Set {{ pillar['network']['bridge'] }} to be managed by NetworkManager:
  cmd.run:
    - name: nmcli device set {{ pillar['network']['bridge'] }} managed yes
    - unless: bash -c "if [[ \"$(nmcli device show {{ pillar['network']['bridge'] }} | sed -n 's/^GENERAL.STATE.*(\(.*\)).*$/\1/p')\" == \"unmanaged\" ]]; then exit 1; else exit 0; fi"

Configure {{ pillar['network']['bridge'] }} connection:
  cmd.run:
    - name: nmcli connection add con-name {{ pillar['network']['bridge'] }} type bridge ifname {{ pillar['network']['bridge'] }} ipv4.method manual ipv4.addresses {{ pillar['network']['ip'] }}/24 ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" ipv6.method disabled connection.autoconnect yes stp no
    - unless: nmcli connection show {{ pillar['network']['bridge'] }} > /dev/null

Add {{ pillar['network']['interface'] }} to bridge {{ pillar['network']['bridge'] }}:
  cmd.run:
    - name: nmcli connection add con-name {{ pillar['network']['bridge'] }}-{{ pillar['network']['interface'] }} ifname {{ pillar['network']['interface'] }} type bridge-slave master {{ pillar['network']['bridge'] }} connection.autoconnect yes
    - unless: nmcli connection show {{ pillar['network']['bridge'] }}-{{ pillar['network']['interface'] }} > /dev/null