]>
review.fuel-infra Code Review - puppet-modules/puppetlabs-apt.git/log
David Schmitt [Mon, 16 Dec 2019 20:57:21 +0000 (20:57 +0000)]
(maint) update travis to notify puppet slack
David Schmitt [Mon, 16 Dec 2019 20:14:39 +0000 (20:14 +0000)]
(maint) update travis to not use bundle update --system
David Schmitt [Thu, 12 Dec 2019 10:21:52 +0000 (10:21 +0000)]
Merge pull request #898 from puppetlabs/release
(maint) Release Mergeback v7.3.0
sheena [Wed, 11 Dec 2019 15:21:10 +0000 (15:21 +0000)]
(maint) Releaseprep v7.3.0
carabasdaniel [Wed, 11 Dec 2019 12:31:44 +0000 (14:31 +0200)]
Merge pull request #897 from puppetlabs/pdksync_pdksync-addubuntu14
MODULES-10242 Add ubuntu14 support back to the modules
sheena [Fri, 6 Dec 2019 11:24:25 +0000 (11:24 +0000)]
MODULES-10242 Add ubuntu14 support back to the modules
sheenaajay [Mon, 9 Dec 2019 14:36:49 +0000 (14:36 +0000)]
Merge pull request #894 from atarax/master
MODULES-10063, extend apt::key to support deeplinks, this time with f…
sheenaajay [Mon, 9 Dec 2019 14:26:50 +0000 (14:26 +0000)]
Merge pull request #890 from luckyraul/patch-1
Adding a new parameter for dist
david22swan [Fri, 6 Dec 2019 15:30:50 +0000 (15:30 +0000)]
Merge pull request #896 from puppetlabs/pdksync_pdksync-disableforge
pdksync - "MODULES-10236 disable deploy_to_forge for the module"
sheena [Fri, 6 Dec 2019 14:38:59 +0000 (14:38 +0000)]
MODULES-10236 disable deploy_to_forge for the module
Tobias Kaesser [Fri, 29 Nov 2019 14:21:02 +0000 (15:21 +0100)]
MODULES-10063, extend apt::key to support deeplinks, this time with filename (https://some.source/somefile.key)
cmccrisken-puppet [Fri, 29 Nov 2019 11:11:02 +0000 (11:11 +0000)]
Merge pull request #893 from puppetlabs/pdksync_simplecov
(MODULES-10120) enable simplecov; update to PDK 1.14.1; minor cleanups
David Schmitt [Wed, 27 Nov 2019 18:31:35 +0000 (18:31 +0000)]
(maint) Update to PDK 1.14.1
David Schmitt [Mon, 25 Nov 2019 18:25:27 +0000 (18:25 +0000)]
(maint) enable simplecov for ruby codecoverage testing
David Schmitt [Thu, 21 Nov 2019 18:16:13 +0000 (18:16 +0000)]
(maint) update gitignore and pdkignore for .project file removal
David Schmitt [Thu, 21 Nov 2019 18:06:18 +0000 (18:06 +0000)]
(maint) remove obsolete gepetto .project files
David Schmitt [Thu, 21 Nov 2019 17:18:40 +0000 (17:18 +0000)]
(maint) mark .gitlab-ci.yml as deleted
David Schmitt [Thu, 21 Nov 2019 17:17:50 +0000 (17:17 +0000)]
(maint) sort and canonicalise .sync.yml
David Schmitt [Mon, 11 Nov 2019 16:11:54 +0000 (16:11 +0000)]
Merge pull request #887 from puppetlabs/pdksync_encrypt-git
pdksync - (FM-8634) ensure encrypted communication for fixtures
carabasdaniel [Mon, 11 Nov 2019 10:06:08 +0000 (12:06 +0200)]
Merge pull request #892 from atarax/master
MODULES-10063, extend apt::key to support deeplinks
Tobias Kaesser [Wed, 6 Nov 2019 15:30:32 +0000 (16:30 +0100)]
MODULES-10063, extend apt::key to support deeplinks, current implementation only supports baseurls
lionce [Thu, 7 Nov 2019 12:40:39 +0000 (14:40 +0200)]
Merge pull request #888 from glennsarti/fix-travis
