X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fkey.pp;h=dfa1daf2b61935886b79cf22b5876511807397c4;hb=d7af638793b6f5b6c5af6562923fa9ee0b025e1d;hp=c78bf658ce984a538aad7552ca3dd98581b3f29c;hpb=add5060d643bba7c26e03a270365bdbf21d28283;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/manifests/key.pp b/manifests/key.pp
index c78bf65..dfa1daf 100644
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -1,90 +1,60 @@
+# == Define: apt::key
 define apt::key (
-  $key = $title,
-  $ensure = present,
-  $key_content = false,
-  $key_source = false,
-  $key_server = 'keyserver.ubuntu.com',
-  $key_options = false
-) {
-
-  include apt::params
-
-  $upkey = upcase($key)
-  # trim the key to the last 8 chars so we can match longer keys with apt-key list too
-  $trimmedkey = regsubst($upkey, '^.*(.{8})$', '\1')
-
-  if $key_content {
-    $method = 'content'
-  } elsif $key_source {
-    $method = 'source'
-  } elsif $key_server {
-    $method = 'server'
+    String $id                           = $title,
+    Enum['present', 'absent'] $ensure    = present,
+    Optional[String] $content            = undef,
+    Optional[String] $source             = undef,
+    String $server                       = $::apt::keyserver,
+    Optional[String] $options            = undef,
+    ) {
+
+  validate_re($id, ['\A(0x)?[0-9a-fA-F]{8}\Z', '\A(0x)?[0-9a-fA-F]{16}\Z', '\A(0x)?[0-9a-fA-F]{40}\Z'])
+
+  if $source {
+    validate_re($source, ['\Ahttps?:\/\/', '\Aftp:\/\/', '\A\/\w+'])
   }
 
-  # This is a hash of the parts of the key definition that we care about.
-  # It is used as a unique identifier for this instance of apt::key. It gets
-  # hashed to ensure that the resource name doesn't end up being pages and
-  # pages (e.g. in the situation where key_content is specified).
-  $digest = sha1("${upkey}/${key_content}/${key_source}/${key_server}/")
+  if $server {
+    validate_re($server,['\A((hkp|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?$'])
+  }
 
-  # Allow multiple ensure => present for the same key to account for many
-  # apt::source resources that all reference the same key.
   case $ensure {
     present: {
-
-      anchor { "apt::key/${title}": }
-
-      if defined(Exec["apt::key ${upkey} absent"]) {
-        fail("Cannot ensure Apt::Key[${upkey}] present; ${upkey} already ensured absent")
-      }
-
-      if !defined(Anchor["apt::key ${upkey} present"]) {
-        anchor { "apt::key ${upkey} present": }
+      if defined(Anchor["apt_key ${id} absent"]){
+        fail("key with id ${id} already ensured as absent")
       }
 
-      if $key_options{
-        $options_string = "--keyserver-options ${key_options}"
+      if !defined(Anchor["apt_key ${id} present"]) {
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} present": }
       }
-      else{
-        $options_string = ''
-      }
-
-      if !defined(Exec[$digest]) {
-        $digest_command = $method ? {
-          'content' => "echo '${key_content}' | /usr/bin/apt-key add -",
-          'source'  => "wget -q '${key_source}' -O- | apt-key add -",
-          'server'  => "apt-key adv --keyserver '${key_server}' ${options_string} --recv-keys '${upkey}'",
-        }
-        exec { $digest:
-          command   => $digest_command,
-          path      => '/bin:/usr/bin',
-          unless    => "/usr/bin/apt-key list | /bin/grep '${trimmedkey}'",
-          logoutput => 'on_failure',
-          before    => Anchor["apt::key ${upkey} present"],
-        }
-      }
-
-      Anchor["apt::key ${upkey} present"] -> Anchor["apt::key/${title}"]
-
     }
-    absent: {
 
-      if defined(Anchor["apt::key ${upkey} present"]) {
-        fail("Cannot ensure Apt::Key[${upkey}] absent; ${upkey} already ensured present")
+    absent: {
+      if defined(Anchor["apt_key ${id} present"]){
+        fail("key with id ${id} already ensured as present")
       }
 
-      exec { "apt::key ${upkey} absent":
-        command   => "apt-key del '${upkey}'",
-        path      => '/bin:/usr/bin',
-        onlyif    => "apt-key list | grep '${trimmedkey}'",
-        user      => 'root',
-        group     => 'root',
-        logoutput => 'on_failure',
+      if !defined(Anchor["apt_key ${id} absent"]){
+        apt_key { $title:
+          ensure  => $ensure,
+          id      => $id,
+          source  => $source,
+          content => $content,
+          server  => $server,
+          options => $options,
+        } -> anchor { "apt_key ${id} absent": }
       }
     }
 
     default: {
-      fail "Invalid 'ensure' value '${ensure}' for aptkey"
+      fail "Invalid 'ensure' value '${ensure}' for apt::key"
     }
   }
 }