Salt master automagic git pull

From copec
Jump to: navigation, search

Overview

  • A push to the stable branch at git@projects.unaen.org:cfg/salt.git runs the post-receive git hook.
  • The post-receive git hook sends an event message using the local salt minion via sudo salt-call event.send salt/push.
  • The salt master receives this event from the internal salt message bus prompting salt reactor to call a special reactor state as configured in the master configuration file salt.unaen.org:/etc/salt/master.
  • This reactor state in turn has the master apply the repos.salt.pull state to the salt.unaen.org minion.
  • The repos.salt.pull state pulls the respective stable branch from git@projects.unaen.org:cfg/salt.git using underlying SSH and the salt.unaen.org:/root/.ssh/id_rsa private key (with a force reset of the salt-master local branch if necessary).

projects:/repos/cfg/salt.git/custom_hooks/post-receive

#!/usr/bin/env bash

/usr/bin/sudo /usr/bin/salt-call event.send salt/push

projects:/opt/local/etc/sudoers.d/git

git ALL=(ALL) NOPASSWD: /usr/bin/salt-call event.send salt/push

salt:/etc/salt/master

(Section added with custom reactor directive from most recent saltstack project master example file) 

######        Reactor Settings        #####
###########################################
# Define a salt reactor. See https://docs.saltstack.com/en/latest/topics/reactor/
#reactor: []

#Set the TTL for the cache of the reactor configuration.
#reactor_refresh_interval: 60

#Configure the number of workers for the runner/wheel in the reactor.
#reactor_worker_threads: 10

#Define the queue size for workers in the reactor.
#reactor_worker_hwm: 10000

reactor:
  - 'salt/push':
    - salt://reactor/salt-push.sls

salt repository: [top level]/reactor/salt-push.sls

salt_push:
  local.state.apply:
    - tgt: salt-master.xmission.com
    - args:
      - mods: repos.salt.pull

salt repository: [top level]/services/repos/salt/pull.sls

fetch_latest_salt:
  git.latest:
    - name: git@gitlab.xmission.com:xmission/salt.git
    - target: /srv/salt
    - user: root
    - rev: stable
    - branch: stable
    - force_reset: True
    - identity:
      - /root/.ssh/id_rsa
Retrieved from "https://unaen.org/wiki/index.php?title=Salt_master_automagic_git_pull&oldid=424"