X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fkey.pp;h=1933b3f9110b996e666208132e06188d1dc8c5a6;hb=478afa269fd05ca986cf82629eaca00a9cc27553;hp=e87968d7fbb504f3f6e8ca8a2e38b2e344ca8566;hpb=cd7a3efdf0d82d47efd711d39284fb690f1a4883;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/manifests/key.pp b/manifests/key.pp
index e87968d..1933b3f 100644
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -1,78 +1,81 @@
+# == Define: apt::key
 define apt::key (
-  $key = $title,
-  $ensure = present,
-  $key_content = false,
-  $key_source = false,
-  $key_server = 'keyserver.ubuntu.com'
-) {
+    String $id                           = $title,
+    Enum['present', 'absent'] $ensure    = present,
+    Optional[String] $content            = undef,
+    Optional[String] $source             = undef,
+    String $server                       = $::apt::keyserver,
+    Optional[String] $options            = undef,
+    ) {
 
-  include apt::params
+  assert_type(
+    Pattern[
+      /\A(0x)?[0-9a-fA-F]{8}\Z/,
+      /\A(0x)?[0-9a-fA-F]{16}\Z/,
+      /\A(0x)?[0-9a-fA-F]{40}\Z/,
+    ], $id)
 
-  $upkey = upcase($key)
-
-  if $key_content {
-    $method = 'content'
-  } elsif $key_source {
-    $method = 'source'
-  } elsif $key_server {
-    $method = 'server'
+  if $source {
+    assert_type(Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/], $source)
   }
 
-  # This is a hash of the parts of the key definition that we care about.
-  # It is used as a unique identifier for this instance of apt::key. It gets
-  # hashed to ensure that the resource name doesn't end up being pages and
-  # pages (e.g. in the situation where key_content is specified).
-  $digest = sha1("${upkey}/${key_content}/${key_source}/${key_server}/")
+  if $server {
+    assert_type(Pattern[/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/], $server)
+  }
 
-  # Allow multiple ensure => present for the same key to account for many
-  # apt::source resources that all reference the same key.
   case $ensure {
     present: {
-
-      anchor { "apt::key/${title}":; }
-
-      if defined(Exec["apt::key ${upkey} absent"]) {
-        fail("Cannot ensure Apt::Key[${upkey}] present; ${upkey} already ensured absent")
+      if defined(Anchor["apt_key ${id} absent"]){
+        fail("key with id ${id} already ensured as absent")
       }
 
-      if !defined(Anchor["apt::key ${upkey} present"]) {
-        anchor { "apt::key ${upkey} present":; }
-      }
+      if !defined(Anchor["apt_key ${id} present"]) {
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} present": }
 
-      if !defined(Exec[$digest]) {
-        $digest_command = $method ? {
-          'content' => "echo '${key_content}' | /usr/bin/apt-key add -",
-          'source'  => "wget -q '${key_source}' -O- | apt-key add -",
-          'server'  => "apt-key adv --keyserver '${key_server}' --recv-keys '${upkey}'",
-        }
-        exec { $digest:
-          path    => '/bin:/usr/bin',
-          unless  => "/usr/bin/apt-key list | /bin/grep '${upkey}'",
-          before  => Anchor["apt::key ${upkey} present"],
-          command => $digest_command,
+        case $facts['os']['name'] {
+          'Debian': {
+            if versioncmp($facts['os']['release']['major'], '9') >= 0 {
+              ensure_packages(['dirmngr'])
+              Apt::Key<| title == $title |>
+            }
+          }
+          'Ubuntu': {
+            if versioncmp($facts['os']['release']['full'], '17.04') >= 0 {
+              ensure_packages(['dirmngr'])
+              Apt::Key<| title == $title |>
+            }
+          }
+          default: { }
         }
       }
-
-      Anchor["apt::key $upkey present"] -> Anchor["apt::key/$title"]
-
     }
-    absent: {
 
-      if defined(Anchor["apt::key ${upkey} present"]) {
-        fail("Cannot ensure Apt::Key[${upkey}] absent; ${upkey} already ensured present")
+    absent: {
+      if defined(Anchor["apt_key ${id} present"]){
+        fail("key with id ${id} already ensured as present")
       }
 
-      exec { "apt::key ${upkey} absent":
-        path    => '/bin:/usr/bin',
-        onlyif  => "apt-key list | grep '${upkey}'",
-        command => "apt-key del '${upkey}'",
-        user    => 'root',
-        group   => 'root',
+      if !defined(Anchor["apt_key ${id} absent"]){
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} absent": }
       }
     }
 
     default: {
-      fail "Invalid 'ensure' value '${ensure}' for aptkey"
+      fail "Invalid 'ensure' value '${ensure}' for apt::key"
     }
   }
 }