saltstack / pepper Goto Github PK
View Code? Open in Web Editor NEWA library and stand-alone CLI tools to access a salt-api instance
License: Other
A library and stand-alone CLI tools to access a salt-api instance
License: Other
Traceback (most recent call last):
File "/home/arthur/.virtualenvs/pepper/bin/pepper", line 10, in <module>
execfile(__file__)
File "/home/arthur/local/salt/pepper/scripts/pepper", line 10, in <module>
from pepper.cli import PepperCli
File "/home/arthur/local/salt/pepper/pepper/__init__.py", line 26, in <module>
version, sha = setup.get_version()
File "/home/arthur/local/salt/pepper/pepper/../setup.py", line 90, in get_version
version, num_commits, sha = parse_version_tag(read_version_tag())
File "/home/arthur/local/salt/pepper/pepper/../setup.py", line 72, in parse_version_tag
if '-g' not in tag:
TypeError: argument of type 'NoneType' is not iterable
for example by using the same -l all or -l debug interface as salt
[xxx@devbox211 pepper]$ pepper -vvvvv 'saltmaster.*' test.ping # this works
{
"saltmaster.example.com": true
}
[xxx@devbox211 pepper]$ pepper -vvvvv 'saltmasterrrrrr.*' test.ping # this prints wrong error message
'jid'
Uncaught Pepper error (increase verbosity for the full traceback).
Uncaught traceback:
Traceback (most recent call last):
File "/usr/bin/pepper", line 26, in <module>
exit_code, results = cli.run()
File "/usr/lib/python2.6/site-packages/pepper/cli.py", line 238, in run
nodesJid = nodesJidRet['return'][0]['jid']
KeyError: 'jid'
DEBUG 2015-08-13 07:26:58,770 pepper: Uncaught traceback:
Traceback (most recent call last):
File "/usr/bin/pepper", line 26, in <module>
exit_code, results = cli.run()
File "/usr/lib/python2.6/site-packages/pepper/cli.py", line 238, in run
nodesJid = nodesJidRet['return'][0]['jid']
KeyError: 'jid'
[xxx@devbox211 pepper]$
Hi there
I'm currently running in the following error:
err@2dbc493bfb79:~$ pepper '*' test.ping --ignore-ssl-errors -H -vvv
urlopen() got an unexpected keyword argument 'context'
Uncaught Pepper error (increase verbosity for the full traceback).
Uncaught traceback:
Traceback (most recent call last):
File "/app/venv/bin/pepper", line 26, in <module>
exit_code, results = cli.run()
File "/app/venv/lib/python3.4/site-packages/pepper/cli.py", line 373, in run
auth = api.login(*list(creds))
File "/app/venv/lib/python3.4/site-packages/pepper/libpepper.py", line 330, in login
'eauth': eauth}).get('return', [{}])[0]
File "/app/venv/lib/python3.4/site-packages/pepper/libpepper.py", line 134, in req
f = urlopen(req, context=con)
TypeError: urlopen() got an unexpected keyword argument 'context'
DEBUG 2016-10-27 22:38:52,101 pepper: Uncaught traceback:
Traceback (most recent call last):
File "/app/venv/bin/pepper", line 26, in <module>
exit_code, results = cli.run()
File "/app/venv/lib/python3.4/site-packages/pepper/cli.py", line 373, in run
auth = api.login(*list(creds))
File "/app/venv/lib/python3.4/site-packages/pepper/libpepper.py", line 330, in login
'eauth': eauth}).get('return', [{}])[0]
File "/app/venv/lib/python3.4/site-packages/pepper/libpepper.py", line 134, in req
f = urlopen(req, context=con)
TypeError: urlopen() got an unexpected keyword argument 'context'
I installed pepper directly over the Github repo:
err@2dbc493bfb79:~$ python --version
Python 3.4.2
err@2dbc493bfb79:~$ pip install git+https://github.com/saltstack/pepper.git
Collecting git+https://github.com/saltstack/pepper.git
Cloning https://github.com/saltstack/pepper.git to /tmp/pip-r9dfl769-build
Installing collected packages: salt-pepper
Running setup.py install for salt-pepper ... done
Successfully installed salt-pepper-0.4.1.dev22
Do you perhaps have any idea how to fix this issue?
