Watchmaker

**Summary**:

* [[Issue 331][331]][[PR 332][332]] Writes the `role` grain to the key
expected by the ash-windows formula. Fixes usage of the `--ash-role` option
in the salt worker
* [[Issue 329][329]][[PR 330][330]] Outputs watchmaker version at the debug
log level
* [[Issue 322][322]][[PR 323][323]][[PR 324][324]] Fixes py2/py3
compatibility bug in how the yum worker handles file opening to check the
Linux distro
* [[Issue 316][316]][[PR 320][320]] Improves logging when salt state
execution fails due to failed a state. The salt output is now returned to
the salt worker, which processes the output, identifies the failed state,
and raises an exception with the state failure
* join-domain-formula
* (Linux) Reworks the pbis config states to make the logged output more
readable

[332]: https://github.com/plus3it/watchmaker/pull/332
[331]: https://github.com/plus3it/watchmaker/issues/331
[330]: https://github.com/plus3it/watchmaker/pull/330
[329]: https://github.com/plus3it/watchmaker/issues/329
[324]: https://github.com/plus3it/watchmaker/pull/324
[323]: https://github.com/plus3it/watchmaker/pull/323
[322]: https://github.com/plus3it/watchmaker/issues/322
[320]: https://github.com/plus3it/watchmaker/pull/320
[316]: https://github.com/plus3it/watchmaker/issues/316

**Summary**:

* join-domain-formula
* (Linux) Ignores a bad exit code from pbis config utility. The utility
will return exit code 5 when modifying the NssEnumerationEnabled
setting, but still sets the requested value. This exit code is now
ignored

**Summary**:

* name-computer-formula
* (Linux) Uses an alternate method of working around a bad code-path in
salt that does not handle quoted values in /etc/sysconfig/network.

**Summary**:

* [[PR 301][301]] Sets the grains for admin_groups and admin_users so the
keys are named as expected by the join-domain formula
* ash-linux-formula
* Adds a custom module that lists users from the shadow file
* Gets local users from the shadow file rather than `user.list_users`.
Prevents a domain-joined system from attempting to iterate over all
domain users (and potentially deadlocking on especially large domains)
* join-domain-formula
* Modifies PBIS install method to use RPMs directly, rather than the
SHAR installer
* Updates approaches to checking for collisions and current join status
to better handle various scenarios: not joined, no collision; not
joined, collision; joined, computer object present; joined, computer
object missing
* Disables NSS enumeration to prevent PBIS from querying user info from
the domain for every call to getent (or equivalents); domain-based
user authentication still works fine
* name-computer-formula
* (Linux) Does not attempt to retain network settings, to avoid a bug in
salt; will be revisited when a patched salt version has been released

[301]: https://github.com/plus3it/watchmaker/pull/301

**Summary**:

* (EL7) Running _watchmaker_ against EL7 systems will now pin the resulting
configuration to the watchmaker version. See the updates to the two
formulas in this version. Previously, _ash-linux_ always used the content
from the `scap-security-guide` rpm, which was updated out-of-sync with
_watchmaker_, and so the resulting configuration could not be pinned by
pinning the _watchmaker_ version. With this version, _ash-linux_ uses
content distributed by _watchmaker_, via _scap-formula_, and so the
resulting configuration will always be same on EL7 for a given version of
_watchmaker_ (as has always been the case for the other supported
operating systems).
* ash-linux-formula
* Supports getting scap content locations from pillar
* scap-formula
* Updates stig content with latest benchmark versions
* Adds openscap ds.xml content, used to support remediate actions

**Summary**:

* [[PR 286 ][286]] Sets the computername grain with the correct key expected
by the formula
* [[PR 284 ][284]] Converts cli argument parsing from `argparse` to `click`.
This modifies the `watchmaker` depedencies, which warranted a 0.x.0 version
bump. Cli and API arguments remain the same, so the change should be
backwards-compatible.
* name-computer-formula
* Adds support for getting the computername from pillar
* Adds support for validating the specified computername against a
pattern
* pshelp-formula
* Attempts to address occasional stack overflow exception when updating
powershell help

[286]: https://github.com/plus3it/watchmaker/pull/286
[284]: https://github.com/plus3it/watchmaker/pull/284