[FEATURE REQUEST] autosign_grains option to match on ALL grains #62831
Labels
Comments
amalaguti
added
Feature
|
Any update on this ? |
|
Check out #65426 - it enables flexible auto accept scenarios via custom runners |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Yes, and a very important one given unwanted minions seem to be auto accepted.
Describe the solution you'd like
The autosign_grains feature allows to set multiple grains for matching, but it seems to match on ANY grain that matches the criteria, it does not seem to match on ALL grains.
Given autosign_grains is set to match on 3 different grains like
The minion should be accepted only if provide matching values for the 3 grains.
Currently, matching on 1 grain seems to be enough to accept the minion.
A minion with the right value for custom_grains but incorrect values for os and domain is automatically acceptd by the master.
Minion should be accepted only if matching on os + domain + custom grain
Additional context
Salt 3004.2, Linux and Windows minions
Please Note
If this feature request would be considered a substantial change or addition, this should go through a SEP process here https://github.com/saltstack/salt-enhancement-proposals, instead of a feature request.
The text was updated successfully, but these errors were encountered: