PUPPETLABS_EXP_KEY_LONG_ID = '47B320EB4C7C375AA9DAE1A01054B7A24BD6EC30'.freeze
PUPPETLABS_EXP_KEY_DATES = 'pub:e:4096:1:1054B7A24BD6EC30:2010-07-10:2017-01-05::-:Puppet Labs Release Key'.freeze
SHOULD_NEVER_EXIST_ID = 'EF8D349F'.freeze
-KEY_CHECK_COMMAND = 'apt-key adv --list-keys --with-colons --fingerprint | grep '.freeze
+KEY_CHECK_COMMAND = 'apt-key adv --no-tty --list-keys --with-colons --fingerprint | grep '.freeze
PUPPETLABS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{PUPPETLABS_GPG_KEY_FINGERPRINT}".freeze
CENTOS_KEY_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} #{CENTOS_GPG_KEY_FINGERPRINT}".freeze
PUPPETLABS_EXP_CHECK_COMMAND = "#{KEY_CHECK_COMMAND} '#{PUPPETLABS_EXP_KEY_DATES}'".freeze
def install_key(key)
retry_on_error_matching do
- shell("apt-key adv --keyserver pgp.mit.edu --recv-keys #{key}")
+ shell("apt-key adv --no-tty --keyserver pgp.mit.edu --recv-keys #{key}")
end
end
}
MANIFEST
+hkps_protocol_supported = fact('operatingsystem') =~ %r{Ubuntu} && \
+ fact('operatingsystemrelease') =~ %r{^18\.04}
+
+if hkps_protocol_supported
+ hkps_ubuntu_pp = <<-MANIFEST
+ apt_key { 'puppetlabs':
+ id => '#{PUPPETLABS_GPG_KEY_LONG_ID}',
+ ensure => 'present',
+ server => 'hkps://keyserver.ubuntu.com',
+ }
+ MANIFEST
+end
+
nonexistant_key_server_pp = <<-MANIFEST
apt_key { 'puppetlabs':
id => '#{PUPPETLABS_GPG_KEY_LONG_ID}',
}
MANIFEST
-refresh_check_for_dirmngr_pp = <<-MANIFEST
- package { 'dirmngr':
- ensure => 'present',
- }
-MANIFEST
-
describe 'apt_key' do
before(:each) do
# Delete twice to make sure everything is cleaned
end
end
+ if hkps_protocol_supported
+ context 'with hkps://keyserver.ubuntu.com' do
+ it 'works' do
+ retry_on_error_matching do
+ apply_manifest(hkps_ubuntu_pp, catch_failures: true)
+ end
+
+ apply_manifest(hkps_ubuntu_pp, catch_changes: true)
+ shell(PUPPETLABS_KEY_CHECK_COMMAND)
+ end
+ end
+ end
+
context 'with nonexistant.key.server' do
it 'fails' do
apply_manifest(nonexistant_key_server_pp, expect_failures: true) do |r|
let(:puppetlabs_exp_check_command) { PUPPETLABS_EXP_CHECK_COMMAND }
end
before(:each) do
- if fact('lsbdistcodename') == 'stretch' || fact('lsbdistcodename') == 'bionic'
- # Ensure dirmngr package is installed
- apply_manifest(refresh_check_for_dirmngr_pp, acceptable_exit_codes: [0, 2])
- # Export environment variable to disable apt-key warning when using grep
- shell('export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1')
- end
# Delete the Puppet Labs Release Key and install an expired version of the key
apply_manifest(refresh_del_key_pp)
apply_manifest(refresh_pp, catch_failures: true)