This is necessary when required_packages contains GPG keys that are used for
authenticating other packages. Tested with package ubuntu-cloud-keyring which
is included in Ubuntu main and used by the Ubuntu Cloud Archive.
I think the same problem applies to other *-keyring packages as well.
As the apt pinnings are parsed in ascending alphabetical order with
first match wins within a given scope it is useful to be able to specify
a ordering parameter. Then the name parameter can be kept to something
meaningful.
apt::ppa and apt::builddep requires apt class. The anchor introduced for
containment of apt-get update causes a dependency loop. apt::ppa appears
to depend on apt class sources.d direcory. While apt::builddep have no
clear reason for a dependency on apt class. This change refactor both
define type, so they no longer cause a dependency loop.
apt::pin release should default to title, but should be able to
override. This update removes unnecessary "" around $name, and add spec
tests.
Conflicts:
spec/defines/pin_spec.rb
Move apt-get update exec to a seperate class to minimize the number of
apt-get updates invoked by configuration changes.
* remove apt_update exec resource in apt class.
* remove apt-get-${name} in defines.
* apt::source notify Exec['apt update'].
* Remove dependency to Exec['apt_update'].
* fix rspec-puppet tests.
Conflicts:
manifests/source.pp
Several apt::* define resource type does not support ensurable. This
update allows ensure=>absent to support the removal of these
configuration files.
* apt::conf
* apt::pin
* apt::source
This patch adds the appropriate spec tests to validate the changes
introduced by e5f2dfe. As a bonus it includes fixes to the manifests
that were discovered while writing the tests.
This removes the need for depending on a global site.pp, and depending on the
checked out apt module to be called 'apt' as well.
It pulls in stdlib via sub-modules as I don't have a better way to deal with
dependencies yet. It has pinned the revision for stdlib to 2.2.1 which is the
minimum required version for apt to work.
Previously lowercase keys would be installed every
puppet run because apt-key list returns an uppercase
key. This commit makes the comparison case insensitive.
Previously, apt::key used a noop exec hack to do exactly what anchors were
intended to be used for. This commit removes the exec hack and achieves the
same end using Anchor resources from the puppetlabs/stdlib module.
This commit modifies the release parameter test in apt::source to work
correctly within puppet-rspec for edge-case resource definitions. Previously,
the test for the $release parameter was written as
`if ! $release { fail() }`
This commit updates the test to be written as
`if $release == undef { fail() }`
Additionally, the tests for correct behavior in the presence or absence of a
$release parameter have been beefed up.
The reason for making this change relates to examples such as the following
resource definition:
apt::source { "jenkins":
location => "http://pkg.jenkins-ci.org/debian",
release => "",
repos => "binary/",
key => "D50582E6",
key_source => "http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key",
include_src => false,
}
Note that the $release parameter is given as the empty string. In practice,
this is perfectly valid and everything will work great. However, it seems that
the empty string gets interpreted by something in puppet-rspec as something
equivalent to "False", and thus when testing, the above resource definition
would fail with "Puppet::Error: lsbdistcodename fact not available: release
parameter required" even though the $release parameter has been explicitely
specified (as the empty string).
See also: https://github.com/rtyler/puppet-jenkins/issues/9
Adding this defined type allows puppet to add keys to the apt keystore without
needing to add a corresponding source; it also adds the "key_source" parameter
for wget'ing keys from arbitrary URLs, and allows for keys to be explicity
removed.
apt::key allows a key to be ensured present multiple times to account for
apt::source resources that all reference the same key. However, this means
that it is possible for a given key to be defined multiple times with
differing source parameters. e.g.
apt::key { "Add key: 4BD6EC30 from Apt::Source bunny":
key => "4BD6EC30",
key_server => "pgp.mit.edu",
}
apt::key { "Add key: 4BD6EC30 from Apt::Source rabbit":
key => "4BD6EC30",
key_server => "keyserver.ubuntu.com",
}
The defined type will accept both definitions and will create multiple exec
resources. This was deemed preferable to the alternative (creating only one
exec resource) in that one broken definition won't hose an entire catalog. If
one definition fails to install the key because of a bad "key_server", the
next apt::key that uses the key will get it done.
This commit changes $release to default to Facter's $lsbdistcodename
and fall back to a Parse Error if $release is not set and $lsbdistcodename
does not exist. Previously $release was hardcoded to karmic.
This commit also modifies apt::ppa to use $release and sets the
files to be ensured so that they are not purged when purge_sources_list_d
is set to true.
Previously only one should in each block was being evaluated. This moves each
should to its own block so that all values are tested. It also adds another set
of params so that all useful permutations of key, key_server, and key_content
are generated. It also replaces the previous ternary assignment for param_set
with a hash merge.
This test adds the precondition that the python-software-packages package be
installed before the apt class is synced. If the defined function were not
called around the package resource, this test would fail with a duplicate
package resource error.
This update reflects the changes to the apt module to allow duplicate keys. It
mostly involves tests for changes to the resource names to make them unique
between defines.
The setting `disable_keys => true` parameter in the apt module creates
/etc/apt/apt.conf.d/99unauth with the contents
"APT::Get::AllowUnauthenticated 1;". Changing `disable_keys`
does not remove this file. This patch makes it so that
`disable_keys => false` will remove /etc/apt/apt.conf.d/99unauth.
This commit adds unit tests to validate that the
apt proxy is configured as expected when the class
parameter proxy_host is set as a class parameter for
the apt class.
The hash passing to the with method is cleaner and closer to puppet code, so
all of the with_$param have been replaced with with($hash). This also
includes two minor whitspace changes to unstable.pp and source.pp.
This also replaces the ternary switch on param_set with a hash merge,
which is cleaner and will support more use cases.
Rspec no longer uses the spec.opts file, and this particular file also uses
options for rspec that are no longer honored or available, like loadby. So this
commit removes the file. Users that want to customize rspec behavior should use
a .rspec file in the repository root or in their home directory.