I started to work with Jenkinsfile and the pipeline plugin lately and I was wondering what would be the best way to ask my salt master server to run a command when tests have passed or when we merge a pull request for example.
There is this jenkinsci/saltstack-plugin that works great (doesn't handle colored output, but it's ok).
a. Would it be better to run the salt step within a Jenkinsfile?
b. What would be the syntax to interact with the above plugin?
Or should I setup my Salt master (which is on a different server) as a jenkins slave node and have the command executed on the salt master directly.
Draft here:
node("salt-master") {
sh "salt -E 'some.target.*' state.sls some.state"
}
I think the option 2 would work, but I haven't setup the master as e jenkins slave yet.
This is an update to an older post, but in case it helps anyone, the syntax for the saltplugin as a step in a JenkinsFile is given on the jenkins wiki: https://wiki.jenkins-ci.org/display/JENKINS/saltstack-plugin
Something like the following will give you prettyprint json output
import groovy.json.*
node() {
saltresult = salt authtype: 'pam', clientInterface: local(arguments: '"ls -la"', blockbuild: true,
function: 'cmd.run', jobPollTime: 16, target: '*', targetType: 'glob'),
credentialsId: 'a3d814c2-84ed-4752-94a8-271791bb5375', servername: 'http://localhost:8000'
def prettyJson = JsonOutput.prettyPrint(saltresult)
println(prettyJson)
}
A benefit of using the jenkins plugin is that you can access other salt-api endpoints such as hook. We have our jenkins server on an internal network which is unable to reach the internet, but our saltmaster is on another network and is able to get out. In our JenkinsFiles we can then send a salt hook call, which kicks a reactor on the saltmaster to send a notification to Slack or MS Teams. Thus, our jenkins server is able to post build status to internet services, without itself being able to access the internet.