Thanks & regards,
Philip
It would be great if pepper could provide an interactive console, similar to the Python interactive console: this would allow to ask for password only once and then be able to send many salt commands directly without prompting for password.
We could even imagine a more advanced feature like being able to set the current minions target with a dedicated command like target='*'
and then the target of all following commands would be optional.
At some point in testing, I was quite surprised to find :
$ pepper -H -v '*' cmd.run 'whoami'
{u'perms': [u'test.ping'], u'start': 1422612427.829301, u'token': u'318dec9ad3007ccbc978f2dea72bf285e0b0f8ae', u'expire': 1422655627.829302, u'user': u'saltdev', u'eauth': u'pam'}
{u'return': [{u'jid': u'20150130110707846297', u'minions': [u'ursa', u'cetus.logilab.priv']}]}
{
"cetus.logilab.priv": "root",
"ursa": "root"
}
Investigating further made me understand that the one enforcing the policy was salt-master and since I had not restarted the salt-master (but only salt-api) between changing from '.*' to 'test.ping' in the external_auth, it would return results for a cmd.run query.
Could I argue that every intermediary (pepper or any webapp and salt-api) should look at the permissions before trying to run them ? Is this what was meant for when returning the "perms" information when on logs in ?
Am heading to salt issue tracker to add an issue for this one as well.
It is not possible to use pepper as a console script on windows. In order to run the CLI you must write python path/to/script/pepper.
Do you plan to release 0.5.0 following the recent changes? If not, I'll just release the latest HEAD to my PyShop. That be pretty neat if you did though.
$ pepper '*' test.ping
Traceback (most recent call last):
File "/home/arthur/.virtualenvs/pepper/bin/pepper", line 265, in <module>
exit_code, results = main()
File "/home/arthur/.virtualenvs/pepper/bin/pepper", line 235, in main
nodesJid = nodesJidRet['return'][0]['jid']
KeyError: 'return'
switching SALTAPI_EAUTH=pam in .pepperrc gets it to work.
Would be nice to catch this traceback.
http://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html
eedgar@i7:~/git/salt-mgmt/pepper$ sudo python setup.py install
running install
running build
running build_py
running build_scripts
copying and adjusting scripts/pepper -> build/scripts-2.7
running install_lib
running install_scripts
copying build/scripts-2.7/pepper -> /usr/local/bin
changing mode of /usr/local/bin/pepper to 775
running install_egg_info
Removing /usr/local/lib/python2.7/dist-packages/salt_pepper-0.0.0.egg-info
Writing /usr/local/lib/python2.7/dist-packages/salt_pepper-0.0.0.egg-info
eedgar@i7:~/git/salt-mgmt/pepper$ pepper '*' test.ping
Error with request: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
ERROR 2015-04-01 22:37:59,175 libpepper: Error with request: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
Uncaught Pepper error (increase verbosity for the full traceback).
eedgar@i7:~/git/salt-mgmt/pepper$ pepper '*' test.ping -vvv
Error with request
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 103, in req
f = urllib2.urlopen(req)
File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 404, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 422, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1207, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File "/usr/lib/python2.7/urllib2.py", line 1169, in do_open
raise URLError(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
DEBUG 2015-04-01 22:38:02,285 libpepper: Error with request
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 103, in req
f = urllib2.urlopen(req)
File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 404, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 422, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1207, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File "/usr/lib/python2.7/urllib2.py", line 1169, in do_open
raise URLError(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
Error with request: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
ERROR 2015-04-01 22:38:02,286 libpepper: Error with request: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
Uncaught Pepper error (increase verbosity for the full traceback).
