salt-minion: T4364: add support for source-interface definition

4 files changed, 19 insertions, 2 deletions

diff --git a/data/templates/salt-minion/minion.j2 b/data/templates/salt-minion/minion.j2
index d9922ebe8..6940c0cde 100644
--- a/data/templates/salt-minion/minion.j2
+++ b/data/templates/salt-minion/minion.j2
@@ -57,5 +57,11 @@ id: {{ id }}
 # The number of minutes between mine updates.
 mine_interval: {{ interval }}
 
-verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }}
+{% if source_interface is vyos_defined %}
+# The name of the interface to use when establishing the connection to the Master.
+source_interface_name = {{ source_interface }}
+{% endif %}
 
+# Enables verification of the master-public-signature returned by the master
+# in auth-replies.
+verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }}
diff --git a/interface-definitions/salt-minion.xml.in b/interface-definitions/salt-minion.xml.in
index f8b4c4b89..c3219cff3 100644
--- a/interface-definitions/salt-minion.xml.in
+++ b/interface-definitions/salt-minion.xml.in
@@ -66,6 +66,7 @@
               <help>URL with signature of master for auth reply verification</help>
             </properties>
           </leafNode>
+          #include <include/source-interface.xml.i>
         </children>
       </node>
     </children>
diff --git a/smoketest/scripts/cli/test_service_salt.py b/smoketest/scripts/cli/test_service_salt.py
index bbeec7f7b..8a8ad093c 100755
--- a/smoketest/scripts/cli/test_service_salt.py
+++ b/smoketest/scripts/cli/test_service_salt.py
@@ -68,11 +68,13 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
         hash = 'sha1'
         id = 'foo'
         interval = '120'
+        interface = 'eth0'
 
         self.cli_set(base_path + ['master', server])
         self.cli_set(base_path + ['hash', hash])
         self.cli_set(base_path + ['id', id])
         self.cli_set(base_path + ['interval', interval])
+        self.cli_set(base_path + ['source_interface', interface])
 
         self.cli_commit()
 
@@ -84,7 +86,8 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
         self.assertIn(f'hash_type: {hash}', conf)
         self.assertIn(f'id: {id}', conf)
         self.assertIn(f'mine_interval: {interval}', conf)
-        self.assertIn(f'id: {id}', conf)
+        self.assertIn(f'id: {interface}', conf)
+        self.assertIn(f'source_interface_name: {id}', conf)
 
 if __name__ == '__main__':
     unittest.main(verbosity=2)
diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py
index 89df3b48a..d296bc202 100755
--- a/src/conf_mode/salt-minion.py
+++ b/src/conf_mode/salt-minion.py
@@ -25,6 +25,7 @@ from vyos.configdict import dict_merge
 from vyos.template import render
 from vyos.util import call
 from vyos.util import chown
+from vyos.verify import verify_interface_exists
 from vyos.xml import defaults
 from vyos import ConfigError
 
@@ -66,6 +67,12 @@ def get_config(config=None):
     return salt
 
 def verify(salt):
+    if not salt:
+        return None
+
+    if 'source_interface' in salt:
+        verify_interface_exists(salt['source_interface'])
+
     return None
 
 def generate(salt):