better attempt at gpg version checking
adding in key length warning
removing version check, adding key check
adding tests
clean up the code
small changes
use commands
documentation updates
In what universe does it make sense to create a `sources.list.d` entry
for a repository **without** specifying where this repository is?
😖😞😩😧😱
Only when removing the resource should a location not be required.
the apt module did not correctly detect Cumulus Linux with lsbdistid.
This change adds several lines in params.pp to detect Cumulus Linux and
set $distid and $distcodename
It is weird that `trusted_source` would default to `false` as that would
imply that we normally don't trust our sources. This is opposite to the
truth, by default we trust them but only if the Releases file can be
verified (meaning it is signed by a GPG key known to apt).
What we were telling apt is that it should trust this source even if the
Releases file and the repository is unsigned. This is better captured
with `allow_unsigned` and better highlights the danger of what you're
doing, installing packages from a source we cannot authenticate.
This makes its behaviour similar to the `update`, `proxy` and `purge`
hashes on the main classes bringing its API more in line with the rest
of the module.
`$xfacts` now contains and guards all `lsb*` facts. Looking up any
`lsb*`-related fact should now always be done through `$::apt::xfacts`
to ensure that the values are always set to either the value of the fact
or undef. This avoids all sorts of kerfuffles with strict variables.
A few of these fixes are absolutely horrendous but we have no choice as
we need to stay current- and future-parser compatible for now.
Once we can go Puppet 4 only we can use the `$facts` hash lookup instead
which will return undef/nil for things that aren't set instead of them
not being defined at all.
This was a great idea but is pretty pointless. It's also not being used
by anything and not exposed as a switch on the main class so it would
almost never affect any behaviour.
The behaviour of passing down undef through multiple layers gets fuzzy
so for now be explicit about the keyserver.
Once Puppet 4 is out and this behaviour has been crystallised and tested
we can revisit it.
* Allow any configuration of apt to be done through data bindings by
passing in hashes representing the resources.
* Switch apt::ppa to use `distid` as set in `apt::params. This makes
`apt::ppa` also work for LinuxMint.
* Instead of having 4 options controlling purging we now have a single
hash with four possible keys.
* Include `apt::update` only _after_ we've assembled the `$_update`
hash.
* Instead of having 4 options controlling purging we now have a single
hash with four possible keys.
* We purge everything by default.
* `/etc/apt/preferences` is now always managed.
* Add missing `mode` to some of the files.
Re-introduce proxy support at the class level. Needing to configure a
proxy is such a common scenario that having it on the class is a
reasonable thing. It also affects `apt::ppa`.
Change `apt::ppa` to no longer have its own `proxy` parameter but use
the proxy as configured on the main `apt` class.
Instead of having two additional parameters, `base_name` and
`setting_type` simply parse it from `title`.
We need to prefix most resources with `list-`, `conf-`, or `pref-` any
way to avoid duplicate resources so we might as well leverage that.
This allows you to work around duplicate resource issues when you have
settings of different types with the same name. When the files are built
it is path/${priority}${base_name}${extension}.
This conversion is done by Transpec 3.0.8 with the following command:
transpec spec/classes spec/defines spec/unit
* 87 conversions
from: it { should ... }
to: it { is_expected.to ... }
* 14 conversions
from: obj.should
to: expect(obj).to
* 7 conversions
from: == expected
to: eq(expected)
* 1 conversion
from: it { should_not ... }
to: it { is_expected.not_to ... }
For more details: https://github.com/yujinakayama/transpec#supported-conversions
Prevent direct access to apt::params. This will ensure that any other
module cannot blindly access apt::params and get settings that have been
potentially overridden at the apt level.
Our own module still can since any class in apt has a module_name of
'apt' but that's up to us to prevent from happening.
Every setting must now be accessed by a qualified lookup into the apt
namespace.