From a8ec3717c44d1fd76343b321babaa7e44ab64bea Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Mon, 28 Aug 2023 10:20:53 -0400 Subject: [PATCH 1/2] fail soup if so-repo-sync fails --- salt/manager/tools/sbin/so-repo-sync | 4 +++- salt/manager/tools/sbin/soup | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/salt/manager/tools/sbin/so-repo-sync b/salt/manager/tools/sbin/so-repo-sync index 3e129cd0d5..84384fcdfc 100644 --- a/salt/manager/tools/sbin/so-repo-sync +++ b/salt/manager/tools/sbin/so-repo-sync @@ -11,6 +11,8 @@ set_version set_os salt_minion_count +set -e + curl --retry 5 --retry-delay 60 -A "reposync/$VERSION/$OS/$(uname -r)/$MINIONCOUNT" https://sigs.securityonion.net/checkup --output /tmp/checkup dnf reposync --norepopath -g --delete -m -c /opt/so/conf/reposync/repodownload.conf --repoid=securityonionsync --download-metadata -p /nsm/repo/ -createrepo /nsm/repo \ No newline at end of file +createrepo /nsm/repo diff --git a/salt/manager/tools/sbin/soup b/salt/manager/tools/sbin/soup index 37c9b3ba58..45e3df5306 100755 --- a/salt/manager/tools/sbin/soup +++ b/salt/manager/tools/sbin/soup @@ -440,7 +440,7 @@ post_to_2.4.20() { repo_sync() { echo "Sync the local repo." - su socore -c '/usr/sbin/so-repo-sync' + su socore -c '/usr/sbin/so-repo-sync' || fail "Unable to complete so-repo-sync." } stop_salt_master() { From 6b0fbe4634609603fdbddcc86d7eeea96e406a3b Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Mon, 28 Aug 2023 11:53:45 -0400 Subject: [PATCH 2/2] include so-repo-sync in soup_manager_scripts state --- salt/common/soup_scripts.sls | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/salt/common/soup_scripts.sls b/salt/common/soup_scripts.sls index 8dff85ddbe..041649200f 100644 --- a/salt/common/soup_scripts.sls +++ b/salt/common/soup_scripts.sls @@ -19,4 +19,5 @@ soup_manager_scripts: - source: salt://manager/tools/sbin - include_pat: - so-firewall - - soup \ No newline at end of file + - so-repo-sync + - soup