diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 064443f..8424781 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,65 +1,65 @@ name: "release" on: push: branches: - 'release' jobs: LitmusAcceptancePuppet5: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] platform: [release_checks_5] agent_family: ['puppet5'] steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} LitmusAcceptancePuppet6: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] platform: [release_checks_6] agent_family: ['puppet6'] steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} Spec: runs-on: self-hosted strategy: matrix: check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] ruby_version: [2.5.x] puppet_gem_version: [~> 5.0, ~> 6.0] exclude: - puppet_gem_version: ~> 5.0 check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' - ruby_version: 2.5.x puppet_gem_version: ~> 5.0 steps: - uses: actions/checkout@v1 - name: Spec Tests - uses: puppetlabs/action-litmus_spec@master + uses: puppetlabs/action-litmus_spec@main with: puppet_gem_version: ${{ matrix.puppet_gem_version }} check: ${{ matrix.check }} diff --git a/.github/workflows/weekly.yml b/.github/workflows/weekly.yml index 8d23ec3..c243ad3 100644 --- a/.github/workflows/weekly.yml +++ b/.github/workflows/weekly.yml @@ -1,64 +1,64 @@ name: "weekly" on: schedule: - cron: '0 6 * * 1' jobs: LitmusAcceptancePuppet5: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] platform: [release_checks_5] agent_family: ['puppet5'] steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} LitmusAcceptancePuppet6: env: HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 HONEYCOMB_DATASET: litmus tests runs-on: self-hosted strategy: matrix: ruby_version: [2.5.x] puppet_gem_version: [~> 6.0] platform: [release_checks_6] agent_family: ['puppet6'] steps: - uses: actions/checkout@v1 - name: Litmus Parallel - uses: puppetlabs/action-litmus_parallel@master + uses: puppetlabs/action-litmus_parallel@main with: platform: ${{ matrix.platform }} agent_family: ${{ matrix.agent_family }} Spec: runs-on: self-hosted strategy: matrix: check: [parallel_spec, 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop'] ruby_version: [2.5.x] puppet_gem_version: [~> 5.0, ~> 6.0] exclude: - puppet_gem_version: ~> 5.0 check: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' - ruby_version: 2.5.x puppet_gem_version: ~> 5.0 steps: - uses: actions/checkout@v1 - name: Spec Tests - uses: puppetlabs/action-litmus_spec@master + uses: puppetlabs/action-litmus_spec@main with: puppet_gem_version: ${{ matrix.puppet_gem_version }} check: ${{ matrix.check }} diff --git a/.travis.yml b/.travis.yml index 1cb791f..3c16fd8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,93 +1,93 @@ --- os: linux dist: xenial language: ruby cache: bundler before_install: - bundle -v - rm -f Gemfile.lock - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - gem --version - bundle -v script: - 'SIMPLECOV=yes bundle exec rake $CHECK' bundler_args: --without system_tests rvm: - 2.5.7 env: global: - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" stages: - static - spec - acceptance jobs: fast_finish: true include: - before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" bundler_args: env: PLATFORMS=travis_ub_6_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_ub_5]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: env: PLATFORMS=travis_ub_5_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet5]'" - "bundle exec rake litmus:install_module" bundler_args: env: PLATFORMS=travis_deb_puppet5 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - before_script: - "bundle exec rake 'litmus:provision_list[travis_deb]'" - "bundle exec rake 'litmus:install_agent[puppet6]'" - "bundle exec rake litmus:install_module" bundler_args: env: PLATFORMS=travis_deb_puppet6 rvm: 2.5.7 script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] services: docker stage: acceptance - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" stage: static - env: PUPPET_GEM_VERSION="~> 5.0" CHECK=parallel_spec rvm: 2.4.5 stage: spec - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec rvm: 2.5.7 stage: spec branches: only: - - master + - main - /^v\d/ - release notifications: email: false slack: secure: KeXxAkZ1x/P1otYM3pgpEFnJdFRLDDz0YlTmDRwdNYy09LGo4lRUuUUEUUZoTe4oQaMb3+NigiAs+3j2A7OIMKlcUFWz5zetqnyMdIceJm99iJOD6Ng/kVblo38bN28oVwss66XzG1T0c0+YFMF+X0NkUezbr6RaJrZNsCNTH9M= diff --git a/CHANGELOG.md b/CHANGELOG.md index 96aeca6..f43b21d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,858 +1,872 @@ # Change log All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org). +## [v7.5.0](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.5.0) (2020-08-12) + +[Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.4.2...v7.5.0) + +### Added + +- pdksync - \(IAC-973\) - Update travis/appveyor to run on new default branch main [\#940](https://github.com/puppetlabs/puppetlabs-apt/pull/940) ([david22swan](https://github.com/david22swan)) +- patch-acng-ssl-support [\#938](https://github.com/puppetlabs/puppetlabs-apt/pull/938) ([mdklapwijk](https://github.com/mdklapwijk)) +- \(IAC-746\) - Add ubuntu 20.04 support [\#936](https://github.com/puppetlabs/puppetlabs-apt/pull/936) ([david22swan](https://github.com/david22swan)) + +### Fixed + +- \(MODULES-10763\) loglevel won't affect reports [\#942](https://github.com/puppetlabs/puppetlabs-apt/pull/942) ([gguillotte](https://github.com/gguillotte)) + ## [v7.4.2](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.4.2) (2020-05-14) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.4.1...v7.4.2) ### Fixed - fix apt-mark syntax [\#927](https://github.com/puppetlabs/puppetlabs-apt/pull/927) ([tryfunc](https://github.com/tryfunc)) - Do not specify file modes unless relevant [\#923](https://github.com/puppetlabs/puppetlabs-apt/pull/923) ([anarcat](https://github.com/anarcat)) ## [v7.4.1](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.4.1) (2020-03-10) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.4.0...v7.4.1) ### Fixed - \(MODULES-10583\) Revert "MODULES-10548: make files readonly" [\#920](https://github.com/puppetlabs/puppetlabs-apt/pull/920) ([carabasdaniel](https://github.com/carabasdaniel)) ## [v7.4.0](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.4.0) (2020-03-03) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.3.0...v7.4.0) ### Added - Add 'include' param to apt::backports [\#910](https://github.com/puppetlabs/puppetlabs-apt/pull/910) ([paladox](https://github.com/paladox)) - pdksync - \(FM-8581\) - Debian 10 added to travis and provision file refactored [\#902](https://github.com/puppetlabs/puppetlabs-apt/pull/902) ([david22swan](https://github.com/david22swan)) ### Fixed - MODULES-10548: make files readonly [\#906](https://github.com/puppetlabs/puppetlabs-apt/pull/906) ([anarcat](https://github.com/anarcat)) - MODULES-10543: only consider lsbdistcodename for apt-transport-https [\#905](https://github.com/puppetlabs/puppetlabs-apt/pull/905) ([anarcat](https://github.com/anarcat)) - MODULES-10543: remove sources.list file on purging [\#904](https://github.com/puppetlabs/puppetlabs-apt/pull/904) ([anarcat](https://github.com/anarcat)) - Include apt in apt::backports [\#891](https://github.com/puppetlabs/puppetlabs-apt/pull/891) ([zivis](https://github.com/zivis)) ## [v7.3.0](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.3.0) (2019-12-11) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.2.0...v7.3.0) ### Added - Adding a new parameter for dist [\#890](https://github.com/puppetlabs/puppetlabs-apt/pull/890) ([luckyraul](https://github.com/luckyraul)) ### Fixed - MODULES-10063, extend apt::key to support deeplinks, this time with f… [\#894](https://github.com/puppetlabs/puppetlabs-apt/pull/894) ([atarax](https://github.com/atarax)) - MODULES-10063, extend apt::key to support deeplinks [\#892](https://github.com/puppetlabs/puppetlabs-apt/pull/892) ([atarax](https://github.com/atarax)) ## [v7.2.0](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.2.0) (2019-10-29) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.1.0...v7.2.0) ### Added - Add apt::mark defined type [\#879](https://github.com/puppetlabs/puppetlabs-apt/pull/879) ([tuxmea](https://github.com/tuxmea)) - \(FM-8394\) add debian 10 testing [\#876](https://github.com/puppetlabs/puppetlabs-apt/pull/876) ([ThoughtCrhyme](https://github.com/ThoughtCrhyme)) - Add apt::key\_options for default apt::key options [\#873](https://github.com/puppetlabs/puppetlabs-apt/pull/873) ([raphink](https://github.com/raphink)) - implement apt.conf.d purging [\#869](https://github.com/puppetlabs/puppetlabs-apt/pull/869) ([lelutin](https://github.com/lelutin)) ### Fixed - Install gnupg instead of dirmngr [\#866](https://github.com/puppetlabs/puppetlabs-apt/pull/866) ([martijndegouw](https://github.com/martijndegouw)) ## [v7.1.0](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.1.0) (2019-07-30) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/v7.0.1...v7.1.0) ### Added - \(FM-8215\) Convert to using litmus [\#864](https://github.com/puppetlabs/puppetlabs-apt/pull/864) ([florindragos](https://github.com/florindragos)) ## [v7.0.1](https://github.com/puppetlabs/puppetlabs-apt/tree/v7.0.1) (2019-05-13) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/7.0.0...v7.0.1) ## [7.0.0](https://github.com/puppetlabs/puppetlabs-apt/tree/7.0.0) (2019-04-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.3.0...7.0.0) ### Changed - pdksync - \(MODULES-8444\) - Raise lower Puppet bound [\#853](https://github.com/puppetlabs/puppetlabs-apt/pull/853) ([david22swan](https://github.com/david22swan)) ### Added - Allow weak SSL verification for apt\_key [\#849](https://github.com/puppetlabs/puppetlabs-apt/pull/849) ([tuxmea](https://github.com/tuxmea)) ## [6.3.0](https://github.com/puppetlabs/puppetlabs-apt/tree/6.3.0) (2019-01-21) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.2.1...6.3.0) ### Added - Add support for dist-upgrade & autoremove action [\#832](https://github.com/puppetlabs/puppetlabs-apt/pull/832) ([aboks](https://github.com/aboks)) - \(MODULES-8321\) - Add manage\_auth\_conf parameter [\#831](https://github.com/puppetlabs/puppetlabs-apt/pull/831) ([eimlav](https://github.com/eimlav)) ### Fixed - \(MODULES-8418\) Fix /etc/apt/auth.conf owner changing endlessly [\#836](https://github.com/puppetlabs/puppetlabs-apt/pull/836) ([antaflos](https://github.com/antaflos)) - pdksync - \(FM-7655\) Fix rubygems-update for ruby \< 2.3 [\#835](https://github.com/puppetlabs/puppetlabs-apt/pull/835) ([tphoney](https://github.com/tphoney)) - \(MODULES-8326\) - apt-transport-https not ensured properly [\#830](https://github.com/puppetlabs/puppetlabs-apt/pull/830) ([eimlav](https://github.com/eimlav)) ## [6.2.1](https://github.com/puppetlabs/puppetlabs-apt/tree/6.2.1) (2018-11-20) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.2.0...6.2.1) ### Fixed - \(MODULES-8272\) - Revert "Autorequire dirmngr in apt\_key types" [\#825](https://github.com/puppetlabs/puppetlabs-apt/pull/825) ([eimlav](https://github.com/eimlav)) ## [6.2.0](https://github.com/puppetlabs/puppetlabs-apt/tree/6.2.0) (2018-11-19) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.1.1...6.2.0) ### Added - \(MODULES-8081\): add support for hkps:// protocol in apt::key [\#815](https://github.com/puppetlabs/puppetlabs-apt/pull/815) ([simondeziel](https://github.com/simondeziel)) ### Fixed - Apt-key fixes to properly work on Debian 9 [\#822](https://github.com/puppetlabs/puppetlabs-apt/pull/822) ([ekohl](https://github.com/ekohl)) - \(maint\) - Update Link to REFERENCE.md [\#811](https://github.com/puppetlabs/puppetlabs-apt/pull/811) ([pmcmaw](https://github.com/pmcmaw)) ## [6.1.1](https://github.com/puppetlabs/puppetlabs-apt/tree/6.1.1) (2018-10-01) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.1.0...6.1.1) ### Fixed - Revert "\(MODULES-6408\) - Fix dirmngr install failing" [\#808](https://github.com/puppetlabs/puppetlabs-apt/pull/808) ([eimlav](https://github.com/eimlav)) ## [6.1.0](https://github.com/puppetlabs/puppetlabs-apt/tree/6.1.0) (2018-09-28) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/6.0.0...6.1.0) ### Added - pdksync - \(FM-7392\) - Puppet 6 Testing Changes [\#800](https://github.com/puppetlabs/puppetlabs-apt/pull/800) ([pmcmaw](https://github.com/pmcmaw)) - pdksync - \(MODULES-6805\) metadata.json shows support for puppet 6 [\#798](https://github.com/puppetlabs/puppetlabs-apt/pull/798) ([tphoney](https://github.com/tphoney)) - \(MODULES-3307\) - Auto update expired keys [\#795](https://github.com/puppetlabs/puppetlabs-apt/pull/795) ([eimlav](https://github.com/eimlav)) - \(FM-7316\) - Implementation of the i18n process [\#789](https://github.com/puppetlabs/puppetlabs-apt/pull/789) ([david22swan](https://github.com/david22swan)) - Introduce an Apt::Proxy type to validate the hash [\#773](https://github.com/puppetlabs/puppetlabs-apt/pull/773) ([ekohl](https://github.com/ekohl)) ### Fixed - \(MODULES-6408\) - Fix dirmngr install failing [\#801](https://github.com/puppetlabs/puppetlabs-apt/pull/801) ([eimlav](https://github.com/eimlav)) - \(MODULES-1630\) - Expanding source list fix to cover all needed versions [\#788](https://github.com/puppetlabs/puppetlabs-apt/pull/788) ([david22swan](https://github.com/david22swan)) ## [6.0.0](https://github.com/puppetlabs/puppetlabs-apt/tree/6.0.0) (2018-08-24) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/5.0.1...6.0.0) ### Changed - \(MODULES-7668\) Remove support for Puppet 4.7 [\#780](https://github.com/puppetlabs/puppetlabs-apt/pull/780) ([jarretlavallee](https://github.com/jarretlavallee)) ### Added - Check existence of gpg key in apt:ppa [\#774](https://github.com/puppetlabs/puppetlabs-apt/pull/774) ([wenzhengjiang](https://github.com/wenzhengjiang)) - Make sure PPA source file is absent when apt-add-repository fails [\#768](https://github.com/puppetlabs/puppetlabs-apt/pull/768) ([wenzhengjiang](https://github.com/wenzhengjiang)) ## 5.0.1 [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/5.0.0...5.0.1) ### Fixed - \(MODULES-7540\) - add apt-transport-https with https [\#775](https://github.com/puppetlabs/puppetlabs-apt/pull/775) ([tphoney](https://github.com/tphoney)) ## [5.0.0](https://github.com/puppetlabs/puppetlabs-apt/tree/5.0.0) (2018-07-18) [Full Changelog](https://github.com/puppetlabs/puppetlabs-apt/compare/4.5.1...5.0.0) ### Changed - \[FM-6956\] Removal of unsupported Debian 7 from apt [\#760](https://github.com/puppetlabs/puppetlabs-apt/pull/760) ([david22swan](https://github.com/david22swan)) ### Added - \(MODULES-7467\) Update apt to support Ubuntu 18.04 [\#769](https://github.com/puppetlabs/puppetlabs-apt/pull/769) ([david22swan](https://github.com/david22swan)) - Support managing login configurations in /etc/apt/auth.conf [\#752](https://github.com/puppetlabs/puppetlabs-apt/pull/752) ([antaflos](https://github.com/antaflos)) ### Fixed - \(MODULES-7327\) - Update README with supported OS [\#767](https://github.com/puppetlabs/puppetlabs-apt/pull/767) ([pmcmaw](https://github.com/pmcmaw)) - \(bugfix\) Dont run ftp tests in travis [\#766](https://github.com/puppetlabs/puppetlabs-apt/pull/766) ([tphoney](https://github.com/tphoney)) - \(maint\) make apt testing more stable, cleanup [\#764](https://github.com/puppetlabs/puppetlabs-apt/pull/764) ([tphoney](https://github.com/tphoney)) - Remove .length from variable $pin\_release in app [\#754](https://github.com/puppetlabs/puppetlabs-apt/pull/754) ([paladox](https://github.com/paladox)) - Replace UTF-8 whitespace in comment [\#748](https://github.com/puppetlabs/puppetlabs-apt/pull/748) ([bernhardschmidt](https://github.com/bernhardschmidt)) - Fix "E: Unable to locate package -y" [\#747](https://github.com/puppetlabs/puppetlabs-apt/pull/747) ([aboks](https://github.com/aboks)) - Fix automatic coercion warning [\#743](https://github.com/puppetlabs/puppetlabs-apt/pull/743) ([smortex](https://github.com/smortex)) ## Supported Release [4.5.1] ### Summary This release fixes CVE-2018-6508 which is a potential arbitrary code execution via tasks. ### Fixed - Fix init task for arbitrary remote code ## Supported Release [4.5.0] ### Summary This release uses the PDK convert functionality which in return makes the module PDK compliant. It also includes a roll up of maintenance changes. ### Added - PDK convert apt ([MODULES-6452](https://tickets.puppet.com/browse/MODULES-6452)). - Testing on Travis using rvm 2.4.1. - Modulesync updates. ### Fixed - Changes to address additional Rubocop failures. - (maint) Addressing puppet-lint doc warnings. ### Removed - `gem update bundler` command in .travis.yml due to ([MODULES-6339](https://tickets.puppet.com/browse/MODULES-6339)). ## Supported Release [4.4.1] ### Summary This release is to update the formatting of the module, Rubocop having been run for all ruby files and been set to run automatically on all future commits. ### Changed - Rubocop has been implemented. ## Supported Release [4.4.0] ### Summary This release is a rollup of new features and fixes. #### Added - Install `apt-transport-https` if using Debian 7, 8, 9 or Ubuntu 14.04, 16.04. - Adds a boolean option `direct` to proxy settings to bypass `https_proxy` if not set. - Adds facter facts for `dist-upgrade` apt updates. #### Changed - Update class is now private. - Some tidyup of ruby code from Rubocop. - Fixed circular dependency for package dirmngr. - Debian updates are no longer treated as security updates. - Legacy functions have been removed. - Updates to tests. #### Fixed - [(MODULES-4265)](https://tickets.puppetlabs.com/browse/MODULES-4265) Detect security updates from multiple sources. ## Supported Release [4.3.0] ### Summary This release is adding Tasks to the apt module. #### Added - Add a task that allows apt-get update and upgrade ## Supported Release [4.2.0] ### Summary This release is primarily to fix an error around GPG keys in Debian 9, but includes some other small features and fixes as well. #### Added - `apt_package_security_updates` fact - The ability to modify the loglevel of `Exec['apt_update'}` - Puppet 5 support #### Changed - Ubuntu 16.04 now uses `software-priorities-common` #### Removed - Debian 6, Ubuntu 10.04 and 12.04 support. Existing compatibility remains intact but bugs will not be prioritized for these OSes. #### Fixed - **[(MODULES-4686)](https://tickets.puppetlabs.com/browse/MODULES-4686) an error that was causing GPG keyserver imports to fail on Debian 9** ## Supported Release 4.1.0 ### Summary This release removes Data in Modules due to current compatibility issues and reinstates the params.pp file. Also includes a couple of bug fixes. #### Features - (MODULES-4973) Data in Modules which was introduced in the last release has now been reverted due to compatibility issues. #### Bugfixes - Now apt_key only sends the auth basic header when userinfo can be parsed from the URL. - Reverted the removal of Evolving Web's attribution in NOTICE file. - Test added to ensure empty string allowed for $release in apt::source. ## Supported Release 3.0.0 and 4.0.0 ### Summary This release adds new Puppet 4 features: data in modules, EPP templates, the $facts hash, and data types. This release is fully backwards compatible to existing Puppet 4 configurations and provides you with deprecation warnings for every argument that will not work as expected with the final 4.0.0 release. See the stdlib docs here for an in-depth discussion of this: https://github.com/puppetlabs/puppetlabs-stdlib#validate_legacy If you want to learn more about the new features used or you wish to upgrade a module yourself, have a look at the NTP: A Puppet 4 language update blog post. If you're still running Puppet 3, remain on the latest puppetlabs-apt 2.x release for now, and see the documentation to upgrade to Puppet 4. #### Changes Data in modules: Moves all distribution and OS-dependent defaults into YAML files in data/, alleviating the need for a params class. Note that while this feature is currently still classed as experimental, the final implementation will support the changes here. EPP templating: Uses the Puppet language as a base for templates to create simpler and safer templates. No need for Ruby anymore! The $facts hash: Makes facts visibly distinct from other variables for more readable and maintainable code. This helps eliminate confusion if you use a local variable whose name happens to match that of a common fact. Data types for validation: Helps you find and replace deprecated code in existing validate functions with stricter, more readable data type notation. First upgrade to the 3.0.0 release of this module, and address all deprecation warnings before upgrading to the final 4.0.0 release. Please see the stdlib docs for an in-depth discussion of this process. #### Bugfixes - Fix apt::source epp template regression introduced in 3.0.0 for the architecture parameter ## Supported Release 2.4.0 ### Summary A release that includes only a couple of additional features, but includes several cleanups and bugfixes around existing issues. #### Features - Tests updated to check for idempotency. - (MODULES-4224) Implementation of beaker-module_install_helper. - Deprecation warnings are now handled by the deprecation function in stdlib. #### Bugfixes - Now http and https sources fixed for apt_key and can take a userinfo. - GPG key update. - Notify_update param now defaults to true to avoid validation errors. - Implement retry on tests which pull key from a key server which sometimes times out (transient error). - String comparison error now comphensated for in update.pp. - (MODULES-4104) Removal of the port number from repository location in order to get the host name of the repository. - Puppet lint warnings addressed. - A few small readme issues addressed. ## Supported Release 2.3.0 ### Summary A release containing many bugfixes with additional features. #### Features - Apt_updates facts now use /usr/bin/apt-get. - Addition of notify update to apt::source. - Update to newest modulesync_configs. - Installs software-properties-common for Xenial. - Modulesync updates. - Add ability to specify a hash of apt::conf defines. #### Bugfixes - A clean up of spec/defines/key_compat_specs, also now runs under STRICT_VARIABLES. - Apt::setting expects priority to be an integer, set defaults accordingly. - Fixed version check for Ubuntu on 16.04. - Now uses hkps.pool.sks-keyservers.net instead of pgp.mit.edu. - Updates and fixes to tests. General cleanup. - Fixed regexp for $ensure params. - Apt/params: Remove unused LSB facts. - Replaced `-s` with `-f` in ppa rspec tests - After the repository is added, the "${::apt::sources_list_d}/${sources_list_d_filename}" file is created as an empty file. The unless condition of Exec["add-apt-repository-${name}"] calls test -s, which returns 1 if the file is empty. Because the file is empty, the unless condition is never true and the repository is added on every execution. This change replaces the -s test condition with -f, which is true if the file exists or false otherwise. - Limit non-strict parsing to pre-3.5.0 only - Puppet 3.5.0 introduced strict variables and the module handles strict variables by using the defined() function. This does not work on prior versions of puppet so we now gate based on that version. Puppet 4 series has a new setting `strict` that may be set to enforce strict variables while `strict_variables` remains unset (see PUP-6358) which causes the conditional in manifests/params.pp to erroniously use non-strict 3.5-era parsing and fail. This new conditional corrects the cases such that strict variable behavior happens on versions 3.5.0 and later. ## Supported Release 2.2.2 ### Summary Several bug fixes and the addition of support updates to Debian 8 and Ubuntu Wily. #### Bugfixes - Small fixes to descriptions within the readme and the addition of some examples. - Updates to run on Ubuntu Wily. - Fixed apt_key tempfile race condition. - Run stages limitation added to the documentation. - Remove unneeded whitespace in source.list template. - Handle PPA names that contain a plus character. - Update to current msync configs. - Avoid duplicate package resources when package_manage => true. - Avoid multiple package resource declarations. - Ensure PPAs in tests have valid form. - Look for correct sources.list.d file for apt::ppa. - Debian 8 support addiiton to metadata. ## Supported Release 2.2.1 ### Summary Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. ## 2015-09-29 - Supported Release 2.2.0 ### Summary This release includes a few bugfixes. #### Features - Adds an `ensure` parameter for user control of proxy presence. - Adds ability to set `notify_update` to `apt::conf` (MODULES-2269). - Apt pins no longer trigger an `apt-get update` run. - Adds support for creating pins from main class. #### Bugfixes - Updates to use the official Debian mirrors. - Fixes path to `preferences` and `preferences.d` - Fixes pinning for backports (MODULES-2446). - Fixes the name/extension of the preferences files. ## 2015-07-28 - Supported Release 2.1.1 ### Summary This release includes a few bugfixes. #### Bugfixes - Fix incorrect use of anchoring (MODULES-2190) - Use correct comment type for apt.conf files - Test fixes - Documentation fixes ## 2015-06-16 - Supported Release 2.1.0 ### Summary This release largely makes `apt::key` and `apt::source` API-compatible with the 1.8.x versions for ease in upgrading, and also addresses some compatibility issues with older versions of Puppet. #### Features - Add API compatibility to `apt::key` and `apt::source` - Added `apt_reboot_required` fact #### Bugfixes - Fix compatibility with Puppet versions 3.0-3.4 - Work around future parser bug PUP-4133 ## 2015-04-28 - Supported Release 2.0.1 ### Summary This bug fixes a few compatibility issues that came up with the 2.0.0 release, and includes test and documentation updates. #### Bugfixes - Fix incompatibility with keyrings containing multiple keys - Fix bugs preventing the module from working with Puppet < 3.5.0 ## 2015-04-07 - Supported Release 2.0.0 ### Summary This is a major rewrite of the apt module. Many classes and defines were removed, but all existing functionality should still work. Please carefully review documentation before upgrading. #### Backwards-incompatible changes As this is a major rewrite of the module there are a great number of backwards incompatible changes. Please review this and the updated README carefully before upgrading. ##### `apt_key` - `keyserver_options` parameter renamed to `options` ##### `apt::backports` - This no longer works out of the box on Linux Mint. If using this on mint, you must specify the `location`, `release`, `repos`, and `key` parameters. [Example](examples/backports.pp) ##### `apt::builddep` - This define was removed. Functionality can be matched passing 'build-dep' to `install_options` in the package resource. [Example](examples/builddep.pp) ##### `apt::debian::testing` - This class was removed. Manually add an `apt::source` instead. [Example](examples/debian_testing.pp) ##### `apt::debian::unstable` - This class was removed. Manually add an `apt::source` instead. [Example](examples/debian_unstable.pp) ##### `apt::force` - This define was removed. Functionallity can be matched by setting `install_options` in the package resource. See [here](examples/force.pp) for how to set the options. ##### `apt::hold` - This define was removed. Simply use an `apt::pin` with `priority => 1001` for the same functionality. ##### `apt` - `always_apt_update` - This parameter was removed. Use `update => { 'frequency' => 'always' }` instead. - `apt_update_frequency` - This parameter was removed. Use `update => { 'frequency' => }` instead. - `disable_keys` - This parameter was removed. See this [example](examples/disable_keys.pp) if you need this functionality. - `proxy_host` - This parameter was removed. Use `proxy => { 'host' => }` instead. - `proxy_port` - This parameter was removed. Use `proxy => { 'port' => }` instead. - `purge_sources_list` - This parameter was removed. Use `purge => { 'sources.list' => }` instead. - `purge_sources_list_d` - This parameter was removed. Use `purge => { 'sources.list.d' => }` instead. - `purge_preferences` - This parameter was removed. Use `purge => { 'preferences' => }` instead. - `purge_preferences_d` - This parameter was removed. Use `purge => { 'preferences.d' => }` instead. - `update_timeout` - This parameter was removed. Use `update => { 'timeout' => }` instead. - `update_tries` - This parameter was removed. Use `update => { 'tries' => }` instead. ##### `apt::key` - `key` - This parameter was renamed to `id`. - `key_content` - This parameter was renamed to `content`. - `key_source` - This parameter was renamed to `source`. - `key_server` - This parameter was renamed to `server`. - `key_options` - This parameter was renamed to `options`. ##### `apt::release` - This class was removed. See this [example](examples/release.pp) for how to achieve this functionality. ##### `apt::source` - `include_src` - This parameter was removed. Use `include => { 'src' => }` instead. ***NOTE*** This now defaults to false. - `include_deb` - This parameter was removed. Use `include => { 'deb' => }` instead. - `required_packages` - This parameter was removed. Use package resources for these packages if needed. - `key` - This can either be a key id or a hash including key options. If using a hash, `key => { 'id' => }` must be specified. - `key_server` - This parameter was removed. Use `key => { 'server' => }` instead. - `key_content` - This parameter was removed. Use `key => { 'content' => }` instead. - `key_source` - This parameter was removed. Use `key => { 'source' => }` instead. - `trusted_source` - This parameter was renamed to `allow_unsigned`. ##### `apt::unattended_upgrades` - This class was removed and is being republished under the puppet-community namespace. The git repository is available [here](https://github.com/puppet-community/puppet-unattended_upgrades) and it will be published to the forge [here](https://forge.puppetlabs.com/puppet/unattended_upgrades). #### Changes to default behavior - By default purge unmanaged files in 'sources.list', 'sources.list.d', 'preferences', and 'preferences.d'. - Changed