remove minion pillar files when a vm is destroyed

2025-12-06 09:12:45 +01:00 · 2025-03-11 11:12:45 -04:00
parent c784a6e440
commit ae993c47c1
3 changed files with 43 additions and 11 deletions
--- a/salt/orch/dyanno_hypervisor.sls
+++ b/salt/orch/dyanno_hypervisor.sls
@@ -103,16 +103,6 @@ write_vm_status:
        event_tag: {{ tag }}
 {% endif %}

-{# Check if the base domain exists / is ready for VMs #}
-{#% set file_exists = False %}
-{% set ret = salt.saltutil.runner('salt.execute', [hypervisor ~ '_*','file.file_exists', ['/nsm/libvirt/images/sool9/sool9.qcow2'], 'glob']) %}
-{% do salt.log.debug('dyanno_hypervisor_orch: File /nsm/libvirt/images/sool9/sool9.qcow2 exists: ' ~ ret) %}
-{% for minion, file_exists in ret.items() %}
-{%   if minion.startswith(hypervisor ~ '_') %}
-{%     do salt.log.info('dyanno_hypervisor_orch: File /nsm/libvirt/images/sool9/sool9.qcow2 exists: ' ~ file_exists) %}
-{%   endif %}
-{% endfor %#}
-
 # Update hypervisor status
 update_hypervisor_annotation:
  salt.state:
--- a/salt/orch/vm_pillar_clean.sls
+++ b/salt/orch/vm_pillar_clean.sls
@@ -0,0 +1,35 @@
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+#
+# Note: Per the Elastic License 2.0, the second limitation states:
+#
+#   "You may not move, change, disable, or circumvent the license key functionality
+#    in the software, and you may not remove or obscure any functionality in the
+#    software that is protected by the license key."
+
+{% if 'hvn' in salt['pillar.get']('features', []) %}
+
+{%   do salt.log.debug('vm_pillar_clean_orch: Running') %}
+{%   set vm_name = pillar.get('vm_name') %}
+
+delete_adv_{{ vm_name }}_pillar:
+  module.run:
+    - file.remove:
+      - path: /opt/so/saltstack/local/pillar/minions/adv_{{ vm_name }}.sls
+
+delete_{{ vm_name }}_pillar:
+  module.run:
+    - file.remove:
+      - path: /opt/so/saltstack/local/pillar/minions/{{ vm_name }}.sls
+
+{% else %}
+
+{%   do salt.log.error(
+    'Hypervisor nodes are a feature supported only for customers with a valid license.'
+    'Contact Security Onion Solutions, LLC via our website at https://securityonionsolutions.com'
+    'for more information about purchasing a license to enable this feature.'
+) %}
+
+{% endif %}
--- a/salt/reactor/deleteKey.sls
+++ b/salt/reactor/deleteKey.sls
@@ -8,4 +8,11 @@ remove_key:
    - args:
      - match: {{ data['name'] }}

+{{ data['name'] }}_pillar_clean:
+  runner.state.orchestrate:
+    - args:
+      - mods: orch.vm_pillar_clean
+      - pillar:
+          vm_name: {{ data['name'] }}
+
 {% do salt.log.info('deleteKey reactor: deleted minion key: %s' % data['name']) %}