Merge pull request #4567 from Security-Onion-Solutions/issue/1333

Issue/1333
2025-12-06 17:22:49 +01:00 · 2021-06-18 16:12:42 -04:00
parent 6e7f2107cb c7a58816b6
commit dc1c82f347
3 changed files with 26 additions and 20 deletions
--- a/salt/patch/os/schedule.sls
+++ b/salt/patch/os/schedule.sls
@@ -1,12 +1,13 @@
 {% if salt['pillar.get']('patch:os:schedule_name') %}
-  {% set patch_os_pillar = salt['pillar.get']('patch:os') %}
-  {% set schedule_name = patch_os_pillar.schedule_name %}
-  {% set splay = patch_os_pillar.get('splay', 300) %}
+  {% if salt['service.status']('salt-minion', True) %}
+    {% set patch_os_pillar = salt['pillar.get']('patch:os') %}
+    {% set schedule_name = patch_os_pillar.schedule_name %}
+    {% set splay = patch_os_pillar.get('splay', 300) %}

-  {% if schedule_name != 'manual' and schedule_name != 'auto' %}
-    {% import_yaml "patch/os/schedules/"~schedule_name~".yml" as os_schedule %}
+    {% if schedule_name != 'manual' and schedule_name != 'auto' %}
+      {% import_yaml "patch/os/schedules/"~schedule_name~".yml" as os_schedule %}

-    {% if patch_os_pillar.enabled %}
+      {% if patch_os_pillar.enabled %}

 patch_os_schedule:
  schedule.present:
@@ -14,28 +15,28 @@ patch_os_schedule:
    - job_args:
      - patch.os
    - when:
-      {% for days in os_schedule.patch.os.schedule %}
-        {% for day, times in days.items() %}
-          {% for time in times %}
+        {% for days in os_schedule.patch.os.schedule %}
+          {% for day, times in days.items() %}
+            {% for time in times %}
        - {{day}} {{time}}
+            {% endfor %}
          {% endfor %}
        {% endfor %}
-      {% endfor %}
    - splay: {{splay}}
    - return_job: True

-    {% else %}
+      {% else %}

 disable_patch_os_schedule:
  schedule.disabled:
    - name: patch_os_schedule

-    {% endif %}
+      {% endif %}


-  {% elif schedule_name == 'auto' %}
+    {% elif schedule_name == 'auto' %}

-    {% if patch_os_pillar.enabled %}
+      {% if patch_os_pillar.enabled %}

 patch_os_schedule:
  schedule.present:
@@ -46,22 +47,23 @@ patch_os_schedule:
    - splay: {{splay}}
    - return_job: True

-    {% else %}
+      {% else %}

 disable_patch_os_schedule:
  schedule.disabled:
    - name: patch_os_schedule

-    {% endif %}
+      {% endif %}

-  {% elif schedule_name == 'manual' %}
+    {% elif schedule_name == 'manual' %}

 remove_patch_os_schedule:
  schedule.absent:
    - name: patch_os_schedule

-  {% endif %}
+    {% endif %}

+  {% endif %}
 {% else %}

 no_patch_os_schedule_name_set:
--- a/salt/salt/minion-check.sls
+++ b/salt/salt/minion-check.sls
@@ -1,6 +1,7 @@
 include:
  - salt.minion-state-apply-test
-  
+
+{% if salt['service.status']('salt-minion', True) %}
 state-apply-test:
  schedule.present:
    - name: salt-minion-state-apply-test
@@ -16,4 +17,5 @@ state-apply-test:
  cron.present:
    - identifier: so-salt-minion-check
    - user: root
-    - minute: '*/5'
+    - minute: '*/5'
+{% endif %}
--- a/salt/schedule.sls
+++ b/salt/schedule.sls
@@ -1,5 +1,7 @@
+{% if salt['service.status']('salt-minion', True) %}
 schedule:
  schedule.present:
    - function: state.highstate
    - minutes: 15
    - maxrunning: 1
+{% endif %}