CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

fail hard if docker py module upgrade failes

Browse Source
This commit is contained in:
m0duspwnens
2024-08-01 12:32:24 -04:00
parent 9ab17ff79c
commit 60beaf51bc
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/salt/python_modules.sls
View File

@@ -1,3 +1,8 @@
# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.
docker_module_package: docker_module_package:
file.recurse: file.recurse:
- name: /opt/so/conf/salt/module_packages/docker - name: /opt/so/conf/salt/module_packages/docker
@@ -5,8 +10,12 @@ docker_module_package:
- clean: True - clean: True
- makedirs: True - makedirs: True
# fail hard on this state so that soup would be cancelled on a manager (eventhough salt would have already updated)
# on a non manager, failing hard here will prevent the minion from upgrading
# we want to fail hard here to prevent the minion from upgrading and potetially being able to manager docker containers from a dep mismatch
docker_python_module_install: docker_python_module_install:
cmd.run: cmd.run:
- name: /opt/saltstack/salt/bin/python3.10 -m pip install docker --no-index --find-links=/opt/so/conf/salt/module_packages/docker/ --upgrade - name: /opt/saltstack/salt/bin/python3.10 -m pip install docker --no-index --find-links=/opt/so/conf/salt/module_packages/docker/ --upgrade
- onchanges: - onchanges:
- file: docker_module_package - file: docker_module_package
- failhard: True