default for `package_manage` in `apt::ppa` to `false`. Set to `true` in a single PPA if you need the package to be managed. - `apt::source` will no longer include the `src` entries by default. - `pin` in `apt::source` now defaults to `undef` instead of `false` #### Features - Added the ability to pass hashes of `apt::key`s, `apt::ppa`s, and `apt::setting`s to `apt`. - Added 'https' key to `proxy` hash to allow disabling `https_proxy` for the `apt::ppa` environment. - Added `apt::setting` define to abstract away configuration. - Added the ability to pass hashes to `pin` and `key` in `apt::backports` and `apt::source`. #### Bugfixes - Fixes for strict variables. ## 2015-03-17 - Supported Release 1.8.0 ### Summary This is the last planned feature release of the 1.x series of this module. All new features will be evaluated for puppetlabs-apt 2.x. This release includes many important features, including support for full fingerprints, and fixes issues where `apt_key` was not supporting user/password and `apt_has_updates` was not properly parsing the `apt-check` output. #### Changes to default behavior - The apt module will now throw warnings if you don't use full fingerprints for `apt_key`s #### Features - Use gpg to check keys to work around https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/1409117 (MODULES-1675) - Add 'oldstable' to the default update origins for wheezy - Add utopic, vivid, and cumulus compatibility - Add support for full fingerprints - New parameter for `apt::source` - `trusted_source` - New parameters for `apt::ppa` - `package_name` - `package_manage` - New parameter for `apt::unattended_upgrades` - `legacy_origin` - Separate `apt::pin` from `apt::backports` to allow pin by release instead of origin #### Bugfixes - Cleanup lint and future parser issues - Fix to support username and passwords again for `apt_key` (MODULES-1119) - Fix issue where `apt::force` `$install_check` didn't work with non-English locales (MODULES-1231) - Allow 5 digit ports in `apt_key` - Fix for `ensure => absent` in `apt_key` (MODULES-1661) - Fix `apt_has_updates` not parsing `apt-check` output correctly - Fix inconsistent headers across files (MODULES-1200) - Clean up formatting for 50unattended-upgrades.erb ## 2014-10-28 - Supported Release 1.7.0 ### Summary This release includes several new features, documentation and test improvements, and a few bug fixes. #### Features - Updated unit and acceptance tests - Update module to work with Linux Mint - Documentation updates - Future parser / strict variables support - Improved support for long GPG keys - New parameters! - Added `apt_update_frequency` to apt - Added `cfg_files` and `cfg_missing` parameters to apt::force - Added `randomsleep` to apt::unattended_upgrades - Added `apt_update_last_success` fact - Refactored facts for performance improvements #### Bugfixes - Update apt::builddep to require Exec['apt_update'] instead of notifying it - Clean up lint errors ## 2014-08-20 - Supported Release 1.6.0 ### Summary #### Features - Allow URL or domain name for key_server parameter - Allow custom comment for sources list - Enable auto-update for Debian squeeze LTS - Add facts showing available updates - Test refactoring #### Bugfixes - Allow dashes in URL or domain for key_server parameter ## 2014-08-13 - Supported Release 1.5.3 ### Summary This is a bugfix releases. It addresses a bad regex, failures with unicode characters, and issues with the $proxy_host handling in apt::ppa. #### Features - Synced files from Modulesync #### Bugfixes - Fix regex to follow APT requirements in apt::pin - Fix for unicode characters - Fix inconsistent $proxy_host handling in apt and apt::ppa - Fix typo in README - Fix broken acceptance tests ## 2014-07-15 - Supported Release 1.5.2 ### Summary This release merely updates metadata.json so the module can be uninstalled and upgraded via the puppet module command. ## 2014-07-10 - Supported Release 1.5.1 ### Summary This release has added tests to ensure graceful failure on OSX. ## 2014-06-04 - Release 1.5.0 ### Summary This release adds support for Ubuntu 14.04. It also includes many new features and important bugfixes. One huge change is that apt::key was replaced with apt_key, which allows you to use puppet resource apt_key to inventory keys on your system. Special thanks to daenney, our intrepid unofficial apt maintainer! #### Features - Add support for Ubuntu Trusty! - Add apt::hold define - Generate valid *.pref files in apt::pin - Made pin_priority configurable for apt::backports - Add apt_key type and provider - Rename "${apt_conf_d}/proxy" to "${apt_conf_d}/01proxy" - apt::key rewritten to use apt_key type - Add support for update_tries to apt::update #### Bugfixes - Typo fixes - Fix unattended upgrades - Removed bogus line when using purge_preferences - Fix apt::force to upgrade allow packages to be upgraded to the pacakge from the specified release ## 2014-03-04 - Supported Release 1.4.2 ### Summary This is a supported release. This release tidies up 1.4.1 and re-enables support for Ubuntu 10.04 #### Features #### Bugfixes - Fix apt:ppa to include the -y Ubuntu 10.04 requires. - Documentation changes. - Test fixups. #### Known Bugs * No known issues. ## 2014-02-13 1.4.1 ### Summary This is a bugfix release. #### Bugfixes - Fix apt::force unable to upgrade packages from releases other than its original - Removed a few refeneces to aptitude instead of apt-get for portability - Removed call to getparam() due to stdlib dependency - Correct apt::source template when architecture is provided - Retry package installs if apt is locked - Use root to exec in apt::ppa - Updated tests and converted acceptance tests to beaker ## 2013-10-08 - Release 1.4.0 ### Summary Minor bugfix and allow the timeout to be adjusted. #### Features - Add an `updates_timeout` to apt::params #### Bugfixes - Ensure apt::ppa can read a ppa removed by hand. ## 2013-10-08 - Release 1.3.0 ### Summary This major feature in this release is the new apt::unattended_upgrades class, allowing you to handle Ubuntu's unattended feature. This allows you to select specific packages to automatically upgrade without any further user involvement. In addition we extend our Wheezy support, add proxy support to apt:ppa and do various cleanups and tweaks. #### Features - Add apt::unattended_upgrades support for Ubuntu. - Add wheezy backports support. - Use the geoDNS http.debian.net instead of the main debian ftp server. - Add `options` parameter to apt::ppa in order to pass options to apt-add-repository command. - Add proxy support for apt::ppa (uses proxy_host and proxy_port from apt). #### Bugfixes - Fix regsubst() calls to quote single letters (for future parser). - Fix lint warnings and other misc cleanup. ## 2013-07-03 - Release 1.2.0 #### Features - Add geppetto `.project` natures - Add GH auto-release - Add `apt::key::key_options` parameter - Add complex pin support using distribution properties for `apt::pin` via new properties: - `apt::pin::codename` - `apt::pin::release_version` - `apt::pin::component` - `apt::pin::originator` - `apt::pin::label` - Add source architecture support to `apt::source::architecture` #### Bugfixes - Use apt-get instead of aptitude in apt::force - Update default backports location - Add dependency for required packages before apt-get update ## 2013-06-02 - Release 1.1.1 ### Summary This is a bug fix release that resolves a number of issues: * By changing template variable usage, we remove the deprecation warnings for Puppet 3.2.x * Fixed proxy file removal, when proxy absent Some documentation, style and whitespaces changes were also merged. This release also introduced proper rspec-puppet unit testing on Travis-CI to help reduce regression. Thanks to all the community contributors below that made this patch possible. #### Detail Changes * fix minor comment type (Chris Rutter) * whitespace fixes (Michael Moll) * Update travis config file (William Van Hevelingen) * Build all branches on travis (William Van Hevelingen) * Standardize travis.yml on pattern introduced in stdlib (William Van Hevelingen) * Updated content to conform to README best practices template (Lauren Rother) * Fix apt::release example in readme (Brian Galey) * add @ to variables in template (Peter Hoeg) * Remove deprecation warnings for pin.pref.erb as well (Ken Barber) * Update travis.yml to latest versions of puppet (Ken Barber) * Fix proxy file removal (Scott Barber) * Add spec test for removing proxy configuration (Dean Reilly) * Fix apt::key listing longer than 8 chars (Benjamin Knofe) ## Release 1.1.0 ### Summary This release includes Ubuntu 12.10 (Quantal) support for PPAs. --- ## 2012-05-25 - Puppet Labs - Release 0.0.4 ### Summary * Fix ppa list filename when there is a period in the PPA name * Add .pref extension to apt preferences files * Allow preferences to be purged * Extend pin support ## 2012-05-04 - Puppet Labs - Release 0.0.3 ### Summary * only invoke apt-get update once * only install python-software-properties if a ppa is added * support 'ensure => absent' for all defined types * add apt::conf * add apt::backports * fixed Modulefile for module tool dependency resolution * configure proxy before doing apt-get update * use apt-get update instead of aptitude for apt::ppa * add support to pin release ## 2012-03-26 - Puppet Labs - Release 0.0.2 ### Summary * 41cedbb (#13261) Add real examples to smoke tests. * d159a78 (#13261) Add key.pp smoke test * 7116c7a (#13261) Replace foo source with puppetlabs source * 1ead0bf Ignore pkg directory. * 9c13872 (#13289) Fix some more style violations * 0ea4ffa (#13289) Change test scaffolding to use a module & manifest dir fixture path * a758247 (#13289) Clean up style violations and fix corresponding tests * 99c3fd3 (#13289) Add puppet lint tests to Rakefile * 5148cbf (#13125) Apt keys should be case insensitive * b9607a4 Convert apt::key to use anchors ## 2012-03-07 - Puppet Labs - Release 0.0.1 ### Summary * d4fec56 Modify apt::source release parameter test * 1132a07 (#12917) Add contributors to README * 8cdaf85 (#12823) Add apt::key defined type and modify apt::source to use it * 7c0d10b (#12809) $release should use $lsbdistcodename and fall back to manual input * be2cc3e (#12522) Adjust spec test for splitting purge * 7dc60ae (#12522) Split purge option to spare sources.list * 9059c4e Fix source specs to test all key permutations * 8acb202 Add test for python-software-properties package * a4af11f Check if python-software-properties is defined before attempting to define it. * 1dcbf3d Add tests for required_packages change * f3735d2 Allow duplicate $required_packages * 74c8371 (#12430) Add tests for changes to apt module * 97ebb2d Test two sources with the same key * 1160bcd (#12526) Add ability to reverse apt { disable_keys => true } * 2842d73 Add Modulefile to puppet-apt * c657742 Allow the use of the same key in multiple sources * 8c27963 (#12522) Adding purge option to apt class * 997c9fd (#12529) Add unit test for apt proxy settings * 50f3cca (#12529) Add parameter to support setting a proxy for apt * d522877 (#12094) Replace chained .with_* with a hash * 8cf1bd0 (#12094) Remove deprecated spec.opts file * 2d688f4 (#12094) Add rspec-puppet tests for apt * 0fb5f78 (#12094) Replace name with path in file resources * f759bc0 (#11953) Apt::force passes $version to aptitude * f71db53 (#11413) Add spec test for apt::force to verify changes to unless * 2f5d317 (#11413) Update dpkg query used by apt::force * cf6caa1 (#10451) Add test coverage to apt::ppa * 0dd697d include_src parameter in example; Whitespace cleanup * b662eb8 fix typos in "repositories" * 1be7457 Fix (#10451) - apt::ppa fails to "apt-get update" when new PPA source is added * 864302a Set the pin priority before adding the source (Fix #10449) * 1de4e0a Refactored as per mlitteken * 1af9a13 Added some crazy bash madness to check if the ppa is installed already. Otherwise the manifest tries to add it on every run! * 52ca73e (#8720) Replace Apt::Ppa with Apt::Builddep * 5c05fa0 added builddep command. * a11af50 added the ability to specify the content of a key * c42db0f Fixes ppa test. * 77d2b0d reformatted whitespace to match recommended style of 2 space indentation. * 27ebdfc ignore swap files. * 377d58a added smoke tests for module. * 18f614b reformatted apt::ppa according to recommended style. * d8a1e4e Created a params class to hold global data. * 636ae85 Added two params for apt class * 148fc73 Update LICENSE. * ed2d19e Support ability to add more than one PPA * 420d537 Add call to apt-update after add-apt-repository in apt::ppa * 945be77 Add package definition for python-software-properties * 71fc425 Abs paths for all commands * 9d51cd1 Adding LICENSE * 71796e3 Heading fix in README * 87777d8 Typo in README * f848bac First commit [5.0.1]:https://github.com/puppetlabs/puppetlabs-apt/compare/5.0.0...5.0.1 [5.0.0]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.5.1...5.0.0 [4.5.1]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.5.0...4.5.1 [4.5.0]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.4.1...4.5.0 [4.4.1]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.4.0...4.4.1 [4.4.0]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.3.0...4.4.0 [4.3.0]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.2.0...4.3.0 [4.2.0]:https://github.com/puppetlabs/puppetlabs-apt/compare/4.1.0...4.2.0 \* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)* diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1a9fb3a..9c171f9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,271 +1,271 @@ # Contributing to Puppet modules So you want to contribute to a Puppet module: Great! Below are some instructions to get you started doing that very thing while setting expectations around code quality as well as a few tips for making the process as easy as possible. ### Table of Contents 1. [Getting Started](#getting-started) 1. [Commit Checklist](#commit-checklist) 1. [Submission](#submission) 1. [More about commits](#more-about-commits) 1. [Testing](#testing) - [Running Tests](#running-tests) - [Writing Tests](#writing-tests) 1. [Get Help](#get-help) ## Getting Started - Fork the module repository on GitHub and clone to your workspace - Make your changes! ## Commit Checklist ### The Basics - [x] my commit is a single logical unit of work - [x] I have checked for unnecessary whitespace with "git diff --check" - [x] my commit does not include commented out code or unneeded files ### The Content - [x] my commit includes tests for the bug I fixed or feature I added - [x] my commit includes appropriate documentation changes if it is introducing a new feature or changing existing functionality - [x] my code passes existing test suites ### The Commit Message - [x] the first line of my commit message includes: - [x] an issue number (if applicable), e.g. "(MODULES-xxxx) This is the first line" - [x] a short description (50 characters is the soft limit, excluding ticket number(s)) - [x] the body of my commit message: - [x] is meaningful - [x] uses the imperative, present tense: "change", not "changed" or "changes" - [x] includes motivation for the change, and contrasts its implementation with the previous behavior ## Submission ### Pre-requisites - Make sure you have a [GitHub account](https://github.com/join) - [Create a ticket](https://tickets.puppet.