(PDK-1501) Fix acceptance stages in Travis CI
carabasdaniel [Wed, 6 Nov 2019 09:49:17 +0000 (11:49 +0200)]
Merge pull request #889 from puppetlabs/pdksync_remove_support_ubuntu14
pdksync - Remove Ubuntu 14 support
Nikita [Wed, 6 Nov 2019 09:23:55 +0000 (12:23 +0300)]
Linux Mint Support
Feature for a new possibility to replace LinuxMint with Ubuntu
lionce [Wed, 6 Nov 2019 08:57:25 +0000 (10:57 +0200)]
remove ubuntu 14 support
Glenn Sarti [Tue, 5 Nov 2019 05:03:29 +0000 (13:03 +0800)]
(PDK-1501) Fix acceptance stages in Travis CI
Previously the Travis CI file was brought under PDK control, however the
sync.yml did not contain the stage settings for the Litmus jobs which meant
that they did not run. This commit fixes that error and runs PDK Update again
Glenn Sarti [Tue, 5 Nov 2019 05:01:33 +0000 (13:01 +0800)]
(maint) Update for PDK templates
This commit updates the module as per PDK-Templates commit
0b5b39b
David Schmitt [Fri, 1 Nov 2019 16:48:52 +0000 (16:48 +0000)]
(FM-8634) ensure encrypted communication for fixtures
lionce [Fri, 1 Nov 2019 08:40:35 +0000 (10:40 +0200)]
Merge pull request #884 from michaeltlombardi/ticket/master/FM-8391-update-readme
(FM-8391) Update README per team practices
Michael T Lombardi [Thu, 31 Oct 2019 18:34:26 +0000 (13:34 -0500)]
(FM-8391) Update README per team practices
This commit updates the readme to remove the language marking litmus
as an experimental tool as well as clarifying the instructions for
running acceptance tests and noting the schedule for the IA Content
office hours.
lionce [Wed, 30 Oct 2019 12:37:54 +0000 (14:37 +0200)]
Merge pull request #883 from glennsarti/test
(PDK-1501) Allow Travis CI config to be templated
Glenn Sarti [Wed, 30 Oct 2019 06:18:01 +0000 (14:18 +0800)]
(PDK-1501) Allow Travis CI config to be templated
Previously the module unmanaged the Travis CI file when converted to Litmus.
This commit allows the Travis CI file to be managed.
david22swan [Tue, 29 Oct 2019 13:23:32 +0000 (13:23 +0000)]
Merge pull request #882 from puppetlabs/release
(FM-8646) Release merge back for v7.2.0
Auto-release [Tue, 29 Oct 2019 10:54:29 +0000 (10:54 +0000)]
Release version 7.2.0
david22swan [Fri, 25 Oct 2019 14:16:07 +0000 (15:16 +0100)]
Merge pull request #880 from michaeltlombardi/ticket/master/FM-8275-add-vagrant-provision
(FM-8275) Add vagrant provision list
cmccrisken-puppet [Thu, 24 Oct 2019 20:02:41 +0000 (21:02 +0100)]
Merge pull request #881 from puppetlabs/pdksync_pdksync-pdkgemupdate
pdksync - (maint) Override pdk gem version to master branch (PDK-1525 workaround until release)
Ciaran McCrisken [Thu, 24 Oct 2019 14:21:51 +0000 (15:21 +0100)]
Point pdk gem to head of master until PDK-1525 resolved
Michael T Lombardi [Fri, 18 Oct 2019 21:58:45 +0000 (16:58 -0500)]
(FM-8275) Add vagrant provision list
Prior to this commit the only provisioners included in
the provision lists were docker and vmpooler, neither
of which are particularly accessible to folks developing
on Windows outside of Puppet.
This commit adds a list which leverages the vagrant
provisioner.
