/CentOS {{ osmajorrelease }} pkgrepo_humanname: SaltStack repo for RHEL/CentOS {{ osmajorrelease }}
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/{{ osmajorrelease }}/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/{{ osmajorrelease }}/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'

+ 10
- 18
salt/osmap.yaml View File



{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %} {%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}


{%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set os_lower = salt['grains.get']('os')|lower %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set oscodename = salt['grains.get']('oscodename') %}
{%- set os_family_lower = salt['grains.get']('os_family')|lower %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}


Fedora: Fedora:
pygit2: python2-pygit2 pygit2: python2-pygit2
Amazon: Amazon:
pkgrepo_name: saltstack-amzn-repo pkgrepo_name: saltstack-amzn-repo
pkgrepo_humanname: SaltStack repo for Amazon Linux 2 pkgrepo_humanname: SaltStack repo for Amazon Linux 2
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/amazon/2/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/amazon/2/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'


Ubuntu: Ubuntu:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] {{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo_keyring_hash: sha256=ea38e0cdbd8dc53e1af154a8d711a2a321a69f81188062dc5cde9d54df2b8c47
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=amd64] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'
pkgrepo_keyring_hash: sha256=36decef986477acb8ba2a1fc4041bcf9f22229ef6c939d0317c9e36a9d142b34
key_url: '{{ salt_repo_key_url }}'
pygit2: python-pygit2 pygit2: python-pygit2
gitfs: gitfs:
pygit2: pygit2:
install_from_package: Null install_from_package: Null


Raspbian: Raspbian:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=armhf] {{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ os_family_lower }}/{{ osmajorrelease }}/armhf/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ os_family_lower }}/{{ osmajorrelease }}/armhf/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=armhf] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'


SmartOS: SmartOS:
salt_master: salt salt_master: salt

+ 1
- 1
salt/pkgrepo/debian/absent.sls View File



salt-pkgrepo-clean-saltstack-debian-apt-key: salt-pkgrepo-clean-saltstack-debian-apt-key:
file.absent: file.absent:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp

+ 1
- 1
salt/pkgrepo/debian/clean.sls View File



salt-pkgrepo-clean-saltstack-debian-apt-key: salt-pkgrepo-clean-saltstack-debian-apt-key:
file.absent: file.absent:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp

+ 1
- 1
salt/pkgrepo/debian/install.sls View File



salt-pkgrepo-install-saltstack-debian-keyring: salt-pkgrepo-install-saltstack-debian-keyring:
file.managed: file.managed:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp
- source: {{ salt_settings.pkgrepo_keyring }} - source: {{ salt_settings.pkgrepo_keyring }}
- source_hash: {{ salt_settings.pkgrepo_keyring_hash }} - source_hash: {{ salt_settings.pkgrepo_keyring_hash }}
- require_in: - require_in:

+ 2
- 1
salt/pkgrepo/redhat/install.sls View File

- name: {{ salt_settings.pkgrepo_name }} - name: {{ salt_settings.pkgrepo_name }}
- humanname: {{ salt_settings.pkgrepo_humanname }} - humanname: {{ salt_settings.pkgrepo_humanname }}
- baseurl: {{ salt_settings.pkgrepo }} - baseurl: {{ salt_settings.pkgrepo }}
- priority: 10
- enabled: 1 - enabled: 1
- enabled_metadata: 1
- gpgcheck: 1 - gpgcheck: 1
- gpgkey: {{ salt_settings.key_url }} - gpgkey: {{ salt_settings.key_url }}
{%- if grains['os']|lower in ['amazon'] %} {%- if grains['os']|lower in ['amazon'] %}
- failovermethod: priority - failovermethod: priority
- priority: 10
{%- endif %} {%- endif %}
{%- endif %} {%- endif %}

Loading…
Cancel
Save