New fact was added that matched a regex breaking the always_apt_update
tests. Updated the tests to check for the apt_update exec, not just the
string apt_update.
Adds spec test
If lab-release is not installed, then the end user sees a confusing/ vague message
Error: Unsupported lsbdistid () at /modules/apt/manifests/params.pp:52
It is common for docker containers to not include this package by default
After fix, the user sees a friendlier message if lab-release is not installed
Error: Unable to determine lsbdistid, is lsb-release installed? at /modules/apt/manifests/params.pp:52
Making use of the apt-check command from the 'update-notifier-common'
package (if available) display the number of available updates, number of
security updates as well as the update package names.
Quoting https://wiki.debian.org/LTS
Official security support for Debian GNU/Linux 6.0
(code name "Squeeze") has ended on 31 May 2014.
However long term support for the distribution
is going to be extended until February 2016,
i.e. five years after the initial release.
See https://wiki.debian.org/LTS for more details.
As some places dont have port 11371 open, they are required to use URL as
key_server instead of domain name therefore adding the capability to use URL or
domain name as key_server parameter
Ubuntu 14.04 ships with apt 0.9.15, has a ``fancy progress bar'', which
is a green bar that shows at the bottom of the terminal showing progress
throughout install.
This patch enables the progress bar, which is usually done by running
echo 'Dpkg::Progress-Fancy "1";' > /etc/apt/apt.conf.d/99progressbar
This commit changes the proxy file name to be more consistent with other files
in `apt.conf.d`. The old file (`apt.conf.d/proxy`) is removed.
Tests has been updated.
Because Squeeze is now oldstable we need to add an oldstable line too
otherwise security updates won't be picked up. This is still because we
can't match on codename.
In APT preferences files the only allowed comments are lines that start
with `Explanation:`, commented lines that start with a # trigger a
myriad of interesting bugs. This is considered a feature of APT.
Because we're only ever writing a single file at a time with only a #
comment at the top we were getting away with this but it shouldn't be
there in the first place.
The default configuration we were writing for Debian was only working
for Squeeze, from Wheezy and onwards this wasn't working anymore. This
has to do with the fact that we should now be using Origins-Pattern
according to the unattended-upgrades docs. However, Ubuntu didn't
entirely get with the program yet...
This change reflects the defaults that unattended-upgrade installs on
every platform we support. In order to do so the unattended-upgrades
Debian archive for Squeeze, Wheezy, Lucid, Precise and Trusty were
downloaded and the default /etc/apt/apt.conf.d/50unattended-upgrades
checked for its content with regard to using Allow-Origins or
Origins-Pattern.
Fixes#277
The module used to always pin backports to a priority of 200. This
default is still retained but is now configurable.
Additionally the default is now an Integer, not a 'quoted Integer' and
the tests have been updated to reflect this. This matters for future
parser as it will now kick people if they pass in a stringified integer
as priority.
I am aware this can be done with `dpkg --set-selections`, `apt-mark`
or `ensure => 'held'` on a package resource. The changes to the README
include the full rationale for wanting another mechanism.
Introducing a totally rewritten and tested apt::key. This commit also
patches the spec's of apt::source because it was passing in data that
is no longer allowed by the new validation rules in apt::key.
It does its best to not touch any other specs and where we touch them
only minimally to ensure that we're not introducing breaking changes.
We already had a feature to manage and purge entries in preferences.d
but not the preferences file in /etc/apt. This commit adds that
capability.
Fixes#199
Lucid (10.04) has `add-apt-repository` but it doesn't accept any
options. The define defaulted to `-y` but this changes that on lucid.
This was made 7 months ago, so apparently no one cares about 10.04 any
more.
This commits introduces:
* The apt_key type;
* The apt_key provider;
* Unit tests for the type;
* Beaker/acceptance tests for the type/provider.
The idea behind apt_key is that apt::key will simply become a wrapper
that uses apt_key. Being a native type/provider apt_key is a lot less
error prone than the current exec behaviour of apt::key and adds a few
nice bonuses like inventory capabilities for mcollective users.
We actually expect an extra space. The previous build failed because a test is issued for location='', which indeed results in 2 spaces between the architecture specification and the release. According to the sources.list man page a location is always required though (unlike the missing/empty location in the :default_params of the source_spec test).
The two forms of APT preferences records (general & specific) can now be
completely and not partially defined. All distribution properties can be passed
as resource parameters. This change is totally backward-compatible.