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppet.com/browse/) you are patching for. ### Push and PR - Push your changes to your fork - [Open a Pull Request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/) against the repository in the puppetlabs organization ## More about commits 1. Make separate commits for logically separate changes. Please break your commits down into logically consistent units which include new or changed tests relevant to the rest of the change. The goal of doing this is to make the diff easier to read for whoever is reviewing your code. In general, the easier your diff is to read, the more likely someone will be happy to review it and get it into the code base. If you are going to refactor a piece of code, please do so as a separate commit from your feature or bug fix changes. We also really appreciate changes that include tests to make sure the bug is not re-introduced, and that the feature is not accidentally broken. Describe the technical detail of the change(s). If your description starts to get too long, that is a good sign that you probably need to split up your commit into more finely grained pieces. Commits which plainly describe the things which help reviewers check the patch and future developers understand the code are much more likely to be merged in with a minimum of bike-shedding or requested changes. Ideally, the commit message would include information, and be in a form suitable for inclusion in the release notes for the version of Puppet that includes them. Please also check that you are not introducing any trailing whitespace or other "whitespace errors". You can do this by running "git diff --check" on your changes before you commit. 2. Sending your patches To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of - directly on "master". + directly on "main". It makes things much easier to keep track of, especially if you decide to work on another thing before your first change is merged in. GitHub has some pretty good [general documentation](http://help.github.com/) on using their site. They also have documentation on [creating pull requests](https://help.github.com/articles/creating-a-pull-request-from-a-fork/). In general, after pushing your topic branch up to your repository on GitHub, you can switch to the branch in the GitHub UI and click "Pull Request" towards the top of the page in order to open a pull request. 3. Update the related JIRA issue. If there is a JIRA issue associated with the change you submitted, then you should update the ticket to include the location of your branch, along with any other commentary you may wish to make. # Testing ## Getting Started Our Puppet modules provide [`Gemfile`](./Gemfile)s, which can tell a Ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, or Gems, are required to build, develop, and test this software. Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, and then use it to install all dependencies needed for this project in the project root by running ```shell % bundle install --path .bundle/gems Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/.. Using rake (10.1.0) Using builder (3.2.2) -- 8><-- many more --><8 -- Using rspec-system-puppet (2.2.0) Using serverspec (0.6.3) Using rspec-system-serverspec (1.0.0) Using bundler (1.3.5) Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. ``` NOTE: some systems may require you to run this command with sudo. If you already have those gems installed, make sure they are up-to-date: ```shell % bundle update ``` ## Running Tests With all dependencies in place and up-to-date, run the tests: ### Unit Tests ```shell % bundle exec rake spec ``` This executes all the [rspec tests](http://rspec-puppet.com/) in the directories defined [here](https://github.com/puppetlabs/puppetlabs_spec_helper/blob/699d9fbca1d2489bff1736bb254bb7b7edb32c74/lib/puppetlabs_spec_helper/rake_tasks.rb#L17) and so on. rspec tests may have the same kind of dependencies as the module they are testing. Although the module defines these dependencies in its [metadata.json](./metadata.json), rspec tests define them in [.fixtures.yml](./fixtures.yml). ### Acceptance Tests Some Puppet modules also come with acceptance tests, which use [beaker][]. These tests spin up a virtual machine under [VirtualBox](https://www.virtualbox.org/), controlled with [Vagrant](http://www.vagrantup.com/), to simulate scripted test scenarios. In order to run these, you need both Virtualbox and Vagrant installed on your system. Run the tests by issuing the following command ```shell % bundle exec rake spec_clean % bundle exec rspec spec/acceptance ``` This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), install Puppet, copy this module, and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) and then run all the tests under [spec/acceptance](./spec/acceptance). ## Writing Tests ### Unit Tests When writing unit tests for Puppet, [rspec-puppet][] is your best friend. It provides tons of helper methods for testing your manifests against a catalog (e.g. contain_file, contain_package, with_params, etc). It would be ridiculous to try and top rspec-puppet's [documentation][rspec-puppet_docs] but here's a tiny sample: Sample manifest: ```puppet file { "a test file": ensure => present, path => "/etc/sample", } ``` Sample test: ```ruby it 'does a thing' do expect(subject).to contain_file("a test file").with({:path => "/etc/sample"}) end ``` ### Acceptance Tests Writing acceptance tests for Puppet involves [beaker][] and its cousin [beaker-rspec][]. A common pattern for acceptance tests is to create a test manifest, apply it twice to check for idempotency or errors, then run expectations. ```ruby it 'does an end-to-end thing' do pp = <<-EOF file { 'a test file': ensure => present, path => "/etc/sample", content => "test string", } apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe file("/etc/sample") do it { is_expected.to contain "test string" } end ``` # If you have commit access to the repository Even if you have commit access to the repository, you still need to go through the process above, and have someone else review and merge in your changes. The rule is that **all changes must be reviewed by a project developer that did not write the code to ensure that all changes go through a code review process.** The record of someone performing the merge is the record that they performed the code review. Again, this should be someone other than the author of the topic branch. # Get Help ### On the web * [Puppet help messageboard](http://puppet.com/community/get-help) * [Writing tests](https://docs.puppet.com/guides/module_guides/bgtm.html#step-three-module-testing) * [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) ### On chat * Slack (slack.puppet.com) #forge-modules, #puppet-dev, #windows, #voxpupuli * IRC (freenode) #puppet-dev, #voxpupuli [rspec-puppet]: http://rspec-puppet.com/ [rspec-puppet_docs]: http://rspec-puppet.com/documentation/ [beaker]: https://github.com/puppetlabs/beaker [beaker-rspec]: https://github.com/puppetlabs/beaker-rspec diff --git a/Gemfile b/Gemfile index c65a5be..3373f01 100644 --- a/Gemfile +++ b/Gemfile @@ -1,82 +1,80 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org' def location_for(place_or_version, fake_version = nil) git_url_regex = %r{\A(?(https?|git)[:@][^#]*)(#(?.*))?} file_url_regex = %r{\Afile:\/\/(?.*)} if place_or_version && (git_url = place_or_version.match(git_url_regex)) [fake_version, { git: git_url[:url], branch: git_url[:branch], require: false }].compact elsif place_or_version && (file_url = place_or_version.match(file_url_regex)) ['>= 0', { path: File.expand_path(file_url[:path]), require: false }] else [place_or_version, { require: false }] end end ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments minor_version = ruby_version_segments[0..1].join('.') group :development do gem "fast_gettext", '1.1.0', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.1.0') gem "fast_gettext", require: false if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.1.0') gem "json_pure", '<= 2.0.1', require: false if Gem::Version.new(RUBY_VERSION.dup) < Gem::Version.new('2.0.0') gem "json", '= 1.8.1', require: false if Gem::Version.new(RUBY_VERSION.dup) == Gem::Version.new('2.1.9') gem "json", '= 2.0.4', require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "json", '= 2.1.0', require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup)) gem "rb-readline", '= 0.5.5', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-posix-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] gem "puppet-module-posix-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:ruby] gem "puppet-module-win-default-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "puppet-module-win-dev-r#{minor_version}", '~> 0.4', require: false, platforms: [:mswin, :mingw, :x64_mingw] gem "github_changelog_generator", require: false, git: 'https://github.com/skywinder/github-changelog-generator', ref: '20ee04ba1234e9e83eb2ffb5056e23d641c7a018' if Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.2.2') gem "puppet-lint-i18n", require: false - gem 'ed25519', '>= 1.2', '< 2.0' - gem 'bcrypt_pbkdf', '>= 1.0', '< 2.0' end # puppet_version = ENV['PUPPET_GEM_VERSION'] # facter_version = ENV['FACTER_GEM_VERSION'] hiera_version = ENV['HIERA_GEM_VERSION'] gems = {} # gems['puppet'] = location_for(puppet_version) # If facter or hiera versions have been specified via the environment # variables # gems['facter'] = location_for(facter_version) if facter_version gems['hiera'] = location_for(hiera_version) if hiera_version if Gem.win_platform? && puppet_version =~ %r{^(file:///|git://)} # If we're using a Puppet gem on Windows which handles its own win32-xxx gem # dependencies (>= 3.5.0), set the maximum versions (see PUP-6445). gems['win32-dir'] = ['<= 0.4.9', require: false] gems['win32-eventlog'] = ['<= 0.6.5', require: false] gems['win32-process'] = ['<= 0.7.5', require: false] gems['win32-security'] = ['<= 0.2.5', require: false] gems['win32-service'] = ['0.8.8', require: false] end gems.each do |gem_name, gem_params| gem gem_name, *gem_params end # Evaluate Gemfile.local and ~/.gemfile if they exist extra_gemfiles = [ "#{__FILE__}.local", File.join(Dir.home, '.gemfile'), ] gem 'facter', path:"/Users/bogdan.irimie/projects/facter" gem 'puppet', path:"/Users/bogdan.irimie/projects/puppet" # gem 'facter' gem 'pry-byebug' extra_gemfiles.each do |gemfile| if File.file?(gemfile) && File.readable?(gemfile) eval(File.read(gemfile), binding) end end # vim: syntax=ruby diff --git a/README.md b/README.md index 74e6758..53f0228 100644 --- a/README.md +++ b/README.md @@ -1,319 +1,321 @@ # apt #### Table of Contents 1. [Module Description - What the module does and why it is useful](#module-description) 1. [Setup - The basics of getting started with apt](#setup) * [What apt affects](#what-apt-affects) * [Beginning with apt](#beginning-with-apt) 1. [Usage - Configuration options and additional functionality](#usage) * [Add GPG keys](#add-gpg-keys) * [Prioritize backports](#prioritize-backports) * [Update the list of packages](#update-the-list-of-packages) * [Pin a specific release](#pin-a-specific-release) * [Add a Personal Package Archive repository](#add-a-personal-package-archive-repository) * [Configure Apt from Hiera](#configure-apt-from-hiera) * [Replace the default sources.list file](#replace-the-default-sourceslist-file) 1. [Reference - An under-the-hood peek at what the module is doing and how](#reference) 1. [Limitations - OS compatibility, etc.](#limitations) 1. [Development - Guide for contributing to the module](#development) ## Module Description The apt module lets you use Puppet to manage APT (Advanced Package Tool) sources, keys, and other configuration options. APT is a package manager available on Debian, Ubuntu, and several other operating systems. The apt module provides a series of classes, defines, types, and facts to help you automate APT package management. **Note**: For this module to correctly autodetect which version of Debian/Ubuntu (or derivative) you're running, you need to make sure the 'lsb-release' package is installed. We highly recommend you either make this part of your provisioning layer, if you run many Debian or derivative systems, or ensure that you have Facter 2.2.0 or later installed, which will pull this dependency in for you. ## Setup ### What apt affects * Your system's `preferences` file and `preferences.d` directory * Your system's `sources.list` file and `sources.list.d` directory * Your system's `apt.conf.d` directory * System repositories * Authentication keys **Note:** This module offers `purge` parameters which, if set to `true`, **destroy** any configuration on the node's `sources.list(.d)`, `preferences(.d)` and `apt.conf.d` that you haven't declared through Puppet. The default for these parameters is `false`. ### Beginning with apt To use the apt module with default parameters, declare the `apt` class. ```puppet include apt ``` **Note:** The main `apt` class is required by all other classes, types, and defined types in this module. You must declare it whenever you use the module. ## Usage ### Add GPG keys **Warning:** Using short key IDs presents a serious security issue, potentially leaving you open to collision attacks. We recommend you always use full fingerprints to identify your GPG keys. This module allows short keys, but issues a security warning if you use them. Declare the `apt::key` defined type: ```puppet apt::key { 'puppetlabs': id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', server => 'pgp.mit.edu', options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"', } ``` ### Prioritize backports ```puppet class { 'apt::backports': pin => 500, } ``` By default, the `apt::backports` class drops a pin file for backports, pinning it to a priority of 200. This is lower than the normal default of 500, so packages with `ensure => latest` don't get upgraded from backports without your explicit permission. If you raise the priority through the `pin` parameter to 500, normal policy goes into effect and Apt installs or upgrades to the newest version. This means that if a package is available from backports, it and its dependencies are pulled in from backports unless you explicitly set the `ensure` attribute of the `package` resource to `installed`/`present` or a specific version. ### Update the list of packages By default, Puppet runs `apt-get update` on the first Puppet run after you include the `apt` class, and anytime `notify => Exec['apt_update']` occurs; i.e., whenever config files get updated or other relevant changes occur. If you set `update['frequency']` to 'always', the update runs on every Puppet run. You can also set `update['frequency']` to 'daily' or 'weekly': ```puppet class { 'apt': update => { frequency => 'daily', }, } ``` -When `Exec['apt_update']` is triggered, it generates a `Notice` message. Because the default [logging level for agents](https://docs.puppet.com/puppet/latest/configuration.html#loglevel) is `notice`, this causes the repository update to appear in logs and agent reports. Some tools, such as [The Foreman](https://www.theforeman.org), report the update notice as a significant change. To eliminate these updates from reports, set the [loglevel](https://docs.puppet.com/puppet/latest/metaparameter.html#loglevel) metaparameter for `Exec['apt_update']` above the agent logging level: +When `Exec['apt_update']` is triggered, it generates a `notice`-level message. Because the default [logging level for agents](https://puppet.com/docs/puppet/latest/configuration.html#loglevel) is `notice`, this causes the repository update to appear in agent logs. To silence these updates from the default log output, set the [loglevel](https://puppet.com/docs/puppet/latest/metaparameter.html#loglevel) metaparameter for `Exec['apt_update']` above the agent logging level: ```puppet class { 'apt': update => { frequency => 'daily', loglevel => 'debug', }, } ``` +> **NOTE:** Every `Exec['apt_update']` run will generate a corrective change, even if the apt caches are not updated. For example, setting an update frequency of `always` can result in every Puppet run resulting in a corrective change. This is a known issue. For details, see [MODULES-10763](https://tickets.puppetlabs.com/browse/MODULES-10763). + ### Pin a specific release ```puppet apt::pin { 'karmic': priority => 700 } apt::pin { 'karmic-updates': priority => 700 } apt::pin { 'karmic-security': priority => 700 } ``` You can also specify more complex pins using distribution properties: ```puppet apt::pin { 'stable': priority => -10, originator => 'Debian', release_version => '3.0', component => 'main', label => 'Debian' } ``` To pin multiple packages, pass them to the `packages` parameter as an array or a space-delimited string. ### Add a Personal Package Archive (PPA) repository ```puppet apt::ppa { 'ppa:drizzle-developers/ppa': } ``` ### Add an Apt source to `/etc/apt/sources.list.d/` ```puppet apt::source { 'debian_unstable': comment => 'This is the iWeb Debian unstable mirror', location => 'http://debian.mirror.iweb.ca/debian/', release => 'unstable', repos => 'main contrib non-free', pin => '-10', key => { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553', 'server' => 'subkeys.pgp.net', }, include => { 'src' => true, 'deb' => true, }, } ``` To use the Puppet Apt repository as a source: ```puppet apt::source { 'puppetlabs': location => 'http://apt.puppetlabs.com', repos => 'main', key => { 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', 'server' => 'pgp.mit.edu', }, } ``` ### Configure Apt from Hiera Instead of specifying your sources directly as resources, you can instead just include the `apt` class, which will pick up the values automatically from hiera. ```yaml apt::sources: 'debian_unstable': comment: 'This is the iWeb Debian unstable mirror' location: 'http://debian.mirror.iweb.ca/debian/' release: 'unstable' repos: 'main contrib non-free' pin: '-10' key: id: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' server: 'subkeys.pgp.net' include: src: true deb: true 'puppetlabs': location: 'http://apt.puppetlabs.com' repos: 'main' key: id: '6F6B15509CF8E59E6E469F327F438280EF8D349F' server: 'pgp.mit.edu' ``` ### Replace the default `sources.list` file The following example replaces the default `/etc/apt/sources.list`. Along with this code, be sure to use the `purge` parameter, or you might get duplicate source warnings when running Apt. ```puppet apt::source { "archive.ubuntu.com-${lsbdistcodename}": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', } apt::source { "archive.ubuntu.com-${lsbdistcodename}-security": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-security" } apt::source { "archive.ubuntu.com-${lsbdistcodename}-updates": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-updates" } apt::source { "archive.ubuntu.com-${lsbdistcodename}-backports": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-backports" } ``` ### Manage login configuration settings for an APT source or proxy in `/etc/apt/auth.conf` Starting with APT version 1.5, you can define login configuration settings, such as username and password, for APT sources or proxies that require authentication in the `/etc/apt/auth.conf` file. This is preferable to embedding login information directly in `source.list` entries, which are usually world-readable. The `/etc/apt/auth.conf` file follows the format of netrc (used by ftp or curl) and has restrictive file permissions. See [here](https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html) for details. Use the optional `apt::auth_conf_entries` parameter to specify an array of hashes containing login configuration settings. These hashes may only contain the `machine`, `login` and `password` keys. ```puppet class { 'apt': auth_conf_entries => [ { 'machine' => 'apt-proxy.example.net', 'login' => 'proxylogin', 'password' => 'proxypassword', }, { 'machine' => 'apt.example.com/ubuntu', 'login' => 'reader', 'password' => 'supersecret', }, ], } ``` ## Reference ### Facts * `apt_updates`: The number of installed packages with available updates from `upgrade`. * `apt_dist_updates`: The number of installed packages with available updates from `dist-upgrade`. * `apt_security_updates`: The number of installed packages with available security updates from `upgrade`. * `apt_security_dist_updates`: The number of installed packages with available security updates from `dist-upgrade`. * `apt_package_updates`: The names of all installed packages with available updates from `upgrade`. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. * `apt_package_dist_updates`: The names of all installed packages with available updates from `dist-upgrade`. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. * `apt_update_last_success`: The date, in epochtime, of the most recent successful `apt-get update` run (based on the mtime of /var/lib/apt/periodic/update-success-stamp). * `apt_reboot_required`: Determines if a reboot is necessary after updates have been installed. ### More Information -See [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-apt/blob/master/REFERENCE.md) for all other reference documentation. +See [REFERENCE.md](https://github.com/puppetlabs/puppetlabs-apt/blob/main/REFERENCE.md) for all other reference documentation. ## Limitations This module is not designed to be split across [run stages](https://docs.puppetlabs.com/puppet/latest/reference/lang_run_stages.html). -For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-apt/blob/master/metadata.json) +For an extensive list of supported operating systems, see [metadata.json](https://github.com/puppetlabs/puppetlabs-apt/blob/main/metadata.json) ### Adding new sources or PPAs If you are adding a new source or PPA and trying to install packages from the new source or PPA on the same Puppet run, your `package` resource should depend on `Class['apt::update']`, as well as depending on the `Apt::Source` or the `Apt::Ppa`. You can also add [collectors](https://docs.puppetlabs.com/puppet/latest/reference/lang_collectors.html) to ensure that all packages happen after `apt::update`, but this can lead to dependency cycles and has implications for [virtual resources](https://docs.puppetlabs.com/puppet/latest/reference/lang_collectors.html#behavior). Before running the command below, ensure that all packages have the provider set to apt. ```puppet Class['apt::update'] -> Package <| provider == 'apt' |> ``` ## Development Acceptance tests for this module leverage [puppet_litmus](https://github.com/puppetlabs/puppet_litmus). To run the acceptance tests follow the instructions [here](https://github.com/puppetlabs/puppet_litmus/wiki/Tutorial:-use-Litmus-to-execute-acceptance-tests-with-a-sample-module-(MoTD)#install-the-necessary-gems-for-the-module). You can also find a tutorial and walkthrough of using Litmus and the PDK on [YouTube](https://www.youtube.com/watch?v=FYfR7ZEGHoE). If you run into an issue with this module, or if you would like to request a feature, please [file a ticket](https://tickets.puppetlabs.com/browse/MODULES/). Every Monday the Puppet IA Content Team has [office hours](https://puppet.com/community/office-hours) in the [Puppet Community Slack](http://slack.puppet.com/), alternating between an EMEA friendly time (1300 UTC) and an Americas friendly time (0900 Pacific, 1700 UTC). If you have problems getting this module up and running, please [contact Support](http://puppetlabs.com/services/customer-support). If you submit a change to this module, be sure to regenerate the reference documentation as follows: ```bash puppet strings generate --format markdown --out REFERENCE.md ``` diff --git a/REFERENCE.md b/REFERENCE.md index 90a2246..f605df1 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -1,1013 +1,1015 @@ # Reference + ## Table of Contents -**Classes** +### Classes -_Public Classes_ +#### Public Classes * [`apt`](#apt): Main class, includes all other classes. * [`apt::backports`](#aptbackports): Manages backports. -_Private Classes_ +#### Private Classes * `apt::params`: Provides defaults for the Apt module parameters. * `apt::update`: Updates the list of available packages using apt-get update. -**Defined types** +### Defined types * [`apt::conf`](#aptconf): Specifies a custom Apt configuration file. * [`apt::key`](#aptkey): Manages the GPG keys that Apt uses to authenticate packages. * [`apt::mark`](#aptmark): defined typeapt::mark * [`apt::pin`](#aptpin): Manages Apt pins. Does not trigger an apt-get update run. * [`apt::ppa`](#aptppa): Manages PPA repositories using `add-apt-repository`. Not supported on Debian. * [`apt::setting`](#aptsetting): Manages Apt configuration files. * [`apt::source`](#aptsource): Manages the Apt sources in /etc/apt/sources.list.d/. -**Resource types** +### Resource types -_Public Resource types_ +#### Public Resource types -_Private Resource types_ +#### Private Resource types * `apt_key`: This type provides Puppet with the capabilities to manage GPG keys needed by apt to perform package validation. Apt has it's own GPG keyring that can be manipulated through the `apt-key` command. -**Data types** +### Data types * [`Apt::Auth_conf_entry`](#aptauth_conf_entry): Login configuration settings that are recorded in the file `/etc/apt/auth.conf`. * [`Apt::Proxy`](#aptproxy): Configures Apt to connect to a proxy server. -**Tasks** +### Tasks * [`init`](#init): Allows you to perform apt functions ## Classes -### apt +### `apt` Main class, includes all other classes. * **See also** -https://docs.puppetlabs.com/references/latest/function.html#createresources -for the create resource function + * https://docs.puppetlabs.com/references/latest/function.html#createresources + * for the create resource function #### Parameters The following parameters are available in the `apt` class. ##### `provider` Data type: `String` Specifies the provider that should be used by apt::update. -Default value: $apt::params::provider +Default value: `$apt::params::provider` ##### `keyserver` Data type: `String` Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or hkp://). -Default value: $apt::params::keyserver +Default value: `$apt::params::keyserver` ##### `key_options` Data type: `Optional[String]` Specifies the default options for apt::key resources. -Default value: $apt::params::key_options +Default value: `$apt::params::key_options` ##### `ppa_options` Data type: `Optional[String]` Supplies options to be passed to the `add-apt-repository` command. -Default value: $apt::params::ppa_options +Default value: `$apt::params::ppa_options` ##### `ppa_package` Data type: `Optional[String]` Names the package that provides the `apt-add-repository` command. -Default value: $apt::params::ppa_package +Default value: `$apt::params::ppa_package` ##### `backports` Data type: `Optional[Hash]` Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys: Options: * **:location** `String`: See apt::backports for documentation. * **:repos** `String`: See apt::backports for documentation. * **:key** `String`: See apt::backports for documentation. -Default value: $apt::params::backports +Default value: `$apt::params::backports` ##### `confs` Data type: `Hash` Creates new `apt::conf` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::confs +Default value: `$apt::params::confs` ##### `update` Data type: `Hash` Configures various update settings. Valid options: a hash made up from the following keys: Options: * **:frequency** `String`: Specifies how often to run `apt-get update`. If the exec resource `apt_update` is notified, `apt-get update` runs regardless of this value. Valid options: 'always' (at every Puppet run); 'daily' (if the value of `apt_update_last_success` is less than current epoch time minus 86400); 'weekly' (if the value of `apt_update_last_success` is less than current epoch time minus 604800); and 'reluctantly' (only if the exec resource `apt_update` is notified). Default: 'reluctantly'. * **:loglevel** `Integer`: Specifies the log level of logs outputted to the console. Default: undef. * **:timeout** `Integer`: Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef. * **:tries** `Integer`: Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef. -Default value: $apt::params::update +Default value: `$apt::params::update` ##### `purge` Data type: `Hash` Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys: Options: * **:sources.list** `Boolean`: Specifies whether to purge any unmanaged entries from sources.list. Default false. * **:sources.list.d** `Boolean`: Specifies whether to purge any unmanaged entries from sources.list.d. Default false. * **:preferences** `Boolean`: Specifies whether to purge any unmanaged entries from preferences. Default false. * **:preferences.d.