Uncaught traceback:
Traceback (most recent call last):
File "/usr/local/bin/pepper", line 268, in <module>
exit_code, results = main()
File "/usr/local/bin/pepper", line 236, in main
auth = api.login(saltuser, saltpass, salteauth)
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 215, in login
'eauth': eauth}).get('return', [{}])[0]
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 103, in req
f = urllib2.urlopen(req)
File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 404, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 422, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1207, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File "/usr/lib/python2.7/urllib2.py", line 1169, in do_open
raise URLError(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
DEBUG 2015-04-01 22:38:02,286 pepper: Uncaught traceback:
Traceback (most recent call last):
File "/usr/local/bin/pepper", line 268, in <module>
exit_code, results = main()
File "/usr/local/bin/pepper", line 236, in main
auth = api.login(saltuser, saltpass, salteauth)
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 215, in login
'eauth': eauth}).get('return', [{}])[0]
File "/usr/local/lib/python2.7/dist-packages/pepper/libpepper.py", line 103, in req
f = urllib2.urlopen(req)
File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.7/urllib2.py", line 404, in open
response = self._open(req, data)
File "/usr/lib/python2.7/urllib2.py", line 422, in _open
'_open', req)
File "/usr/lib/python2.7/urllib2.py", line 382, in _call_chain
result = func(*args)
File "/usr/lib/python2.7/urllib2.py", line 1207, in https_open
return self.do_open(httplib.HTTPSConnection, req)
File "/usr/lib/python2.7/urllib2.py", line 1169, in do_open
raise URLError(err)
URLError: <urlopen error EOF occurred in violation of protocol (_ssl.c:581)>
should it be in the git repo ?
Is there any work/thoughts on getting this library to work under python 3?
Add kerberos authentification support.
It is likely we will contribute a patch for this in the near future.
What's the state of this project? I notice there's no source code here, but that there's a fork here https://github.com/whiteinge/pepper/network. Is it usable? Also, I can't find any published package with the name "pepper" that's related to salt: https://pypi.python.org/pypi?:action=search&term=pepper&submit=search
I think, for future visitors, that it would be nice to write the state of the project in the README.
According to PEP8 you should use camel case for ClassName
only and underscores for everything else, but you use it for variables in your code (nodesJidRet
, etc). I know it's not a bug. But it'd be nice to follow PEP8
I am having some trouble with SALTAPI_EAUTH=kerberos. First issue is if I have eauth=kerberos, I am still prompted for a password. If I use --non-interactive I get the error "SALTAPI_PASS required". If I just hit enter for the interactive password I get:
No module named requests
No module named requests_kerberos
I installed those and am able to proceed. Now I get the error
'Pepper' object has no attribute 'ignore_ssl_errors'
and I don't know how to proceed from here. If I use SALTAPI_EAUTH=pam my command executes successfully. I have tried both 0.4.1 from pip and the current version from master.
Targeting opts currently commented out...
Hey folks,
Can we cut a new release? I want to get all the nice changes that have been implemented.
Thanks!
I think the code should try https://localhost:8000 by default thus promoting using ssl security by default.
In my case, after following the instructions to activate salt-api (with the ultra simple salt-call tls.create_self_signed_cert
) when seeing that pepper used http://localhost:8000 I could have chosen to downgrade my salt-api configuration instead of upgrading my configuration of pepper...
I have a (really simple) patch for this :
from setuptools.command.develop import develop
seems to do the trick
Could you show how to run using pepper something like salt-run survey.hash '*' pkg.list_upgrades refresh=True
?
Or maybe even salt-run survey.hash 'G@osfinger:debian-8' pkg.list_upgrades refresh=True match=complex
since that passes some parameters to module and some to runner.
pepper -H -u http://localhost:8000 --username shouse '*' test.ping
send: 'POST /login HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 63\r\nConnection: close\r\nAccept: application/json\r\nUser-Agent: Python-urllib/2.7\r\nHost: localhost:8000\r\nX-Requested-With: XMLHttpRequest\r\nContent-Type: application/json\r\n\r\n{"username": "saltdev", "password": "saltdev", "eauth": "auto"}'
On PyPI, there is salt-pepper==0.3.5
(only)
When I do pip install salt-pepper
, it fetches salt-pepper-0.3.5.tar.gz
and installs it.
But then I do pip freeze | gerp pepper
and it shows salt-pepper==0.0.0
Also, could you keep all previous versions on PyPI and not delete them?