This is necessary when required_packages contains GPG keys that are used for
authenticating other packages. Tested with package ubuntu-cloud-keyring which
is included in Ubuntu main and used by the Ubuntu Cloud Archive.
I think the same problem applies to other *-keyring packages as well.
As the apt pinnings are parsed in ascending alphabetical order with
first match wins within a given scope it is useful to be able to specify
a ordering parameter. Then the name parameter can be kept to something
meaningful.
apt::ppa and apt::builddep requires apt class. The anchor introduced for
containment of apt-get update causes a dependency loop. apt::ppa appears
to depend on apt class sources.d direcory. While apt::builddep have no
clear reason for a dependency on apt class. This change refactor both
define type, so they no longer cause a dependency loop.
apt::pin release should default to title, but should be able to
override. This update removes unnecessary "" around $name, and add spec
tests.
Conflicts:
spec/defines/pin_spec.rb
Move apt-get update exec to a seperate class to minimize the number of
apt-get updates invoked by configuration changes.
* remove apt_update exec resource in apt class.
* remove apt-get-${name} in defines.
* apt::source notify Exec['apt update'].
* Remove dependency to Exec['apt_update'].
* fix rspec-puppet tests.
Conflicts:
manifests/source.pp
Several apt::* define resource type does not support ensurable. This
update allows ensure=>absent to support the removal of these
configuration files.
* apt::conf
* apt::pin
* apt::source
This patch adds the appropriate spec tests to validate the changes
introduced by e5f2dfe. As a bonus it includes fixes to the manifests
that were discovered while writing the tests.
This removes the need for depending on a global site.pp, and depending on the
checked out apt module to be called 'apt' as well.
It pulls in stdlib via sub-modules as I don't have a better way to deal with
dependencies yet. It has pinned the revision for stdlib to 2.2.1 which is the
minimum required version for apt to work.
Previously lowercase keys would be installed every
puppet run because apt-key list returns an uppercase
key. This commit makes the comparison case insensitive.
Previously, apt::key used a noop exec hack to do exactly what anchors were
intended to be used for. This commit removes the exec hack and achieves the
same end using Anchor resources from the puppetlabs/stdlib module.
This commit modifies the release parameter test in apt::source to work
correctly within puppet-rspec for edge-case resource definitions. Previously,
the test for the $release parameter was written as
`if ! $release { fail() }`
This commit updates the test to be written as
`if $release == undef { fail() }`
Additionally, the tests for correct behavior in the presence or absence of a
$release parameter have been beefed up.
The reason for making this change relates to examples such as the following
resource definition:
apt::source { "jenkins":
location => "http://pkg.jenkins-ci.org/debian",
release => "",
repos => "binary/",
key => "D50582E6",
key_source => "http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key",
include_src => false,
}
Note that the $release parameter is given as the empty string. In practice,
this is perfectly valid and everything will work great. However, it seems that
the empty string gets interpreted by something in puppet-rspec as something
equivalent to "False", and thus when testing, the above resource definition
would fail with "Puppet::Error: lsbdistcodename fact not available: release
parameter required" even though the $release parameter has been explicitely
specified (as the empty string).
See also: https://github.com/rtyler/puppet-jenkins/issues/9
Adding this defined type allows puppet to add keys to the apt keystore without
needing to add a corresponding source; it also adds the "key_source" parameter
for wget'ing keys from arbitrary URLs, and allows for keys to be explicity
removed.
apt::key allows a key to be ensured present multiple times to account for
apt::source resources that all reference the same key. However, this means
that it is possible for a given key to be defined multiple times with
differing source parameters. e.g.
apt::key { "Add key: 4BD6EC30 from Apt::Source bunny":
key => "4BD6EC30",
key_server => "pgp.mit.edu",
}
apt::key { "Add key: 4BD6EC30 from Apt::Source rabbit":
key => "4BD6EC30",
key_server => "keyserver.ubuntu.com",
}
The defined type will accept both definitions and will create multiple exec
resources. This was deemed preferable to the alternative (creating only one
exec resource) in that one broken definition won't hose an entire catalog. If
one definition fails to install the key because of a bad "key_server", the
next apt::key that uses the key will get it done.
This commit changes $release to default to Facter's $lsbdistcodename
and fall back to a Parse Error if $release is not set and $lsbdistcodename
does not exist. Previously $release was hardcoded to karmic.
This commit also modifies apt::ppa to use $release and sets the
files to be ensured so that they are not purged when purge_sources_list_d
is set to true.
