Curl in a salt state

1,340 views
Skip to first unread message

Scott King

unread,
Apr 25, 2016, 2:45:30 PM4/25/16
to Salt-users
I'm trying to create a salt state for beyondtrust AD authentication tool. 

This is what I have so far, and it is saying that i have an unknown yaml render error.  on line 5. (underlined)

beyondtrust:

  cmd.run

  {% if grains['os'] == 'Ubuntu' %}

     - run

     - name: curl -L http://download.beyondtrust.com/PBISO/8.3/pbis-open-8.3.0.3287.linux.x86_64.deb.sh | -o -pbis.sh

  {% elif grains['os'] == 'RedHat' %}

    - name: curl http://download.beyondtrust.com/PBISO/8.3/pbis-open-8.3.0.3287.linux.x86_64.rpm.sh -o -pbis.sh

  {% endif %}

    - require

      - pkg: curl





Any help would be nice to get a salt state for beyondtrust


thanks.

Clint Dilks

unread,
Apr 25, 2016, 5:07:07 PM4/25/16
to salt-...@googlegroups.com
Hi,


On Tue, Apr 26, 2016 at 6:45 AM, Scott King <scott...@gmail.com> wrote:
I'm trying to create a salt state for beyondtrust AD authentication tool. 

This is what I have so far, and it is saying that i have an unknown yaml render error.  on line 5. (underlined)

beyondtrust:

  cmd.run

  {% if grains['os'] == 'Ubuntu' %}

     - run

     - name: curl -L http://download.beyondtrust.com/PBISO/8.3/pbis-open-8.3.0.3287.linux.x86_64.deb.sh | -o -pbis.sh




Just from looking at this visually the pipe in this command seems out of place :)

Wes Novack

unread,
Apr 26, 2016, 12:28:56 PM4/26/16
to Salt-users
You're missing a colon after cmd.run and you need to delete the extra call to "- run" in the first if block.

Scott King

unread,
Apr 27, 2016, 2:47:17 PM4/27/16
to Salt-users
thanks Wes. life saver. 

Christian Joergensen

unread,
Apr 27, 2016, 7:02:14 PM4/27/16
to Salt-users
Hi,

Curl seems a bit overkill. Why not just use file.managed? The source argument supports http(s) URLs :)

Then you could also have the file checksummed (source_hash).

Cheers,

Christian

Xandrellas

unread,
Apr 28, 2016, 3:32:59 PM4/28/16
to Salt-users
In the interest of sharing information:

We use for Centos/Redhat:


pbis-open:

  pkgrepo.managed:

    - name: pbis-open

    - humanname: PBISO- local packages for $basearch

    - baseurl: http://repo.pbis.beyondtrust.com/yum/pbiso/$basearch

    - enabled: 1

    - gpgcheck: 0

    - order: 1

    - refresh_db: True

  pkg.installed:

    - name: pbis-open

    - require:

      - pkgrepo: pbis-open


and for Ubuntu we use:


pbis-open:

  pkgrepo.managed:

    - humanname: PBISO- local packages for $basearch

    - name: deb http://repo.pbis.beyondtrust.com/apt pbiso main

    - file: /etc/apt/sources.list.d/pbiso.list

    - key_url: http://repo.pbis.beyondtrust.com/yum/RPM-GPG-KEY-pbis

    - require_in:

      - pkg: pbis-open


  pkg.latest:

    - name: pbis-open

    - refresh: True



Works like a beast


On Monday, April 25, 2016 at 11:45:30 AM UTC-7, Scott King wrote:

Scott King

unread,
May 2, 2016, 2:43:59 PM5/2/16
to Salt-users
does the $basesearch variable come from a pillar file? Do you configure any specific accounts to be added as sudoers to your boxes? 

Thank

Xandrellas

unread,
Mar 4, 2019, 2:19:25 PM3/4/19
to Salt-users
Sorry I totally missed this and assumably you figured it out or went a different route, but:

that string is correct as is, it will get sniffed out regardless of pillar (and no doesn't come from pillar).

We use a separate sudoers formula to handle sudo level access. 
Reply all
Reply to author
Forward
0 new messages