From ee173b0041d232bef04a2feafdb51b6f3af007d1 Mon Sep 17 00:00:00 2001 From: Eric Veiras Galisson Date: Mon, 24 Aug 2020 17:01:46 +0200 Subject: [PATCH] refactor: convert map.jinja to new standards --- sudoers/defaults.yaml | 5 +++ sudoers/map.jinja | 72 ++++++++++++++++++++++++++++++---------- sudoers/osarchmap.yaml | 35 +++++++++++++++++++ sudoers/osfamilymap.yaml | 38 +++++++++++++++++++++ sudoers/osfingermap.yaml | 14 ++++++++ sudoers/osmap.yaml | 13 ++++++++ 6 files changed, 160 insertions(+), 17 deletions(-) create mode 100644 sudoers/defaults.yaml create mode 100644 sudoers/osarchmap.yaml create mode 100644 sudoers/osfamilymap.yaml create mode 100644 sudoers/osfingermap.yaml create mode 100644 sudoers/osmap.yaml diff --git a/sudoers/defaults.yaml b/sudoers/defaults.yaml new file mode 100644 index 0000000..e26a286 --- /dev/null +++ b/sudoers/defaults.yaml @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +sudoers: + pkg: sudo diff --git a/sudoers/map.jinja b/sudoers/map.jinja index 281a4fb..d90456d 100644 --- a/sudoers/map.jinja +++ b/sudoers/map.jinja @@ -1,17 +1,55 @@ -{% set sudoers = salt['grains.filter_by']({ - 'Debian': {'pkg': 'sudo'}, - 'Ubuntu': {'pkg': 'sudo'}, - 'CentOS': {'pkg': 'sudo'}, - 'Fedora': {'pkg': 'sudo'}, - 'RedHat': {'pkg': 'sudo'}, - 'Amazon': {'pkg': 'sudo'}, - 'Gentoo': {'pkg': 'app-admin/sudo'}, - 'Mint': {'pkg': 'sudo'}, - 'Arch': {'pkg': 'sudo'}, - 'Suse': {'pkg': 'sudo'}, - 'FreeBSD': {'pkg': 'sudo', - 'configpath': '/usr/local/etc', - 'includedir': '/usr/local/etc/sudoers.d', - 'execprefix': '/usr/local/sbin', - 'group': 'wheel'}, -}, merge=salt['pillar.get']('sudoers:lookup')) %} +# -*- coding: utf-8 -*- +# vim: ft=jinja + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{#- Start imports as #} +{%- import_yaml tplroot ~ "/defaults.yaml" as default_settings %} +{%- import_yaml tplroot ~ "/osarchmap.yaml" as osarchmap %} +{%- import_yaml tplroot ~ "/osfamilymap.yaml" as osfamilymap %} +{%- import_yaml tplroot ~ "/osmap.yaml" as osmap %} +{%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %} + +{#- Retrieve the config dict only once #} +{%- set _config = salt['config.get'](tplroot, default={}) %} + +{%- set defaults = salt['grains.filter_by']( + default_settings, + default=tplroot, + merge=salt['grains.filter_by']( + osarchmap, + grain='osarch', + merge=salt['grains.filter_by']( + osfamilymap, + grain='os_family', + merge=salt['grains.filter_by']( + osmap, + grain='os', + merge=salt['grains.filter_by']( + osfingermap, + grain='osfinger', + merge=salt['grains.filter_by']( + _config, + default='lookup' + ) + ) + ) + ) + ) + ) +%} + +{%- set config = salt['grains.filter_by']( + {'defaults': defaults}, + default='defaults', + merge=_config + ) +%} + +{%- set sudoers = config %} + +{#- Post-processing for specific non-YAML customisations #} +{%- if grains.os == 'MacOS' %} +{%- set macos_group = salt['cmd.run']("stat -f '%Sg' /dev/console") %} +{%- do sudoers.update({'rootgroup': macos_group}) %} +{%- endif %} diff --git a/sudoers/osarchmap.yaml b/sudoers/osarchmap.yaml new file mode 100644 index 0000000..ab3bc1f --- /dev/null +++ b/sudoers/osarchmap.yaml @@ -0,0 +1,35 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +# +# Setup variables using grains['osarch'] based logic. +# You just need to add the key:values for an `osarch` that differ +# from `defaults.yaml`. +# Only add an `osarch` which is/will be supported by the formula. +# +# If you do not need to provide defaults via the `osarch` grain, +# you will need to provide at least an empty dict in this file, e.g. +# osarch: {} +--- +amd64: + arch: amd64 + +x86_64: + arch: amd64 + +386: + arch: 386 + +arm64: + arch: arm64 + +armv6l: + arch: armv6l + +armv7l: + arch: armv7l + +ppc64le: + arch: ppc64le + +s390x: + arch: s390x diff --git a/sudoers/osfamilymap.yaml b/sudoers/osfamilymap.yaml new file mode 100644 index 0000000..12b2cd9 --- /dev/null +++ b/sudoers/osfamilymap.yaml @@ -0,0 +1,38 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +# +# Setup variables using grains['os_family'] based logic. +# You just need to add the key:values for an `os_family` that differ +# from `defaults.yaml` + `osarch.yaml`. +# Only add an `os_family` which is/will be supported by the formula. +# +# If you do not need to provide defaults via the `os_family` grain, +# you will need to provide at least an empty dict in this file, e.g. +# osfamilymap: {} +--- +Debian: {} + +RedHat: {} + +Suse: {} + +Gentoo: + pkg: app-admin/sudo + +Arch: {} + +Alpine: {} + +FreeBSD: + configpath: /usr/local/etc + includedir: /usr/local/etc/sudoers.d + execprefix: /usr/local/sbin + group: wheel + +OpenBSD: {} + +Solaris: {} + +Windows: {} + +MacOS: {} diff --git a/sudoers/osfingermap.yaml b/sudoers/osfingermap.yaml new file mode 100644 index 0000000..431f97a --- /dev/null +++ b/sudoers/osfingermap.yaml @@ -0,0 +1,14 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +# +# Setup variables using grains['osfinger'] based logic. +# You just need to add the key:values for an `osfinger` that differ +# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`. +# Only add an `osfinger` which is/will be supported by the formula. +# +# If you do not need to provide defaults via the `os_finger` grain, +# you will need to provide at least an empty dict in this file, e.g. +# osfingermap: {} +--- +# os: Debian +osfingermap: {} diff --git a/sudoers/osmap.yaml b/sudoers/osmap.yaml new file mode 100644 index 0000000..2ec94b4 --- /dev/null +++ b/sudoers/osmap.yaml @@ -0,0 +1,13 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +# +# Setup variables using grains['os'] based logic. +# You just need to add the key:values for an `os` that differ +# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`. +# Only add an `os` which is/will be supported by the formula. +# +# If you do not need to provide defaults via the `os` grain, +# you will need to provide at least an empty dict in this file, e.g. +# osmap: {} +--- +osmap: {}