The --verbose and --debug-http don't display anything.
I've tried adding some logger.debug statements which don't change anything.
Adding some prints are displayed.
logger.debug('Sending ', postdata)
would be useful.
It would be super convenient if there were an option to ignore SSL errors with a command-line switch.
# Example
pepper --ignore-ssl-errors '*' test.ping
while trying pepper on the develop branch of salt I get the following :
"Exception occurred in runner jobs.lookup_jid: Traceback (most recent call last):\n File \"/home/arthur/local/salt/salt/salt/client/mixins.py\", line 335, in low\n data['return'] = self.functions[fun](*args, **kwargs)\nTypeError: lookup_jid() takes at least 1 argument (0 given)\n"
After much debugging, I ended up finding a way to make it work from pepper, in libpepper.py def lookup_jid(self, jid)
:
- 'jid': jid
+ 'kwargs': {
+ 'jid': jid
+ }
gives
low = {
'client': 'runner',
'fun': 'jobs.lookup_jid',
'kwargs': {
'jid': jid
}
}
which works. Is this the new way ?
How do I make an async call to salt-run
(orchestration) ? I just want to wait for the jid. I have tried both no-interactive
and --fail-if-incomplete
but without success.
The setup.py trove list implies this project is licensed under the Apache license, but this project is missing a definitive LICENSE file.
An obvious place to store the URL for the API is in a config file. What else could go in here?
Mimic Salt's -T
option.
~/local/salt/pepper# PYTHONPATH=`pwd` ./scripts/pepper
Traceback (most recent call last):
File "./scripts/pepper", line 14, in <module>
import pepper.version
ImportError: No module named version
I had problem with using --fail-if-incomplete parameter
if i run command without this everything just works but with argument i get permission denied i inspect this issue and I see that for --fail-if-incomplete is used jobs.lookup_jid I debug my ACLs but if I run single command through pepper to jobs.lookup_jid function works ok.
pepper "*" test.ping --fail-if-incomplete -v
[xxx@vagrant vagrant]$ pepper '*' test.ping
Traceback (most recent call last):
File "/usr/bin/pepper", line 9, in <module>
load_entry_point('pepper==0.2', 'console_scripts', 'pepper')()
File "/usr/lib/python2.6/site-packages/pepper.py", line 558, in main
import argparse
ImportError: No module named argparse
[xxx@vagrant vagrant]$
On python 2.6 argparse isn't available, so we should depend on it. We should reference it in setup.py
while True:
if total_time > self.options.timeout:
break
total_time
is a fixed variable, it never changes. If some minions did not return, the cli will retry infinitely
> pepper -N jenkins test.ping
pepper: error: no such option: -N
Using version 0.4.1.dev4
The -a
flag.
We will need access to Salt's outputters (at least the default one) to complete the illusion. It would be ideal to not have to copy that code into this project. Could it be a build-dep?
(pepper)arthur@ursa:~/local/salt/pepper$ pepper --version
0.3.5
(pepper)arthur@ursa:~/local/salt/pepper$ cd ..
(pepper)arthur@ursa:~/local/salt$ pepper --version
Unknown
(pepper)arthur@ursa:~/local/salt$ cp -rv pepper/ /tmp/
(pepper)arthur@ursa:~/local/salt$ cd /tmp/pepper/
(pepper)arthur@ursa:/tmp/pepper$ git checkout 0.2.0
(pepper)arthur@ursa:/tmp/pepper$ pepper --version
0.2.0
pysaltapi.py
is useful as a stand-alone library for other projects and should be pulled out into a separate project here and on PyPI.
Bug identified in #55 by @jfroche.
The problem can be clearly seen via the following command. In addition to the name=value
parsing, the arguments in RunnerClient are not being run through the YAML parser like in LocalClient
.
pepper --client=runner test.arg foo bar=Bar baz=true qux='{qux: Qux, quux: false}'
Trying to install from git a clone with python setup.py install
Below is the full output of the error.
