X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=lib%2Fpuppet%2Fprovider%2Fapt_key%2Fapt_key.rb;h=5a66e34dce9e22e60edd730312f12fc1e3e4d675;hb=9f2fd0cb6d191e7883a140fb160d8fefaa685a66;hp=bcb0bb9730a608f95d093cb939665b64b6e80559;hpb=c55a6ea90ac351e11b02bd0f9d6ae046e7b971bf;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/lib/puppet/provider/apt_key/apt_key.rb b/lib/puppet/provider/apt_key/apt_key.rb
index bcb0bb9..5a66e34 100644
--- a/lib/puppet/provider/apt_key/apt_key.rb
+++ b/lib/puppet/provider/apt_key/apt_key.rb
@@ -11,6 +11,8 @@ if RUBY_VERSION == '1.8.7'
 end
 
 Puppet::Type.type(:apt_key).provide(:apt_key) do
+  desc 'apt-key provider for apt_key resource'
+
   confine    osfamily: :debian
   defaultfor osfamily: :debian
   commands   apt_key: 'apt-key'
@@ -168,7 +170,7 @@ Puppet::Type.type(:apt_key).provide(:apt_key) do
           end
         end
         unless found_match
-          raise(_('The id in your manifest %{_resource} and the fingerprint from content/source don\'t match. Check for an error in the id and content/source is legitimate.') % { _name: resource[:name] }) # rubocop:disable Metrics/LineLength
+          raise(_('The id in your manifest %{_resource} and the fingerprint from content/source don\'t match. Check for an error in the id and content/source is legitimate.') % { _resource: resource[:name] }) # rubocop:disable Metrics/LineLength
         end
       else
         warning('/usr/bin/gpg cannot be found for verification of the id.')
@@ -177,8 +179,31 @@ Puppet::Type.type(:apt_key).provide(:apt_key) do
     file
   end
 
+  # Update a key if it is expired
+  def update_expired_key
+    # Return without doing anything if refresh or expired is false
+    return unless resource[:refresh] == true && resource[:expired] == true
+
+    # Execute command to update key
+    command = []
+
+    unless resource[:source].nil? && resource[:content].nil?
+      raise(_('an unexpected condition occurred while trying to add the key: %{_resource}') % { _resource: resource[:id] })
+    end
+
+    # Breaking up the command like this is needed because it blows up
+    # if --recv-keys isn't the last argument.
+    command.push('adv', '--keyserver', resource[:server])
+    unless resource[:options].nil?
+      command.push('--keyserver-options', resource[:options])
+    end
+    command.push('--recv-keys', resource[:id])
+  end
+
   def exists?
-    @property_hash[:ensure] == :present
+    update_expired_key
+    # report expired keys as non-existing when refresh => true
+    @property_hash[:ensure] == :present && !(resource[:refresh] && @property_hash[:expired])
   end
 
   def create