carabasdaniel [Mon, 30 Sep 2019 11:49:56 +0000 (14:49 +0300)]
Merge pull request #879 from tuxmea/apt_mark
Add apt::mark defined type
lionce [Mon, 23 Sep 2019 16:52:53 +0000 (19:52 +0300)]
Merge pull request #876 from ThoughtCrhyme/FM-8394
(FM-8394) add debian 10 testing
Martin Alfke [Fri, 20 Sep 2019 13:29:45 +0000 (15:29 +0200)]
Add apt::markdefined type
sheenaajay [Wed, 18 Sep 2019 09:52:15 +0000 (10:52 +0100)]
Merge pull request #878 from puppetlabs/pdksync_add_codeowners
(maint) Add a codeowners file
tphoney [Tue, 17 Sep 2019 14:50:39 +0000 (15:50 +0100)]
(maint) Add a codeowners file
Erick Banks [Tue, 10 Sep 2019 19:56:19 +0000 (12:56 -0700)]
(FM-8394) add debian 10 testing
Florin Dragos [Wed, 4 Sep 2019 11:31:27 +0000 (14:31 +0300)]
Merge pull request #866 from martijndegouw/master
Install gnupg instead of dirmngr
TP Honey [Wed, 4 Sep 2019 10:12:55 +0000 (11:12 +0100)]
Merge pull request #875 from puppetlabs/pdksync_net-ssh-fix
pdksync - (MAINT) pdksync: fix for net-ssh 5 host_key check
Florin Dragos [Thu, 29 Aug 2019 14:09:23 +0000 (17:09 +0300)]
(MAINT) pdksync: fix for net-ssh 5 host_key check
Michael T Lombardi (He/Him) [Thu, 15 Aug 2019 15:07:52 +0000 (10:07 -0500)]
pdksync - MODULES-9692 - pdksync_1
.12.0-0-g55d9ae2 (#874)
pdksync - MODULES-9692 - pdksync_1
.12.0-0-g55d9ae2
sheena [Thu, 15 Aug 2019 08:22:34 +0000 (09:22 +0100)]
MODULES-9692 - pdksync_1
.12.0-0-g55d9ae2
Erick Banks [Wed, 14 Aug 2019 20:59:35 +0000 (13:59 -0700)]
Merge pull request #873 from raphink/default_key_options
Add apt::key_options for default apt::key options
Raphaël Pinson [Wed, 14 Aug 2019 07:13:51 +0000 (09:13 +0200)]
Test default key_options for apt::key
Raphaël Pinson [Wed, 14 Aug 2019 07:10:56 +0000 (09:10 +0200)]
Test default keyserver for apt::key
sheenaajay [Mon, 12 Aug 2019 11:11:47 +0000 (12:11 +0100)]
Merge pull request #869 from lelutin/purge_apt_conf
implement apt.conf.d purging
Raphaël Pinson [Thu, 8 Aug 2019 07:35:03 +0000 (09:35 +0200)]
Add apt::key_options for default apt::key options
sheenaajay [Tue, 30 Jul 2019 10:58:10 +0000 (11:58 +0100)]
Merge pull request #872 from puppetlabs/release
(MODULES-9627) Release merge back v7.1.0
Eimhin Laverty [Tue, 30 Jul 2019 08:16:00 +0000 (09:16 +0100)]
Merge pull request #871 from sheenaajay/releaseprep
MODULES-9626 Release Prep 7.1.0
sheena [Mon, 29 Jul 2019 15:51:45 +0000 (16:51 +0100)]
MODULES-9626 Release Prep 7.1.0
TP Honey [Tue, 16 Jul 2019 08:55:10 +0000 (09:55 +0100)]
Merge pull request #870 from puppetlabs/pdksync_pdksync_heads/
master-0-gb096033
pdksync - pdksync_heads/
master-0-gb096033
lionce [Tue, 16 Jul 2019 07:03:21 +0000 (10:03 +0300)]
Gabriel Filion [Mon, 15 Jul 2019 00:10:55 +0000 (20:10 -0400)]
implement apt.conf.d purging
this module already has parameters that let users purge sources.list.d
and preferences.d. It also has resources to create source files in
sources.list.d and "pins" in preferences.d and also has a resource to
create a configuration file in apt.conf.d. however, for some reason it
can't purge apt.conf.d
purging this directory can help users ensure that systems run exactly
with what puppet knows the system should be configured with.
