X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fkey.pp;h=9387899ad954d473a3fd8da5cfce7c93644f1ae2;hb=02ec0b38bc9df6eed5219347fcc96451897593f5;hp=cb95b4d38cda8090410813d4917a69a693c8b779;hpb=6c1fd8e819cc8ffb44ac187bb0fa7051d2958cc6;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/manifests/key.pp b/manifests/key.pp
index cb95b4d..9387899 100644
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -15,7 +15,8 @@
 #   characters, optionally prefixed with "0x") or a full key fingerprint (40 hexadecimal characters).
 #
 # @param ensure
-#   Specifies whether the key should exist. Valid options: 'present' and 'absent'.
+#   Specifies whether the key should exist. Valid options: 'present', 'absent' or 'refreshed'. Using 'refreshed' will make keys auto
+#   update when they have expired (assuming a new key exists on the key server).
 #
 # @param content
 #   Supplies the entire GPG key. Useful in case the key can't be fetched from a remote location and using a file resource is inconvenient.
@@ -32,38 +33,24 @@
 #   Passes additional options to `apt-key adv --keyserver-options`.
 #
 define apt::key (
-    String $id                           = $title,
-    Enum['present', 'absent'] $ensure    = present,
-    Optional[String] $content            = undef,
-    Optional[String] $source             = undef,
-    String $server                       = $::apt::keyserver,
-    Optional[String] $options            = undef,
-    ) {
-
-  assert_type(
-    Pattern[
-      /\A(0x)?[0-9a-fA-F]{8}\Z/,
-      /\A(0x)?[0-9a-fA-F]{16}\Z/,
-      /\A(0x)?[0-9a-fA-F]{40}\Z/,
-    ], $id)
-
-  if $source {
-    assert_type(Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/], $source)
-  }
-
-  if $server {
-    assert_type(Pattern[/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/], $server)
-  }
+  Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/] $id = $title,
+  Enum['present', 'absent', 'refreshed'] $ensure                                                 = present,
+  Optional[String] $content                                                                      = undef,
+  Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]] $source                            = undef,
+  Pattern[/\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$/] $server  = $::apt::keyserver,
+  Optional[String] $options                                                                      = undef,
+  ) {
 
   case $ensure {
-    present: {
+    /^(refreshed|present)$/: {
       if defined(Anchor["apt_key ${id} absent"]){
-        fail("key with id ${id} already ensured as absent")
+        fail(translate('key with id %{_id} already ensured as absent'), {'_id' => id})
       }
 
       if !defined(Anchor["apt_key ${id} present"]) {
         apt_key { $title:
-          ensure  => $ensure,
+          ensure  => present,
+          refresh => $ensure == 'refreshed',
           id      => $id,
           source  => $source,
           content => $content,
@@ -91,7 +78,7 @@ define apt::key (
 
     absent: {
       if defined(Anchor["apt_key ${id} present"]){
-        fail("key with id ${id} already ensured as present")
+        fail(translate('key with id %{_id} already ensured as present', {'_id' => id}))
       }
 
       if !defined(Anchor["apt_key ${id} absent"]){
@@ -107,7 +94,7 @@ define apt::key (
     }
 
     default: {
-      fail "Invalid 'ensure' value '${ensure}' for apt::key"
+      fail translate('Invalid \'ensure\' value \'%{_ensure}\' for apt::key', {'_ensure' => ensure})
     }
   }
 }