salt.modules.debbuild

Debian Package builder system

New in version 2015.8.0.

This system allows for all of the components to build debs safely in chrooted environments. This also provides a function to generate debian repositories

This module implements the pkgbuild interface

salt.modules.debbuild.build(runas, tgt, dest_dir, spec, sources, deps, env, template, saltenv=u'base', log_dir=u'/var/log/salt/pkgbuild')

Given the package destination directory, the tarball containing debian files (e.g. control) and package sources, use pbuilder to safely build the platform package

CLI Example:

Debian

salt '*' pkgbuild.make_src_pkg deb-8-x86_64 /var/www/html
        https://raw.githubusercontent.com/saltstack/libnacl/master/pkg/deb/python-libnacl.control
        https://pypi.python.org/packages/source/l/libnacl/libnacl-1.3.5.tar.gz

This example command should build the libnacl package for Debian using pbuilder and place it in /var/www/html/ on the minion

salt.modules.debbuild.make_repo(repodir, keyid=None, env=None, use_passphrase=False, gnupghome=u'/etc/salt/gpgkeys', runas=u'root', timeout=15.0)

Make a package repository and optionally sign it and packages present

Given the repodir (directory to create repository in), create a Debian repository and optionally sign it and packages present. This state is best used with onchanges linked to your package building states.

repodir
The directory to find packages that will be in the repository.
keyid

Changed in version 2016.3.0.

Optional Key ID to use in signing packages and repository. This consists of the last 8 hex digits of the GPG key ID.

Utilizes Public and Private keys associated with keyid which have been loaded into the minion's Pillar data. Leverages gpg-agent and gpg-preset-passphrase for caching keys, etc. These pillar values are assumed to be filenames which are present in gnupghome. The pillar keys shown below have to match exactly.

For example, contents from a Pillar data file with named Public and Private keys as follows:

gpg_pkg_priv_keyname: gpg_pkg_key.pem
gpg_pkg_pub_keyname: gpg_pkg_key.pub
env

Changed in version 2016.3.0.

A dictionary of environment variables to be utilized in creating the repository.

use_passphrase
: False

New in version 2016.3.0.

Use a passphrase with the signing key presented in keyid. Passphrase is received from Pillar data which could be passed on the command line with pillar parameter. For example:

pillar='{ "gpg_passphrase" : "my_passphrase" }'
gnupghome
: /etc/salt/gpgkeys

New in version 2016.3.0.

Location where GPG related files are stored, used with keyid.

runas
: root

New in version 2016.3.0.

User to create the repository as, and optionally sign packages.

Note

Ensure the user has correct permissions to any files and directories which are to be utilized.

timeout
: 15.0

New in version 2016.3.4.

Timeout in seconds to wait for the prompt for inputting the passphrase.

CLI Example:

salt '*' pkgbuild.make_repo /var/www/html
salt.modules.debbuild.make_src_pkg(dest_dir, spec, sources, env=None, saltenv=u'base')

Create a platform specific source package from the given platform spec/control file and sources

CLI Example:

Debian

salt '*' pkgbuild.make_src_pkg /var/www/html/
        https://raw.githubusercontent.com/saltstack/libnacl/master/pkg/deb/python-libnacl.control.tar.xz
        https://pypi.python.org/packages/source/l/libnacl/libnacl-1.3.5.tar.gz

This example command should build the libnacl SOURCE package and place it in /var/www/html/ on the minion