CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-09 04:42:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: consistent allowed_states guard in postgres.schema_pillar

Browse Source 
Same `sls.split('.')[0]` pattern as ext_pillar_postgres + pg_notify_pillar_engine.
For sls='postgres.schema_pillar' the split happened to evaluate 'postgres',
which is in manager_states, so the guard worked accidentally — but it would
break silently if anyone ever moved the file under a deeper SLS path. Switch
to a literal `{% if 'postgres' in allowed_states %}` for the same intent-
revealing pattern as the master.d guards.
This commit is contained in:
Mike Reeves
2026-05-04 19:25:14 -04:00
parent f1746b0f59
commit 155b5c5d66
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/postgres/schema_pillar.sls
+1 -1
View File
@@ -4,7 +4,7 @@
# Elastic License 2.0.
{% from 'allowed_states.map.jinja' import allowed_states %}
{% if sls.split('.')[0] in allowed_states %}
{% if 'postgres' in allowed_states %}
{% from 'vars/globals.map.jinja' import GLOBALS %}
# Deploys the so_pillar schema (tables, views, audit triggers, secrets,