Parcourir la source

feat(pkgrepo): impl new logic after migration to `packages.broadcom.com`

pull/566/head
sticky-note il y a 1 semaine
Parent
révision
d79c22d313
9 fichiers modifiés avec 43 ajouts et 58 suppressions
  1. +3
    -3
      docs/README.rst
  2. +12
    -9
      pillar.example
  3. +9
    -15
      salt/osfamilymap.yaml
  4. +4
    -9
      salt/osfingermap.yaml
  5. +10
    -18
      salt/osmap.yaml
  6. +1
    -1
      salt/pkgrepo/debian/absent.sls
  7. +1
    -1
      salt/pkgrepo/debian/clean.sls
  8. +1
    -1
      salt/pkgrepo/debian/install.sls
  9. +2
    -1
      salt/pkgrepo/redhat/install.sls

+ 3
- 3
docs/README.rst Voir le fichier

@@ -134,7 +134,7 @@ Git repositories under ``/srv/formulas`` and makes them available in the relevan
'saltmain':
- salt.formulas
- salt.master

Pillar data can be used to customize all paths, URLs, etc. Here's a minimal pillar sample installing two formulas in the base environment:

@@ -203,8 +203,8 @@ salt-minion packages on MacOS will not be upgraded by default. To enable package
::

install_packages: True
version: 2017.7.4
salt_minion_pkg_source: https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg
version: 3006.9
salt_minion_pkg_source: https://packages.broadcom.com/artifactory/saltproject-generic/macos/3006.9/salt-3006.9-py3-x86_64.pkg

install_packages must indicate that the installation of a package is desired. If so, version will be used to compare the version of the installed .pkg against the downloaded one. If version is not set and a salt.pkg is already installed the .pkg will not be installed again.


+ 12
- 9
pillar.example Voir le fichier

@@ -22,7 +22,7 @@ salt:
install_packages: true

# Optional: set salt version (if install_packages is set to true)
version: 2017.7.2-1.el7
version: '3006.9'

# Pin version provided under 'version' key by using apt-pinning
# available only on Debian family OS-es
@@ -37,15 +37,18 @@ salt:
salt_ssh: 'salt-ssh'
pyinotify: 'python-pyinotify' # the package to be installed for pyinotify

# Set which salt repository to use, default to https://repo.saltproject.io
# For older releases use https://archive.repo.saltproject.io
repo: 'https://archive.repo.saltproject.io'
# Set which salt repository to use
# -> defaults to https://packages.broadcom.com/artifactory
repo: 'https://packages.broadcom.com/artifactory'
# yamllint disable rule:line-length
repo_key_url: 'https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public'
# yamllint enable rule:line-length

# Set which release of SaltStack to use, default to 'latest'
# To get the available releases:
# * http://repo.saltproject.io/yum/redhat/7/x86_64/
# * http://repo.saltproject.io/apt/debian/8/amd64/
release: '2018.3'
# * https://packages.broadcom.com/artifactory/saltproject-rpm/
# * https://packages.broadcom.com/artifactory/saltproject-deb
release: '3006'

# MacOS has no package management.
# Instead, we use file.managed to download an appropriate .pkg file and
@@ -57,8 +60,8 @@ salt:
# NOTE: salt_minion_pkg_hash, if set, will be passed into file.managed's
# source_hash, use URL or hash string
# yamllint disable rule:line-length
salt_minion_pkg_source: 'https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg'
salt_minion_pkg_hash: 'https://repo.saltproject.io/osx/salt-2017.7.4-py3-x86_64.pkg.md5'
salt_minion_pkg_source: 'https://packages.broadcom.com/artifactory/saltproject-generic/macos/3006.9/salt-3006.9-py3-x86_64.pkg'
salt_minion_pkg_hash: 'sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
# yamllint enable rule:line-length

# tofs:

+ 9
- 15
salt/osfamilymap.yaml Voir le fichier

@@ -5,15 +5,9 @@
{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}

{%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set osfamily_lower = salt['grains.get']('os_family')|lower %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set oscodename = salt['grains.get']('oscodename') %}
{%- set opensuse_repo_suffix = 'Leap_' ~ osrelease if salt['grains.get']('osfinger', '') == 'Leap-15' else 'Tumbleweed' %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}

#from template-formula
{%- if grains.os_family == 'MacOS' %}
@@ -25,9 +19,9 @@


Debian:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] {{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ osfamily_lower }}/{{ osmajorrelease }}/amd64/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ osfamily_lower }}/{{ osmajorrelease }}/amd64/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo_keyring_hash: sha256=ea38e0cdbd8dc53e1af154a8d711a2a321a69f81188062dc5cde9d54df2b8c47
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=amd64] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'
pkgrepo_keyring_hash: sha256=36decef986477acb8ba2a1fc4041bcf9f22229ef6c939d0317c9e36a9d142b34
libgit2: libgit2-22
pyinotify: python-pyinotify
gitfs:
@@ -41,10 +35,10 @@ Debian:
install_from_source: false

RedHat:
pkgrepo_name: saltstack
pkgrepo_humanname: SaltStack repo for RHEL/CentOS $releasever
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/$releasever/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/$releasever/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo_name: salt-repo-latest
pkgrepo_humanname: Salt Repo for Salt LATEST release
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'
pygit2: python-pygit2
python_git: GitPython
gitfs:

