Hello,In our setup we have two main repositories. - One is a private repo

1. Hello,
2.  
3. In our setup we have two main repositories.
4. - One is a private repo that has our api keys, etc. This is private to our company and we only want to allow the salt-master to have access to these files.
5. - The other is a public repo that holds our open source software.
6.  
7. ** see example at bottom of this email
8.  
9. We are looking for an automated method to checkout a version of our git_code_repo (develop, production, etc), checkout the correlating git_config_repo submodule, and apply the resources.file variables to our templated config.yml file.
10.  
11. Now my gut thought would be to somehow get the git_config_repo into the pillar variables and then template that info into our config.yml file, but I suspect that the pillar data is compiled before the git_code_repo is checked out via the salt/sls files.
12.  
13. Can anyone help me understand what is possible given this requirement? I have some written psuedo code below to help my explanation.
14.  
15. One thing that comes to mind is somehow having the pillar/sls file require a checkout of a git repository, but since pillar doesn't control folder states I don't see how that can happen.
16.  
17. thanks!
18.  
19.  
20. git_config_repo (private):
21. resources.file (has keywords to be applied to our config file for our deployment)
22. {
23. SoftwareKey_production = 123
24. SoftwareKey_development = 321
25. }
26.  
27.  
28. git_code_repo (open source):
29. config.yml
30. {
31. API_KEY: {{ SoftwareKey_production if pillar["release"] == 'production' else SoftwareKey_development }}
32. }
33.  
34.  
35. Repo relationships (config release tied to a code release)
36. git_code_repo
37. -- submodule:
38. git_config_repo