# Note that changes in the inspected code, or installation of new
# versions of RuboCop, may require this file to be generated again.
-# Offense count: 32
-# This cop supports safe autocorrection (--autocorrect).
-Layout/ClosingHeredocIndentation:
- Exclude:
- - 'spec/acceptance/apt_key_provider_spec.rb'
- - 'spec/acceptance/apt_spec.rb'
- - 'spec/spec_helper_acceptance_local.rb'
- - 'spec/unit/puppet/provider/apt_key_spec.rb'
-
-# Offense count: 5
-# This cop supports safe autocorrection (--autocorrect).
-Layout/EmptyLineAfterGuardClause:
- Exclude:
- - 'lib/facter/apt_updates.rb'
- - 'lib/puppet/provider/apt_key/apt_key.rb'
- - 'lib/puppet/type/apt_key.rb'
- - 'spec/spec_helper_acceptance_local.rb'
- - 'tasks/init.rb'
-
-# Offense count: 57
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
-# SupportedHashRocketStyles: key, separator, table
-# SupportedColonStyles: key, separator, table
-# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
-Layout/HashAlignment:
- Exclude:
- - 'spec/classes/apt_spec.rb'
- - 'spec/classes/apt_update_spec.rb'
- - 'spec/defines/conf_spec.rb'
- - 'spec/defines/pin_spec.rb'
- - 'spec/defines/source_compat_spec.rb'
- - 'spec/defines/source_spec.rb'
- - 'spec/unit/puppet/provider/apt_key_spec.rb'
- - 'spec/unit/puppet/type/apt_key_spec.rb'
-
-# Offense count: 2
-# This cop supports safe autocorrection (--autocorrect).
-Layout/HeredocIndentation:
- Exclude:
- - 'spec/spec_helper_acceptance_local.rb'
- - 'spec/unit/puppet/provider/apt_key_spec.rb'
-
-# Offense count: 6
-# This cop supports safe autocorrection (--autocorrect).
-Layout/SpaceAroundMethodCallOperator:
- Exclude:
- - 'spec/defines/key_compat_spec.rb'
- - 'spec/defines/key_spec.rb'
-
# Offense count: 1
# This cop supports unsafe autocorrection (--autocorrect-all).
Lint/BooleanSymbol:
apt_updates = [[], []]
apt_get_result.each_line do |line|
next unless %r{^Inst\s}.match?(line)
+
package = line.gsub(%r{^Inst\s([^\s]+)\s.*}, '\1').strip
apt_updates[0].push(package)
security_matches = [
parsed_value = URI.parse(value)
if parsed_value.scheme.nil?
raise(_('The file %{_value} does not exist') % { _value: value }) unless File.exist?(value)
+
# Because the tempfile method has to return a live object to prevent GC
# of the underlying file from occuring too early, we also have to return
# a file object here. The caller can still call the #path method on the
if self[:content] && self[:source]
raise(_('The properties content and source are mutually exclusive.'))
end
+
if self[:id].length < 40
warning(_('The id should be a full fingerprint (40 characters), see README.'))
end
=cXcR
-----END PGP PUBLIC KEY BLOCK-----'
}
- MANIFEST
+MANIFEST
gpg_key_pp = <<-MANIFEST
apt_key { 'puppetlabs':
=mMjt
-----END PGP PUBLIC KEY BLOCK-----",
}
- MANIFEST
+MANIFEST
multiple_keys_pp = <<-MANIFEST
apt_key { 'puppetlabs':
=TREp
-----END PGP PUBLIC KEY BLOCK----- ",
}
- MANIFEST
+MANIFEST
bogus_key_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
content => 'For posterity: such content, much bogus, wow',
}
- MANIFEST
+MANIFEST
hkp_pool_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
server => 'hkp://keyserver.ubuntu.com:80',
}
- MANIFEST
+MANIFEST
hkps_protocol_supported = host_inventory['facter']['os']['family'] =~ %r{Ubuntu}i && \
host_inventory['facter']['os']['release']['major'] =~ %r{^18\.04}
ensure => 'present',
server => 'hkps://keyserver.ubuntu.com',
}
- MANIFEST
+ MANIFEST
end
nonexistant_key_server_pp = <<-MANIFEST
ensure => 'present',
server => 'nonexistant.key.server',
}
- MANIFEST
+MANIFEST
dot_server_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
server => '.pgp.key.server',
}
- MANIFEST
+MANIFEST
http_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
http_works_userinfo_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://dummyuser:dummypassword@#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
four_oh_four_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://#{PUPPETLABS_APT_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'http://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
ftp_works_pp = <<-MANIFEST
apt_key { 'CentOS 6':
ensure => 'present',
source => 'ftp://#{CENTOS_REPO_URL}/#{CENTOS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
ftp_550_pp = <<-MANIFEST
apt_key { 'CentOS 6':
ensure => 'present',
source => 'ftp://#{CENTOS_REPO_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
ftp_socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'ftp://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
https_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
https_with_weak_ssl_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
weak_ssl => true,
}
- MANIFEST
+MANIFEST
https_userinfo_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://dummyuser:dummypassword@#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
https_404_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/herpderp.gpg',
}
- MANIFEST
+MANIFEST
https_socket_error_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://apt.puppetlabss.com/herpderp.gpg',
}
- MANIFEST
+MANIFEST
path_exists_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/puppetlabs-pubkey.gpg',
}
- MANIFEST
+MANIFEST
path_does_not_exist_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/totally_bogus.file',
}
- MANIFEST
+MANIFEST
path_bogus_content_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => '/tmp/fake-key.gpg',
}
- MANIFEST
+MANIFEST
debug_works_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
options => 'debug',
}
- MANIFEST
+MANIFEST
fingerprint_match_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
fingerprint_does_not_match_pp = <<-MANIFEST
apt_key { 'puppetlabs':
ensure => 'present',
source => 'https://#{PUPPETLABS_APT_URL}/#{PUPPETLABS_GPG_KEY_FILE}',
}
- MANIFEST
+MANIFEST
refresh_true_pp = <<-MANIFEST
apt_key { '#{PUPPETLABS_EXP_KEY_LONG_ID}':
ensure => 'present',
refresh => true,
}
- MANIFEST
+MANIFEST
refresh_false_pp = <<-MANIFEST
apt_key { '#{PUPPETLABS_EXP_KEY_LONG_ID}':
id => '#{CENTOS_GPG_KEY_LONG_ID}',
ensure => 'present',
}
- MANIFEST
+ MANIFEST
ensure_absent_pp = <<-MANIFEST
apt_key { 'centos':
id => '#{CENTOS_GPG_KEY_LONG_ID}',
ensure => 'absent',
}
- MANIFEST
+ MANIFEST
it 'add an apt_key resource' do
apply_manifest_twice(ensure_present_pp)
},
sources => $sources,
}
- MANIFEST
+MANIFEST
describe 'apt class' do
context 'with reset' do
let(:params) do
{ sources: {
'debian_unstable' => {
- 'location' => 'http://debian.mirror.iweb.ca/debian/',
- 'release' => 'unstable',
- 'repos' => 'main contrib non-free',
- 'key' => { 'id' => '150C8614919D8446E01E83AF9AA38DCD55BE302B', 'server' => 'subkeys.pgp.net' },
- 'pin' => '-10',
- 'include' => { 'src' => true },
+ 'location' => 'http://debian.mirror.iweb.ca/debian/',
+ 'release' => 'unstable',
+ 'repos' => 'main contrib non-free',
+ 'key' => { 'id' => '150C8614919D8446E01E83AF9AA38DCD55BE302B', 'server' => 'subkeys.pgp.net' },
+ 'pin' => '-10',
+ 'include' => { 'src' => true },
},
'puppetlabs' => {
'location' => 'http://apt.puppetlabs.com',
- 'repos' => 'main',
- 'key' => { 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', 'server' => 'pgp.mit.edu' },
+ 'repos' => 'main',
+ 'key' => { 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', 'server' => 'pgp.mit.edu' },
},
} }
end
let(:params) do
{ pins: {
'stable' => { 'priority' => 600, 'order' => 50 },
- 'testing' => { 'priority' => 700, 'order' => 100 },
+ 'testing' => { 'priority' => 700, 'order' => 100 },
} }
end
describe 'apt::update', type: :class do
context "when apt::update['frequency']='always'" do
{
- 'a recent run' => Time.now.to_i,
- 'we are due for a run' => 1_406_660_561,
+ 'a recent run' => Time.now.to_i,
+ 'we are due for a run' => 1_406_660_561,
'the update-success-stamp file does not exist' => -1,
}.each_pair do |desc, factval|
context "when $apt_update_last_success indicates #{desc}" do
end
context "when apt::update['frequency']='reluctantly'" do
{
- 'a recent run' => Time.now.to_i,
- 'we are due for a run' => 1_406_660_561,
+ 'a recent run' => Time.now.to_i,
+ 'we are due for a run' => 1_406_660_561,
'the update-success-stamp file does not exist' => -1,
}.each_pair do |desc, factval|
context "when $apt_update_last_success indicates #{desc}" do
it {
is_expected.to contain_file(filename).with('ensure' => 'present',
- 'content' => %r{Apt::Install-Recommends 0;\nApt::AutoRemove::InstallRecommends 1;},
- 'owner' => 'root',
- 'group' => 'root')
+ 'content' => %r{Apt::Install-Recommends 0;\nApt::AutoRemove::InstallRecommends 1;},
+ 'owner' => 'root',
+ 'group' => 'root')
}
context 'with notify_update = true (default)' do
it {
is_expected.to contain_file(filename).with('ensure' => 'absent',
- 'owner' => 'root',
- 'group' => 'root')
+ 'owner' => 'root',
+ 'group' => 'root')
}
end
end
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
context 'when url character limit is exceeded' do
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
end
it 'fails' do
- is_expected .to raise_error(%r{expects a match})
+ is_expected.to raise_error(%r{expects a match})
end
end
context 'when character url exceeded' do
let :params do
{
'packages' => 'vim',
- 'version' => '1',
+ 'version' => '1',
}
end
let :params do
{
'packages' => 'vim',
- 'origin' => 'test',
+ 'origin' => 'test',
}
end
context 'without defaults' do
let :params do
{
- 'explanation' => 'foo',
- 'order' => 99,
- 'release' => '1',
- 'codename' => 'bar',
+ 'explanation' => 'foo',
+ 'order' => 99,
+ 'release' => '1',
+ 'codename' => 'bar',
'release_version' => '2',
- 'component' => 'baz',
- 'originator' => 'foobar',
- 'label' => 'foobaz',
- 'priority' => 10,
+ 'component' => 'baz',
+ 'originator' => 'foobar',
+ 'label' => 'foobaz',
+ 'priority' => 10,
}
end
context 'with packages == * and release and origin' do
let :params do
{
- 'origin' => 'test',
+ 'origin' => 'test',
'release' => 'foo',
}
end
context 'with specific release and origin' do
let :params do
{
- 'release' => 'foo',
- 'origin' => 'test',
+ 'release' => 'foo',
+ 'origin' => 'test',
'packages' => 'vim',
}
end
context 'with specific version and origin' do
let :params do
{
- 'version' => '1',
- 'origin' => 'test',
+ 'version' => '1',
+ 'origin' => 'test',
'packages' => 'vim',
}
end
context 'with no defaults' do
let :params do
{
- 'comment' => 'foo',
- 'location' => 'http://debian.mirror.iweb.ca/debian/',
- 'release' => 'sid',
- 'repos' => 'testing',
- 'include' => { 'src' => false },
- 'key' => GPG_KEY_ID,
- 'pin' => '10',
- 'architecture' => 'x86_64',
+ 'comment' => 'foo',
+ 'location' => 'http://debian.mirror.iweb.ca/debian/',
+ 'release' => 'sid',
+ 'repos' => 'testing',
+ 'include' => { 'src' => false },
+ 'key' => GPG_KEY_ID,
+ 'pin' => '10',
+ 'architecture' => 'x86_64',
'allow_unsigned' => true,
}
end
it {
is_expected.to contain_apt__pin('my_source').that_comes_before('Apt::Setting[list-my_source]').with('ensure' => 'present',
'priority' => '10',
- 'origin' => 'debian.mirror.iweb.ca')
+ 'origin' => 'debian.mirror.iweb.ca')
}
it {
context 'when allow_insecure true' do
let :params do
{
- 'include' => { 'src' => false },
- 'location' => 'http://debian.mirror.iweb.ca/debian/',
+ 'include' => { 'src' => false },
+ 'location' => 'http://debian.mirror.iweb.ca/debian/',
'allow_insecure' => true,
}
end
context 'when allow_unsigned true' do
let :params do
{
- 'include' => { 'src' => false },
- 'location' => 'http://debian.mirror.iweb.ca/debian/',
+ 'include' => { 'src' => false },
+ 'location' => 'http://debian.mirror.iweb.ca/debian/',
'allow_unsigned' => true,
}
end
context 'with architecture equals x86_64' do
let :params do
{
- 'location' => 'http://debian.mirror.iweb.ca/debian/',
+ 'location' => 'http://debian.mirror.iweb.ca/debian/',
'architecture' => 'x86_64',
}
end
location: 'hello.there',
pin: { 'release' => 'wishwash',
'explanation' => 'wishwash',
- 'priority' => 1001 },
+ 'priority' => 1001 },
}
end
'id' => GPG_KEY_ID,
'server' => 'pgp.mit.edu',
'content' => 'GPG key content',
- 'source' => 'http://apt.puppetlabs.com/pubkey.gpg',
+ 'source' => 'http://apt.puppetlabs.com/pubkey.gpg',
'weak_ssl' => true,
},
pin: '10',
c.before :suite do
# lsb-release is needed for facter 3 (puppet 6) to resolve os.distro facts. Not needed with facter
# 4 (puppet 7).
- lsb_package = <<-MANIFEST
-package { 'lsb-release':
- ensure => installed,
-}
-MANIFEST
+ lsb_package = <<~MANIFEST
+ package { 'lsb-release':
+ ensure => installed,
+ }
+ MANIFEST
include PuppetLitmus
extend PuppetLitmus
apply_manifest(lsb_package)
yield
rescue StandardError => e
raise('Attempted this %{value0} times. Raising %{value1}' % { value0: max_retry_count, value1: e }) unless try < max_retry_count && (error_matcher.nil? || e.message =~ error_matcher)
+
sleep retry_wait_interval_secs
retry
end
context 'self.instances multiple keys' do
before :each do
- command_output = <<-OUTPUT
-Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.DU0GdRxjmE --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/puppetlabs-pc1-keyring.gpg --no-tty --list-keys --with-colons --fingerprint --fixed-list-mode
-tru:t:1:1549900774:0:3:1:5
-pub:-:1024:17:40976EAF437D05B5:1095016255:::-:::scESC:
-fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:
-uid:-::::1095016255::B84AE656F4F5A826C273A458512EF8E282754CE1::Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>:
-sub:-:2048:16:251BEFF479164387:1095016263::::::e:
-pub:-:1024:17:46181433FBB75451:1104433784:::-:::scSC:
-fpr:::::::::C5986B4F1257FFA86632CBA746181433FBB75451:
-OUTPUT
+ command_output = <<~OUTPUT
+ Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.DU0GdRxjmE --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/puppetlabs-pc1-keyring.gpg --no-tty --list-keys --with-colons --fingerprint --fixed-list-mode
+ tru:t:1:1549900774:0:3:1:5
+ pub:-:1024:17:40976EAF437D05B5:1095016255:::-:::scESC:
+ fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:
+ uid:-::::1095016255::B84AE656F4F5A826C273A458512EF8E282754CE1::Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>:
+ sub:-:2048:16:251BEFF479164387:1095016263::::::e:
+ pub:-:1024:17:46181433FBB75451:1104433784:::-:::scSC:
+ fpr:::::::::C5986B4F1257FFA86632CBA746181433FBB75451:
+ OUTPUT
allow(described_class).to receive(:apt_key).with(
['adv', '--no-tty', '--list-keys', '--with-colons', '--fingerprint', '--fixed-list-mode'],
).and_return(command_output)
'32bit key id' => 'EF8D349F',
'64bit key id' => '7F438280EF8D349F',
'160bit key fingerprint' => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
- '32bit key id lowercase' => 'EF8D349F'.downcase,
- '64bit key id lowercase' => '7F438280EF8D349F'.downcase,
+ '32bit key id lowercase' => 'EF8D349F'.downcase,
+ '64bit key id lowercase' => '7F438280EF8D349F'.downcase,
'160bit key fingerprint lowercase' => '6F6B15509CF8E59E6E469F327F438280EF8D349F'.downcase,
- '32bit key id 0x formatted' => '0xEF8D349F',
- '64bit key id 0x formatted' => '0x7F438280EF8D349F',
+ '32bit key id 0x formatted' => '0xEF8D349F',
+ '64bit key id 0x formatted' => '0x7F438280EF8D349F',
'160bit key fingerprint 0x formatted' => '0x6F6B15509CF8E59E6E469F327F438280EF8D349F',
}
hash_of_keys.each do |key_type, value|
it 'raises an error if refresh => true and ensure => absent' do
expect {
- Puppet::Type.type(:apt_key).new(id: 'EF8D349F',
- source: 'http://apt.puppetlabs.com/pubkey.gpg',
- ensure: :absent,
- refresh: :true)
+ Puppet::Type.type(:apt_key).new(id: 'EF8D349F',
+ source: 'http://apt.puppetlabs.com/pubkey.gpg',
+ ensure: :absent,
+ refresh: :true)
}.to raise_error(%r{ensure => absent and refresh => true are mutually exclusive})
end
end
stdout, stderr, status = Open3.capture3(*cmd)
raise Puppet::Error, stderr if status != 0
+
{ status: stdout.strip }
end