Commit graph

459 commits

Author SHA1 Message Date
varac
7714aa0436 Remove loglevel directive from Exec[update_apt]
When using puppet apply (v 3.7), loglevel 'info'
won't show the output on error. This is bad for
debugging.
2016-02-25 19:59:58 +01:00
varac
6ba1b097c2 Merge branch 'unatt_upg_logdir' into 'master'
Manage unattended-upgrades log directory

In some situations, the log directory for unattended-upgrades might not
exist. In those cases, packages will not get upgraded!

unattended-upgrades crashes with a python backtrace because the log dir
is not present.

See merge request !38
2016-02-02 22:22:47 +00:00
Gabriel Filion
c4a0aff2af Manage unattended-upgrades log directory
In some situations, the log directory for unattended-upgrades might not
exist. In those cases, packages will not get upgraded!

unattended-upgrades crashes with a python backtrace because the log dir
is not present.
2016-02-02 17:07:21 -05:00
varac
207218cee8 [refactor] Get rid of the disable_update parameter
The `disable_update` parameter has been removed. The main apt class
defaults to *not* run an `apt-get update` on every run anyway so
this parameter seems useless.
You can include the `apt::update` class if you want it to be
run every time.
2016-02-01 20:42:37 +01:00
varac
d2ae98e89b [feat] Remove apt-get autoclean from apt::update
`apt-get autoclean` should not be run on every puppetrun when
including `apt::update`, but rather be configured as a `APT::Periodic`
task that is run by cron, see
https://wiki.debian.org/UnattendedUpgrades.
2016-02-01 20:25:50 +01:00
varac
f12b007edd [refactor] Unify apt-get update into one resource
Before, there were two Execs that did an `apt-get update`,
`Exec[refresh_apt]` and `Exec[apt_updated]`, which were triggered
by different resources.
This changes gets rid of the first one, and all resources now depend
on `Exec[apt_updated]`.
2016-02-01 20:25:46 +01:00
varac
fa1751c4de [bug] Deploy preferene snippets before apt_refresh
When pinning packages with apt::preferences_snippet,
we need to make sure these get deployed before an
`apt-get update` is triggered, so pinned packages can
get installed in the right way with a single puppetrun.
2016-01-05 20:04:10 +01:00
Micah
185ac30062 Merge branch 'gitlab_ci' into 'master'
[feat] Enable gitlab CI builds, simplify Gemfile

Test this module using existing rspec test, using gitlab CI on gitlab.com shared runners.

See https://gitlab.com/varac/apt/builds/473836 for the CI build of this merge req.

See merge request !33
2015-12-20 21:36:20 +00:00
varac
275ca2e4cf [feat] Enable gitlab CI builds, simplify Gemfile 2015-12-19 00:25:05 +01:00
ng
c410b5c8de Merge branch 'remove_double_apt_get_update' into 'master'
[feat] Don't run an additional apt-get update

When adding custom keys, an additional `apt-get update` would
be run before the Exec['refresh_apt'], which don't make sense.

See merge request !31
2015-12-16 07:39:12 +00:00
varac
d67dfe4beb [feat] Don't run an additional apt-get update
When adding custom keys, an additional `apt-get update` would
be run before the Exec['refresh_apt'], which don't make sense.
2015-12-13 17:56:17 +01:00
varac
abe5212b01 Fix require path for ubuntu_nextcodename.rb 2015-12-07 22:09:42 +01:00
varac
2c656517bd [rspec] extend test for custom facts 2015-12-07 21:54:49 +01:00
varac
5381cb7b61 [bug] Fix debian_nextcodename on wheezy hosts
I noticed this behaviour because $::debian_nextcodename was
"squeeze" on a wheezy host.
For debugging, i inserted a "puts codenames" in
lib/facter/debian_nextcodename.rb, and it turned out that it
was sorted differently on wheezy and jessie hosts:

