Morgan Haskel [Wed, 30 Jul 2014 16:03:09 +0000 (12:03 -0400)]
Fix broken acceptance tests.
New fact was added that matched a regex breaking the always_apt_update
tests. Updated the tests to check for the apt_update exec, not just the
string apt_update.
Daniel Friesen [Thu, 10 Jul 2014 23:38:45 +0000 (16:38 -0700)]
Fix inconsistent $proxy_host handling in apt and apt::ppa.
- The default for $proxy_host is undef
- apt considers $proxy_set to be absent if $proxy_host is undef
- apt::ppa considers proxy_env to be empty if $proxy_host is false or ''
This results in apt::ppa to consider $proxy_host to be set when the default undef is used
breaking ppa resources because $proxy_env becomes:
[http_proxy=http://:8080, https_proxy=http://:8080]
Fix this by making both apt and apt::ppa consider $proxy_host to be unset when it is
any of false, '', or undef.
The default configuration we were writing for Debian was only working
for Squeeze, from Wheezy and onwards this wasn't working anymore. This
has to do with the fact that we should now be using Origins-Pattern
according to the unattended-upgrades docs. However, Ubuntu didn't
entirely get with the program yet...
This change reflects the defaults that unattended-upgrade installs on
every platform we support. In order to do so the unattended-upgrades
Debian archive for Squeeze, Wheezy, Lucid, Precise and Trusty were
downloaded and the default /etc/apt/apt.conf.d/50unattended-upgrades
checked for its content with regard to using Allow-Origins or
Origins-Pattern.
Because Squeeze is now oldstable we need to add an oldstable line too
otherwise security updates won't be picked up. This is still because we
can't match on codename.
In APT preferences files the only allowed comments are lines that start
with `Explanation:`, commented lines that start with a # trigger a
myriad of interesting bugs. This is considered a feature of APT.
Because we're only ever writing a single file at a time with only a #
comment at the top we were getting away with this but it shouldn't be
there in the first place.
The default configuration we were writing for Debian was only working
for Squeeze, from Wheezy and onwards this wasn't working anymore. This
has to do with the fact that we should now be using Origins-Pattern
according to the unattended-upgrades docs. However, Ubuntu didn't
entirely get with the program yet...
This change reflects the defaults that unattended-upgrade installs on
every platform we support. In order to do so the unattended-upgrades
Debian archive for Squeeze, Wheezy, Lucid, Precise and Trusty were
downloaded and the default /etc/apt/apt.conf.d/50unattended-upgrades
checked for its content with regard to using Allow-Origins or
Origins-Pattern.
The module used to always pin backports to a priority of 200. This
default is still retained but is now configurable.
Additionally the default is now an Integer, not a 'quoted Integer' and
the tests have been updated to reflect this. This matters for future
parser as it will now kick people if they pass in a stringified integer
as priority.
For some reason, even though our own tests pass with `require
puppet_x/apt_key/patch_openuri` every other module that depends on
puppetlabs-apt is now breaking in tests claiming it can't load that
module.
Somewhere along the way something is probably messing with LOADPATH
causing this to trip up. This should fix the issues for everyone.
This commit affects:
* puppetlabs/puppetlabs-apt#229
* puppetlabs/puppetlabs-postgresql#391
With official supported modules now being a thing and having a version
of the APT module to which we will backport fixes until the next major
release it is time to say goodbye to Puppet 2.7.
With PE 3.2 out of the door shipping with 3.4.3 I think it's time to
shrink the matrix and get rid of 3.1 and 3.2. PE 3.x customers should
just upgrade to 3.2, OS users should really be on 3.3+ by now.
I am aware this can be done with `dpkg --set-selections`, `apt-mark`
or `ensure => 'held'` on a package resource. The changes to the README
include the full rationale for wanting another mechanism.
Introducing a totally rewritten and tested apt::key. This commit also
patches the spec's of apt::source because it was passing in data that
is no longer allowed by the new validation rules in apt::key.
It does its best to not touch any other specs and where we touch them
only minimally to ensure that we're not introducing breaking changes.
Code Review / puppet-modules / puppetlabs-apt.git / log