$ python setup.py install
running install
running build
running build_py
creating build
creating build/lib
creating build/lib/pepper
copying pepper/__init__.py -> build/lib/pepper
copying pepper/libpepper.py -> build/lib/pepper
running build_scripts
creating build/scripts-2.7
copying and adjusting scripts/pepper -> build/scripts-2.7
changing mode of build/scripts-2.7/pepper from 664 to 775
running install_lib
creating /home/saviles/virtualenvs/pepper/lib/python2.7/site-packages/pepper
copying build/lib/pepper/__init__.py -> /home/saviles/virtualenvs/pepper/lib/python2.7/site-packages/pepper
copying build/lib/pepper/libpepper.py -> /home/saviles/virtualenvs/pepper/lib/python2.7/site-packages/pepper
byte-compiling /home/saviles/virtualenvs/pepper/lib/python2.7/site-packages/pepper/__init__.py to __init__.pyc
byte-compiling /home/saviles/virtualenvs/pepper/lib/python2.7/site-packages/pepper/libpepper.py to libpepper.pyc
running install_scripts
copying build/scripts-2.7/pepper -> /home/saviles/virtualenvs/pepper/bin
changing mode of /home/saviles/virtualenvs/pepper/bin/pepper to 775
running install_data
creating /home/saviles/virtualenvs/pepper/share
creating /home/saviles/virtualenvs/pepper/share/man
creating /home/saviles/virtualenvs/pepper/share/man/man1
error: can't copy 'doc/man/pepper.1': doesn't exist or not a regular file
The temporary fix is to comment out the lines in setup.py that look for this file. I'm not sure how its created otherwise, i could submit a PR on it.
+ #'data_files': [
+ # ('share/man/man1', ['doc/man/pepper.1']),
+ #],
If there is a way of restricting on the salt-api, it would be nice to recommend opening only 'jobs.lookup_jid' in '@runner'. I haven't yet found the documentation on how to do this, but if it is not possible I'll go and put an issue on salt.
When using pepper
versus the standard salt
command you get different results in terms of returned data types.
This seems related to #57 but different in the details.
(envsalt) >>> pepper -a pam --username=saltvirt --password=saltvirt 'sip-cannon' test.arg_repr trunktest2 2 '2048' image=/var/lib/libvit/images/centos66.qcow2 enable_vnc=True config='{"master": "goodboy.qa.sangoma.local"}' start=False enable_qcow=True
{
"return": [
{
"sip-cannon": {
"args": "('trunktest2', '2', '2048')",
"kwargs": "{'__pub_user': 'saltvirt', '__pub_arg': ['trunktest2', '2', '2048', 'image=/var/lib/libvirt/images/centos66.qcow2', 'enable_vnc=True', 'config={\"master\": \"goodboy.qa.sangoma.local\"}', 'start=False', 'enable_qcow=True'], 'start': False, 'config
': {'master': 'goodboy.qa.sangoma.local'}, 'image': '/var/lib/libvirt/images/centos66.qcow2', '__pub_fun': 'test.arg_repr', 'enable_qcow$
: True, '__pub_jid': '20170301004836803665', '__pub_tgt': 'sip-cannon', '__pub_tgt_type': 'glob', 'enable_vnc': True, '__pub_ret': ''}"
}
}
]
}
(envsalt) >>> sudo salt 'sip-cannon' test.arg_repr trunktest2 2 2048 image=/var/lib/libvirt/images/centos66.qcow2 enable_vnc=True con$
ig='{"master": "goodboy.qa.sangoma.local"}' start=False enable_qcow=True
sip-cannon:
----------
args:
('trunktest2', 2, 2048)
kwargs:
{'__pub_user': 'sudo_tyler', '__pub_arg': ['trunktest2', 2, 2048, {'enable_qcow': True, 'image': '/var/lib/libvirt/images/centos66.qcow2', 'start': False, 'config': {'master': 'goodboy.qa.sangoma.local'}, 'enable_vnc': True}], 'enable_qcow': True, 'config': {'master': 'goodboy.qa.sangoma.local'}, 'image': '/var/lib/libvirt/images/centos66.qcow2', '__pub_fun': 'test.arg_repr', 'start': False, '__pub_id': '20170301004859437566', '__pub_tgt': 'sip-cannon', '__pub_tgt_type': 'glob', 'enable_vnc': True, '__pub_ret': ''}
Notably the arg
array contains different types (in this case most obviously int
versus str
),
pepper
:('trunktest2', '2', '2048')
salt
:('trunktest2', 2, 2048)
In my case this is turn causes a parsing problem downstream in the salt.modules.virt.init()
function:
00:34:44 [ 2382] [DEBUG ] Generating VM XML
libvirt: Domain Config error : XML error: Invalid value '20482048204820482048204820482048204820482048204820482048204820482048204820482048
20482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482
04820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820
48204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204
82048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048
20482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482
04820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820
482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204820482048204
The last release on pypi was 0.30 (which is not tagged here). Any chance a new tag can be cut to get a newer release out?
