only allow state to run if it is in top for the node

2026-05-04 02:18:17 +02:00 · 2020-09-02 16:15:52 -04:00
parent 870e042c4c
commit a229ae82ce
39 changed files with 274 additions and 10 deletions
@@ -1,3 +1,8 @@
+{% set show_top = salt['state.show_top']() %}
+{% set top_states = show_top.values() | join(', ') %}
+
+{% if 'ca' in top_states %}
+
 {% set manager = salt['grains.get']('master') %}
 /etc/salt/minion.d/signing_policies.conf:
  file.managed:
@@ -51,4 +56,6 @@ cakeyperms:
    - replace: False
    - name: /etc/pki/ca.key
    - mode: 640
-    - group: 939
+    - group: 939
+
+{% endif %}