Petr Michalec
64e7e680f2
fix, ca crt rollout for trusted_ca_minions
7 anos atrás
Petr Michalec
e07687e17e
Global trust for SaltCA, distribute ca.crt
7 anos atrás
Tomáš Kukrál
e3ae6b3bbf
fix conflicting salt_ca_certificates_packages
It was failing with:
Rendering SLS 'base:salt.minion.cert' failed: Conflicting ID 'salt_ca_certificates_packages'
ca-certificates installation should be probably moved out of the loop in
the future.
Change-Id: I26aeae62cc1c1d407d36d1d6bf101db073d9e601
7 anos atrás
Filip Pytloun
1fde6eac8d
Add salt master's CA into system CA bundle
Change-Id: I89cec95e87db52fd59a84d57c485d8c938711ef3
7 anos atrás
Filip Pytloun
a7d2ecde9b
Run saltutil.sync_all when minion is started
Unfortunately this is not idempotent, however we surely want to sync
everything when salt.minion state is executed.
Change-Id: I0faaf606b57dbd7d009156abfe50d2e5f350190e
7 anos atrás
Tomáš Kukrál
bb122162f2
allow to set keyUsage and extendedKeyUsage cert params
Change-Id: I1eaa9cf7a7f861cc5de604e03fba8a74436d99ad
7 anos atrás
Martin819
92294ff2af
Added Kitchen and Travis
7 anos atrás
Tomáš Kukrál
38bb20473f
fix Conflicting ID for ...crt_cert_permissions
This error occures when multiple certs signed by same CA are requested
on minion.
Change-Id: I6b20ab4e1795298c94f55fdc61af99f933d8491c
7 anos atrás
Tomáš Kukrál
5ea7fb3b3c
send mine always (not only on change)
First run is made during salt-master cloud-init and thus it is onchanges
is not suitable here because ca.crt file is already generated.
7 anos atrás
Vladimir Eremin
3c32aea063
Fix empty array get
It was responsible for
[CRITICAL] Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'
[ERROR ] Data passed to highstate outputter is not a valid highstate return: {'local': ["Rendering SLS 'base:salt.minion.cert' failed: Jinja variable 'dict object' has no attribute 'cfg01.mk20-lab-advanced.local'"]}
8 anos atrás
Ales Komarek
dbb39dee22
Salt-minion fix
8 anos atrás
Filip Pytloun
1a4fb2f4c9
Fix duplicate definition of mine.send
8 anos atrás
Filip Pytloun
aafb50a304
Add ability to create concatenated pem file
8 anos atrás
Ales Komarek
93663473d0
Name escaping
8 anos atrás
Filip Pytloun
5521f52d6a
Enhance minion.cert
- allow defining custom key/cert path
- ensure key/cert directories
- set key/cert permissions by metadata
8 anos atrás
Ales Komarek
4386f3020a
Fix parameter to cert
8 anos atrás
Ales Komarek
09be95486f
Publish to mine
8 anos atrás
Ales Komarek
0bf2e30aef
Fix cert rights
8 anos atrás
Filip Pytloun
dac0ed8d0d
Fix cat /etc/salt/grains.d/* when files not present
8 anos atrás
Adam Tengler
caedd97958
Optional installation source - pip
source:engine metadata created - defaults to pkg
installation, pip installation alternative added
8 anos atrás
Ales Komarek
bca80b792f
x509 subject properties
8 anos atrás
Ales Komarek
370356a933
PKI client cert paths
8 anos atrás
Ales Komarek
9a9abb366b
Salt PKI proper x509v3 cert extensions
8 anos atrás
Ales Komarek
7a911e0f2f
PKI CA certs
8 anos atrás
marco
16d0dc2bc4
fix missing defined
8 anos atrás
Ales Komarek
ffbaaed24d
Salt PKI fixes
8 anos atrás
Ales Komarek
5d17e4b42c
Added Salt PKI setup, orchestration skeleton
8 anos atrás