by apt to perform package validation. Apt has it's own GPG keyring that can
be manipulated through the `apt-key` command.
- apt_key { '4BD6EC30':
+ apt_key { '6F6B15509CF8E59E6E469F327F438280EF8D349F':
source => 'http://apt.puppetlabs.com/pubkey.gpg'
}
if self[:content] and self[:source]
fail('The properties content and source are mutually exclusive.')
end
+ if self[:id].length < 40
+ warning('The id should be a full fingerprint (40 characters), see README.')
+ end
end
newparam(:id, :namevar => true) do
desc 'The ID of the key you want to manage.'
# GPG key ID's should be either 32-bit (short) or 64-bit (long) key ID's
- # and may start with the optional 0x
- newvalues(/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/)
+ # and may start with the optional 0x, or they can be 40-digit key fingerprints
+ newvalues(/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/)
munge do |value|
if value.start_with?('0x')
id = value.partition('0x').last.upcase
newparam(:server) do
desc 'The key server to fetch the key from based on the ID. It can either be a domain name or url.'
defaultto :'keyserver.ubuntu.com'
-
+
newvalues(/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/)
end
- newparam(:keyserver_options) do
+ newparam(:options) do
desc 'Additional options to pass to apt-key\'s --keyserver-options.'
end
+ newproperty(:fingerprint) do
+ desc <<-EOS
+ The 40-digit hexadecimal fingerprint of the specified GPG key.
+
+ This property is read-only.
+ EOS
+ end
+
+ newproperty(:long) do
+ desc <<-EOS
+ The 16-digit hexadecimal id of the specified GPG key.
+
+ This property is read-only.
+ EOS
+ end
+
+ newproperty(:short) do
+ desc <<-EOS
+ The 8-digit hexadecimal id of the specified GPG key.
+
+ This property is read-only.
+ EOS
+ end
+
newproperty(:expired) do
desc <<-EOS
Indicates if the key has expired.
newproperty(:type) do
desc <<-EOS
- The key type, either RSA or DSA.
+ The key type, one of: rsa, dsa, ecc, ecdsa
This property is read-only.
EOS