Add deploy of logrotate, iptables and auditd
Add deploy of services if it is enabled in pillars
Change-Id: I3389bcb99f4ebb12785781f721e5b481429c55d3
Related: Prod: 20889
diff --git a/tcp_tests/templates/shared-salt.yaml b/tcp_tests/templates/shared-salt.yaml
index 25bcbc4..2e789d9 100644
--- a/tcp_tests/templates/shared-salt.yaml
+++ b/tcp_tests/templates/shared-salt.yaml
@@ -986,6 +986,35 @@
node_name: {{ HOSTNAME_CFG01 }}
retry: {count: 1, delay: 10}
skip_fail: false
+
+- description: Install and configure iptables if it is in pillar
+ cmd: |
+ if salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@iptables:service' match.pillar 'iptables:service' ; then
+ salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@iptables:service' state.sls iptables
+ fi
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: false
+
+
+- description: Install and configure logrotate if it is in pillar
+ cmd: |
+ if salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@logrotate:server' match.pillar 'logrotate:server' ; then
+ salt --hard-crash --state-output=mixed --state-verbose=False -C 'I@logrotate:server' state.sls logrotate
+ fi
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: false
+
+- description: Install and configure auditd if it is enabled
+ cmd: |
+ if salt --hard-crash --state-output=mixed --state-verbose=False -C "I@auditd:service" match.pillar 'auditd:service'; then
+ salt --hard-crash --state-output=mixed --state-verbose=False -C "I@auditd:service" state.sls auditd
+ fi
+ node_name: {{ HOSTNAME_CFG01 }}
+ retry: {count: 1, delay: 10}
+ skip_fail: false
+
{%- endmacro %}