X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fsource.pp;h=3b0b06b3d54a29ae71f78efd98ccc245f567364b;hb=d4531de809ed140def5da353235c204f4660e8e4;hp=0512fa96c9ac48440091843781d617ba9cf25cd9;hpb=8171d35470588b29055341b8a0132551d1f2a63f;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/manifests/source.pp b/manifests/source.pp
index 0512fa9..3b0b06b 100644
--- a/manifests/source.pp
+++ b/manifests/source.pp
@@ -1,59 +1,164 @@
-# source.pp
-# add an apt source
-
+# @summary Manages the Apt sources in /etc/apt/sources.list.d/.
+#
+# @example Install the puppetlabs apt source
+#   apt::source { 'puppetlabs':
+#     location => 'http://apt.puppetlabs.com',
+#     repos    => 'main',
+#     key      => {
+#       id     => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
+#       server => 'hkps.pool.sks-keyservers.net',
+#     },
+#   }
+#
+# @param location
+#   Required, unless ensure is set to 'absent'. Specifies an Apt repository. Valid options: a string containing a repository URL.
+#
+# @param comment
+#   Supplies a comment for adding to the Apt source file.
+#
+# @param ensure
+#   Specifies whether the Apt source file should exist. Valid options: 'present' and 'absent'.
+#
+# @param release
+#   Specifies a distribution of the Apt repository.
+#
+# @param repos
+#   Specifies a component of the Apt repository.
+#
+# @param include
+#   Configures include options. Valid options: a hash of available keys.
+# 
+# @option include [Boolean] :deb
+#   Specifies whether to request the distribution's compiled binaries. Default true.
+#
+# @option include [Boolean] :src
+#   Specifies whether to request the distribution's uncompiled source code. Default false.
+#
+# @param key
+#   Creates a declaration of the apt::key defined type. Valid options: a string to be passed to the `id` parameter of the `apt::key` 
+#   defined type, or a hash of `parameter => value` pairs to be passed to `apt::key`'s `id`, `server`, `content`, `source`, and/or 
+#   `options` parameters.
+#
+# @param pin
+#   Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the `id` parameter of the 
+#   `apt::pin` defined type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters.
+#
+# @param architecture
+#   Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, 
+#   separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). Default: undef (if unspecified, Apt downloads information for all architectures 
+#   defined in the Apt::Architectures option).
+#
+# @param allow_unsigned
+#   Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked.
+#
+# @param notify_update
+#   Specifies whether to trigger an `apt-get update` run.
+#
 define apt::source(
-  $location = '',
-  $release = 'karmic',
-  $repos = 'main',
-  $include_src = true,
-  $required_packages = false,
-  $key = false,
-  $key_server = 'keyserver.ubuntu.com',
-  $pin = false,
-  $key_content = false
+  Optional[String] $location                    = undef,
+  String $comment                               = $name,
+  String $ensure                                = present,
+  Optional[String] $release                     = undef,
+  String $repos                                 = 'main',
+  Optional[Variant[Hash]] $include              = {},
+  Optional[Variant[String, Hash]] $key          = undef,
+  Optional[Variant[Hash, Numeric, String]] $pin = undef,
+  Optional[String] $architecture                = undef,
+  Boolean $allow_unsigned                       = false,
+  Boolean $notify_update                        = true,
 ) {
 
-  include apt::params
+  include ::apt
 
-  file { "${name}.list":
-    path => "${apt::params::root}/sources.list.d/${name}.list",
-    ensure => file,
-    owner => root,
-    group => root,
-    mode => 644,
-    content => template("apt/source.list.erb"),
+  $_before = Apt::Setting["list-${title}"]
 
+  if !$release {
+    if $facts['lsbdistcodename'] {
+      $_release = $facts['lsbdistcodename']
+    } else {
+      fail(translate('lsbdistcodename fact not available: release parameter required'))
+    }
+  } else {
+    $_release = $release
   }
 
-  if $pin != false {
-    apt::pin { "${release}": priority => "${pin}" } -> File["${name}.list"]
+  if $ensure == 'present' {
+    if ! $location {
+      fail(translate('cannot create a source entry without specifying a location'))
+    }
+    # Newer oses, do not need the package for HTTPS transport.
+    $_transport_https_releases = [ 'wheezy', 'jessie', 'stretch', 'trusty', 'xenial' ]
+    if ($_release in $_transport_https_releases or $facts['lsbdistcodename'] in $_transport_https_releases) and $location =~ /(?i:^https:\/\/)/ {
+      ensure_packages('apt-transport-https')
+    }
   }
 
-  exec { "${name} apt update":
-    command => "${apt::params::provider} update",
-    subscribe => File["${name}.list"],
-    refreshonly => true,
-  }
+  $includes = merge($::apt::include_defaults, $include)
 
-  if $required_packages != false {
-    exec { "${apt::params::provider} -y install ${required_packages}":
-      subscribe => File["${name}.list"],
-      refreshonly => true,
+  if $key {
+    if $key =~ Hash {
+      unless $key['id'] {
+        fail(translate('key hash must contain at least an id entry'))
+      }
+      $_key = merge($::apt::source_key_defaults, $key)
+    } else {
+      $_key = { 'id' => assert_type(String[1], $key) }
     }
   }
 
-  if $key != false {
-    if $key_content {
-      exec { "Add key: ${key} from content for ${name}":
-        command => "/bin/echo '${key_content}' | /usr/bin/apt-key add -",
-        unless => "/usr/bin/apt-key list | /bin/grep '${key}'",
-        before => File["${name}.list"],
+  $header = epp('apt/_header.epp')
+
+  $sourcelist = epp('apt/source.list.epp', {
+    'comment'          => $comment,
+    'includes'         => $includes,
+    'opt_architecture' => $architecture,
+    'allow_unsigned'   => $allow_unsigned,
+    'location'         => $location,
+    'release'          => $_release,
+    'repos'            => $repos,
+  })
+
+  apt::setting { "list-${name}":
+    ensure        => $ensure,
+    content       => "${header}${sourcelist}",
+    notify_update => $notify_update,
+  }
+
+  if $pin {
+    if $pin =~ Hash {
+      $_pin = merge($pin, { 'ensure' => $ensure, 'before' => $_before })
+    } elsif ($pin =~ Numeric or $pin =~ String) {
+      $url_split = split($location, '[:\/]+')
+      $host      = $url_split[1]
+      $_pin = {
+        'ensure'   => $ensure,
+        'priority' => $pin,
+        'before'   => $_before,
+        'origin'   => $host,
       }
     } else {
-      exec { "Add key: ${key} from ${key_server} for ${name}":
-        command => "/usr/bin/apt-key adv --keyserver ${key_server} --recv-keys ${key}",
-        unless => "/usr/bin/apt-key list | /bin/grep ${key}",
-        before => File["${name}.list"],
+      fail(translate('Received invalid value for pin parameter'))
+    }
+    create_resources('apt::pin', { "${name}" => $_pin })
+  }
+
+  # We do not want to remove keys when the source is absent.
+  if $key and ($ensure == 'present') {
+    if $_key =~ Hash {
+      if $_key['ensure'] != undef {
+        $_ensure = $_key['ensure']
+      } else {
+        $_ensure = $ensure
+      }
+
+      apt::key { "Add key: ${$_key['id']} from Apt::Source ${title}":
+        ensure  => $_ensure,
+        id      => $_key['id'],
+        server  => $_key['server'],
+        content => $_key['content'],
+        source  => $_key['source'],
+        options => $_key['options'],
+        before  => $_before,
       }
     }
   }