6 $key_server = 'keyserver.ubuntu.com',
13 # trim the key to the last 8 chars so we can match longer keys with apt-key list too
14 $trimmedkey = regsubst($upkey, '^.*(.{8})$', '\1')
24 # This is a hash of the parts of the key definition that we care about.
25 # It is used as a unique identifier for this instance of apt::key. It gets
26 # hashed to ensure that the resource name doesn't end up being pages and
27 # pages (e.g. in the situation where key_content is specified).
28 $digest = sha1("${upkey}/${key_content}/${key_source}/${key_server}/")
30 # Allow multiple ensure => present for the same key to account for many
31 # apt::source resources that all reference the same key.
35 anchor { "apt::key/${title}": }
37 if defined(Exec["apt::key ${upkey} absent"]) {
38 fail("Cannot ensure Apt::Key[${upkey}] present; ${upkey} already ensured absent")
41 if !defined(Anchor["apt::key ${upkey} present"]) {
42 anchor { "apt::key ${upkey} present": }
46 $options_string = "--keyserver-options ${key_options}"
52 if !defined(Exec[$digest]) {
53 $digest_command = $method ? {
54 'content' => "echo '${key_content}' | /usr/bin/apt-key add -",
55 'source' => "wget -q '${key_source}' -O- | apt-key add -",
56 'server' => "apt-key adv --keyserver '${key_server}' ${options_string} --recv-keys '${upkey}'",
59 command => $digest_command,
60 path => '/bin:/usr/bin',
61 unless => "/usr/bin/apt-key list | /bin/grep '${trimmedkey}'",
62 logoutput => 'on_failure',
63 before => Anchor["apt::key ${upkey} present"],
67 Anchor["apt::key ${upkey} present"] -> Anchor["apt::key/${title}"]
72 if defined(Anchor["apt::key ${upkey} present"]) {
73 fail("Cannot ensure Apt::Key[${upkey}] absent; ${upkey} already ensured present")
76 exec { "apt::key ${upkey} absent":
77 command => "apt-key del '${upkey}'",
78 path => '/bin:/usr/bin',
79 onlyif => "apt-key list | grep '${trimmedkey}'",
82 logoutput => 'on_failure',
87 fail "Invalid 'ensure' value '${ensure}' for aptkey"