Convert apt::key to use anchors

Previously, apt::key used a noop exec hack to do exactly what anchors were
intended to be used for. This commit removes the exec hack and achieves the
same end using Anchor resources from the puppetlabs/stdlib module.

diff --git a/manifests/key.pp b/manifests/key.pp
index 24eef9e9cf2f94c6a253f71a5f49a75c6a1c72d5..68e0c76330768277fc3fbc2aafa7c15ddfa8d765 100644 (file)
--- a/manifests/key.pp
+++ b/manifests/key.pp
@@ -26,21 +26,22 @@ define apt::key (
   # apt::source resources that all reference the same key.
   case $ensure {
     present: {
+
+      anchor { "apt::key/$title":; }
+
       if defined(Exec["apt::key $key absent"]) {
         fail ("Cannot ensure Apt::Key[$key] present; $key already ensured absent")
-      } elsif !defined(Exec["apt::key $key present"]) {
-        # this is a marker to ensure we don't simultaneously define a key
-        # ensure => absent AND ensure => present
-        exec { "apt::key $key present":
-          path   => "/",
-          onlyif => "/bin/false",
-          noop   => true;
-        }
       }
+
+      if !defined(Anchor["apt::key $key present"]) {
+        anchor { "apt::key $key present":; }
+      }
+
       if !defined(Exec[$digest]) {
         exec { $digest:
           path    => "/bin:/usr/bin",
           unless  => "/usr/bin/apt-key list | /bin/grep '${key}'",
+          before  => Anchor["apt::key $key present"],
           command => $method ? {
             "content" => "echo '${key_content}' | /usr/bin/apt-key add -",
             "source"  => "wget -q '${key_source}' -O- | apt-key add -",
@@ -48,11 +49,16 @@ define apt::key (
           };
         }
       }
+
+      Anchor["apt::key $key present"] -> Anchor["apt::key/$title"]
+
     }
     absent: {
-      if defined(Exec["apt::key $key present"]) {
+
+      if defined(Anchor["apt::key $key present"]) {
         fail ("Cannot ensure Apt::Key[$key] absent; $key already ensured present")
       }
+
       exec { "apt::key $key absent":
         path    => "/bin:/usr/bin",
         onlyif  => "apt-key list | grep '$key'",
@@ -61,6 +67,7 @@ define apt::key (
         group   => "root",
       }
     }
+
     default: {
       fail "Invalid 'ensure' value '$ensure' for aptkey"
     }

diff --git a/spec/defines/key_spec.rb b/spec/defines/key_spec.rb
index 88038d27833fd64573a38c4f38f5fe48bd2ef6aa..a15000765e8930655e3d4700e5010ee9b140e78a 100644 (file)
--- a/spec/defines/key_spec.rb
+++ b/spec/defines/key_spec.rb
@@ -57,13 +57,13 @@ describe 'apt::key', :type => :define do
       it {
         if [:present, 'present'].include? param_hash[:ensure]
           should_not contain_exec("apt::key #{param_hash[:key]} absent")
-          should contain_exec("apt::key #{param_hash[:key]} present")
+          should contain_anchor("apt::key #{param_hash[:key]} present")
           should contain_exec(digest).with({
             "path"    => "/bin:/usr/bin",
             "unless"  => "/usr/bin/apt-key list | /bin/grep '#{param_hash[:key]}'"
           })
         elsif [:absent, 'absent'].include? param_hash[:ensure]
-          should_not contain_exec("apt::key #{param_hash[:key]} present")
+          should_not contain_anchor("apt::key #{param_hash[:key]} present")
           should contain_exec("apt::key #{param_hash[:key]} absent").with({
             "path"    => "/bin:/usr/bin",
             "onlyif"  => "apt-key list | grep '#{param_hash[:key]}'",
@@ -93,22 +93,29 @@ describe 'apt::key', :type => :define do
       }
 
     end
+  end
 
+  [{ :ensure => 'present' }, { :ensure => 'absent' }].each do |param_set|
     describe "should correctly handle duplicate definitions" do
+
       let :pre_condition do
-        "apt::key { 'duplicate': key => '#{params[:key]}'; }"
+        "apt::key { 'duplicate': key => '#{title}'; }"
       end
 
+      let(:params) { param_set }
+
       it {
-        if [:present, 'present'].include? param_hash[:ensure]
-          should contain_exec("apt::key #{param_hash[:key]} present")
-          should contain_apt__key("duplicate")
+        if param_set[:ensure] == 'present'
+          should contain_anchor("apt::key #{title} present")
           should contain_apt__key(title)
-        elsif [:absent, 'absent'].include? params[:ensure]
+          should contain_apt__key("duplicate")
+        elsif param_set[:ensure] == 'absent'
           expect { should raise_error(Puppet::Error) }
         end
       }
 
     end
   end
+
 end
+