manifests/key.pp

   1 # == Define: apt::key
   2 define apt::key (
   3     String $id                           = $title,
   4     Enum['present', 'absent'] $ensure    = present,
   5     Optional[String] $content            = undef,
   6     Optional[String] $source             = undef,
   7     String $server                       = $::apt::keyserver,
   8     Optional[String] $options            = undef,
   9     ) {
  10
  11   assert_type(
  12     Pattern[
  13       /\A(0x)?[0-9a-fA-F]{8}\Z/,
  14       /\A(0x)?[0-9a-fA-F]{16}\Z/,
  15       /\A(0x)?[0-9a-fA-F]{40}\Z/,
  16     ], $id)
  17
  18   if $source {
  19     assert_type(Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/], $source)
  20   }
  21
  22   if $server {
  23     assert_type(Pattern[/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/], $server)
  24   }
  25
  26   case $ensure {
  27     present: {
  28       if defined(Anchor["apt_key ${id} absent"]){
  29         fail("key with id ${id} already ensured as absent")
  30       }
  31
  32       if !defined(Anchor["apt_key ${id} present"]) {
  33         apt_key { $title:
  34           ensure  => $ensure,
  35           id      => $id,
  36           source  => $source,
  37           content => $content,
  38           server  => $server,
  39           options => $options,
  40         } -> anchor { "apt_key ${id} present": }
  41
  42         case $facts['os']['name'] {
  43           'Debian': {
  44             if versioncmp($facts['os']['release']['full'], '9.0') >= 0 {
  45               Apt::Key<| title == $title |> {
  46                 require => Package['dirmngr']
  47               }
  48             }
  49           }
  50           'Ubuntu': {
  51             if versioncmp($facts['os']['release']['full'], '17.04') >= 0 {
  52               Apt::Key<| title == $title |> {
  53                 require => Package['dirmngr']
  54               }
  55             }
  56           }
  57           default: { }
  58         }
  59       }
  60     }
  61
  62     absent: {
  63       if defined(Anchor["apt_key ${id} present"]){
  64         fail("key with id ${id} already ensured as present")
  65       }
  66
  67       if !defined(Anchor["apt_key ${id} absent"]){
  68         apt_key { $title:
  69           ensure  => $ensure,
  70           id      => $id,
  71           source  => $source,
  72           content => $content,
  73           server  => $server,
  74           options => $options,
  75         } -> anchor { "apt_key ${id} absent": }
  76       }
  77     }
  78
  79     default: {
  80       fail "Invalid 'ensure' value '${ensure}' for apt::key"
  81     }
  82   }
  83 }