On wheezy:

    buster
    stretch
    jessie
    wheezy
    squeeze
    lenny

On jessie:

    lenny
    squeeze
    wheezy
    jessie
    stretch
    buster

So i decided to rewrite this so this doesn't happen again.
2015-12-07 19:43:31 +01:00
varac
bf4daa73b1 [docs] Add test docs how to use custom facter/puppet version 2015-12-07 14:36:48 +01:00
varac
a70c52c1d4 Fix loading of util/debian.rb for custom facts
requirering the facter/util/debian.rb module causes
puppet warnings on wheezy hosts, and custom facts like
`$::debian_codename` cannot be evaluated.

    warning: Could not load fact file
      /srv/dev/projects/puppet/shared-modules//apt/lib/facter/debian_nextcodename.rb:
      no such file to load -- facter/util/debian

Removing the require line solves this.
2015-12-07 14:27:04 +01:00
varac
6b27efb434 Add inital puppet rspec test for custom facts 2015-12-07 13:29:41 +01:00
Micah
d372562329 Merge branch 'support_missing_ubuntu_releases' into 'master'
[feat] Support vivid, wily, xenial ubuntu release



See merge request !27
2015-12-04 21:27:26 +00:00
Gabriel Filion
2942cd0dd8 remove requirement on lsb package for sources.list file
Managing requirements for installing the lsb package has proven over
time to make no sense. The best approach to this is to require
lsb-release to be installed alongside puppet, since otherwise there are
so much facts that get no value during the run and you end up needing to
run puppet twice to get the real end result.

Also, since we're not including a class that is actually installing the
'lsb' package, that require line makes it so that including the apt
module doesn't work, and there's no documentation in the README about
needing to provide a package{'lsb':} resource with the apt class.

Because of all that, it makes more sense to just get rid of that require
line and mark lsb as a pre-requirement in the README file.
2015-12-04 14:35:27 -05:00
Jerome Charaoui
4d3b720308 Simplify conditional expressions 2015-12-04 12:36:25 -05:00
Jerome Charaoui
f492e5840b Switch old $release and $codename local variables to new debian_* facts 2015-12-04 12:36:25 -05:00
Antoine Beaupré
e4a9222d86 move backports to snippets
this allows for third party modules to enable this on the fly
2015-12-04 12:36:25 -05:00
Gabriel Filion
bfa973a668 Use $ubuntu_url as default value of $backports_url on Ubuntu
Ubuntu shouldn't be using debian backports by default.

This was written by Anoine Beaupré, but split from the commit "move
backports to snippets" since the change is unrelated and needs to be
more visible in the commit history.
2015-12-04 12:36:25 -05:00
varac
b5c65e29f1 [feat] Support vivid, wily, xenial ubuntu release 2015-11-02 23:50:08 +01:00
Gabriel Filion
99fe7db721 Document the new config_template parameter
Also add an example for how to use the apt::unattended_upgrades class.
2015-10-09 17:22:31 -04:00
Gabriel Filion
e714859a10 Make it possible to specify own template.
Micah found an issue with usage of config_content: if you call template('...')
yourself and pass that on to config_content, then your template gets evaluated
without all of the variables. This means that you don't hava access to
blacklisted_packages, mail_recipient or mailonlyonerror.

