X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fkey.pp;h=037eec5288f789937ca492382064715df982034e;hb=a2422f7f7b28d77e721a065458c59e1f7a6498d1;hp=24eef9e9cf2f94c6a253f71a5f49a75c6a1c72d5;hpb=76dbf992e04bbbaa909cbe779adac0045cee5a7f;p=puppet-modules%2Fpuppetlabs-apt.git diff --git a/manifests/key.pp b/manifests/key.pp index 24eef9e..037eec5 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -3,66 +3,76 @@ define apt::key ( $ensure = present, $key_content = false, $key_source = false, - $key_server = "keyserver.ubuntu.com" + $key_server = 'keyserver.ubuntu.com' ) { include apt::params + $upkey = upcase($key) + if $key_content { - $method = "content" + $method = 'content' } elsif $key_source { - $method = "source" + $method = 'source' } elsif $key_server { - $method = "server" + $method = 'server' } # This is a hash of the parts of the key definition that we care about. # It is used as a unique identifier for this instance of apt::key. It gets # hashed to ensure that the resource name doesn't end up being pages and # pages (e.g. in the situation where key_content is specified). - $digest = sha1("${key}/${key_content}/${key_source}/${key_server}/") + $digest = sha1("${upkey}/${key_content}/${key_source}/${key_server}/") # Allow multiple ensure => present for the same key to account for many # apt::source resources that all reference the same key. case $ensure { present: { - if defined(Exec["apt::key $key absent"]) { - fail ("Cannot ensure Apt::Key[$key] present; $key already ensured absent") - } elsif !defined(Exec["apt::key $key present"]) { - # this is a marker to ensure we don't simultaneously define a key - # ensure => absent AND ensure => present - exec { "apt::key $key present": - path => "/", - onlyif => "/bin/false", - noop => true; - } + + anchor { "apt::key/${title}": } + + if defined(Exec["apt::key ${upkey} absent"]) { + fail("Cannot ensure Apt::Key[${upkey}] present; ${upkey} already ensured absent") } + + if !defined(Anchor["apt::key ${upkey} present"]) { + anchor { "apt::key ${upkey} present": } + } + if !defined(Exec[$digest]) { + $digest_command = $method ? { + 'content' => "echo '${key_content}' | /usr/bin/apt-key add -", + 'source' => "wget -q '${key_source}' -O- | apt-key add -", + 'server' => "apt-key adv --keyserver '${key_server}' --recv-keys '${upkey}'", + } exec { $digest: - path => "/bin:/usr/bin", - unless => "/usr/bin/apt-key list | /bin/grep '${key}'", - command => $method ? { - "content" => "echo '${key_content}' | /usr/bin/apt-key add -", - "source" => "wget -q '${key_source}' -O- | apt-key add -", - "server" => "apt-key adv --keyserver '${key_server}' --recv-keys '${key}'", - }; + path => '/bin:/usr/bin', + unless => "/usr/bin/apt-key list | /bin/grep '${upkey}'", + before => Anchor["apt::key ${upkey} present"], + command => $digest_command, } } + + Anchor["apt::key $upkey present"] -> Anchor["apt::key/$title"] + } absent: { - if defined(Exec["apt::key $key present"]) { - fail ("Cannot ensure Apt::Key[$key] absent; $key already ensured present") + + if defined(Anchor["apt::key ${upkey} present"]) { + fail("Cannot ensure Apt::Key[${upkey}] absent; ${upkey} already ensured present") } - exec { "apt::key $key absent": - path => "/bin:/usr/bin", - onlyif => "apt-key list | grep '$key'", - command => "apt-key del '$key'", - user => "root", - group => "root", + + exec { "apt::key ${upkey} absent": + path => '/bin:/usr/bin', + onlyif => "apt-key list | grep '${upkey}'", + command => "apt-key del '${upkey}'", + user => 'root', + group => 'root', } } + default: { - fail "Invalid 'ensure' value '$ensure' for aptkey" + fail "Invalid 'ensure' value '${ensure}' for aptkey" } } }