From: daianamezdrea <46529728+daianamezdrea@users.noreply.github.com>
Date: Mon, 20 Sep 2021 11:51:07 +0000 (+0300)
Subject: Merge pull request #1007 from maturnbull/proxy_per_host
X-Git-Tag: v8.3.0~2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=d3aea9c076a89a48704742562e90b7f8f9f9aa18;hp=bb7eb5c50733b4f1955464be466baec963a0a9e4;p=puppet-modules%2Fpuppetlabs-apt.git
Merge pull request #1007 from maturnbull/proxy_per_host
(MODULES-11173) Add per-host overrides for apt::proxy
---
diff --git a/REFERENCE.md b/REFERENCE.md
index 3a3e9a8..674ec22 100644
--- a/REFERENCE.md
+++ b/REFERENCE.md
@@ -41,6 +41,7 @@ be manipulated through the `apt-key` command.
* [`Apt::Auth_conf_entry`](#aptauth_conf_entry): Login configuration settings that are recorded in the file `/etc/apt/auth.conf`.
* [`Apt::Proxy`](#aptproxy): Configures Apt to connect to a proxy server.
+* [`Apt::Proxy_Per_Host`](#aptproxy_per_host): Adds per-host overrides to the system default APT proxy configuration
### Tasks
@@ -1099,6 +1100,7 @@ Struct[{
https => Optional[Boolean],
https_acng => Optional[Boolean],
direct => Optional[Boolean],
+ perhost => Optional[Array[Apt::Proxy_Per_Host]],
}]
```
@@ -1132,6 +1134,52 @@ Specifies whether to enable https proxies.
Specifies whether or not to use a `DIRECT` https proxy if http proxy is used but https is not.
+### `Apt::Proxy_Per_Host`
+
+Adds per-host overrides to the system default APT proxy configuration
+
+Alias of
+
+```puppet
+Struct[{
+ scope => String,
+ host => Optional[String],
+ port => Optional[Integer[1, 65535]],
+ https => Optional[Boolean],
+ direct => Optional[Boolean],
+ }]
+```
+
+#### Parameters
+
+The following parameters are available in the `Apt::Proxy_Per_Host` data type:
+
+* [`scope`](#scope)
+* [`host`](#host)
+* [`port`](#port)
+* [`https`](#https)
+* [`direct`](#direct)
+
+##### `scope`
+
+Specifies the scope of the override. Valid options: a string containing a hostname.
+
+##### `host`
+
+Specifies a proxy host to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: a string containing a hostname.
+
+##### `port`
+
+Specifies a proxy port to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: an integer containing a port number.
+
+##### `https`
+
+Specifies whether to enable https for this override.
+
+##### `direct`
+
+Specifies whether or not to use a `DIRECT` target to bypass the system default proxy.
+
## Tasks
### `init`
diff --git a/manifests/init.pp b/manifests/init.pp
index fdfd600..49f9309 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -204,7 +204,29 @@ class apt (
}
$_purge = merge($::apt::purge_defaults, $purge)
- $_proxy = merge($apt::proxy_defaults, $proxy)
+
+ if $proxy['perhost'] {
+ $_perhost = $proxy['perhost'].map |$item| {
+ $_item = merge($apt::proxy_defaults, $item)
+ $_scheme = $_item['https'] ? {
+ true => 'https',
+ default => 'http' }
+ $_port = $_item['port'] ? {
+ Integer => ":${_item['port']}",
+ default => ''
+ }
+ $_target = $_item['direct'] ? {
+ true => 'DIRECT',
+ default => "${_scheme}://${_item['host']}${_port}/" }
+ merge($item, {
+ 'scheme' => $_scheme,
+ 'target' => $_target })
+ }
+ } else {
+ $_perhost = {}
+ }
+
+ $_proxy = merge($apt::proxy_defaults, $proxy, { 'perhost' => $_perhost } )
$confheadertmp = epp('apt/_conf_header.epp')
$proxytmp = epp('apt/proxy.epp', {'proxies' => $_proxy})
diff --git a/spec/classes/apt_spec.rb b/spec/classes/apt_spec.rb
index ca23563..03b638c 100644
--- a/spec/classes/apt_spec.rb
+++ b/spec/classes/apt_spec.rb
@@ -101,7 +101,69 @@ describe 'apt' do
is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
%r{Acquire::http::proxy "http://localhost:8080/";},
).without_content(
- %r{Acquire::https::proxy},
+ %r{Acquire::https::proxy },
