Allow weak SSL verification for apt_key

[puppet-modules/puppetlabs-apt.git] / lib / puppet / type / apt_key.rb

diff --git a/lib/puppet/type/apt_key.rb b/lib/puppet/type/apt_key.rb
index 5150ee8ed29f3c3d2c0f8bd5e9be37f07c02487f..8c5c84c886f83c3bc296b0e06e50ff73af3d1391 100644 (file)
--- a/lib/puppet/type/apt_key.rb
+++ b/lib/puppet/type/apt_key.rb
@@ -3,9 +3,9 @@ require 'puppet/parameter/boolean'
 
 Puppet::Type.newtype(:apt_key) do
   @doc = <<-MANIFEST
-    This type provides Puppet with the capabilities to manage GPG keys needed
-    by apt to perform package validation. Apt has it's own GPG keyring that can
-    be manipulated through the `apt-key` command.
+    @summary This type provides Puppet with the capabilities to manage GPG keys needed
+      by apt to perform package validation. Apt has it's own GPG keyring that can
+      be manipulated through the `apt-key` command.
 
     @example Basic usage
       apt_key { '6F6B15509CF8E59E6E469F327F438280EF8D349F':
@@ -68,7 +68,7 @@ Puppet::Type.newtype(:apt_key) do
     desc 'The key server to fetch the key from based on the ID. It can either be a domain name or url.'
     defaultto :'keyserver.ubuntu.com'
 
-    newvalues(%r{\A((hkp|http|https)://)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$})
+    newvalues(%r{\A((hkp|hkps|http|https)://)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$})
   end
 
   newparam(:options) do
@@ -77,6 +77,12 @@ Puppet::Type.newtype(:apt_key) do
 
   newparam(:refresh, boolean: true, parent: Puppet::Parameter::Boolean) do
     desc 'When true, recreate an existing expired key'
+    defaultto false
+  end
+
+  newparam(:weak_ssl, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'When true and source uses https, accepts download of keys without SSL verfication'
+    defaultto false
   end
 
   newproperty(:fingerprint) do