chaos/docker-salt-master
Archived
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Standarize boolean values

Browse Source 
Allow caseinsensitive values for booleans
This commit is contained in:
Carlos Álvaro
2021-12-30 22:39:47 +01:00
parent 1a388e9cc2
commit 219402535f
10 changed files with 28 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@@ -135,7 +135,7 @@ docker run --name salt_master -d \
This image provides support for automatically restart `salt-master` when configuration files change. This image provides support for automatically restart `salt-master` when configuration files change.
This support is disabled by default, but it can be enabled by setting the This support is disabled by default, but it can be enabled by setting the
`SALT_RESTART_MASTER_ON_CONFIG_CHANGE` environment variable to `true`. `SALT_RESTART_MASTER_ON_CONFIG_CHANGE` environment variable to `True`.
### Custom States ### Custom States
@@ -213,7 +213,7 @@ The newly created keys will appear inside `keys/generated/new_master_sign` direc
### Salt API ### Salt API
You can enable `salt-api` service by setting env variable `SALT_API_SERVICE_ENABLED` to `true`. You can enable `salt-api` service by setting env variable `SALT_API_SERVICE_ENABLED` to `True`.
A self-signed SSL certificate will be automatically generated and the following configuration will be added to the master configuration file: A self-signed SSL certificate will be automatically generated and the following configuration will be added to the master configuration file:
@@ -229,7 +229,7 @@ The container exposes port `8000` by default, although you can map this port to
```sh ```sh
docker run --name salt_stack --detach \ docker run --name salt_stack --detach \
--publish 4505:4505 --publish 4506:4506 --publish 8000:8000 \ --publish 4505:4505 --publish 4506:4506 --publish 8000:8000 \
--env 'SALT_API_SERVICE_ENABLED=true' \ --env 'SALT_API_SERVICE_ENABLED=True' \
--env 'SALT_API_USER_PASS=4wesome-Pass0rd' \ --env 'SALT_API_USER_PASS=4wesome-Pass0rd' \
--volume $(pwd)/roots/:/home/salt/data/srv/ \ --volume $(pwd)/roots/:/home/salt/data/srv/ \
--volume $(pwd)/keys/:/home/salt/data/keys/ \ --volume $(pwd)/keys/:/home/salt/data/keys/ \
@@ -243,7 +243,7 @@ By default, user `salt_api` is created and you can set its password by setting t
You can also change the salt-api _username_ by setting `SALT_API_USER`. It is possible to disable this user by explicitly setting this variable to an empty string: `SALT_API_USER=''` if you are going to use an `LDAP` server. You can also change the salt-api _username_ by setting `SALT_API_USER`. It is possible to disable this user by explicitly setting this variable to an empty string: `SALT_API_USER=''` if you are going to use an `LDAP` server.
As a security measure, if `SALT_API_SERVICE_ENABLED` is set to `true` and you don't disable `SALT_API_USER`, you'll be required to set `SALT_API_USER_PASS`. Otherwise initialization will fail and your Docker image won't work. As a security measure, if `SALT_API_SERVICE_ENABLED` is set to `True` and you don't disable `SALT_API_USER`, you'll be required to set `SALT_API_USER_PASS`. Otherwise initialization will fail and your Docker image won't work.
With all that set, you'll be able to provide your _salt-api_ custom configuration by creating the `salt-api.conf` file inside your `conf` directory: With all that set, you'll be able to provide your _salt-api_ custom configuration by creating the `salt-api.conf` file inside your `conf` directory:
@@ -508,16 +508,16 @@ Below you can find a list with the available options that can be used to customi
| Parameter | Description | | Parameter | Description |
| :------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | :------------------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `DEBUG` | Set this to `true` to enable entrypoint debugging. | | `DEBUG` | Set this to `True` to enable entrypoint debugging. |
| `TIMEZONE` / `TZ` | Set the container timezone. Defaults to `UTC`. Values are expected to be in Canonical format. Example: `Europe/Madrid`. See the list of [acceptable values](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). | | `TIMEZONE` / `TZ` | Set the container timezone. Defaults to `UTC`. Values are expected to be in Canonical format. Example: `Europe/Madrid`. See the list of [acceptable values](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). |
| `SALT_RESTART_MASTER_ON_CONFIG_CHANGE` | Set this to `true` to restart `salt-master` service when configuration files change. Default: `false` | | `SALT_RESTART_MASTER_ON_CONFIG_CHANGE` | Set this to `True` to restart `salt-master` service when configuration files change. Default: `False` |
| `SALT_LOG_LEVEL` | The level of messages to send to the console. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: `warning` | | `SALT_LOG_LEVEL` | The level of messages to send to the console. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: `warning` |
| `SALT_LOG_ROTATE_FREQUENCY` | Logrotate frequency for salt logs. Available options are 'daily', 'weekly', 'monthly', and 'yearly'. Default: `weekly` | | `SALT_LOG_ROTATE_FREQUENCY` | Logrotate frequency for salt logs. Available options are 'daily', 'weekly', 'monthly', and 'yearly'. Default: `weekly` |
| `SALT_LOG_ROTATE_RETENTION` | Keep x files before deleting old log files. Defaults: `52` | | `SALT_LOG_ROTATE_RETENTION` | Keep x files before deleting old log files. Defaults: `52` |
| `SALT_LEVEL_LOGFILE` | The level of messages to send to the log file. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: `warning` | | `SALT_LEVEL_LOGFILE` | The level of messages to send to the log file. One of 'garbage', 'trace', 'debug', info', 'warning', 'error', 'critical'. Default: `warning` |
| `SALT_API_SERVICE_ENABLED` | Enable `salt-api` service. Default: `false` | | `SALT_API_SERVICE_ENABLED` | Enable `salt-api` service. Default: `False` |
| `SALT_API_USER` | Set username for `salt-api` service. Default: `salt_api` | | `SALT_API_USER` | Set username for `salt-api` service. Default: `salt_api` |
| `SALT_API_USER_PASS` | `SALT_API_USER` password. Required if `SALT_API_SERVICE_ENBALED` is `true` and `SALT_API_USER` is not empty. _Unset_ by default | | `SALT_API_USER_PASS` | `SALT_API_USER` password. Required if `SALT_API_SERVICE_ENBALED` is `True` and `SALT_API_USER` is not empty. _Unset_ by default |
| `SALT_API_CERT_CN` | Common name in the request. Default: `localhost` | | `SALT_API_CERT_CN` | Common name in the request. Default: `localhost` |
| `SALT_MASTER_SIGN_PUBKEY` | Sign the master auth-replies with a cryptographic signature of the master's public key. Possible values: 'True' or 'False'. Default: `False` | | `SALT_MASTER_SIGN_PUBKEY` | Sign the master auth-replies with a cryptographic signature of the master's public key. Possible values: 'True' or 'False'. Default: `False` |
| `SALT_MASTER_USE_PUBKEY_SIGNATURE` | Instead of computing the signature for each auth-reply, use a pre-calculated signature. This option requires `SALT_MASTER_SIGN_PUBKEY` set to 'True'. Possible values: 'True' or 'False'. Default: `True` | | `SALT_MASTER_USE_PUBKEY_SIGNATURE` | Instead of computing the signature for each auth-reply, use a pre-calculated signature. This option requires `SALT_MASTER_SIGN_PUBKEY` set to 'True'. Possible values: 'True' or 'False'. Default: `True` |
@@ -582,7 +582,7 @@ You can restart containers services by running the following command:
docker exec -it salt_master entrypoint.sh app:restart [salt-service] docker exec -it salt_master entrypoint.sh app:restart [salt-service]
``` ```
Where `salt-service` is one of: `salt-master` os `salt-api` (if `SALT_API_SERVICE_ENABLED` is set to `true`) Where `salt-service` is one of: `salt-master` os `salt-api` (if `SALT_API_SERVICE_ENABLED` is set to `True`)
## References ## References

2
assets/build/functions.sh
View File

@@ -7,7 +7,7 @@ set -e
# DESCRIPTION: Echo debug information to stdout. # DESCRIPTION: Echo debug information to stdout.
#---------------------------------------------------------------------------------------------------------------------- #----------------------------------------------------------------------------------------------------------------------
function log_debug() { function log_debug() {
if [[ "${DEBUG}" == 'true' || "${ECHO_DEBUG}" == 'true' ]]; then if [[ "${DEBUG,,}" == true || "${ECHO_DEBUG,,}" == true ]]; then
echo "[DEBUG] - $*" echo "[DEBUG] - $*"
fi fi
} }

6
assets/runtime/env-defaults.sh
View File

@@ -1,9 +1,9 @@
#!/usr/bin/env bash #!/usr/bin/env bash
DEBUG=${DEBUG:-false} DEBUG=${DEBUG:-False}
TIMEZONE=${TIMEZONE:-${TZ:-UTC}} TIMEZONE=${TIMEZONE:-${TZ:-UTC}}
SALT_API_SERVICE_ENABLED=${SALT_API_SERVICE_ENABLED:-false} SALT_API_SERVICE_ENABLED=${SALT_API_SERVICE_ENABLED:-False}
SALT_API_USER=${SALT_API_USER:-salt_api} SALT_API_USER=${SALT_API_USER:-salt_api}
SALT_API_CERT_CN=${SALT_API_CERT_CN:-localhost} SALT_API_CERT_CN=${SALT_API_CERT_CN:-localhost}
@@ -11,7 +11,7 @@ SALT_LOG_ROTATE_FREQUENCY=${SALT_LOG_ROTATE_FREQUENCY:-weekly}
SALT_LOG_ROTATE_RETENTION=${SALT_LOG_ROTATE_RETENTION:-52} SALT_LOG_ROTATE_RETENTION=${SALT_LOG_ROTATE_RETENTION:-52}
# https://docs.saltstack.com/en/latest/ref/configuration/master.html # https://docs.saltstack.com/en/latest/ref/configuration/master.html
SALT_RESTART_MASTER_ON_CONFIG_CHANGE=${SALT_RESTART_MASTER_ON_CONFIG_CHANGE:-false} SALT_RESTART_MASTER_ON_CONFIG_CHANGE=${SALT_RESTART_MASTER_ON_CONFIG_CHANGE:-False}
SALT_REACTOR_WORKER_THREADS=${SALT_REACTOR_WORKER_THREADS:-10} SALT_REACTOR_WORKER_THREADS=${SALT_REACTOR_WORKER_THREADS:-10}
##### Logging settings ##### ##### Logging settings #####

8
assets/runtime/functions.sh
View File

@@ -27,7 +27,7 @@ function exec_as_salt()
# DESCRIPTION: Echo debug information to stdout. # DESCRIPTION: Echo debug information to stdout.
#---------------------------------------------------------------------------------------------------------------------- #----------------------------------------------------------------------------------------------------------------------
function log_debug() { function log_debug() {
if [[ "${DEBUG}" == 'true' || "${ECHO_DEBUG}" == 'true' ]]; then if [[ "${DEBUG,,}" == true || "${ECHO_DEBUG,,}" == true ]]; then
echo "[DEBUG] - $*" echo "[DEBUG] - $*"
fi fi
} }
@@ -286,7 +286,7 @@ function configure_salt_master()
function configure_salt_api() function configure_salt_api()
{ {
rm -f /etc/supervisor/conf.d/salt-api.conf rm -f /etc/supervisor/conf.d/salt-api.conf
[[ ${SALT_API_SERVICE_ENABLED} == true ]] || return 0 [[ ${SALT_API_SERVICE_ENABLED,,} == true ]] || return 0
if [[ -n "${SALT_API_USER}" ]]; then if [[ -n "${SALT_API_USER}" ]]; then
@@ -484,7 +484,7 @@ ${SALT_LOGS_DIR}/salt/key {
} }
EOF EOF
if [[ "${SALT_API_SERVICE_ENABLED}" == true ]]; then if [[ "${SALT_API_SERVICE_ENABLED,,}" == true ]]; then
# configure salt-api log rotation # configure salt-api log rotation
cat >> /etc/logrotate.d/salt <<EOF cat >> /etc/logrotate.d/salt <<EOF
@@ -503,7 +503,7 @@ EOF
function configure_config_reloader() function configure_config_reloader()
{ {
rm -f /etc/supervisor/conf.d/config-reloader.conf rm -f /etc/supervisor/conf.d/config-reloader.conf
[ "${SALT_RESTART_MASTER_ON_CONFIG_CHANGE}" == true ] || return 0 [ "${SALT_RESTART_MASTER_ON_CONFIG_CHANGE,,}" == true ] || return 0
log_info "Configuring config reloader ..." log_info "Configuring config reloader ..."

2
docker-compose.yml
View File

@@ -24,6 +24,6 @@ services:
PGID: 1000 PGID: 1000
SALT_LOG_LEVEL: info SALT_LOG_LEVEL: info
### salt-api settings ### salt-api settings
# SALT_API_SERVICE_ENABLED: 'true' # SALT_API_SERVICE_ENABLED: 'True'
# SALT_API_USER: salt_api # SALT_API_USER: salt_api
# SALT_API_USER_PASS: 4wesome-Pass0rd # SALT_API_USER_PASS: 4wesome-Pass0rd

2
entrypoint.sh
View File

@@ -7,7 +7,7 @@ set -o pipefail
FUNCTIONS_FILE="${SALT_RUNTIME_DIR}/functions.sh" FUNCTIONS_FILE="${SALT_RUNTIME_DIR}/functions.sh"
source "${FUNCTIONS_FILE}" source "${FUNCTIONS_FILE}"
[[ "${DEBUG}" == true ]] && set -x [[ "${DEBUG,,}" == true ]] && set -x
case "${1}" in case "${1}" in
app:start|app:gen-signed-keys) app:start|app:gen-signed-keys)

4
tests/basic/test.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
[ "${DEBUG}" == true ] && set -vx [ "${DEBUG,,}" == true ] && set -vx
echo "🧪 Running basic tests ..." echo "🧪 Running basic tests ..."
@@ -26,5 +26,5 @@ ok "salt version"
# Test image calling healthcheck # Test image calling healthcheck
echo "==> Executing healthcheck ..." echo "==> Executing healthcheck ..."
docker-exec /usr/local/sbin/healthcheck | grep -i 'true' || error "healthcheck" docker-exec /usr/local/sbin/healthcheck | grep -i true || error "healthcheck"
ok "healthcheck" ok "healthcheck"

4
tests/config-reloader/test.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
[ "${DEBUG}" == true ] && set -vx [ "${DEBUG,,}" == true ] && set -vx
echo "🧪 Running config-reloader tests ..." echo "🧪 Running config-reloader tests ..."
@@ -16,7 +16,7 @@ trap cleanup EXIT
# Run test instance # Run test instance
echo "==> Starting docker-salt-master (${PLATFORM}) ..." echo "==> Starting docker-salt-master (${PLATFORM}) ..."
start_container_and_wait \ start_container_and_wait \
--env SALT_RESTART_MASTER_ON_CONFIG_CHANGE=true \ --env SALT_RESTART_MASTER_ON_CONFIG_CHANGE=True \
--volume "${SCRIPT_PATH}/config":/home/salt/data/config:ro \ --volume "${SCRIPT_PATH}/config":/home/salt/data/config:ro \
|| error "container started" || error "container started"
ok "container started" ok "container started"

4
tests/gitfs/test.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
[ "${DEBUG}" == true ] && set -vx [ "${DEBUG,,}" == true ] && set -vx
echo "🧪 Running gitfs tests ..." echo "🧪 Running gitfs tests ..."
@@ -34,7 +34,7 @@ ok "container started"
echo "==> Updating gitfs repositories ..." echo "==> Updating gitfs repositories ..."
salt-run cache.clear_git_lock gitfs type=update salt-run cache.clear_git_lock gitfs type=update
UPDATE_REPOS="$( salt-run fileserver.update )" UPDATE_REPOS="$( salt-run fileserver.update )"
echo "${UPDATE_REPOS}" | grep -qi 'true' || error "update gitfs" echo "${UPDATE_REPOS}" | grep -qi true || error "update gitfs"
ok "update gitfs" ok "update gitfs"
# Check pillars # Check pillars

6
tests/salt-api/test.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -e set -e
[ "${DEBUG}" == true ] && set -vx [ "${DEBUG,,}" == true ] && set -vx
echo "🧪 Running salt-api tests ..." echo "🧪 Running salt-api tests ..."
@@ -37,7 +37,7 @@ ok "salt-api config created"
echo "==> Starting docker-salt-master (${PLATFORM}) with salt-api config ..." echo "==> Starting docker-salt-master (${PLATFORM}) with salt-api config ..."
start_container_and_wait \ start_container_and_wait \
--publish 8000:8000 \ --publish 8000:8000 \
--env SALT_API_SERVICE_ENABLED=true \ --env SALT_API_SERVICE_ENABLED=True \
--env SALT_API_USER_PASS="${SALTAPI_PASS}" \ --env SALT_API_USER_PASS="${SALTAPI_PASS}" \
--volume "${SALTAPI_TMP_DIR}/config":/home/salt/data/config:ro \ --volume "${SALTAPI_TMP_DIR}/config":/home/salt/data/config:ro \
|| error "container started" || error "container started"
@@ -61,7 +61,7 @@ curl -sSk "${SALTAPI_URL}" \
-d client=runner \ -d client=runner \
-d tgt='*' \ -d tgt='*' \
-d fun=test.stream \ -d fun=test.stream \
| grep -i 'true' || error "curl command" | grep -i true || error "curl command"
ok "curl command" ok "curl command"
# Install salt-pepper # Install salt-pepper