Ability to get file from secured source
PROD-31387
Change-Id: Ica1c58f89d962fb4c3a8bc63f207f664ee39c1e5
(cherry picked from commit f9301e15b50379c819a3a28ccf93aa2a890c1086)
diff --git a/README.rst b/README.rst
index 7fe1705..0643d8e 100644
--- a/README.rst
+++ b/README.rst
@@ -546,6 +546,28 @@
/tmp/test.txt:
contents_grains: motd
+Ensure presence of file by specifying its secured source:
+
+.. code-block:: yaml
+
+ linux:
+ system:
+ file:
+ /tmp/test.txt:
+ secured_source:
+ protocol: http #optional
+ user: foo
+ password: bar
+ url: example.com/test.txt
+ secured_hash: #optional
+ url: example.com/test.txt.md5
+ user: root #optional
+ group: root #optional
+ mode: 700 #optional
+ dir_mode: 700 #optional
+ encoding: utf-8 #optional
+ makedirs: true #optional
+
Ensure presence of file to be serialized through one of the
serializer modules (see:
https://docs.saltstack.com/en/latest/ref/serializers/all/index.html):
diff --git a/linux/system/file.sls b/linux/system/file.sls
index e8a6d52..806723a 100644
--- a/linux/system/file.sls
+++ b/linux/system/file.sls
@@ -14,7 +14,24 @@
{%- endif %}
{%- else %}
file.managed:
- {%- if file.source is defined %}
+ {%- if file.secured_source is defined %}
+ {%- set file_source = file.secured_source.get('protocol', 'http') + '://' +
+ file.secured_source.get('user') + ':' +
+ file.secured_source.get('password') + '@' +
+ file.secured_source.get('url') %}
+ - source: {{ file_source }}
+ {%- if file.secured_hash is defined %}
+ {%- set file_hash = file.secured_hash.get('protocol', file.secured_source.get('protocol', 'http')) + '://' +
+ file.secured_hash.get('user', file.secured_source.get('user')) + ':' +
+ file.secured_hash.get('password', file.secured_source.get('password')) + '@' +
+ file.secured_hash.get('url', file.secured_source.get('url')) %}
+ - source_hash: {{ file_hash }}
+ {%- elif file.hash is defined %}
+ - source_hash: {{ file.hash }}
+ {%- else %}
+ - skip_verify: True
+ {%- endif %}
+ {%- elif file.source is defined %}
- source: {{ file.source }}
{%- if file.hash is defined %}
- source_hash: {{ file.hash }}
diff --git a/tests/pillar/system.sls b/tests/pillar/system.sls
index 636d494..6a77e29 100644
--- a/tests/pillar/system.sls
+++ b/tests/pillar/system.sls
@@ -5,6 +5,33 @@
fqdn: linux.ci.local
system:
enabled: true
+ file:
+ /tmp/sample.txt:
+ source: http://techslides.com/demos/samples/sample.txt
+ source_hash: 5452459724e85b4e12277d5f8aab8fc9
+ sample2.txt:
+ name: /tmp/sample2.txt
+ source: http://techslides.com/demos/samples/sample.txt
+ sample3.tar.gz:
+ name: /tmp/sample3.tar.gz
+ secured_source:
+ protocol: http #optional
+ user: username
+ password: password
+ url: wordpress.org/latest.tar.gz
+ secured_hash: #optional
+ url: wordpress.org/latest.tar.gz.md5
+ test2:
+ name: /tmp/test2.txt
+ contents: |
+ line1
+ line2
+ user: root
+ group: root
+ mode: 700
+ dir_mode: 700
+ encoding: utf-8
+ makedirs: true
apt:
preferences:
enabled: true