Salt Artifact#

Heist-salt uses Heist to deploy and manage the Salt artifact. The binary Heist-Salt deploys is built using tiamat. Tiamat uses pyinstaller and is built with pyinstaller’s onedir option. The onedir binary in heist-salt is a salt artifact using pyinstaller’s onedir option.

Heist automatically downloads artifacts from and uses them to deploy agents. In the case of Salt, these artifacts are the onedir versions of Salt that have been built using the salt-pkg system.

Heist will automatically download the latest artifact from the repo, unless it already exists in the artifacts_dir or a specific Salt version is set via the artifact_version option. Heist will automatically detect the target OS and download the appropriate binary. If artifact_version is set, heist will download the Salt binary version from the repo if it exists.

If you want to deploy a custom version of Salt, or you want a salt binary or onedir package that includes a different version of python, or more dependency libraries this is very easy to do using the salt-pkg project. See the Building Custom Salt Bins docs for more information.

When the artifacts are downloaded from the remote repo they are placed in your artifacts_dir. If you are running heist as root this dir can be found at /var/lib/heist/artifacts/<onedir>. If you are running as a user this dir can be found at ~/.heist/artifacts/<onedir>.

The downloaded executables are in a tarball and are versioned with a version number following the dash right after the name of the binary. It also includes the OS and architecture. In the case of salt the file looks like this: salt-3003-3-linux-amd64.tar.gz. If you have a custom build just name it something that has a higher version number, like salt_3003-4-linux-amd64.tar.gz.


The onedir binary of Salt is built using Pyinstallers onefile option. It is a folder that contains all of the depdencies and python to run salt.