sheenaajay [Wed, 3 Jul 2019 14:21:02 +0000 (15:21 +0100)]
Merge pull request #867 from eimlav/pdksync_modules-9482
(MODULES-9482) Bump translate dependency upper range
Eimhin Laverty [Wed, 3 Jul 2019 10:30:08 +0000 (11:30 +0100)]
(MODULES-9482) Bump translate dependency upper range
Martijn de Gouw [Thu, 27 Jun 2019 14:58:25 +0000 (16:58 +0200)]
Install gnupg instead of dirmngr
gnupg pulls in dirmngt and gpg, which are needed by apt_key
carabasdaniel [Tue, 25 Jun 2019 15:16:43 +0000 (18:16 +0300)]
Merge pull request #865 from tphoney/FM-7709
(FM-7709) pdksync and remove beaker
tphoney [Tue, 25 Jun 2019 12:26:10 +0000 (13:26 +0100)]
(FM-7709) pdksync and remove beaker
Paula Muir [Thu, 13 Jun 2019 13:57:25 +0000 (14:57 +0100)]
Merge pull request #864 from puppetlabs/litmus
(FM-8215) Convert to using litmus
tphoney [Wed, 12 Jun 2019 10:32:24 +0000 (11:32 +0100)]
more test fixes and pdksync
TP Honey [Wed, 12 Jun 2019 11:51:14 +0000 (12:51 +0100)]
Merge pull request #861 from puppetlabs/pdksync_pdksync-docsupdate
pdksync - MODULES-9057 Fix the module contribution guide link
Florin Dragos [Tue, 11 Jun 2019 14:45:24 +0000 (17:45 +0300)]
Convert to using litmus
sheenaajay [Tue, 11 Jun 2019 09:43:57 +0000 (10:43 +0100)]
Merge pull request #862 from puppetlabs/pdksync_pdksync_heads/
master-0-g7827fc2
pdksync - pdksync_heads/
master-0-g7827fc2
Erick Banks [Mon, 10 Jun 2019 12:32:31 +0000 (13:32 +0100)]
sheena [Wed, 5 Jun 2019 10:11:29 +0000 (11:11 +0100)]
MODULES-9057 fix docs link
lionce [Tue, 14 May 2019 15:19:21 +0000 (18:19 +0300)]
Merge pull request #860 from puppetlabs/release
Release merge-back
carabasdaniel [Mon, 13 May 2019 13:24:18 +0000 (06:24 -0700)]
Merge pull request #859 from lionce/release_prep
MODULES-9066 - release prep v7.0.1
lionce [Mon, 13 May 2019 11:06:00 +0000 (14:06 +0300)]
MODULES-9066 - release prep v7.0.1
carabasdaniel [Fri, 3 May 2019 12:50:43 +0000 (05:50 -0700)]
Merge pull request #858 from lionce/MODULES-9017
(MODULES-9017) - update metadata to support current version of stdlib
lionce [Fri, 3 May 2019 11:35:08 +0000 (14:35 +0300)]
(MODULES-9017) - update metadata to support current version of stdlib
lionce [Thu, 25 Apr 2019 07:39:21 +0000 (10:39 +0300)]
Merge pull request #857 from puppetlabs/release
Release mergeback v7.0.0
carabasdaniel [Wed, 24 Apr 2019 09:11:46 +0000 (02:11 -0700)]
Merge pull request #856 from lionce/release_prep
release prep 7.0.0
lionce [Wed, 24 Apr 2019 08:24:00 +0000 (11:24 +0300)]
release prep 7.0.0
lionce [Fri, 19 Apr 2019 14:15:47 +0000 (17:15 +0300)]
Merge pull request #847 from anarcat/no-backports-key
don't hardcode an old key from official mirrors for Debian backports
sheenaajay [Mon, 15 Apr 2019 11:07:24 +0000 (12:07 +0100)]
Merge pull request #854 from puppetlabs/pdksync_pdksync_f778803
pdksync - (maint) Update pdk-template to
f778803
Eimhin Laverty [Mon, 15 Apr 2019 09:34:12 +0000 (10:34 +0100)]
pdksync - (maint) Update pdk-template to
f778803
TP Honey [Thu, 11 Apr 2019 12:38:26 +0000 (13:38 +0100)]
Merge pull request #853 from puppetlabs/pdksync_MODULES-8444
pdksync - (MODULES-8444) - Raise lower Puppet bound
David Swan [Wed, 10 Apr 2019 15:39:27 +0000 (16:39 +0100)]
(MODULES-8444) - Raise lower Puppet bound
Eimhin Laverty [Wed, 20 Mar 2019 13:40:52 +0000 (13:40 +0000)]
Merge pull request #849 from tuxmea/apt_key_weak_ssl
Allow weak SSL verification for apt_key
Martin Alfke [Wed, 20 Mar 2019 09:18:20 +0000 (10:18 +0100)]
Allow weak SSL verification for apt_key
fixes https://tickets.puppetlabs.com/browse/MODULES-8759
Antoine Beaupré [Mon, 11 Mar 2019 19:48:52 +0000 (15:48 -0400)]
also fix tests
Antoine Beaupré [Mon, 11 Mar 2019 18:38:40 +0000 (14:38 -0400)]
don't hardcode an old key from official mirrors for Debian backports
A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553 is really this key, on any
modern Debian system:
/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub rsa4096 2012-04-27 [SC] [expire : 2020-04-25]
A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553
uid [ inconnue] Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>
It expires in about a year, and is shipped by default in Debian:
$ dpkg -S /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
debian-archive-keyring: /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
With the current configuration, it might attempt to download the key
from the network, which could then be hijacked by a MITM and break
the entire trust chain built by AptSecure.
If the key was used in the sources.list template to pin the
repository, that would be one thing (it's not). But then it would fail
every time that key gets rotated on the Debian server (that is: at
every major release).
So just remove the key: it serves no purpose than enable a possible
MITM attack and creates an additional maintenance burden.
(OpenPGP crypto-geeks will surely point out that the full fingerprint
is used in the specification, and that this is normally not considered
breakable the same way short key IDs are currently known to be easily
breakable. I would counter that a fingerprint is still a checksum of
the original keypair and could *eventually* be found to be vulnerable
to certain attacks. OpenPGP as an ecosystem would likely fall apart at
that point as self-signatures are also using fingerprints (if not long
key IDs) but I'm disgressing: we do not rely on those for Secure Apt
so let's just do the right thing.)
Note that the `Ubuntu` section might be similarly affected, but I do
not have an Ubuntu system to test this with right now.
Finally, it should be noted that running apt-key the way the
puppetlabs module does is completely unsafe. Keys should *NEVER* be
added to the global trust ring in /etc/apt/trusted.gpg.d. Instead,
they should be deployed in /usr/share/keyrings and mapped in the
`sources.list` with an entry like:
deb [signed-by=/usr/share/keyrings/example-archive-keyring.gpg] https://example.net/debian/ main
That conventions are also documented in the Debian wiki here:
https://wiki.debian.org/DebianRepository/UseThirdParty
david22swan [Thu, 7 Mar 2019 14:35:39 +0000 (14:35 +0000)]
Merge pull request #846 from puppetlabs/pdksync_modules-8728
pdksync - Remove .project from .gitignore
Eimhin Laverty [Thu, 7 Mar 2019 12:43:23 +0000 (12:43 +0000)]
(MODULES-8728) Remove .project from .gitignore
david22swan [Mon, 4 Mar 2019 15:19:47 +0000 (15:19 +0000)]
Merge pull request #844 from tphoney/optimize_acceptance_testing
(maint) reduce run time for acceptance testing
tphoney [Thu, 14 Feb 2019 10:23:04 +0000 (10:23 +0000)]
(maint) reduce run time for acceptance testing
Moving acceptance tests to unit tests, this reduces run time for testing.
This gives a 50% reduction in acceptance test times.
david22swan [Thu, 14 Feb 2019 10:08:45 +0000 (10:08 +0000)]
Merge pull request #843 from tphoney/rspec_mock
(maint) use rspec-mock for unit tests
tphoney [Tue, 12 Feb 2019 16:22:24 +0000 (16:22 +0000)]
(maint) use rspec-mock for unit tests
Helen [Tue, 12 Feb 2019 16:02:52 +0000 (16:02 +0000)]
Merge pull request #842 from tphoney/remove_unsupported_code
(maint) Remove uneeded workarounds for ruby/facter
tphoney [Mon, 11 Feb 2019 10:04:00 +0000 (10:04 +0000)]
(maint) Remove uneeded workarounds for ruby/facter
david22swan [Thu, 31 Jan 2019 10:04:58 +0000 (10:04 +0000)]
Merge pull request #841 from puppetlabs/pdksync_pdksync_1
.9.0-0-g7281db5
pdksync - pdksync_1
.9.0-0-g7281db5
lionce [Thu, 31 Jan 2019 09:20:32 +0000 (11:20 +0200)]
david22swan [Wed, 23 Jan 2019 09:20:07 +0000 (09:20 +0000)]
Merge pull request #840 from puppetlabs/release
Release Mergeback 6.3.0