Remove automated PR against salt repo at release

.github/workflows/release.yml

@@ -444,95 +444,3 @@ jobs:
           atomic: true
           branch: develop
           repository: ${{ github.repository }}
-
-
-  salt:
-    name: Update Release on Salt Repo
-    runs-on:
-      - self-hosted
-      - linux
-      - repo-release
-    needs:
-      - update-develop-checksums
-    environment: release
-    permissions:
-      contents: write  # For action peter-evans/create-pull-request
-      pull-requests: write  # For action peter-evans/create-pull-request
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: stable
-          repository: ${{ github.repository }}
-
-      - name: Get bootstrap version
-        run: |
-          echo "BS_VERSION=$(sh bootstrap-salt.sh -v | awk '{ print $4 }')" >> "$GITHUB_ENV"
-
-      - uses: actions/checkout@v3
-        with:
-          repository: saltstack/salt
-          ref: master
-          path: salt-checkout
-          token: ${{ secrets.SALT_REPO_WRITE_TOKEN }}
-
-      - name: Setup GnuPG
-        run: |
-          sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg
-          GNUPGHOME="$(mktemp -d -p /run/gpg)"
-          echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV"
-          cat <<EOF > "${GNUPGHOME}/gpg.conf"
-          batch
-          no-tty
-          pinentry-mode loopback
-          EOF
-
-      - name: Get Secrets
-        id: get-secrets
-        env:
-          SECRETS_KEY: ${{ secrets.SECRETS_KEY }}
-        run: |
-          SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX)
-          echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE"
-          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
-            --query SecretString --output text | jq .default_key -r | base64 -d \
-            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \
-            | gpg --import -
-          sync
-          aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \
-            --query SecretString --output text| jq .default_passphrase -r | base64 -d \
-            | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d -
-          sync
-          rm "$SECRETS_KEY_FILE"
-          echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf"
-
-      - name: Configure Git
-        shell: bash
-        run: |
-          git config --global --add safe.directory "$(pwd)"
-          git config --global user.name "Salt Project Packaging"
-          git config --global user.email [email protected]
-          git config --global user.signingkey 64CBBC8173D76B3F
-          git config --global commit.gpgsign true
-
-      - name: Update bootstrap script on Salt
-        run: |
-          cp bootstrap-salt.sh salt-checkout/salt/cloud/deploy/bootstrap-salt.sh
-
-      - name: Commit Changes
-        working-directory: salt-checkout/
-        run: |
-          git commit -am "Update the bootstrap script to v${{ env.BS_VERSION }}"
-
-      - name: Create Pull Request Against Develop
-        uses: peter-evans/create-pull-request@v5
-        with:
-          title: "Update the bootstrap script to v${{ env.BS_VERSION }}"
-          path: salt-checkout
-          base: master
-          token: ${{ secrets.SALT_REPO_WRITE_TOKEN }}
-          author: "Salt Project Packaging <[email protected]>"
-          committer: "Salt Project Packaging <[email protected]>"
-          commit-message: Update the bootstrap script to v${{ env.BS_VERSION }}
-          signoff: true
-          delete-branch: true

RELEASE.md

@@ -3,13 +3,10 @@
 - See if there are any PRs worth squeezing into release.
 - Go through the changes since last release, add them to changelog.
 - Add any new authors to the AUTHORS file.
-- If there's a new Salt release(major), update the script to add support for it.
+- If there's a new Salt release (major), update the script to add support for it.
 - Bump version for release.
 - Open PR against develop with these changes.
-- Once the above PR is merged, open a PR against stable with the changes from develop.
-- Once the above PR is merged, wait until an automatic PR is opened against stable which updates the checksums.
-- Once the above PR is merged, tag the release `v{version-here}` and push the tag.
-- Wait until an automatic PR is opened against the develop branch updating the checksums in `README.rst`. Merge it.
-- Check that an automated PR was opened against the salt repo updating the bootstrap script, located in `salt/cloud/deploy/bootstrap-salt.sh`
-
+- Once the above PR is merged, go to [Cut Release](https://github.com/saltstack/salt-bootstrap/actions/workflows/release.yml) and `Run workflow` against `develop` branch
+- Open a new PR against the branch of the oldest supported version of [the salt repo](https://github.com/saltstack/salt) (ex. `3006.x`), and replace `salt/cloud/deploy/bootstrap-salt.sh` with the latest `bootstrap-salt.sh` file
+- When that PR is merged into [the salt repo](https://github.com/saltstack/salt), merge-forwards into the latest branches and `master` will ensure that the latest bootstrap script is available
 - Victory!