To make it possible to use a different template while still having access to
those variables, let's make it possible to change the template name that we're
using.
2015-10-09 17:22:31 -04:00
Jerome Charaoui
3dea5b8df7 Fix debian_codename fact when falling back to parsing /etc/debian_version 2015-10-09 17:12:31 -04:00
Jerome Charaoui
f8980538c1 Improve unattended-upgrades origin selectors
* On squeeze, use release fact instead of hardcoded release name
  * On wheezy, special-case because codename selector is not available
  * On jessie and up, start pulling in point-release updates. The
    codename selector ensures that we won't be upgrading to a new
    release automatically.
2015-10-09 16:39:19 -04:00
Jerome Charaoui
e4d777e5ec Fix merge conflict in README 2015-10-09 12:08:26 -04:00
Gabriel Filion
cc53ce119f Extraneous copy of license file
GPLv3 was already applied 3 years ago to this code base. See LICENSE
file.
2015-10-03 23:44:21 -04:00
intrigeri
cf4726e845 Merge remote-tracking branch 'shared/key' into shared-master (!17) 2015-09-14 22:51:07 +00:00
intrigeri
5f7232b420 Add validation for apt::key's name.
It's great to document requirements in README, but error'ing out whenever
the user messes up is even better IMO.
2015-08-31 10:01:03 +00:00
intrigeri
8745de17d6 Quote apt-key variable parameter.
This is not perfect protection against special chars that the shell may
interpret, but should help at least in case $name contains spaces.
2015-08-31 09:55:17 +00:00
intrigeri
dc1a19e6cb Linting. 2015-08-31 09:54:28 +00:00
intrigeri
1e81ba185e Merge remote-tracking branch 'shared/key' into tmp 2015-08-31 09:51:45 +00:00
Antoine Beaupré
544796e050 document the .gpg extension requirement 2015-08-26 23:29:11 -04:00
Antoine Beaupré
5564b3fba3 fix install location of apt:🔑:plain 2015-08-26 23:27:58 -04:00
Antoine Beaupré
ae0570dee6 fix typo 2015-08-26 23:25:16 -04:00
Antoine Beaupré
931076f854 fix typo 2015-06-11 10:32:40 -04:00
Antoine Beaupré
891aa0fbbe allow for binary keys that can be removed 2015-06-11 10:26:10 -04:00
Antoine Beaupré
33acc00e5c add apt::key resource to deploy arbitrary keys
the rationale of this is that isn't useful for third party modules,
because they cannot inject keys in there without some serious apt
class hijacking
2015-06-11 10:07:49 -04:00
Jerome Charaoui
58cfaa32f9 Merge branch 'volatile-backports' into 'master'
allow disabling backports (and volatile in ubuntu)

as the module stands now, there's no way to disable backports.

there are a few reasons why we want to allow this:

* "tools, not policy" - if Debian doesn't ship with backports enabled by default, why should we change that policy?
* too many sources.list entries can cause problems on `apt-get update`, which can run out of memory and require special config
* if the pinning fails, some packages may be updated by mistake
* even if pinning works, some may *want* to keep admins from installing anything from backports as a policy

this keeps backports installed by default (begrudgingly) however. it just allows disabling it.

it also allows disabling volatile in ubuntu, which wasn't possible before.

See merge request !16
2015-06-09 15:49:02 +00:00
Antoine Beaupré
d87876a16f also disable volatile on ubuntu if relevant 2015-06-09 11:35:41 -04:00
Antoine Beaupré
3da1db2707 also control backports on ubuntu 2015-06-09 11:34:51 -04:00
Antoine Beaupré
dbee5c9487 typo 2015-06-09 11:28:54 -04:00
Antoine Beaupré
5ea69cb039 allow possibility of disabling backports 2015-06-09 11:25:34 -04:00
Jerome Charaoui
3a7dd605e3 Fix bug with debian_nextcodename 2015-06-03 16:20:36 -04:00
Jerome Charaoui
d007a40333 Replace debian_*() parser functions with facts
* Removes dependency on lsb-release and/or Facter >1.7
    (values are based on $::lsbdistcodename, when available)
* Simplifies maintenance: only lib/facter/util/* require updates as new
  releases are made

Caveats:
* apt::codename is removed; to override debian_* facts, set the
  FACTER_debian_codename environment variable for puppet
* If tracking unstable, make sure lsb-release is installed, as other
  methods can't tell between testing and unstable
2015-05-11 12:01:35 -04:00
Jerome Charaoui
87bfb868d7 Avoid unattended security upgrades from stable if running oldstable 2015-05-11 09:55:26 -04:00
Jerome Charaoui
ae4771b452 Adjusted sources.list template: LTS is now 'oldoldstable' 2015-05-07 18:37:24 -04:00