Doesn't reference the pypi package name. I spent 15 minutes searching to find salt-pepper.
I have cherrypy
as my salt-api backend (I've disabled SSL to test it).
When I do raw connect (using curl
) - the API works fine (using pam eauth).
When I do the same with pepper
- it gives me "Pepper error: Authentication denied".
Could you reproduce this as well?
Any chance on pushing a new version to pip? Currently it's broken for python 3.3 installs at least as some of the code in init was not python3 friendly. I can get into specifics if you want.
It would be nice to have a documentation (or in the README) that provides an example of .pepperrc
[main]
SALTAPI_URL=https://localhost:8000/
SALTAPI_USER=saltdev
SALTAPI_PASS=saltdev
SALTAPI_EAUTH=pam
After upgrading the salt master from 2016-11.3
to 2016-11.4
, the command peppet --client=runner manage.status
breaks with the following error:
export SALTAPI_USER="john"
export SALTAPI_PASS="secret"
export SALTAPI_URL="${salt-url}"
export SALTAPI_EAUTH=ldap
pepper --client=runner manage.status
{
"return": [
"Exception occurred in runner manage.status: Traceback (most recent call last):\n File \"/usr/lib/python2.7/site-packages/salt/client/mixins.py\", line 395, in _low\n data['return'] = self.functions[fun](*args, **kwargs)\nTypeError: status() got an unexpected keyword argument '__current_eauth_groups'\n"
]
}
On the master salt-run manage.status --eauth=ldap --username=john --password=secret
does work.
I am also using pepper --client=runner doc.execution
which is failing with
{
"return": [
"Exception occurred in runner doc.execution: Traceback (most recent call last):\n File \"/usr/lib/python2.7/site-packages/salt/client/mixins.py\", line 395, in _low\n data['return'] = self.functions[fun](*args, **kwargs)\nTypeError: execution() takes no arguments (2 given)\n"
]
}
The problem might be related to salt-api
. Will have to rollback to 2016-11.3
.
I have just switched from pam
to ldap
and I get the following error:
Pepper error: Server error.
Here is the configuration for pepper
:
SALTAPI_USER=name
SALTAPI_PASS=pass
SALTAPI_URL=https://saltmaster.sandbox.srv.lan:8000
SALTAPI_EAUTH=ldap
On the salt master, everything works as expected which means the ldap configuration on the master is correct:
salt โa ldap '*' test.ping
The salt-api, does return me a valid token when I use:
curl -sS -i -k -H 'Content-Type: application/json' -d '[{"eauth":"ldap","username":"user","password":"pass","client":"local","tgt":"*","fun":"test.ping"}]' https://localhost:8000/login
Although the following command
curl -ksi https://localhost:8000 -H "Accept: application/x-yaml" -H "X-Auth-Token: 2f663bdf9680e59df1dc12b70a40c74f30408cfe" -d client=local -d tgt='*' -d fun='test.ping' -d arg
will fail with:
File \"/usr/lib/python2.7/site-packages/salt/client/__init__.py\"\
, line 290, in run_job\n raise SaltClientError(general_exception)\nSaltClientError:\
\ unpack(b) received extra data.\n"
status: 500
So it might be a salt-api issue or me using the api
incorrectly.
Extra notes:
https
(but it has been working fine with pepper
and pam
)I am not sure what to try next. Thanks for your help.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.