change how we determine if the salt-minion is ready

2025-12-20 16:03:06 +01:00 · 2025-12-12 15:24:47 -05:00
parent c6fac8c36b
commit 8158fee8fc
2 changed files with 33 additions and 18 deletions
--- a/salt/common/tools/sbin/so-common
+++ b/salt/common/tools/sbin/so-common
@@ -554,21 +554,36 @@ run_check_net_err() {
 }

 wait_for_salt_minion() {
-	local minion="$1"
-	local timeout="${2:-5}"
-	local logfile="${3:-'/dev/stdout'}"
-	retry 60 5 "journalctl -u salt-minion.service | grep 'Minion is ready to receive requests'" >> "$logfile" 2>&1 || fail
-	local attempt=0
-	# each attempts would take about 15 seconds
-	local maxAttempts=20
-	until check_salt_minion_status "$minion" "$timeout" "$logfile"; do
-		attempt=$((attempt+1))
-		if [[ $attempt -eq $maxAttempts ]]; then
-			return 1
-		fi
-		sleep 10
-	done
-	return 0
+    local minion="$1"
+    local max_wait="${2:-30}"
+    local interval="${3:-2}"
+    local logfile="${4:-'/dev/stdout'}"
+    local elapsed=0
+
+    echo "Waiting for salt-minion '$minion' to be ready..." | tee -a "$logfile"
+
+    while [ $elapsed -lt $max_wait ]; do
+        # Check if service is running
+        if ! systemctl is-active --quiet salt-minion; then
+            echo "salt-minion service not running (elapsed: ${elapsed}s)" | tee -a "$logfile"
+            sleep $interval
+            elapsed=$((elapsed + interval))
+            continue
+        fi
+        
+        # Check if minion responds to ping
+        if salt "$minion" test.ping --timeout=3 --out=json 2>> "$logfile" | grep -q "true"; then
+            echo "salt-minion '$minion' is connected and ready!" | tee -a "$logfile"
+            return 0
+        fi
+        
+        echo "Waiting... (${elapsed}s / ${max_wait}s)" | tee -a "$logfile"
+        sleep $interval
+        elapsed=$((elapsed + interval))
+    done
+
+    echo "ERROR: salt-minion '$minion' not ready after $max_wait seconds" | tee -a "$logfile"
+    return 1
 }

 salt_minion_count() {
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -1629,7 +1629,7 @@ apply_hotfix() {
      mv /etc/pki/managerssl.crt /etc/pki/managerssl.crt.old
      mv /etc/pki/managerssl.key /etc/pki/managerssl.key.old
      systemctl_func "start" "salt-minion"
-      (wait_for_salt_minion "$MINIONID" "5" '/dev/stdout' || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"
+      (wait_for_salt_minion "$MINIONID" "120" "4" "$SOUP_LOG" || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"
    fi
  else
   echo "No actions required. ($INSTALLEDVERSION/$HOTFIXVERSION)"
@@ -1826,7 +1826,7 @@ main() {
    echo ""
    echo "Running a highstate. This could take several minutes."
    set +e
-    (wait_for_salt_minion "$MINIONID" "5" '/dev/stdout' || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"
+    (wait_for_salt_minion "$MINIONID" "120" "4" "$SOUP_LOG" || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"
    highstate
    set -e

@@ -1839,7 +1839,7 @@ main() {
    check_saltmaster_status

    echo "Running a highstate to complete the Security Onion upgrade on this manager. This could take several minutes."
-    (wait_for_salt_minion "$MINIONID" "5" '/dev/stdout' || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"
+    (wait_for_salt_minion "$MINIONID" "120" "4" "$SOUP_LOG" || fail "Salt minion was not running or ready.") 2>&1 | tee -a "$SOUP_LOG"

    # Stop long-running scripts to allow potentially updated scripts to load on the next execution.
    killall salt-relay.sh