This document is intended to help both the
watchmaker user-community and
watchmaker developers and contributors better understand how to customize the execution of the
watchmaker configuration-utility. This will be covered in the documents linked-to from the (below) “Common Scenarios” section.
watchmaker executes a standard set of configuration-tasks. The
watchmaker utility primarily leverages SaltStack for these configuration-tasks.
The configuration-tasks, themselves, are grouped into sets of related tasks. Related tasks can be things like:
Performing OS-hardening (e.g., applying STIGs)
Joining a Linux or Windows host to an Active Directory domain
Installing/configuring enterprise-mandated software (e.g., anti-virus or other security-tooling)
These task-sets are delivered in the form of formulas. From the vendor documentation on formulas:
Formulas are pre-written Salt States. They are as open-ended as Salt States themselves and can be used for tasks such as installing a package, configuring, and starting a service, setting up users or permissions, and many other common tasks.
All official Salt Formulas are found as separate Git repositories in the “saltstack-formulas” organization on GitHub
Customization-activities will be governed by two, main files: the watchmaker configuration file (a.k.a.,
config.yaml) and the Salt content archive (a.k.a.,
salt-content.zip). Discussion of the files’ contents are as follows:
The behavior of watchmaker can be easily customized towards several ends. The most-commonly encountered are:
If there are other customization-scenarios that should be included in this document-set, please see the contribution guidance. The contribution document covers how to submit requests for documentation-improvements as well as guidance on how to contribute changes (like further customization documentation).