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=proxyhost' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost' }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::http::proxy::proxyscope "http://proxyhost:8080/";},
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=proxyhost:8081' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost', 'port' => 8081 }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::http::proxy::proxyscope "http://proxyhost:8081/";},
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=[https]proxyhost' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost', 'https' => true }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::https::proxy::proxyscope "https://proxyhost:8080/";},
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=[direct]' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'direct' => true }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::http::proxy::proxyscope "DIRECT";},
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=[https][direct]' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'https' => true, 'direct' => true }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::https::proxy::proxyscope "DIRECT";},
+ )
+ }
+ end
+
+ context 'when host=localhost and per-host[proxyscope]=proxyhost and per-host[proxyscope2]=proxyhost2' do
+ let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost' }, { 'scope' => 'proxyscope2', 'host' => 'proxyhost2' }] } } }
+
+ it {
+ is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+ %r{Acquire::http::proxy::proxyscope "http://proxyhost:8080/";},
+ ).with_content(
+ %r{Acquire::http::proxy::proxyscope2 "http://proxyhost2:8080/";},
)
}
end
@@ -113,7 +175,7 @@ describe 'apt' do
is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
%r{Acquire::http::proxy "http://localhost:8180/";},
).without_content(
- %r{Acquire::https::proxy},
+ %r{Acquire::https::proxy },
)
}
end
diff --git a/templates/proxy.epp b/templates/proxy.epp
index ee663cb..34e1930 100644
--- a/templates/proxy.epp
+++ b/templates/proxy.epp
@@ -1,4 +1,7 @@
<%- | Hash $proxies | -%>
+<% $proxies['perhost'].each |$proxy| { -%>
+Acquire::<%= $proxy['scheme'] %>::proxy::<%= $proxy['scope'] %> "<%= $proxy['target'] %>";
+<% } -%>
Acquire::http::proxy "http://<%= $proxies['host'] %>:<%= $proxies['port'] %>/";
<%- if $proxies['https'] { %>
Acquire::https::proxy "https://<%= $proxies['host'] %>:<%= $proxies['port'] %>/";
diff --git a/types/proxy.pp b/types/proxy.pp
index 20cbfec..ac00222 100644
--- a/types/proxy.pp
+++ b/types/proxy.pp
@@ -23,5 +23,6 @@ type Apt::Proxy = Struct[
https => Optional[Boolean],
https_acng => Optional[Boolean],
direct => Optional[Boolean],
+ perhost => Optional[Array[Apt::Proxy_Per_Host]],
}
]
diff --git a/types/proxy_per_host.pp b/types/proxy_per_host.pp
new file mode 100644
index 0000000..5a3b6e6
--- /dev/null
+++ b/types/proxy_per_host.pp
@@ -0,0 +1,26 @@
+# @summary Adds per-host overrides to the system default APT proxy configuration
+#
+# @param scope
+# Specifies the scope of the override. Valid options: a string containing a hostname.
+#
+# @param host
+# Specifies a proxy host to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: a string containing a hostname.
+#
+# @param port
+# Specifies a proxy port to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: an integer containing a port number.
+#
+# @param https
+# Specifies whether to enable https for this override.
+#
+# @param direct
+# Specifies whether or not to use a `DIRECT` target to bypass the system default proxy.
+#
+type Apt::Proxy_Per_Host = Struct[
+ {
+ scope => String,
+ host => Optional[String],
+ port => Optional[Integer[1, 65535]],
+ https => Optional[Boolean],
+ direct => Optional[Boolean],
+ }
+]