+ 4
- 9
salt/osfingermap.yaml Voir le fichier

@@ -2,17 +2,12 @@
# vim: ft=yaml
---

{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}

{%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}

Oracle Linux Server-7:
pkgrepo_humanname: SaltStack repo for RHEL/CentOS {{ osmajorrelease }}
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/{{ osmajorrelease }}/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/redhat/{{ osmajorrelease }}/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'

+ 10
- 18
salt/osmap.yaml Voir le fichier

@@ -4,16 +4,8 @@

{%- set py_ver_repr = salt['pillar.get']('salt:py_ver', '') %}

{%- set osrelease = salt['grains.get']('osrelease', '') %}
{%- set salt_release = salt['pillar.get']('salt:release', 'latest') %}
{%- if salt_release.split('.')|length >= 3 %}
{%- set salt_release = 'archive/' ~ salt_release %}
{%- endif %}
{%- set os_lower = salt['grains.get']('os')|lower %}
{%- set osmajorrelease = salt['grains.get']('osmajorrelease', osrelease)|string %}
{%- set oscodename = salt['grains.get']('oscodename') %}
{%- set os_family_lower = salt['grains.get']('os_family')|lower %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://repo.saltproject.io') %}
{%- set salt_repo = salt['pillar.get']('salt:repo', 'https://packages.broadcom.com/artifactory') %}
{%- set salt_repo_key_url = salt['pillar.get']('salt:repo_key_url', salt_repo ~ '/api/security/keypair/SaltProjectKey/public') %}

Fedora:
pygit2: python2-pygit2
@@ -21,14 +13,14 @@ Fedora:
Amazon:
pkgrepo_name: saltstack-amzn-repo
pkgrepo_humanname: SaltStack repo for Amazon Linux 2
pkgrepo: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/amazon/2/$basearch/{{ salt_release }}'
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'yum' }}/amazon/2/$basearch/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: '{{ salt_repo }}/saltproject-rpm/'
key_url: '{{ salt_repo_key_url }}'

Ubuntu:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] {{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo_keyring_hash: sha256=ea38e0cdbd8dc53e1af154a8d711a2a321a69f81188062dc5cde9d54df2b8c47
key_url: '{{ salt_repo }}/{{ py_ver_repr or 'apt' }}/{{ os_lower }}/{{ osrelease }}/amd64/{{ salt_release }}/SALTSTACK-GPG-KEY.pub'
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=amd64] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'
pkgrepo_keyring_hash: sha256=36decef986477acb8ba2a1fc4041bcf9f22229ef6c939d0317c9e36a9d142b34
key_url: '{{ salt_repo_key_url }}'
pygit2: python-pygit2
gitfs:
pygit2:
@@ -38,8 +30,8 @@ Ubuntu:
install_from_package: Null

Raspbian:
pkgrepo: 'deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=armhf] {{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ os_family_lower }}/{{ osmajorrelease }}/armhf/{{ salt_release }} {{ oscodename }} main'
pkgrepo_keyring: '{{ salt_repo }}/{{ py_ver_repr or 'py3' }}/{{ os_family_lower }}/{{ osmajorrelease }}/armhf/{{ salt_release }}/salt-archive-keyring.gpg'
pkgrepo: 'deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp arch=armhf] {{ salt_repo }}/saltproject-deb stable main'
pkgrepo_keyring: '{{ salt_repo_key_url }}'

SmartOS:
salt_master: salt

+ 1
- 1
salt/pkgrepo/debian/absent.sls Voir le fichier

@@ -10,4 +10,4 @@ salt-pkgrepo-clean-saltstack-debian:

salt-pkgrepo-clean-saltstack-debian-apt-key:
file.absent:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp

+ 1
- 1
salt/pkgrepo/debian/clean.sls Voir le fichier

@@ -10,4 +10,4 @@ salt-pkgrepo-clean-saltstack-debian:

salt-pkgrepo-clean-saltstack-debian-apt-key:
file.absent:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp

+ 1
- 1
salt/pkgrepo/debian/install.sls Voir le fichier

@@ -4,7 +4,7 @@

salt-pkgrepo-install-saltstack-debian-keyring:
file.managed:
- name: /usr/share/keyrings/salt-archive-keyring.gpg
- name: /etc/apt/keyrings/salt-archive-keyring.pgp
- source: {{ salt_settings.pkgrepo_keyring }}
- source_hash: {{ salt_settings.pkgrepo_keyring_hash }}
- require_in:

+ 2
- 1
salt/pkgrepo/redhat/install.sls Voir le fichier

@@ -8,11 +8,12 @@ salt-pkgrepo-install-saltstack-redhat:
- name: {{ salt_settings.pkgrepo_name }}
- humanname: {{ salt_settings.pkgrepo_humanname }}
- baseurl: {{ salt_settings.pkgrepo }}
- priority: 10
- enabled: 1
- enabled_metadata: 1
- gpgcheck: 1
- gpgkey: {{ salt_settings.key_url }}
{%- if grains['os']|lower in ['amazon'] %}
- failovermethod: priority
- priority: 10
{%- endif %}
{%- endif %}

Chargement…
Annuler
Enregistrer