** `Boolean`: Specifies whether to purge any unmanaged entries from preferences.d. Default false. -Default value: $apt::params::purge +Default value: `$apt::params::purge` ##### `proxy` Data type: `Apt::Proxy` Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy. -Default value: $apt::params::proxy +Default value: `$apt::params::proxy` ##### `sources` Data type: `Hash` Creates new `apt::source` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::sources +Default value: `$apt::params::sources` ##### `keys` Data type: `Hash` Creates new `apt::key` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::keys +Default value: `$apt::params::keys` ##### `ppas` Data type: `Hash` Creates new `apt::ppa` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::ppas +Default value: `$apt::params::ppas` ##### `pins` Data type: `Hash` Creates new `apt::pin` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::pins +Default value: `$apt::params::pins` ##### `settings` Data type: `Hash` Creates new `apt::setting` resources. Valid options: a hash to be passed to the create_resources function linked above. -Default value: $apt::params::settings +Default value: `$apt::params::settings` ##### `manage_auth_conf` Data type: `Boolean` Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent. -Default value: $apt::params::manage_auth_conf +Default value: `$apt::params::manage_auth_conf` ##### `auth_conf_entries` Data type: `Array[Apt::Auth_conf_entry]` An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent. -Default value: $apt::params::auth_conf_entries +Default value: `$apt::params::auth_conf_entries` ##### `auth_conf_owner` Data type: `String` The owner of the file /etc/apt/auth.conf. Default: '_apt' or 'root' on old releases. -Default value: $apt::params::auth_conf_owner +Default value: `$apt::params::auth_conf_owner` ##### `root` Data type: `String` Specifies root directory of Apt executable. -Default value: $apt::params::root +Default value: `$apt::params::root` ##### `sources_list` Data type: `String` Specifies the path of the sources_list file to use. -Default value: $apt::params::sources_list +Default value: `$apt::params::sources_list` ##### `sources_list_d` Data type: `String` Specifies the path of the sources_list.d file to use. -Default value: $apt::params::sources_list_d +Default value: `$apt::params::sources_list_d` ##### `conf_d` Data type: `String` Specifies the path of the conf.d file to use. -Default value: $apt::params::conf_d +Default value: `$apt::params::conf_d` ##### `preferences` Data type: `String` Specifies the path of the preferences file to use. -Default value: $apt::params::preferences +Default value: `$apt::params::preferences` ##### `preferences_d` Data type: `String` Specifies the path of the preferences.d file to use. -Default value: $apt::params::preferences_d +Default value: `$apt::params::preferences_d` ##### `config_files` Data type: `Hash` A hash made up of the various configuration files used by Apt. -Default value: $apt::params::config_files +Default value: `$apt::params::config_files` ##### `update_defaults` Data type: `Hash` -Default value: $apt::params::update_defaults +Default value: `$apt::params::update_defaults` ##### `purge_defaults` Data type: `Hash` -Default value: $apt::params::purge_defaults +Default value: `$apt::params::purge_defaults` ##### `proxy_defaults` Data type: `Hash` -Default value: $apt::params::proxy_defaults +Default value: `$apt::params::proxy_defaults` ##### `include_defaults` Data type: `Hash` -Default value: $apt::params::include_defaults +Default value: `$apt::params::include_defaults` ##### `apt_conf_d` Data type: `String` -Default value: $apt::params::apt_conf_d +Default value: `$apt::params::apt_conf_d` ##### `source_key_defaults` Data type: `Hash` -Default value: $apt::params::source_key_defaults +Default value: `$apt::params::source_key_defaults` -### apt::backports +### `apt::backports` Manages backports. #### Examples ##### Set up a backport for linuxmint qiana ```puppet apt::backports { 'qiana': location => 'http://us.archive.ubuntu.com/ubuntu', release => 'trusty-backports', repos => 'main universe multiverse restricted', key => { id => '630239CC130E1A7FD81A27B140976EAF437D05B5', server => 'hkps.pool.sks-keyservers.net', }, } ``` #### Parameters The following parameters are available in the `apt::backports` class. ##### `location` Data type: `Optional[String]` Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and Ubuntu varies: - Debian: 'http://deb.debian.org/debian' - Ubuntu: 'http://archive.ubuntu.com/ubuntu' -Default value: `undef` +Default value: ``undef`` ##### `release` Data type: `Optional[String]` Specifies a distribution of the Apt repository containing the backports to manage. Used in populating the `source.list` configuration file. Default: on Debian and Ubuntu, '${lsbdistcodename}-backports'. We recommend keeping this default, except on other operating systems. -Default value: `undef` +Default value: ``undef`` ##### `repos` Data type: `Optional[String]` Specifies a component of the Apt repository containing the backports to manage. Used in populating the `source.list` configuration file. Default value for Debian and Ubuntu varies: - Debian: 'main contrib non-free' - Ubuntu: 'main universe multiverse restricted' -Default value: `undef` +Default value: ``undef`` ##### `key` Data type: `Optional[Variant[String, Hash]]` Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters. Default value for Debian and Ubuntu varies: - Debian: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' - Ubuntu: '630239CC130E1A7FD81A27B140976EAF437D05B5' -Default value: `undef` +Default value: ``undef`` ##### `pin` Data type: `Optional[Variant[Integer, String, Hash]]` Specifies a pin priority for the backports. Valid options: a number or string to be passed to the `id` parameter of the `apt::pin` defined type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters. -Default value: 200 +Default value: `200` ##### `include` Data type: `Optional[Variant[Hash]]` Specifies whether to include 'deb' or 'src', or both. -Default value: {} +Default value: `{}` ## Defined types -### apt::conf +### `apt::conf` Specifies a custom Apt configuration file. #### Parameters The following parameters are available in the `apt::conf` defined type. ##### `content` Data type: `Optional[String]` Required unless `ensure` is set to 'absent'. Directly supplies content for the configuration file. -Default value: `undef` +Default value: ``undef`` ##### `ensure` Data type: `Enum['present', 'absent']` Specifies whether the configuration file should exist. Valid options: 'present' and 'absent'. -Default value: present +Default value: `present` ##### `priority` Data type: `Variant[String, Integer]` Determines the order in which Apt processes the configuration file. Files with lower priority numbers are loaded first. Valid options: a string containing an integer or an integer. -Default value: 50 +Default value: `50` ##### `notify_update` Data type: `Optional[Boolean]` Specifies whether to trigger an `apt-get update` run. -Default value: `undef` +Default value: ``undef`` -### apt::key +### `apt::key` Manages the GPG keys that Apt uses to authenticate packages. * **Note** The apt::key defined type makes use of the apt_key type, but includes extra functionality to help prevent duplicate keys. #### Examples ##### Declare Apt key for apt.puppetlabs.com source ```puppet apt::key { 'puppetlabs': id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', server => 'hkps.pool.sks-keyservers.net', options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"', } ``` #### Parameters The following parameters are available in the `apt::key` defined type. ##### `id` Data type: `Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/]` Specifies a GPG key to authenticate Apt package signatures. Valid options: a string containing a key ID (8 or 16 hexadecimal characters, optionally prefixed with "0x") or a full key fingerprint (40 hexadecimal characters). -Default value: $title +Default value: `$title` ##### `ensure` Data type: `Enum['present', 'absent', 'refreshed']` Specifies whether the key should exist. Valid options: 'present', 'absent' or 'refreshed'. Using 'refreshed' will make keys auto update when they have expired (assuming a new key exists on the key server). -Default value: present +Default value: `present` ##### `content` Data type: `Optional[String]` Supplies the entire GPG key. Useful in case the key can't be fetched from a remote location and using a file resource is inconvenient. -Default value: `undef` +Default value: ``undef`` ##### `source` Data type: `Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]]` Specifies the location of an existing GPG key file to copy. Valid options: a string containing a URL (ftp://, http://, or https://) or an absolute path. -Default value: `undef` +Default value: ``undef`` ##### `server` Data type: `Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$/]` Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, hkp:// or hkps://). The hkps:// protocol is currently only supported on Ubuntu 18.04. -Default value: $::apt::keyserver +Default value: `$::apt::keyserver` ##### `weak_ssl` Data type: `Boolean` Specifies whether strict SSL verification on a https URL should be disabled. Valid options: true or false. -Default value: `false` +Default value: ``false`` ##### `options` Data type: `Optional[String]` Passes additional options to `apt-key adv --keyserver-options`. -Default value: $::apt::key_options +Default value: `$::apt::key_options` -### apt::mark +### `apt::mark` defined typeapt::mark #### Parameters The following parameters are available in the `apt::mark` defined type. ##### `setting` Data type: `Enum['auto','manual','hold','unhold']` auto, manual, hold, unhold specifies the behavior of apt in case of no more dependencies installed https://manpages.debian.org/sretch/apt/apt-mark.8.en.html -### apt::pin +### `apt::pin` Manages Apt pins. Does not trigger an apt-get update run. * **See also** -http://linux.die.net/man/5/apt_preferences -for context on these parameters + * http://linux.die.net/man/5/apt_preferences + * for context on these parameters #### Parameters The following parameters are available in the `apt::pin` defined type. ##### `ensure` Data type: `Optional[Enum['file', 'present', 'absent']]` Specifies whether the pin should exist. Valid options: 'file', 'present', and 'absent'. -Default value: present +Default value: `present` ##### `explanation` Data type: `Optional[String]` Supplies a comment to explain the pin. Default: "${caller_module_name}: ${name}". -Default value: `undef` +Default value: ``undef`` ##### `order` Data type: `Variant[Integer]` Determines the order in which Apt processes the pin file. Files with lower order numbers are loaded first. -Default value: 50 +Default value: `50` ##### `packages` Data type: `Variant[String, Array]` Specifies which package(s) to pin. -Default value: '*' +Default value: `'*'` ##### `priority` Data type: `Variant[Numeric, String]` Sets the priority of the package. If multiple versions of a given package are available, `apt-get` installs the one with the highest priority number (subject to dependency constraints). Valid options: an integer. -Default value: 0 +Default value: `0` ##### `release` Data type: `Optional[String]` Tells APT to prefer packages that support the specified release. Typical values include 'stable', 'testing', and 'unstable'. -Default value: '' +Default value: `''` ##### `release_version` Data type: `Optional[String]` Tells APT to prefer packages that support the specified operating system release version (such as Debian release version 7). -Default value: '' +Default value: `''` ##### `component` Data type: `Optional[String]` Names the licensing component associated with the packages in the directory tree of the Release file. -Default value: '' +Default value: `''` ##### `originator` Data type: `Optional[String]` Names the originator of the packages in the directory tree of the Release file. -Default value: '' +Default value: `''` ##### `label` Data type: `Optional[String]` Names the label of the packages in the directory tree of the Release file. -Default value: '' +Default value: `''` ##### `origin` Data type: `Optional[String]` -Default value: '' +Default value: `''` ##### `version` Data type: `Optional[String]` -Default value: '' +Default value: `''` ##### `codename` Data type: `Optional[String]` -Default value: '' +Default value: `''` -### apt::ppa +### `apt::ppa` Manages PPA repositories using `add-apt-repository`. Not supported on Debian. #### Examples ##### Example declaration of an Apt PPA ```puppet apt::ppa{ 'ppa:openstack-ppa/bleeding-edge': } ``` #### Parameters The following parameters are available in the `apt::ppa` defined type. ##### `ensure` Data type: `String` Specifies whether the PPA should exist. Valid options: 'present' and 'absent'. -Default value: 'present' +Default value: `'present'` ##### `options` Data type: `Optional[String]` Supplies options to be passed to the `add-apt-repository` command. Default: '-y'. -Default value: $::apt::ppa_options +Default value: `$::apt::ppa_options` ##### `release` Data type: `Optional[String]` Optional if lsb-release is installed (unless you're using a different release than indicated by lsb-release, e.g., Linux Mint). Specifies the operating system of your node. Valid options: a string containing a valid LSB distribution codename. -Default value: $facts['lsbdistcodename'] +Default value: `$facts['lsbdistcodename']` ##### `dist` Data type: `Optional[String]` Optional if lsb-release is installed (unless you're using a different release than indicated by lsb-release, e.g., Linux Mint). Specifies the distribution of your node. Valid options: a string containing a valid distribution codename. -Default value: $facts['lsbdistid'] +Default value: `$facts['lsbdistid']` ##### `package_name` Data type: `Optional[String]` Names the package that provides the `apt-add-repository` command. Default: 'software-properties-common'. -Default value: $::apt::ppa_package +Default value: `$::apt::ppa_package` ##### `package_manage` Data type: `Boolean` Specifies whether Puppet should manage the package that provides `apt-add-repository`. -Default value: `false` +Default value: ``false`` -### apt::setting +### `apt::setting` Manages Apt configuration files. * **See also** -https://docs.puppetlabs.com/references/latest/type.html#file-attributes -for more information on source and content parameters + * https://docs.puppetlabs.com/references/latest/type.html#file-attributes + * for more information on source and content parameters #### Parameters The following parameters are available in the `apt::setting` defined type. ##### `priority` Data type: `Variant[String, Integer, Array]` Determines the order in which Apt processes the configuration file. Files with higher priority numbers are loaded first. -Default value: 50 +Default value: `50` ##### `ensure` Data type: `Optional[Enum['file', 'present', 'absent']]` Specifies whether the file should exist. Valid options: 'present', 'absent', and 'file'. -Default value: file +Default value: `file` ##### `source` Data type: `Optional[String]` Required, unless `content` is set. Specifies a source file to supply the content of the configuration file. Cannot be used in combination with `content`. Valid options: see link above for Puppet's native file type source attribute. -Default value: `undef` +Default value: ``undef`` ##### `content` Data type: `Optional[String]` Required, unless `source` is set. Directly supplies content for the configuration file. Cannot be used in combination with `source`. Valid options: see link above for Puppet's native file type content attribute. -Default value: `undef` +Default value: ``undef`` ##### `notify_update` Data type: `Boolean` Specifies whether to trigger an `apt-get update` run. -Default value: `true` +Default value: ``true`` -### apt::source +### `apt::source` Manages the Apt sources in /etc/apt/sources.list.d/. #### Examples ##### Install the puppetlabs apt source ```puppet apt::source { 'puppetlabs': location => 'http://apt.puppetlabs.com', repos => 'main', key => { id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', server => 'hkps.pool.sks-keyservers.net', }, } ``` #### Parameters The following parameters are available in the `apt::source` defined type. ##### `location` Data