Last active
August 29, 2015 14:05
-
-
Save Vye/4737fddd1a61d9380163 to your computer and use it in GitHub Desktop.
Detect unapproved YUM repos and dynamically create a state (only if they exist) to remove them.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I was keeping track of typical YUM repos that are not | |
| # permitted on our prod machines (like EPEL, etc.)... | |
| # Then I realized there was a better way. This state will | |
| # find repos that are not approved and generate a state | |
| # to remove them. This works well because if you run | |
| # highstate test=True you can preview the change, but it | |
| # doesn't waste resources (or spew a huge list) constantly verifying | |
| # your ever growing list of repos that shouldn't exist on each state run. | |
| {% set approved_repos = [ | |
| 'vendor-noarch.repo', | |
| 'vendor.repo', | |
| 'internal-noarch.repo', | |
| 'internal.repo'] %} | |
| {% set repos = salt['file.find']('/etc/yum.repos.d', name="*.repo") %} {# ok, that's cool... #} | |
| {% for repo in repos %} | |
| {% if repo.split('/')[-1] not in approved_repos %} | |
| {{ repo }}: | |
| file.absent | |
| {% endif %} | |
| {% endfor %} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment