X-Git-Url: https://review.fuel-infra.org/gitweb?a=blobdiff_plain;f=manifests%2Fsource.pp;h=cb75635797ca882832467d64be7d8228b86765aa;hb=98afb5d41bd3df7c633a55a83355a5d5f33606f2;hp=e4e4aa3dea1c08e71b834f4019d1342a28c8a1fe;hpb=351c8d5941f6bd02304df6b4185dea8c8104aefa;p=puppet-modules%2Fpuppetlabs-apt.git

diff --git a/manifests/source.pp b/manifests/source.pp
index e4e4aa3..cb75635 100644
--- a/manifests/source.pp
+++ b/manifests/source.pp
@@ -1,63 +1,165 @@
-# source.pp
-# add an apt source
+# @summary Manages the Apt sources in /etc/apt/sources.list.d/.
+#
+# @example Install the puppetlabs apt source
+#   apt::source { 'puppetlabs':
+#     location => 'http://apt.puppetlabs.com',
+#     repos    => 'main',
+#     key      => {
+#       id     => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
+#       server => 'hkps.pool.sks-keyservers.net',
+#     },
+#   }
+#
+# @param location
+#   Required, unless ensure is set to 'absent'. Specifies an Apt repository. Valid options: a string containing a repository URL.
+#
+# @param comment
+#   Supplies a comment for adding to the Apt source file.
+#
+# @param ensure
+#   Specifies whether the Apt source file should exist. Valid options: 'present' and 'absent'.
+#
+# @param release
+#   Specifies a distribution of the Apt repository.
+#
+# @param repos
+#   Specifies a component of the Apt repository.
+#
+# @param include
+#   Configures include options. Valid options: a hash of available keys.
+# 
+# @option include [Boolean] :deb
+#   Specifies whether to request the distribution's compiled binaries. Default true.
+#
+# @option include [Boolean] :src
+#   Specifies whether to request the distribution's uncompiled source code. Default false.
+#
+# @param key
+#   Creates a declaration of the apt::key defined type. Valid options: a string to be passed to the `id` parameter of the `apt::key` 
+#   defined type, or a hash of `parameter => value` pairs to be passed to `apt::key`'s `id`, `server`, `content`, `source`, and/or 
+#   `options` parameters.
+#
+# @param pin
+#   Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the `id` parameter of the 
+#   `apt::pin` defined type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters.
+#
+# @param architecture
+#   Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, 
+#   separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). Default: undef (if unspecified, Apt downloads information for all architectures 
+#   defined in the Apt::Architectures option).
+#
+# @param allow_unsigned
+#   Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked.
+#
+# @param notify_update
+#   Specifies whether to trigger an `apt-get update` run.
+#
 define apt::source(
-  $comment           = $name,
-  $ensure            = present,
-  $location          = '',
-  $release           = $::lsbdistcodename,
-  $repos             = 'main',
-  $include_src       = false,
-  $include_deb       = true,
-  $key               = undef,
-  $key_server        = 'keyserver.ubuntu.com',
-  $key_content       = undef,
-  $key_source        = undef,
-  $pin               = false,
-  $architecture      = undef,
-  $trusted_source    = false,
+  Optional[String] $location                    = undef,
+  String $comment                               = $name,
+  String $ensure                                = present,
+  Optional[String] $release                     = undef,
+  String $repos                                 = 'main',
+  Optional[Variant[Hash]] $include              = {},
+  Optional[Variant[String, Hash]] $key          = undef,
+  Optional[Variant[Hash, Numeric, String]] $pin = undef,
+  Optional[String] $architecture                = undef,
+  Boolean $allow_unsigned                       = false,
+  Boolean $notify_update                        = true,
 ) {
-  validate_string($architecture, $comment, $location, $release, $repos, $key_server)
-  validate_bool($trusted_source, $include_src, $include_deb)
 
-  if ! $release {
-    fail('lsbdistcodename fact not available: release parameter required')
+  include ::apt
+
+  $_before = Apt::Setting["list-${title}"]
+
+  if !$release {
+    if $facts['lsbdistcodename'] {
+      $_release = $facts['lsbdistcodename']
+    } else {
+      fail(translate('lsbdistcodename fact not available: release parameter required'))
+    }
+  } else {
+    $_release = $release
   }
 
-  apt::setting { "list-${name}":
-    ensure       => $ensure,
-    base_name    => $name,
-    setting_type => 'list',
-    content      => template('apt/_header.erb', 'apt/source.list.erb'),
-    notify       => Exec['apt_update'],
+  if $ensure == 'present' {
+    if ! $location {
+      fail(translate('cannot create a source entry without specifying a location'))
+    }
+    # Newer oses, do not need the package for HTTPS transport.
+    $_transport_https_releases = [ 'wheezy', 'jessie', 'stretch', 'trusty', 'xenial' ]
+    if ($facts['lsbdistcodename'] in $_transport_https_releases) and $location =~ /(?i:^https:\/\/)/ {
+      ensure_packages('apt-transport-https')
+    }
   }
 
-  if ($pin != false) {
-    # Get the host portion out of the url so we can pin to origin
-    $url_split = split($location, '/')
-    $host      = $url_split[2]
+  $includes = merge($::apt::include_defaults, $include)
 
-    apt::pin { $name:
-      ensure   => $ensure,
-      priority => $pin,
-      before   => Apt::Setting["list-${name}"],
-      origin   => $host,
+  if $key {
+    if $key =~ Hash {
+      unless $key['id'] {
+        fail(translate('key hash must contain at least an id entry'))
+      }
+      $_key = merge($::apt::source_key_defaults, $key)
+    } else {
+      $_key = { 'id' => assert_type(String[1], $key) }
     }
   }
 
-  # We do not want to remove keys when the source is absent.
-  if $key and ($ensure == 'present') {
-    apt::key { "Add key: ${key} from Apt::Source ${title}":
-      ensure      => present,
-      key         => $key,
-      key_server  => $key_server,
-      key_content => $key_content,
-      key_source  => $key_source,
-      before      => Apt::Setting["list-${name}"],
+  $header = epp('apt/_header.epp')
+
+  $sourcelist = epp('apt/source.list.epp', {
+    'comment'          => $comment,
+    'includes'         => $includes,
+    'opt_architecture' => $architecture,
+    'allow_unsigned'   => $allow_unsigned,
+    'location'         => $location,
+    'release'          => $_release,
+    'repos'            => $repos,
+  })
+
+  apt::setting { "list-${name}":
+    ensure        => $ensure,
+    content       => "${header}${sourcelist}",
+    notify_update => $notify_update,
+  }
+
+  if $pin {
+    if $pin =~ Hash {
+      $_pin = merge($pin, { 'ensure' => $ensure, 'before' => $_before })
+    } elsif ($pin =~ Numeric or $pin =~ String) {
+      $url_split = split($location, '[:\/]+')
+      $host      = $url_split[1]
+      $_pin = {
+        'ensure'   => $ensure,
+        'priority' => $pin,
+        'before'   => $_before,
+        'origin'   => $host,
+      }
+    } else {
+      fail(translate('Received invalid value for pin parameter'))
     }
+    create_resources('apt::pin', { "${name}" => $_pin })
   }
 
-  # Need anchor to provide containment for dependencies.
-  anchor { "apt::source::${name}":
-    require => Class['apt::update'],
+  # We do not want to remove keys when the source is absent.
+  if $key and ($ensure == 'present') {
+    if $_key =~ Hash {
+      if $_key['ensure'] != undef {
+        $_ensure = $_key['ensure']
+      } else {
+        $_ensure = $ensure
+      }
+
+      apt::key { "Add key: ${$_key['id']} from Apt::Source ${title}":
+        ensure  => $_ensure,
+        id      => $_key['id'],
+        server  => $_key['server'],
+        content => $_key['content'],
+        source  => $_key['source'],
+        options => $_key['options'],
+        before  => $_before,
+      }
+    }
   }
 }