X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=lib%2Fpuppet%2Ftype%2Fapt_key.rb;h=8c5c84c886f83c3bc296b0e06e50ff73af3d1391;hb=d5e81157b553ff9ccd425bc26d285a2829281072;hp=81b66a263862fa5bed5895c633865173469d09b5;hpb=913a64e1fd9a383cfa39a2bb7487cb2e76d79fa1;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/lib/puppet/type/apt_key.rb b/lib/puppet/type/apt_key.rb
index 81b66a2..8c5c84c 100644
--- a/lib/puppet/type/apt_key.rb
+++ b/lib/puppet/type/apt_key.rb
@@ -1,44 +1,50 @@
 require 'pathname'
+require 'puppet/parameter/boolean'
 
 Puppet::Type.newtype(:apt_key) do
+  @doc = <<-MANIFEST
+    @summary This type provides Puppet with the capabilities to manage GPG keys needed
+      by apt to perform package validation. Apt has it's own GPG keyring that can
+      be manipulated through the `apt-key` command.
 
-  @doc = <<-EOS
-    This type provides Puppet with the capabilities to manage GPG keys needed
-    by apt to perform package validation. Apt has it's own GPG keyring that can
-    be manipulated through the `apt-key` command.
+    @example Basic usage
+      apt_key { '6F6B15509CF8E59E6E469F327F438280EF8D349F':
+        source => 'http://apt.puppetlabs.com/pubkey.gpg'
+      }
 
-    apt_key { '4BD6EC30':
-      source => 'http://apt.puppetlabs.com/pubkey.gpg'
-    }
-
-    **Autorequires**:
+    **Autorequires**
 
     If Puppet is given the location of a key file which looks like an absolute
     path this type will autorequire that file.
-  EOS
+
+    @api private
+  MANIFEST
 
   ensurable
 
   validate do
-    if self[:content] and self[:source]
-      fail('The properties content and source are mutually exclusive.')
+    if self[:refresh] == true && self[:ensure] == :absent
+      raise(_('ensure => absent and refresh => true are mutually exclusive'))
+    end
+    if self[:content] && self[:source]
+      raise(_('The properties content and source are mutually exclusive.'))
+    end
+    if self[:id].length < 40
+      warning(_('The id should be a full fingerprint (40 characters), see README.'))
     end
-    if self[:id].length < 40 
-      warning('The id should be a full fingerprint (40 characters), see README.')
-    end 
   end
 
-  newparam(:id, :namevar => true) do
+  newparam(:id, namevar: true) do
     desc 'The ID of the key you want to manage.'
     # GPG key ID's should be either 32-bit (short) or 64-bit (long) key ID's
     # and may start with the optional 0x, or they can be 40-digit key fingerprints
-    newvalues(/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/)
+    newvalues(%r{\A(0x)?[0-9a-fA-F]{8}\Z}, %r{\A(0x)?[0-9a-fA-F]{16}\Z}, %r{\A(0x)?[0-9a-fA-F]{40}\Z})
     munge do |value|
-      if value.start_with?('0x')
-        id = value.partition('0x').last.upcase
-      else
-        id = value.upcase
-      end
+      id = if value.start_with?('0x')
+             value.partition('0x').last.upcase
+           else
+             value.upcase
+           end
       id
     end
   end
@@ -49,11 +55,11 @@ Puppet::Type.newtype(:apt_key) do
 
   newparam(:source) do
     desc 'Location of a GPG key file, /path/to/file, ftp://, http:// or https://'
-    newvalues(/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/)
+    newvalues(%r{\Ahttps?://}, %r{\Aftp://}, %r{\A/\w+})
   end
 
   autorequire(:file) do
-    if self[:source] and Pathname.new(self[:source]).absolute?
+    if self[:source] && Pathname.new(self[:source]).absolute?
       self[:source]
     end
   end
@@ -62,74 +68,84 @@ Puppet::Type.newtype(:apt_key) do
     desc 'The key server to fetch the key from based on the ID. It can either be a domain name or url.'
     defaultto :'keyserver.ubuntu.com'
 
-    newvalues(/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/)
+    newvalues(%r{\A((hkp|hkps|http|https)://)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$})
   end
 
   newparam(:options) do
     desc 'Additional options to pass to apt-key\'s --keyserver-options.'
   end
 
+  newparam(:refresh, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'When true, recreate an existing expired key'
+    defaultto false
+  end
+
+  newparam(:weak_ssl, boolean: true, parent: Puppet::Parameter::Boolean) do
+    desc 'When true and source uses https, accepts download of keys without SSL verfication'
+    defaultto false
+  end
+
   newproperty(:fingerprint) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The 40-digit hexadecimal fingerprint of the specified GPG key.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:long) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The 16-digit hexadecimal id of the specified GPG key.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:short) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The 8-digit hexadecimal id of the specified GPG key.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:expired) do
-    desc <<-EOS
+    desc <<-MANIFEST
       Indicates if the key has expired.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:expiry) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The date the key will expire, or nil if it has no expiry date.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:size) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The key size, usually a multiple of 1024.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:type) do
-    desc <<-EOS
+    desc <<-MANIFEST
       The key type, one of: rsa, dsa, ecc, ecdsa
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 
   newproperty(:created) do
-    desc <<-EOS
+    desc <<-MANIFEST
       Date the key was created.
 
       This property is read-only.
-    EOS
+    MANIFEST
   end
 end