From 267d1a27acb206a101b8719ace3c79d7c9340b67 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 28 Aug 2024 15:52:14 -0400
Subject: [PATCH] use cron instead of schedule for vm init. ensure vm shutdown

---
 salt/reactor/virtUpdate.sls          | 14 +++++++++++++-
 salt/setup/virt/initial_schedule.sls | 20 +++++++++++++-------
 salt/setup/virt/setSalt.sls          | 10 ++++++----
 3 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/salt/reactor/virtUpdate.sls b/salt/reactor/virtUpdate.sls
index d4b56fdf6..2e691b5b1 100644
--- a/salt/reactor/virtUpdate.sls
+++ b/salt/reactor/virtUpdate.sls
@@ -75,7 +75,19 @@ def run():
   c = 0
   while True:
     if c == 60:
-      logging.error("virtUpdate reactor: vm_name: %s failed to shutdown in time " % vm_name)
+      logging.error("virtUpdate reactor: vm_name: %s failed virt.shutdown in time " % vm_name)
+      return {}
+    r = local.cmd(hv_name, 'virt.shutdown', ['vm_=' + vm_name])
+    logging.error("virtUpdate reactor: virt.shutdown: %s return: %s " % (vm_name,r))
+    if r.get(hv_name):
+      break
+    c += 1
+    sleep(1)
+
+  c = 0
+  while True:
+    if c == 60:
+      logging.error("virtUpdate reactor: vm_name: %s failed to go inactive in time " % vm_name)
       return {}
     r = local.cmd(hv_name, 'virt.list_inactive_vms')
     logging.error("virtUpdate reactor: virt.list_inactive_vms:  %s " % r.get(hv_name))
diff --git a/salt/setup/virt/initial_schedule.sls b/salt/setup/virt/initial_schedule.sls
index 7535ee960..6388e7c31 100644
--- a/salt/setup/virt/initial_schedule.sls
+++ b/salt/setup/virt/initial_schedule.sls
@@ -1,7 +1,13 @@
-init_node_schedule:
-  schedule.present:
-    - name: init_node
-    - function: state.sls
-    - job_args:
-      - setup.virt.init
-    - minutes: 1
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+# initially tried to use schedule.present here, but that state trys to return data to the master even if run with --local
+# that causes it to fail since th firewall may not yet be open on the manager
+init_node_cron:
+  cron.present:
+    - name: salt-call state.apply setup.virt.init
+    - identifier: init_node_cron
+    - user: root
+    - minute: '*/1'
diff --git a/salt/setup/virt/setSalt.sls b/salt/setup/virt/setSalt.sls
index f777d6005..c48282747 100644
--- a/salt/setup/virt/setSalt.sls
+++ b/salt/setup/virt/setSalt.sls
@@ -8,10 +8,12 @@ set_role_grain:
     - name: role
     - value: so-{{ grains.id.split("_") | last }}
 
-# disable the initial schedule
-remove_init_node_schedule:
-  schedule.absent:
-    - name: init_node
+# remove the initial cron
+remove_init_node_cron:
+  cron.absent:
+    - name: salt-call state.apply setup.virt.init
+    - identifier: init_node_cron
+    - user: root
 
 set_highstate:
   file.append: