Open Hour 2023-JAN-5

Open Hour YouTube playlist | Contact us! saltproject.pdl@broadcom.com

Watch the video recording of the Salt Community Open Hour for January 5, 2023. In this open hour, Wayne demoed the improvements he’s made to syndics:

Agenda

• General updates and announcements
• Salt Project user group meetups
• New Salt Project website & e-store
• Community forum updates
• Demo: syndic
• Salt LTS plan preview
• Community help with RC testing
• Q&A plus discussion

General updates and announcements

• Open Hours are held every 1st and 3rd Thursday from 10a.m. to 11a.m. Pacific.
• Our next Open Hour will be January 19th.
• Join a Salt Project working group!

Salt Project user group meetups

Nicholas Hughes is working on a community-led effort to host some more in-person Salt events. These would be:

• Single-day events.
• Within a reasonable distance.
• Speakers giving sessions that are possibly recorded so that people who can’t attend in person can still participate.
• And of course: food and chances to do some social networking.

Go to spugm.com to join a mailing list for updates and let us know you are interested.

New Salt Project website and e-store

The new Salt Project website is live! Check it out: https://saltproject.io/

The new website includes:

• Easier access to GitHub and the community calendar
• Easier for new community members to get started.
• Heaver focus on media for instruction and information.

And check out the new Salt Project store: https://www.saltprojectstore.io/Order/Index?category=SALT&categoryValue=SALT

The store includes:

• Features all new merchandise for both Salt Project and Idem Project.
• Includes prizes for amazing contributions and feats of skill!
• Additional unique and amazing selections are on the way!

Community forums update

• Today’s issue: preseeding master keys vs. the master fingerprint.
• A community member was nervous about updating their Salt infrastructure past 3004.1 because that release included instructions to preseed the master. Those instructions were added because of security concerns around preventing man-in-the-middle attacks. This functionality helps the minion see that you have a different master key and that it’s not in the wild.
• As a follow up question, another community member asked about the difference between preseeding the master key as opposed to using the master fingerprint. With the master fingerprint, there is the possibility of a collision of the fingerprint, whereas if you’re preseeding the key, it’s very unlikely that you’ll collide the keys. Also, calculating the master fingerprint uses a small microsecond of data, so it’s possible that you could see a hit to performance from using the master fingerprint method.

Demo: syndics

• Wayne Werner demoed some of the work he’s been doing to improve syndics. Wayne’s been doing a lot to get the syndics back and functional again. This work is necessary because of a CVE related to syndics about a year ago. The team fixed the CVE, but in the process, it broke the publisher ACL for syndics. Wayne’s been working on restoring that functionality and has a PR open that will fix it: https://github.com/saltstack/salt/pull/63257
• One side benefit of this fix is that previously if you were using publisher ACL, it didn’t know when all the syndics had returned. Now you should know which syndics should be able to return with a salt-call or test.ping.
• Wayne has additional plans to improve syndics later this year to make it a first class citizen of Salt.

Salt LTS release plan

The Salt Project is moving to an LTS release strategy per this Salt Enhancement Proposal (SEP).

One of the goals here is to have more predictable releases.

Salt will have one LTS release per year and will have active support for a year, then critical fixes for an additional year. Then, every quarter we’ll have regular releases:

• GA in February,
• 3006.1 in April
• 3006.2 in July
• 3006.3 in October

Feel free to ask questions about this strategy on the community Slack workspace.