Trigger event on Master and wait for "response event" on Salt Minion

Question

What I want is an RPC-like behavior invoked by the Minion put into some kind of script which can then be invoked by any (non-Salt, non-Python) application and service:

• trigger an event on the Master (payload corresponds to command line arguments)
• the Reactor system takes over, processes the event and (depending on the sender and the payload of the event) sends a response event.
  • the response event may contain a sensitive payload and may not be seen (or at least decrypted) by any other minion
• the Minion receives the response event

I know that I can send events to the master using salt-call and the salt.modules.event.fire_master module.

So how do I wait for the response event?

And how do I ensure the response event cannot be seen on the event bus by other Minions (afaik all events send from the Master are public, and filtering happens Minion-side)? I thought about the gpg renderer, but this might be way too complicated - there need to be a way as the Master need to send the sensitive Pillar data to the Minions with similar requirements.

Answer 1

I got stuck on this issue as well, but I managed to stumble on what you need. The answer is in salt's aptly named: saltmod.wait_for_event

But if you'll note that state is identified as intended only for the salt-master. What that actually means is that it can be used on a minion, but you've got to change the node='master' kwarg to node='minion'. Here's an example state file that sends an event (which triggers a reactor to fire a runner) and then waits 60 seconds for the salt-master to send an event back to the minion (which the runner sends back on a successful run):

salt/custom/trigger_runner:
  event.send

wait_for_event_runner_return:
  salt.wait_for_event:
    - name: salt/custom/runner_complete
    - timeout: 60
    - id_list:
      - {{ grains.id }}
    - node: minion