diff --git a/salt/salt/master.defaults.yaml b/salt/salt/master.defaults.yaml index 19677f70bd..e133dbd0b7 100644 --- a/salt/salt/master.defaults.yaml +++ b/salt/salt/master.defaults.yaml @@ -1,4 +1,4 @@ # version cannot be used elsewhere in this pillar as soup is grepping for it to determine if Salt needs to be patched salt: master: - version: 3006.6 + version: 3006.9 diff --git a/salt/salt/minion.defaults.yaml b/salt/salt/minion.defaults.yaml index 2e4ebc93e5..be405b9e80 100644 --- a/salt/salt/minion.defaults.yaml +++ b/salt/salt/minion.defaults.yaml @@ -1,6 +1,6 @@ # version cannot be used elsewhere in this pillar as soup is grepping for it to determine if Salt needs to be patched salt: minion: - version: 3006.6 + version: 3006.9 check_threshold: 3600 # in seconds, threshold used for so-salt-minion-check. any value less than 600 seconds may cause a lot of salt-minion restarts since the job to touch the file occurs every 5-8 minutes by default service_start_delay: 30 # in seconds. diff --git a/salt/salt/minion.sls b/salt/salt/minion.sls index 8c6f7f0198..d26365485d 100644 --- a/salt/salt/minion.sls +++ b/salt/salt/minion.sls @@ -9,6 +9,7 @@ {% set service_start_delay = SALTMINION.salt.minion.service_start_delay %} include: + - salt.python_modules - salt - systemd.reload - repo.client diff --git a/salt/salt/module_packages/docker/certifi-2024.7.4-py3-none-any.whl b/salt/salt/module_packages/docker/certifi-2024.7.4-py3-none-any.whl new file mode 100644 index 0000000000..9e412a2d94 Binary files /dev/null and b/salt/salt/module_packages/docker/certifi-2024.7.4-py3-none-any.whl differ diff --git a/salt/salt/module_packages/docker/charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl b/salt/salt/module_packages/docker/charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl new file mode 100644 index 0000000000..19a91a2781 Binary files /dev/null and b/salt/salt/module_packages/docker/charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl differ diff --git a/salt/salt/module_packages/docker/docker-7.1.0-py3-none-any.whl b/salt/salt/module_packages/docker/docker-7.1.0-py3-none-any.whl new file mode 100644 index 0000000000..c324efbd08 Binary files /dev/null and b/salt/salt/module_packages/docker/docker-7.1.0-py3-none-any.whl differ diff --git a/salt/salt/module_packages/docker/idna-3.7-py3-none-any.whl b/salt/salt/module_packages/docker/idna-3.7-py3-none-any.whl new file mode 100644 index 0000000000..fa4c95b123 Binary files /dev/null and b/salt/salt/module_packages/docker/idna-3.7-py3-none-any.whl differ diff --git a/salt/salt/module_packages/docker/requests-2.32.3-py3-none-any.whl b/salt/salt/module_packages/docker/requests-2.32.3-py3-none-any.whl new file mode 100644 index 0000000000..23662ce7ee Binary files /dev/null and b/salt/salt/module_packages/docker/requests-2.32.3-py3-none-any.whl differ diff --git a/salt/salt/module_packages/docker/urllib3-2.2.2-py3-none-any.whl b/salt/salt/module_packages/docker/urllib3-2.2.2-py3-none-any.whl new file mode 100644 index 0000000000..61a56086a5 Binary files /dev/null and b/salt/salt/module_packages/docker/urllib3-2.2.2-py3-none-any.whl differ diff --git a/salt/salt/python_modules.sls b/salt/salt/python_modules.sls new file mode 100644 index 0000000000..d6c05a892a --- /dev/null +++ b/salt/salt/python_modules.sls @@ -0,0 +1,21 @@ +# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one +# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at +# https://securityonion.net/license; you may not use this file except in compliance with the +# Elastic License 2.0. + +docker_module_package: + file.recurse: + - name: /opt/so/conf/salt/module_packages/docker + - source: salt://salt/module_packages/docker + - clean: True + - makedirs: True + +# fail hard on this state so that soup would be cancelled on a manager (eventhough salt would have already updated) +# on a non manager, failing hard here will prevent the minion from upgrading +# we want to fail hard here to prevent the minion from upgrading and potetially being able to manager docker containers from a dep mismatch +docker_python_module_install: + cmd.run: + - name: /opt/saltstack/salt/bin/python3.10 -m pip install docker --no-index --find-links=/opt/so/conf/salt/module_packages/docker/ --upgrade + - onchanges: + - file: docker_module_package + - failhard: True diff --git a/setup/files/salt_module_deps/docker/certifi-2022.12.7-py3-none-any.whl b/setup/files/salt_module_deps/docker/certifi-2022.12.7-py3-none-any.whl deleted file mode 100644 index a083056113..0000000000 Binary files a/setup/files/salt_module_deps/docker/certifi-2022.12.7-py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/chardet-4.0.0-py2.py3-none-any.whl b/setup/files/salt_module_deps/docker/chardet-4.0.0-py2.py3-none-any.whl deleted file mode 100644 index b83344e8e3..0000000000 Binary files a/setup/files/salt_module_deps/docker/chardet-4.0.0-py2.py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/charset_normalizer-3.1.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl b/setup/files/salt_module_deps/docker/charset_normalizer-3.1.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl deleted file mode 100644 index 7b57bc7167..0000000000 Binary files a/setup/files/salt_module_deps/docker/charset_normalizer-3.1.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/docker-5.0.2-py2.py3-none-any.whl b/setup/files/salt_module_deps/docker/docker-5.0.2-py2.py3-none-any.whl deleted file mode 100644 index f1ed95ee12..0000000000 Binary files a/setup/files/salt_module_deps/docker/docker-5.0.2-py2.py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/idna-2.10-py2.py3-none-any.whl b/setup/files/salt_module_deps/docker/idna-2.10-py2.py3-none-any.whl deleted file mode 100644 index 41225cb056..0000000000 Binary files a/setup/files/salt_module_deps/docker/idna-2.10-py2.py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/requests-2.25.1-py2.py3-none-any.whl b/setup/files/salt_module_deps/docker/requests-2.25.1-py2.py3-none-any.whl deleted file mode 100644 index 8d70e9716d..0000000000 Binary files a/setup/files/salt_module_deps/docker/requests-2.25.1-py2.py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/urllib3-1.26.15-py2.py3-none-any.whl b/setup/files/salt_module_deps/docker/urllib3-1.26.15-py2.py3-none-any.whl deleted file mode 100644 index ad723d5e10..0000000000 Binary files a/setup/files/salt_module_deps/docker/urllib3-1.26.15-py2.py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/docker/websocket_client-1.5.1-py3-none-any.whl b/setup/files/salt_module_deps/docker/websocket_client-1.5.1-py3-none-any.whl deleted file mode 100644 index bd8152d2c4..0000000000 Binary files a/setup/files/salt_module_deps/docker/websocket_client-1.5.1-py3-none-any.whl and /dev/null differ diff --git a/setup/files/salt_module_deps/pymysql/PyMySQL-1.0.3-py3-none-any.whl b/setup/files/salt_module_deps/pymysql/PyMySQL-1.0.3-py3-none-any.whl deleted file mode 100644 index 0bbd29da02..0000000000 Binary files a/setup/files/salt_module_deps/pymysql/PyMySQL-1.0.3-py3-none-any.whl and /dev/null differ diff --git a/setup/so-functions b/setup/so-functions index 4fe5ddebce..870aa77d22 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1931,7 +1931,7 @@ saltify() { } salt_install_module_deps() { - logCmd "salt-pip install docker --no-index --only-binary=:all: --find-links files/salt_module_deps/docker/" + logCmd "salt-call state.apply salt.python_modules --local --file-root=../salt/" } salt_patch_x509_v2() {