type: `Optional[String]` Required, unless ensure is set to 'absent'. Specifies an Apt repository. Valid options: a string containing a repository URL. -Default value: `undef` +Default value: ``undef`` ##### `comment` Data type: `String` Supplies a comment for adding to the Apt source file. -Default value: $name +Default value: `$name` ##### `ensure` Data type: `String` Specifies whether the Apt source file should exist. Valid options: 'present' and 'absent'. -Default value: present +Default value: `present` ##### `release` Data type: `Optional[String]` Specifies a distribution of the Apt repository. -Default value: `undef` +Default value: ``undef`` ##### `repos` Data type: `String` Specifies a component of the Apt repository. -Default value: 'main' +Default value: `'main'` ##### `include` Data type: `Optional[Variant[Hash]]` Configures include options. Valid options: a hash of available keys. Options: * **:deb** `Boolean`: Specifies whether to request the distribution's compiled binaries. Default true. * **:src** `Boolean`: Specifies whether to request the distribution's uncompiled source code. Default false. -Default value: {} +Default value: `{}` ##### `key` Data type: `Optional[Variant[String, Hash]]` Creates a declaration of the apt::key defined type. Valid options: a string to be passed to the `id` parameter of the `apt::key` defined type, or a hash of `parameter => value` pairs to be passed to `apt::key`'s `id`, `server`, `content`, `source`, and/or `options` parameters. -Default value: `undef` +Default value: ``undef`` ##### `pin` Data type: `Optional[Variant[Hash, Numeric, String]]` Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the `id` parameter of the `apt::pin` defined type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters. -Default value: `undef` +Default value: ``undef`` ##### `architecture` Data type: `Optional[String]` Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). Default: undef (if unspecified, Apt downloads information for all architectures defined in the Apt::Architectures option). -Default value: `undef` +Default value: ``undef`` ##### `allow_unsigned` Data type: `Boolean` Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked. -Default value: `false` +Default value: ``false`` ##### `notify_update` Data type: `Boolean` Specifies whether to trigger an `apt-get update` run. -Default value: `true` +Default value: ``true`` ## Resource types ## Data types -### Apt::Auth_conf_entry +### `Apt::Auth_conf_entry` Login configuration settings that are recorded in the file `/etc/apt/auth.conf`. * **See also** -https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html -for more information + * https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html + * for more information Alias of `Struct[{ machine => String[1], login => String, password => String }]` #### Parameters The following parameters are available in the `Apt::Auth_conf_entry` data type. ##### `machine` Hostname of machine to connect to. ##### `login` Specifies the username to connect with. ##### `password` Specifies the password to connect with. -### Apt::Proxy +### `Apt::Proxy` Configures Apt to connect to a proxy server. Alias of `Struct[{ - ensure => Optional[Enum['file', 'present', 'absent']], - host => Optional[String], - port => Optional[Integer[0, 65535]], - https => Optional[Boolean], - direct => Optional[Boolean], + ensure => Optional[Enum['file', 'present', 'absent']], + host => Optional[String], + port => Optional[Integer[0, 65535]], + https => Optional[Boolean], + https_acng => Optional[Boolean], + direct => Optional[Boolean], }]` #### Parameters The following parameters are available in the `Apt::Proxy` data type. ##### `ensure` Specifies whether the proxy should exist. Valid options: 'file', 'present', and 'absent'. Prefer 'file' over 'present'. ##### `host` Specifies a proxy host to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: a string containing a hostname. ##### `port` Specifies a proxy port to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: an integer containing a port number. ##### `https` Specifies whether to enable https proxies. ##### `direct` Specifies whether or not to use a `DIRECT` https proxy if http proxy is used but https is not. ## Tasks -### init +### `init` Allows you to perform apt functions **Supports noop?** false #### Parameters ##### `action` Data type: `Enum[update, upgrade, dist-upgrade, autoremove]` Action to perform diff --git a/Rakefile b/Rakefile index d1ab1bc..f8ec754 100644 --- a/Rakefile +++ b/Rakefile @@ -1,89 +1,88 @@ # frozen_string_literal: true require 'puppet_litmus/rake_tasks' if Bundler.rubygems.find_name('puppet_litmus').any? require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-syntax/tasks/puppet-syntax' require 'puppet_blacksmith/rake_tasks' if Bundler.rubygems.find_name('puppet-blacksmith').any? require 'github_changelog_generator/task' if Bundler.rubygems.find_name('github_changelog_generator').any? require 'puppet-strings/tasks' if Bundler.rubygems.find_name('puppet-strings').any? require 'puppet_pot_generator/rake_tasks' def changelog_user return unless Rake.application.top_level_tasks.include? "changelog" returnVal = nil || JSON.load(File.read('metadata.json'))['author'] raise "unable to find the changelog_user in .sync.yml, or the author in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator user:#{returnVal}" returnVal end def changelog_project return unless Rake.application.top_level_tasks.include? "changelog" returnVal = nil returnVal ||= begin metadata_source = JSON.load(File.read('metadata.json'))['source'] metadata_source_match = metadata_source && metadata_source.match(%r{.*\/([^\/]*?)(?:\.git)?\Z}) metadata_source_match && metadata_source_match[1] end raise "unable to find the changelog_project in .sync.yml or calculate it from the source in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator project:#{returnVal}" returnVal end def changelog_future_release return unless Rake.application.top_level_tasks.include? "changelog" returnVal = "v%s" % JSON.load(File.read('metadata.json'))['version'] raise "unable to find the future_release (version) in metadata.json" if returnVal.nil? puts "GitHubChangelogGenerator future_release:#{returnVal}" returnVal end PuppetLint.configuration.send('disable_relative') if Bundler.rubygems.find_name('github_changelog_generator').any? GitHubChangelogGenerator::RakeTask.new :changelog do |config| raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil? config.user = "#{changelog_user}" config.project = "#{changelog_project}" config.future_release = "#{changelog_future_release}" config.exclude_labels = ['maintenance'] config.header = "# Change log\n\nAll notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org)." config.add_pr_wo_labels = true config.issues = false - config.merge_prefix = "### UNCATEGORIZED PRS; GO LABEL THEM" + config.merge_prefix = "### UNCATEGORIZED PRS; LABEL THEM ON GITHUB" config.configure_sections = { "Changed" => { "prefix" => "### Changed", "labels" => ["backwards-incompatible"], }, "Added" => { "prefix" => "### Added", - "labels" => ["feature", "enhancement"], + "labels" => ["enhancement", "feature"], }, "Fixed" => { "prefix" => "### Fixed", - "labels" => ["bugfix"], + "labels" => ["bug", "documentation", "bugfix"], }, } end else desc 'Generate a Changelog from GitHub' task :changelog do raise <= Gem::Version.new('2.2.2')" + version: '~> 1.15' + condition: "Gem::Version.new(RUBY_VERSION.dup) >= Gem::Version.new('2.3.0')" EOM end end diff --git a/manifests/init.pp b/manifests/init.pp index d2aead9..fcfb09c 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,319 +1,344 @@ # @summary Main class, includes all other classes. # # @see https://docs.puppetlabs.com/references/latest/function.html#createresources for the create resource function # # @param provider # Specifies the provider that should be used by apt::update. # # @param keyserver # Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or # hkp://). # # @param key_options # Specifies the default options for apt::key resources. # # @param ppa_options # Supplies options to be passed to the `add-apt-repository` command. # # @param ppa_package # Names the package that provides the `apt-add-repository` command. # # @param backports # Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys: # # @option backports [String] :location # See apt::backports for documentation. # # @option backports [String] :repos # See apt::backports for documentation. # # @option backports [String] :key # See apt::backports for documentation. # # @param confs # Creates new `apt::conf` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param update # Configures various update settings. Valid options: a hash made up from the following keys: # # @option update [String] :frequency # Specifies how often to run `apt-get update`. If the exec resource `apt_update` is notified, `apt-get update` runs regardless of this value. # Valid options: 'always' (at every Puppet run); 'daily' (if the value of `apt_update_last_success` is less than current epoch time minus 86400); # 'weekly' (if the value of `apt_update_last_success` is less than current epoch time minus 604800); and 'reluctantly' (only if the exec resource # `apt_update` is notified). Default: 'reluctantly'. # # @option update [Integer] :loglevel # Specifies the log level of logs outputted to the console. Default: undef. # # @option update [Integer] :timeout # Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef. # # @option update [Integer] :tries # Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef. # # @param purge # Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys: # # @option purge [Boolean] :sources.list # Specifies whether to purge any unmanaged entries from sources.list. Default false. # # @option purge [Boolean] :sources.list.d # Specifies whether to purge any unmanaged entries from sources.list.d. Default false. # # @option purge [Boolean] :preferences # Specifies whether to purge any unmanaged entries from preferences. Default false. # # @option purge [Boolean] :preferences.d. # Specifies whether to purge any unmanaged entries from preferences.d. Default false. # # @param proxy # Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy. # # @param sources # Creates new `apt::source` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param keys # Creates new `apt::key` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param ppas # Creates new `apt::ppa` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param pins # Creates new `apt::pin` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param settings # Creates new `apt::setting` resources. Valid options: a hash to be passed to the create_resources function linked above. # # @param manage_auth_conf # Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in # the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent. # # @param auth_conf_entries # An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like # format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See # https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and # password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent. # # @param auth_conf_owner # The owner of the file /etc/apt/auth.conf. Default: '_apt' or 'root' on old releases. # # @param root # Specifies root directory of Apt executable. # # @param sources_list # Specifies the path of the sources_list file to use. # # @param sources_list_d # Specifies the path of the sources_list.d file to use. # # @param conf_d # Specifies the path of the conf.d file to use. # # @param preferences # Specifies the path of the preferences file to use. # # @param preferences_d # Specifies the path of the preferences.d file to use. # # @param config_files # A hash made up of the various configuration files used by Apt. # +# @param sources_list_force +# Specifies whether to perform force purge or delete. Default false. +# class apt ( Hash $update_defaults = $apt::params::update_defaults, Hash $purge_defaults = $apt::params::purge_defaults, Hash $proxy_defaults = $apt::params::proxy_defaults, Hash $include_defaults = $apt::params::include_defaults, String $provider = $apt::params::provider, String $keyserver = $apt::params::keyserver, Optional[String] $key_options = $apt::params::key_options, Optional[String] $ppa_options = $apt::params::ppa_options, Optional[String] $ppa_package = $apt::params::ppa_package, Optional[Hash] $backports = $apt::params::backports, Hash $confs = $apt::params::confs, Hash $update = $apt::params::update, Hash $purge = $apt::params::purge, Apt::Proxy $proxy = $apt::params::proxy, Hash $sources = $apt::params::sources, Hash $keys = $apt::params::keys, Hash $ppas = $apt::params::ppas, Hash $pins = $apt::params::pins, Hash $settings = $apt::params::settings, Boolean $manage_auth_conf = $apt::params::manage_auth_conf, Array[Apt::Auth_conf_entry] $auth_conf_entries = $apt::params::auth_conf_entries, String $auth_conf_owner = $apt::params::auth_conf_owner, String $root = $apt::params::root, String $sources_list = $apt::params::sources_list, String $sources_list_d = $apt::params::sources_list_d, String $conf_d = $apt::params::conf_d, String $preferences = $apt::params::preferences, String $preferences_d = $apt::params::preferences_d, String $apt_conf_d = $apt::params::apt_conf_d, Hash $config_files = $apt::params::config_files, Hash $source_key_defaults = $apt::params::source_key_defaults, + Boolean $sources_list_force = $apt::params::sources_list_force, ) inherits apt::params { if $facts['osfamily'] != 'Debian' { fail(translate('This module only works on Debian or derivatives like Ubuntu')) } if $update['frequency'] { assert_type( Enum['always','daily','weekly','reluctantly'], $update['frequency'], ) } if $update['timeout'] { assert_type(Integer, $update['timeout']) } if $update['tries'] { assert_type(Integer, $update['tries']) } $_update = merge($::apt::update_defaults, $update) include ::apt::update if $purge['sources.list'] { assert_type(Boolean, $purge['sources.list']) } if $purge['sources.list.d'] { assert_type(Boolean, $purge['sources.list.d']) } if $purge['preferences'] { assert_type(Boolean, $purge['preferences']) } if $purge['preferences.d'] { assert_type(Boolean, $purge['preferences.d']) } + if $sources_list_force { + assert_type(Boolean, $sources_list_force) + } if $purge['apt.conf.d'] { assert_type(Boolean, $purge['apt.conf.d']) } $_purge = merge($::apt::purge_defaults, $purge) $_proxy = merge($apt::proxy_defaults, $proxy) $confheadertmp = epp('apt/_conf_header.epp') $proxytmp = epp('apt/proxy.epp', {'proxies' => $_proxy}) $updatestamptmp = epp('apt/15update-stamp.epp') if $_proxy['ensure'] == 'absent' or $_proxy['host'] { apt::setting { 'conf-proxy': ensure => $_proxy['ensure'], priority => '01', content => "${confheadertmp}${proxytmp}", } } - $sources_list_ensure = $_purge['sources.list'] ? { - true => absent, - default => file, + if $sources_list_force { + $sources_list_ensure = $_purge['sources.list'] ? { + true => absent, + default => file, + } + $sources_list_content = $_purge['sources.list'] ? { + true => nil, + default => undef, + } } + else + { + $sources_list_ensure = $_purge['sources.list'] ? { + true => file, + default => file, + } + $sources_list_content = $_purge['sources.list'] ? { + true => "# Repos managed by puppet.