stop cron before soup upgrades the manager, start cron at the end. add cron state that is in included in common

2025-12-06 09:12:45 +01:00 · 2022-01-12 16:04:10 -05:00
parent 0cf877f169
commit 03b9b74ace
6 changed files with 38 additions and 1 deletions
--- a/salt/common/init.sls
+++ b/salt/common/init.sls
@@ -4,8 +4,9 @@
 {% set role = grains.id.split('_') | last %}
 {% from 'elasticsearch/auth.map.jinja' import ELASTICAUTH with context %}

-{% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch', 'so-import'] %}
 include:
+  - cron.running
+{% if grains.role in ['so-eval', 'so-manager', 'so-standalone', 'so-managersearch', 'so-import'] %}
  - manager.elasticsearch # needed for elastic_curl_config state
 {% endif %}

--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -360,6 +360,13 @@ run_check_net_err() {
 		exit $exit_code
 	fi
 }
+set_cron_service_name() {
+  if [[ "$OS" == "centos" ]]; then
+    cron_service_name="crond"
+  else
+    cron_service_name="cron"
+  fi
+}

 set_os() {
 	if [ -f /etc/redhat-release ]; then
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -988,6 +988,7 @@ main() {
  verify_latest_update_script
  echo ""
  set_os
+  set_cron_service_name
  set_palette
  check_elastic_license
  echo ""
@@ -1021,6 +1022,10 @@ main() {
    echo "Performing upgrade from Security Onion $INSTALLEDVERSION to Security Onion $NEWVERSION."
    echo ""

+    echo "Stopping $cron_service_name service at $(date +"%T.%6N")."
+    echo ""
+    systemctl stop "$cron_service_name"
+
    # update mine items prior to stopping salt-minion and salt-master
    update_salt_mine

@@ -1191,6 +1196,9 @@ main() {
      esac
    fi

+    echo "Starting $cron_service_name service at $(date +"%T.%6N")."
+    systemctl start "$cron_service_name"
+
    if [[ $NUM_MINIONS -gt 1 ]]; then

      cat << EOF
--- a/salt/cron/dead.sls
+++ b/salt/cron/dead.sls
@@ -0,0 +1,6 @@
+{% from "cron/map.jinja" import cronmap with context %}
+
+crond_service:
+  service.dead:
+    - name: {{ cronmap.service }}
+    - enable: True
--- a/salt/cron/map.jinja
+++ b/salt/cron/map.jinja
@@ -0,0 +1,8 @@
+{% set cronmap = salt['grains.filter_by']({
+    'Ubuntu': {
+        'service': 'cron',
+    },
+    'CentOS': {
+        'service': 'crond',
+    },
+}) %}
--- a/salt/cron/running.sls
+++ b/salt/cron/running.sls
@@ -0,0 +1,7 @@
+{% from "cron/map.jinja" import cronmap with context %}
+
+crond_service:
+  service.running:
+    - name: {{ cronmap.service }}
+    - enable: True
+    - unless: pgrep soup