-
Notifications
You must be signed in to change notification settings - Fork 492
/
sync_es_users.sls
32 lines (29 loc) · 1.08 KB
/
sync_es_users.sls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
include:
- elasticsearch.auth
- kratos
so-user.lock:
file.missing:
- name: /var/tmp/so-user.lock
# Must run before elasticsearch docker container is started!
sync_es_users:
cmd.run:
- name: so-user sync
- env:
- SKIP_STATE_APPLY: 'true'
- creates:
- /opt/so/saltstack/local/salt/elasticsearch/files/users
- /opt/so/saltstack/local/salt/elasticsearch/files/users_roles
- /opt/so/conf/soc/soc_users_roles
- show_changes: False
- require:
- docker_container: so-kratos
- http: wait_for_kratos
- file: so-user.lock # require so-user.lock file to be missing
# we dont want this added too early in setup, so we add the onlyif to verify 'startup_states: highstate'
# is in the minion config. That line is added before the final highstate during setup
so-user_sync:
cron.present:
- user: root
- name: 'PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin /usr/sbin/so-user sync &>> /opt/so/log/soc/sync.log'
- identifier: so-user_sync
- onlyif: "grep -x 'startup_states: highstate' /etc/salt/minion"