Merge pull request #683 from HelenCampbell/rpreppy

[puppet-modules/puppetlabs-apt.git] / manifests / key.pp

diff --git a/manifests/key.pp b/manifests/key.pp
index 24eef9e9cf2f94c6a253f71a5f49a75c6a1c72d5..dfa1daf2b61935886b79cf22b5876511807397c4 100644 (file)
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -1,68 +1,60 @@
+# == Define: apt::key
 define apt::key (
-  $key = $title,
-  $ensure = present,
-  $key_content = false,
-  $key_source = false,
-  $key_server = "keyserver.ubuntu.com"
-) {
+    String $id                           = $title,
+    Enum['present', 'absent'] $ensure    = present,
+    Optional[String] $content            = undef,
+    Optional[String] $source             = undef,
+    String $server                       = $::apt::keyserver,
+    Optional[String] $options            = undef,
+    ) {
 
-  include apt::params
+  validate_re($id, ['\A(0x)?[0-9a-fA-F]{8}\Z', '\A(0x)?[0-9a-fA-F]{16}\Z', '\A(0x)?[0-9a-fA-F]{40}\Z'])
 
-  if $key_content {
-    $method = "content"
-  } elsif $key_source {
-    $method = "source"
-  } elsif $key_server {
-    $method = "server"
+  if $source {
+    validate_re($source, ['\Ahttps?:\/\/', '\Aftp:\/\/', '\A\/\w+'])
   }
 
-  # This is a hash of the parts of the key definition that we care about.
-  # It is used as a unique identifier for this instance of apt::key. It gets
-  # hashed to ensure that the resource name doesn't end up being pages and
-  # pages (e.g. in the situation where key_content is specified).
-  $digest = sha1("${key}/${key_content}/${key_source}/${key_server}/")
+  if $server {
+    validate_re($server,['\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$'])
+  }
 
-  # Allow multiple ensure => present for the same key to account for many
-  # apt::source resources that all reference the same key.
   case $ensure {
     present: {
-      if defined(Exec["apt::key $key absent"]) {
-        fail ("Cannot ensure Apt::Key[$key] present; $key already ensured absent")
-      } elsif !defined(Exec["apt::key $key present"]) {
-        # this is a marker to ensure we don't simultaneously define a key
-        # ensure => absent AND ensure => present
-        exec { "apt::key $key present":
-          path   => "/",
-          onlyif => "/bin/false",
-          noop   => true;
-        }
+      if defined(Anchor["apt_key ${id} absent"]){
+        fail("key with id ${id} already ensured as absent")
       }
-      if !defined(Exec[$digest]) {
-        exec { $digest:
-          path    => "/bin:/usr/bin",
-          unless  => "/usr/bin/apt-key list | /bin/grep '${key}'",
-          command => $method ? {
-            "content" => "echo '${key_content}' | /usr/bin/apt-key add -",
-            "source"  => "wget -q '${key_source}' -O- | apt-key add -",
-            "server"  => "apt-key adv --keyserver '${key_server}' --recv-keys '${key}'",
-          };
-        }
+
+      if !defined(Anchor["apt_key ${id} present"]) {
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} present": }
       }
     }
+
     absent: {
-      if defined(Exec["apt::key $key present"]) {
-        fail ("Cannot ensure Apt::Key[$key] absent; $key already ensured present")
+      if defined(Anchor["apt_key ${id} present"]){
+        fail("key with id ${id} already ensured as present")
       }
-      exec { "apt::key $key absent":
-        path    => "/bin:/usr/bin",
-        onlyif  => "apt-key list | grep '$key'",
-        command => "apt-key del '$key'",
-        user    => "root",
-        group   => "root",
+
+      if !defined(Anchor["apt_key ${id} absent"]){
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} absent": }
       }
     }
+
     default: {
-      fail "Invalid 'ensure' value '$ensure' for aptkey"
+      fail "Invalid 'ensure' value '${ensure}' for apt::key"
     }
   }
 }