Minion View need show Minions of Syndic

[DesireWithin]

I run alcali on top salt-master. this top master have some salve salt-syndic.
I can only see salt-syndic on Minion View.
Can minion view show all minions?

[drscream]

The development branch for Alcali uses test.ping to find all minions via salt-api:

 connected = run_raw(
     [
         {
             "client": "local",
             "batch": None,
             "tgt_type": "glob",
             "tgt": "*",
             "fun": "test.ping",
         }
     ]
 )

So the only thing required is to allow the salt-api to receive minions connected to the salt-syndic-master. At the moment of writing I'm not 100% sure why the salt-api returns something different than a regular salt '*' test.ping call. But after changing the publisher_acl configuration on the salt-syndic-master file the salt-api return all minions connected to it:

publisher_acl:
  '*':
    - '*'

Please take this change with care, because I think it allow much more than needed. An additional change which was required was switching to salt-master(s) on Master Of Masters, Master on the Syndic and Syndic itself to run as root. I expect somehow this is an bug in salt-api or in the ACL itself.

I anyway hope that help.

[DesireWithin]

Hello,

• First, I test salt-api using sharedsecret eauth:

{
    "client": "runner",
    "fun": "manage.status",
    "username": "salt",
    "password": "password",
    "eauth": "sharedsecret"
}

Salt-api can reurn all minions.
I also test test.ping by salt-api :

{
    "client": "local",
    "fun": "test.ping",
    "tgt": "*",
    "username": "salt",
    "password": "password",
    "eauth": "sharedsecret"
}

Salt-api can return all minion.

• Second, I open acl on each salt-syndic: append

publisher_acl:
  '*':
    - '*'

on /etc/salt/master, restart salt-master and salt-syndic. But alcali still can't show all minions.

It's worth to notice that, I'm running salt-master 3003.2.
I install alcali by pip:

pip install --user alcali
I don't use formula, git.latest state moudle don't work for me because of network limit. (I copy git repo to /opt/alcali/code manually, after state.sls complete, alcali can't start because can't find config moudle. It's another issue. Let's back to the topic)

I run alcali current_version at /root/.local/bin( I append this to $path and .env is at this location):

$ alcali current_version
alcali version unknown

But alcali check is working well. alcali migrate and alcali createsuperuser are good too.

I may need more help.
Thanks.

[drscream]

Hello @DesireWithin,

I'm sorry but it's really hard to debug if it's not 100% the version which it should be or could be. Otherwise it taking to much time to think what could be the problem and debugging instead of helping. My above example is using the current develop branch which contains the following commit:

fbe1d63

And especially this commit make use of test.ping to find all minions. This commit is not part of an release yet.

All the best,
Thomas

[DesireWithin]

Hello @drscream ,
I understand, Thank you for you explain.
My current version is 3003.1.0

#  pip show alcali
Name: alcali
Version: 3003.1.0
Summary: Alcali
Home-page: https://github.com/latenighttales/alcali.git
Author: Matt Melquiond
Author-email: matt.LLVW@gmail.com
License: UNKNOWN
Location: /root/.local/lib/python3.6/site-packages
Requires: whitenoise, django-cors-headers, gunicorn, djangorestframework, python-dotenv, ansi2html, djangorestframework-simplejwt, requests, salt-pepper, pytz, django-currentuser, PyJWT, Django
Required-by:

And I read the python code too, the minion was indeed refreshed from the Accept key, not by test.ping.
And this is consistent with the behavior I observed from the mysql database.

Thank you very much,
I shall wait for next release.

Bryan Chen