Page MenuHomeDevCentral
Differential D3402

Deploy Salt policy properly
ClosedPublic
Actions

Authored by dereckson on Aug 4 2024, 11:13.
Tags
None
Referenced Files
F10862586: D3402.id8768.diff
Fri, Aug 1, 09:29
F10862584: D3402.id8767.diff
Fri, Aug 1, 09:29
F10862583: D3402.id8770.diff
Fri, Aug 1, 09:29
F10862580: D3402.id8769.diff
Fri, Aug 1, 09:29
Unknown Object (File)
Thu, Jul 31, 14:53
Unknown Object (File)
Thu, Jul 31, 12:25
Unknown Object (File)
Tue, Jul 29, 17:54
Unknown Object (File)
Mon, Jul 28, 04:02
View All Files
Subscribers
None

Details

Reviewers
dereckson
Commits
rOPSfc444c66ae57: Deploy Salt policy properly
Summary

Salt is currently configured to login with an authentication method
tied to the "salt" policy, not to the "salt-primary" policy.

As such, there is a need to copy over that policy.

Also, when creating a token for another server, thr role used is
always "salt-node". Names like "salt-node-windriver" are policies,
not the role allowing such policies.

Test Plan

Tested on Complector

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
pillar/
credentials/
16 lines
roles/
vault/
policies/
files/
6 lines
12 lines

Diff 8770

View Options

pillar/credentials/vault.sls

Loading...
View Options

roles/vault/policies/files/salt-primary.hcl

Loading...
View Options

roles/vault/policies/init.sls

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator