From 8f40b66e3b7f04759a6b4c5dc0ef28c0beb6a207 Mon Sep 17 00:00:00 2001 From: Josh Patterson Date: Mon, 24 Mar 2025 19:49:24 -0400 Subject: [PATCH] update mine instead of failing highstate if no node_data --- pillar/node_data/ips.sls | 4 ++++ salt/mine/update.sls | 7 +++++++ salt/orch/mine_update.sls | 21 +++++++++++++++++++++ salt/reactor/mine_update.sls | 8 ++++++++ salt/salt/master.sls | 1 + salt/top.sls | 30 +++++++++++++++++------------- 6 files changed, 58 insertions(+), 13 deletions(-) create mode 100644 salt/mine/update.sls create mode 100644 salt/orch/mine_update.sls create mode 100644 salt/reactor/mine_update.sls diff --git a/pillar/node_data/ips.sls b/pillar/node_data/ips.sls index 5801d36f1..a2528a476 100644 --- a/pillar/node_data/ips.sls +++ b/pillar/node_data/ips.sls @@ -24,6 +24,7 @@ {% endif %} {% endfor %} +{% if node_types %} node_data: {% for node_type, host_values in node_types.items() %} {% for hostname, details in host_values.items() %} @@ -33,3 +34,6 @@ node_data: role: {{node_type}} {% endfor %} {% endfor %} +{% else %} +node_data: False +{% endif %} diff --git a/salt/mine/update.sls b/salt/mine/update.sls new file mode 100644 index 000000000..59e137d2b --- /dev/null +++ b/salt/mine/update.sls @@ -0,0 +1,7 @@ +# This state sends an event to the salt-master event bus +# The event will be caught by the reactor and trigger the mine_update orchestration + +send_mine_update_event: + module.run: + - name: event.send + - tag: salt/minion/{{grains.id}}/mine_update diff --git a/salt/orch/mine_update.sls b/salt/orch/mine_update.sls new file mode 100644 index 000000000..1483c1225 --- /dev/null +++ b/salt/orch/mine_update.sls @@ -0,0 +1,21 @@ +# Get the minion ID from the pillar +{% set MINION_ID = salt['pillar.get']('minion_id') %} + +# Run mine.update on all minions +update_mine_all_minions: + salt.function: + - name: mine.update + - tgt: '*' + - batch: 50 + - retry: + attempts: 3 + interval: 1 + +# Run highstate on the original minion +run_highstate_on_original_minion: + salt.state: + - tgt: {{ MINION_ID }} + - highstate: True + - queue: True + - require: + - salt: update_mine_all_minions diff --git a/salt/reactor/mine_update.sls b/salt/reactor/mine_update.sls new file mode 100644 index 000000000..968987cec --- /dev/null +++ b/salt/reactor/mine_update.sls @@ -0,0 +1,8 @@ +# This reactor triggers the mine_update orchestration when it receives a mine_update event + +trigger_mine_update_orchestration: + runner.state.orchestrate: + - args: + - mods: orch.mine_update + - pillar: + minion_id: {{ data['id'] }} diff --git a/salt/salt/master.sls b/salt/salt/master.sls index cf9f4718c..ddfb9c3e7 100644 --- a/salt/salt/master.sls +++ b/salt/salt/master.sls @@ -3,6 +3,7 @@ include: - salt.minion + - salt.master.reactor_config_mine_update hold_salt_master_package: module.run: diff --git a/salt/top.sls b/salt/top.sls index 437c44bf8..552cd1ea7 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -22,7 +22,11 @@ base: - salt.minion-state-apply-test - salt.minion - '* and G@saltversion:{{saltversion}}': + '*_eval or *_manager* or *_standalone or *_import and I@node_data:False': + - match: compound + - mine.update + + '* and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.minion - patch.os.schedule @@ -33,7 +37,7 @@ base: - docker - docker_clean - '*_sensor and G@saltversion:{{saltversion}}': + '*_sensor and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - sensor - ssl @@ -49,7 +53,7 @@ base: - elasticfleet.install_agent_grid - stig - '*_eval and G@saltversion:{{saltversion}}': + '*_eval and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.master - sensor @@ -81,7 +85,7 @@ base: - utility - elasticfleet - '*_manager and G@saltversion:{{saltversion}}': + '*_manager and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.master - ca @@ -112,7 +116,7 @@ base: - stig - kafka - '*_standalone and G@saltversion:{{saltversion}}': + '*_standalone and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.master - sensor @@ -148,7 +152,7 @@ base: - stig - kafka - '*_searchnode and G@saltversion:{{saltversion}}': + '*_searchnode and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - firewall - ssl @@ -161,7 +165,7 @@ base: - stig - kafka - '*_managersearch and G@saltversion:{{saltversion}}': + '*_managersearch and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.master - ca @@ -192,7 +196,7 @@ base: - stig - kafka - '*_heavynode and G@saltversion:{{saltversion}}': + '*_heavynode and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - sensor - ssl @@ -211,7 +215,7 @@ base: - elasticfleet.install_agent_grid - elasticagent - '*_import and G@saltversion:{{saltversion}}': + '*_import and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - salt.master - sensor @@ -239,7 +243,7 @@ base: - zeek - elasticfleet - '*_receiver and G@saltversion:{{saltversion}}': + '*_receiver and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - ssl - sensoroni @@ -251,7 +255,7 @@ base: - kafka - stig - '*_idh and G@saltversion:{{saltversion}}': + '*_idh and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - ssl - sensoroni @@ -260,7 +264,7 @@ base: - elasticfleet.install_agent_grid - idh - '*_fleet and G@saltversion:{{saltversion}}': + '*_fleet and G@saltversion:{{saltversion}} and not I@node_data:False': - match: compound - ssl - sensoroni @@ -272,7 +276,7 @@ base: - elasticfleet.install_agent_grid - schedule - '*_desktop and G@saltversion:{{saltversion}}': + '*_desktop and G@saltversion:{{saltversion}} and not I@node_data:False': - ssl - sensoroni - telegraf