All geek questions in one place

Python Saltstack: How can I manage a file that is in the git repository?

I have a config.py configuration file in my git repository. It has special configuration settings.

I also have the same file as the salt managed file, which has a production specific configuration.

The configuration directive for this file is as follows:

python_config: file.managed: - name: /opt/github/python_config/config.py - source: salt://configs/config.py - makedirs: True

Since /opt/github is a git repository, whenever I try to update this directory, I get an error: "Local changes to python_config / config.py will be overwritten by merge."

Here is what my salt directive for this github repository looks like:

 code: git.latest: - name: {{ pillar['git_repo'] }} - rev: {{ pillar['git_rev'] }} - target: {{ pillar['source_path'] }} - force: True - require: - pkg: app-pkgs - file: deploykey - file: publickey - file: ssh_config

This error makes sense - I checked the repository by making changes (through my managed file), so new changes to this dev-specific configuration file cause problems.

How can I make salt perform tasks in a specific order? (e.g. give a git checkout config.py before proceeding with git pull ?)

Alternatively, is there a better way I should manage this prod-vs-dev configuration in salt?

+4
source share
3 answers

It would be best to use the gitfs backend.

Documents can be found here: http://docs.saltstack.com/topics/tutorials/gitfs.html

This allows you to use git as the backend for file_roots.

Each git branch and tag becomes a Salt environment that displays your production and dev configurations well.

This will eliminate the need for a git.latest state declaration.

 python_config: file.managed: - name: /opt/github/python_config/config.py - source: salt://configs/config.py - makedirs: True
+4
source

This looks more like a git problem than a salt problem.

Look at using git stash (maybe git stash --keep-index ).
(Then git stash pop )

I would use this only in this configuration file, since you can easily trigger merge conflicts when doing this in files bound to the upstream in a multi-user repo.

0
source

If you want to just run the checkout command before doing git.latest on state.highstate :

  • Add extra state cmd.run
  • Require state in git.latest state
  • Require git.latest state in your state file.managed

Then, when you run state.highstate , it will run your git checkout command and then update your repo to the latest version and then make sure the file looks as it should.

This is less than ideal, as it will always report that the file has changed in your file state (because you will check it every time), but it will do what you intended to do.

If you do not want to check it every time, you can create some command to check if there are upstream changes in your git repository, and use onlyif arg for cmd.run only to run git checkout if you are actually going to push new changes. This will make your state.highstate output state.highstate (so that it will not have changes so often), but more complex that is not ideal.

Keep me posted if you would like further clarification.

0
source

Source: https://habr.com/ru/post/1481993/

More articles:


All Articles