A short overview, how docker can be used to test if a salt formula is sucessfully applicable to target architecture or distribution. This procedure is also applicable to single states or a highstate with minor modifications.


  • Docker
  • Salt formula to test (use my dovecot formula to follow this tutorial)

Create target arch image with salt

We test the formula on debian wheezy, therefore we first create an image on that basis with salt minion installed.


FROM debian:wheezy
MAINTAINER Martin Hoefling <martin.hoefling@gmx.de>
# install salt
RUN apt-get update
RUN apt-get -y install wget
RUN echo "deb http://debian.saltstack.com/debian wheezy-saltstack main" > /etc/apt/sources.list.d/saltstack.list
RUN wget -q -O- "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" | apt-key add -
RUN apt-get update
RUN apt-get -y install salt-minion

The commands in the docker file add the saltstack repository and install the salt client on top of the debian wheezy base image.

Next, build the base image for our salt formula test:

docker build -t martinhoefling/salt:debian .

should result in somthing like

Successfully built 76ef5402c482 

Write Docker test for salt formula

Again, we create a Dockerfile:

FROM martinhoefling/salt-minion:debian
MAINTAINER Martin Hoefling <martin.hoefling@gmx.de>
# push formula
ADD dovecot /srv/salt/dovecot
ADD pillar.example /srv/pillar/example.sls
RUN echo "file_client: local" > /etc/salt/minion.d/local.conf
RUN echo "base:" > /srv/pillar/top.sls
RUN echo " '*':" >> /srv/pillar/top.sls
RUN echo " - example" >> /srv/pillar/top.sls
RUN salt-call --local state.sls dovecot | tee log.txt && grep "Failed: 0" log.txt

In this Dockerfile, the state and example pillar is copied first to the salt file_root and pillar_root. Next, the minion is prepared to run masterless with local file_client. Then, a top.sls including the example pillar information is created. Finally, salt-call is used to apply the formula.

Salt returns sucessfully, no matter if the state was applied without error or not (this behavior makes actually sense in most cases). However, in this case it should fail if an error occurs. Thus, we check the output, if Failed: 0 is contained in the output.

Extending Dockerfile to create a deployable container

First of all, example.pillar has to be replaced by the actual configuration. Further we need to add modification strongly depends on the service started. In case of dovecot, adding:

CMD /usr/sbin/dovecot -F &

to the dockerfile should do the trick.