X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fkey.pp;h=48487632c18ccd37ce7d7eb46afda15a7083e578;hb=d3aea9c076a89a48704742562e90b7f8f9f9aa18;hp=13b477060d679786677697db0fab9a1b60dc61d5;hpb=4a90396df778dae89988221187d767d6c940159f;p=puppet-modules%2Fpuppetlabs-apt.git diff --git a/manifests/key.pp b/manifests/key.pp index 13b4770..4848763 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -6,7 +6,7 @@ # @example Declare Apt key for apt.puppetlabs.com source # apt::key { 'puppetlabs': # id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', -# server => 'hkps.pool.sks-keyservers.net', +# server => 'keyserver.ubuntu.com', # options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"', # } # @@ -29,45 +29,50 @@ # Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, # hkp:// or hkps://). The hkps:// protocol is currently only supported on Ubuntu 18.04. # +# @param weak_ssl +# Specifies whether strict SSL verification on a https URL should be disabled. Valid options: true or false. +# # @param options # Passes additional options to `apt-key adv --keyserver-options`. # define apt::key ( - Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/] $id = $title, - Enum['present', 'absent', 'refreshed'] $ensure = present, - Optional[String] $content = undef, - Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]] $source = undef, - Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/] $server = $::apt::keyserver, - Optional[String] $options = undef, + Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/] $id = $title, + Enum['present', 'absent', 'refreshed'] $ensure = present, + Optional[String] $content = undef, + Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]] $source = undef, + Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$/] $server = $::apt::keyserver, + Boolean $weak_ssl = false, + Optional[String] $options = $::apt::key_options, ) { case $ensure { /^(refreshed|present)$/: { if defined(Anchor["apt_key ${id} absent"]){ - fail(translate('key with id %{_id} already ensured as absent'), {'_id' => id}) + fail("key with id ${id} already ensured as absent") } if !defined(Anchor["apt_key ${id} present"]) { apt_key { $title: - ensure => present, - refresh => $ensure == 'refreshed', - id => $id, - source => $source, - content => $content, - server => $server, - options => $options, + ensure => present, + refresh => $ensure == 'refreshed', + id => $id, + source => $source, + content => $content, + server => $server, + weak_ssl => $weak_ssl, + options => $options, } -> anchor { "apt_key ${id} present": } case $facts['os']['name'] { 'Debian': { if versioncmp($facts['os']['release']['major'], '9') >= 0 { - ensure_packages(['dirmngr']) + ensure_packages(['gnupg']) Apt::Key<| title == $title |> } } 'Ubuntu': { if versioncmp($facts['os']['release']['full'], '17.04') >= 0 { - ensure_packages(['dirmngr']) + ensure_packages(['gnupg']) Apt::Key<| title == $title |> } } @@ -78,23 +83,24 @@ define apt::key ( absent: { if defined(Anchor["apt_key ${id} present"]){ - fail(translate('key with id %{_id} already ensured as present', {'_id' => id})) + fail("key with id ${id} already ensured as present") } if !defined(Anchor["apt_key ${id} absent"]){ apt_key { $title: - ensure => $ensure, - id => $id, - source => $source, - content => $content, - server => $server, - options => $options, + ensure => $ensure, + id => $id, + source => $source, + content => $content, + server => $server, + weak_ssl => $weak_ssl, + options => $options, } -> anchor { "apt_key ${id} absent": } } } default: { - fail translate('Invalid \'ensure\' value \'%{_ensure}\' for apt::key', {'_ensure' => ensure}) + fail("Invalid \'ensure\' value \'${ensure}\' for apt::key") } } }