\n", + default => undef, + } + } $preferences_ensure = $_purge['preferences'] ? { true => absent, default => file, } if $_update['frequency'] == 'always' { Exec <| title=='apt_update' |> { refreshonly => false, } } apt::setting { 'conf-update-stamp': priority => 15, content => "${confheadertmp}${updatestamptmp}", } file { 'sources.list': - ensure => $sources_list_ensure, - path => $::apt::sources_list, - owner => root, - group => root, - notify => Class['apt::update'], + ensure => $sources_list_ensure, + path => $::apt::sources_list, + owner => root, + group => root, + content => $sources_list_content, + notify => Class['apt::update'], } file { 'sources.list.d': ensure => directory, path => $::apt::sources_list_d, owner => root, group => root, purge => $_purge['sources.list.d'], recurse => $_purge['sources.list.d'], notify => Class['apt::update'], } file { 'preferences': ensure => $preferences_ensure, path => $::apt::preferences, owner => root, group => root, notify => Class['apt::update'], } file { 'preferences.d': ensure => directory, path => $::apt::preferences_d, owner => root, group => root, purge => $_purge['preferences.d'], recurse => $_purge['preferences.d'], notify => Class['apt::update'], } file { 'apt.conf.d': ensure => directory, path => $::apt::apt_conf_d, owner => root, group => root, purge => $_purge['apt.conf.d'], recurse => $_purge['apt.conf.d'], notify => Class['apt::update'], } if $confs { create_resources('apt::conf', $confs) } # manage sources if present if $sources { create_resources('apt::source', $sources) } # manage keys if present if $keys { create_resources('apt::key', $keys) } # manage ppas if present if $ppas { create_resources('apt::ppa', $ppas) } # manage settings if present if $settings { create_resources('apt::setting', $settings) } if $manage_auth_conf { $auth_conf_ensure = $auth_conf_entries ? { [] => 'absent', default => 'present', } $auth_conf_tmp = epp('apt/auth_conf.epp') file { '/etc/apt/auth.conf': ensure => $auth_conf_ensure, owner => $auth_conf_owner, group => 'root', mode => '0600', content => "${confheadertmp}${auth_conf_tmp}", notify => Class['apt::update'], } } # manage pins if present if $pins { create_resources('apt::pin', $pins) } # required for adding GPG keys on Debian 9 (and derivatives) ensure_packages(['gnupg']) } diff --git a/manifests/params.pp b/manifests/params.pp index 149e4c9..c648c4e 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,123 +1,124 @@ # @summary Provides defaults for the Apt module parameters. # # @api private # class apt::params { if $::osfamily != 'Debian' { fail(translate('This module only works on Debian or derivatives like Ubuntu')) } - $root = '/etc/apt' - $provider = '/usr/bin/apt-get' - $sources_list = "${root}/sources.list" - $sources_list_d = "${root}/sources.list.d" - $trusted_gpg_d = "${root}/trusted.gpg.d" - $conf_d = "${root}/apt.conf.d" - $preferences = "${root}/preferences" - $preferences_d = "${root}/preferences.d" - $apt_conf_d = "${root}/apt.conf.d" - $keyserver = 'keyserver.ubuntu.com' - $key_options = undef - $confs = {} - $update = {} - $purge = {} - $proxy = {} - $sources = {} - $keys = {} - $ppas = {} - $pins = {} - $settings = {} - $manage_auth_conf = true - $auth_conf_entries = [] + $root = '/etc/apt' + $provider = '/usr/bin/apt-get' + $sources_list = "${root}/sources.list" + $sources_list_force = false + $sources_list_d = "${root}/sources.list.d" + $trusted_gpg_d = "${root}/trusted.gpg.d" + $conf_d = "${root}/apt.conf.d" + $preferences = "${root}/preferences" + $preferences_d = "${root}/preferences.d" + $apt_conf_d = "${root}/apt.conf.d" + $keyserver = 'keyserver.ubuntu.com' + $key_options = undef + $confs = {} + $update = {} + $purge = {} + $proxy = {} + $sources = {} + $keys = {} + $ppas = {} + $pins = {} + $settings = {} + $manage_auth_conf = true + $auth_conf_entries = [] $config_files = { 'conf' => { 'path' => $conf_d, 'ext' => '', }, 'pref' => { 'path' => $preferences_d, 'ext' => '.pref', }, 'list' => { 'path' => $sources_list_d, 'ext' => '.list', } } $update_defaults = { 'frequency' => 'reluctantly', 'loglevel' => undef, 'timeout' => undef, 'tries' => undef, } $proxy_defaults = { 'ensure' => undef, 'host' => undef, 'port' => 8080, 'https' => false, 'https_acng' => false, 'direct' => false, } $purge_defaults = { 'sources.list' => false, 'sources.list.d' => false, 'preferences' => false, 'preferences.d' => false, 'apt.conf.d' => false, } $source_key_defaults = { 'server' => $keyserver, 'options' => undef, 'content' => undef, 'source' => undef, } $include_defaults = { 'deb' => true, 'src' => false, } case $facts['os']['name']{ 'Debian': { $backports = { 'location' => 'http://deb.debian.org/debian', 'repos' => 'main contrib non-free', } $ppa_options = undef $ppa_package = undef if versioncmp($facts['os']['release']['major'], '9') >= 0 { $auth_conf_owner = '_apt' } else { $auth_conf_owner = 'root' } } 'Ubuntu': { $backports = { 'location' => 'http://archive.ubuntu.com/ubuntu', 'key' => '630239CC130E1A7FD81A27B140976EAF437D05B5', 'repos' => 'main universe multiverse restricted', } $ppa_options = '-y' $ppa_package = 'software-properties-common' if versioncmp($facts['os']['release']['full'], '16.04') >= 0 { $auth_conf_owner = '_apt' } else { $auth_conf_owner = 'root' } } undef: { fail(translate('Unable to determine value for fact os[\"name\"]')) } default: { $ppa_options = undef $ppa_package = undef $backports = undef $auth_conf_owner = 'root' } } } diff --git a/metadata.json b/metadata.json index 10dcc47..362b1d6 100644 --- a/metadata.json +++ b/metadata.json @@ -1,48 +1,48 @@ { "name": "puppetlabs-apt", - "version": "7.4.2", + "version": "7.5.0", "author": "puppetlabs", "summary": "Provides an interface for managing Apt source, key, and definitions with Puppet", "license": "Apache-2.0", "source": "https://github.com/puppetlabs/puppetlabs-apt", "project_page": "https://github.com/puppetlabs/puppetlabs-apt", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.16.0 < 7.0.0" }, { "name": "puppetlabs/translate", "version_requirement": ">= 1.0.0 < 3.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "Debian", "operatingsystemrelease": [ "8", "9", "10" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "14.04", "16.04", "18.04", "20.04" ] } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.10 < 7.0.0" } ], - "template-url": "https://github.com/puppetlabs/pdk-templates#master", - "template-ref": "heads/master-0-g88b05c7", - "pdk-version": "1.17.0" + "template-url": "https://github.com/puppetlabs/pdk-templates#main", + "template-ref": "heads/main-0-gd610ead", + "pdk-version": "1.18.1" } diff --git a/readmes/README_ja_JP.md b/readmes/README_ja_JP.md index c4c9a9a..eb0803c 100644 --- a/readmes/README_ja_JP.md +++ b/readmes/README_ja_JP.md @@ -1,291 +1,291 @@ # apt #### 目次 1. [説明 - モジュールの機能とその有益性](#module-description) 1. [セットアップ - apt導入の基本](#setup) * [aptが影響を与えるもの](#what-apt-affects) * [aptの使用を開始する](#beginning-with-apt) 1. [使用 - 設定オプションと追加機能](#usage) * [GPGキーの追加](#add-gpg-keys) * [バックポートの優先度を上げる](#prioritize-backports) * [パッケージリストの更新](#update-the-list-of-packages) * [特定のリリースのピン止め](#pin-a-specific-release) * [PPA (Personal Package Archive)レポジトリの追加](#add-a-personal-package-archive-repository) * [HieraからのAptの構成](#configure-apt-from-hiera) * [デフォルトのsources.listファイルの置き換え](#replace-the-default-sourceslist-file) 1. [参考 - モジュールの機能と動作について](#reference) 1. [制約 - OS互換性など](#limitations) 1. [開発 - モジュール貢献についてのガイド](#development) ## モジュールの概要 aptモジュールを導入すると、Puppetを使用してAPT (Advanced Package Tool)のソース、キー、その他の構成オプションを管理できます。 APTとは、Debian、Ubuntu、およびその他いくつかのオペレーティングシステムで利用可能なパッケージマネージャです。aptモジュールは、APTのパッケージ管理を自動化するのに役立つ一連のクラス、定義型、およびfactsを提供します。 **注意**: このモジュールが実行中のDebian/Ubuntu (もしくは派生OS)のバージョンを正しく自動検出するためには、'lsb-release'パッケージがインストールされていることを確認する必要があります。これをプロビジョニングレイヤの一部にするか(多くのDebianシステムまたは派生OSシステムを実行する場合はこちらを推奨)、この依存関係を自動的に取得する機能をもつFacter 2.2.0以降をインストールしておくことを強くお勧めします。 ## セットアップ ### aptが影響を与えるもの * システムの`preferences`ファイルと`preferences.d`ディレクトリ * システムの `sources.list`ファイルと`sources.list.d`ディレクトリ * システムレポジトリ * 認証キー **注意:** このモジュールには`purge`パラメータがあります。このパラメータを`true`に設定すると、 ノードの `sources.list(.d)`および`preferences(.d)`の構成のうち、Puppetを通して宣言されていないものがすべて**破棄**されます。このパラメータのデフォルトは`false`です。 ### aptの使用を開始する デフォルトのパラメータでaptモジュールを使用するには、`apt`クラスを宣言します。 ```puppet include apt ``` **注意:** メインの`apt`クラスは、このモジュールに含まれるその他すべてのクラス、型、定義型によって要求されます。このモジュールを使用する際は、このクラスを必ず宣言する必要があります。 ## 使用 ### GPGキーの追加 **警告:** 短いキーIDを使用すると、衝突攻撃が有効になる可能性があり、セキュリティに深刻な問題が生じます。常に、完全なフィンガープリントを使用してGPGキーを識別することを推奨します。このモジュールでは短いキーの使用が許可されていますが、それを使用した場合、セキュリティ警告が発行されます。 `apt::key`の定義型を宣言するには、次のように記述します。 ```puppet apt::key { 'puppetlabs': id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', server => 'pgp.mit.edu', options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"', } ``` ### バックポートの優先度を上げる ```puppet class { 'apt::backports': pin => 500, } ``` デフォルトでは、`apt::backports`クラスはバックポート用のピンファイルをドロップし、優先度200にピン止めします。これは、通常のデフォルト値である500よりも低いため、`ensure => latest`に設定されているパッケージは、明示的な許可がない限り、バックポートからアップグレードされることはありません。 `pin`パラメータを使用して優先度を500に上げると、通常のポリシーが有効になり、Aptは最新のバージョンをインストールするか、最新のバージョンにアップグレードします。これはつまり、`package`リソースの`ensure`属性を明示的に`installed`/`present`もしくは特定のバージョンに設定していない限り、あるパッケージがバックポートから利用できる場合は、そのパッケージと依存関係がバックポートから取得されるということです。 ### パッケージリストの更新 デフォルトでは、`apt`クラスをインクルードした後の最初のPuppet実行時と、`notify => Exec['apt_update']`が発生するたびに(別の言い方をすれば、構成ファイルが更新されるか、関連するその他の変更が行われるたびに)、Puppetは`apt-get update`を実行します。`update['frequency']`を'always'に設定すると、Puppet実行時に毎回更新が行われます。`update['frequency']`は'daily'や'weekly'に設定することも可能です。 ```puppet class { 'apt': update => { frequency => 'daily', }, } ``` `Exec['apt_update']`がトリガされると、`Notice`メッセージが生成されます。デフォルトの[agentロギングレベル](https://docs.puppet.com/puppet/latest/configuration.html#loglevel)は`notice`であるため、このレポジトリの更新は、ログおよびagentレポートに記録されます。[Foreman](https://www.theforeman.org)など、一部のツールでは、このような更新通知が重要な変更としてレポートされます。これらの更新がレポートに記録されないようにするには、`Exec['apt_update']`の[loglevel](https://docs.puppet.com/puppet/latest/metaparameter.html#loglevel)メタパラメータをagentロギングレベルよりも高い値に設定します。 ```puppet class { 'apt': update => { frequency => 'daily', loglevel => 'debug', }, } ``` ### 特定のリリースのピン止め ```puppet apt::pin { 'karmic': priority => 700 } apt::pin { 'karmic-updates': priority => 700 } apt::pin { 'karmic-security': priority => 700 } ``` ディストリビューションのプロパティを使用して、より複雑なピンを指定することもできます。 ```puppet apt::pin { 'stable': priority => -10, originator => 'Debian', release_version => '3.0', component => 'main', label => 'Debian' } ``` 複数のパッケージをピン止めするには、配列またはスペース区切りの文字列としてその情報を`packages`パラメータに渡します。 ### PPA (Personal Package Archive)レポジトリの追加 ```puppet apt::ppa { 'ppa:drizzle-developers/ppa': } ``` ### `/etc/apt/sources.list.d/`へのAptソースの追加 ```puppet apt::source { 'debian_unstable': comment => 'This is the iWeb Debian unstable mirror', location => 'http://debian.mirror.iweb.ca/debian/', release => 'unstable', repos => 'main contrib non-free', pin => '-10', key => { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553', 'server' => 'subkeys.pgp.net', }, include => { 'src' => true, 'deb' => true, }, } ``` Puppet Aptレポジトリをソースとして使用するには、次のように記述します。 ```puppet apt::source { 'puppetlabs': location => 'http://apt.puppetlabs.com', repos => 'main', key => { 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', 'server' => 'pgp.mit.edu', }, } ``` ### HieraからのAptの構成 ソースをリソースとして直接指定するかわりに、単純に`apt`クラスをインクルードして、値をHieraから自動的に取得するように構成できます。 ```yaml apt::sources: 'debian_unstable': comment: 'This is the iWeb Debian unstable mirror' location: 'http://debian.mirror.iweb.ca/debian/' release: 'unstable' repos: 'main contrib non-free' pin: '-10' key: id: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' server: 'subkeys.pgp.net' include: src: true deb: true 'puppetlabs': location: 'http://apt.puppetlabs.com' repos: 'main' key: id: '6F6B15509CF8E59E6E469F327F438280EF8D349F' server: 'pgp.mit.edu' ``` ### デフォルトの`sources.list`ファイルの置き換え デフォルトの`/etc/apt/sources.list`を置き換える例を以下に示します。以下のコードと合わせて、`purge`パラメータを必ず使用してください。使用しない場合、Apt実行時にソース重複の警告が出ます。 ```puppet apt::source { "archive.ubuntu.com-${lsbdistcodename}": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', } apt::source { "archive.ubuntu.com-${lsbdistcodename}-security": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-security" } apt::source { "archive.ubuntu.com-${lsbdistcodename}-updates": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-updates" } apt::source { "archive.ubuntu.com-${lsbdistcodename}-backports": location => 'http://archive.ubuntu.com/ubuntu', key => '630239CC130E1A7FD81A27B140976EAF437D05B5', repos => 'main universe multiverse restricted', release => "${lsbdistcodename}-backports" } ``` ### APTソースやプロキシのログイン設定を`/etc/apt/auth.conf`で管理する APTバージョン1.5以降、認証が必要なAPTソースやプロキシについて、ユーザ名やパスワードなどのログイン設定を`/etc/apt/auth.conf`ファイルに定義できるようになりました。この方法は、`source.list`内にログイン情報を直接記述するよりも推奨されます。直接記述した場合、通常、あらゆるユーザから読み取り可能になるためです。 `/etc/apt/auth.confファイルのフォーマットは、(ftpやcurlによって使用される) netrcに従い、ファイルパーミッションが制限されています。詳しくは、[こちら](https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html)を参照してください。 オプションの`apt::auth_conf_entries`パラメータを使用して、ログイン設定を含むハッシュの配列を指定します。このハッシュに含めることができるのは、`machine`、`login`、および`password`キーのみです。 ```puppet class { 'apt': auth_conf_entries => [ { 'machine' => 'apt-proxy.example.net', 'login' => 'proxylogin', 'password' => 'proxypassword', }, { 'machine' => 'apt.example.com/ubuntu', 'login' => 'reader', 'password' => 'supersecret', }, ], } ``` ## リファレンス ### Facts * `apt_updates`: `upgrade`で入手可能な更新がある、インストール済みパッケージの数。 * `apt_dist_updates`: `dist-upgrade`で入手可能な更新がある、インストール済みパッケージの数。 * `apt_security_updates`: `upgrade`で入手可能なセキュリティ更新がある、インストール済みパッケージの数。 * `apt_security_dist_updates`: `dist-upgrade`で入手可能なセキュリティ更新がある、インストール済みパッケージの数。 * `apt_package_updates`: `upgrade`で入手可能な更新がある、すべてのインストール済みパッケージの名前。Facter 2.0以降では、このデータのフォーマットは配列で、それ以前のバージョンでは、コンマ区切りの文字列です。 * `apt_package_dist_updates`: `dist-upgrade`で入手可能な更新がある、すべてのインストール済みパッケージの名前。Facter 2.0以降では、このデータのフォーマットは配列で、それ以前のバージョンでは、コンマ区切りの文字列です。 * `apt_update_last_success`: 直近で成功した`apt-get update`実行のエポックタイムによる日付(/var/lib/apt/periodic/update-success-stampのmtimeに基づく)。 * `apt_reboot_required`: 更新がインストールされた後に再起動が必要かどうかを決定します。 ### 詳細情報 -その他すべてのリファレンスマニュアルについては、[REFERENCE.md](https://github.com/puppetlabs/puppetlabs-apt/blob/master/REFERENCE.md)を参照してください。 +その他すべてのリファレンスマニュアルについては、[REFERENCE.md](https://github.com/puppetlabs/puppetlabs-apt/blob/main/REFERENCE.md)を参照してください。 ## 制約 このモジュールは、[実行ステージ](https://docs.puppetlabs.com/puppet/latest/reference/lang_run_stages.html)に分割するようには設計されていません。 -サポート対象のオペレーティングシステムの全リストについては、[metadata.json](https://github.com/puppetlabs/puppetlabs-apt/blob/master/metadata.json)を参照してください。 +サポート対象のオペレーティングシステムの全リストについては、[metadata.json](https://github.com/puppetlabs/puppetlabs-apt/blob/main/metadata.json)を参照してください。 ### 新しいソースまたはPPAの追加 新しいソースまたはPPAを追加し、同一のPuppet実行において、その新しいソースまたはPPAからパッケージをインストールするには、`package`リソースが`Apt::Source`または`Apt::Ppa`に従属し、かつ`Class['apt::update']に従属する必要があります。[コレクタ](https://docs.puppetlabs.com/puppet/latest/reference/lang_collectors.html)を追加することによって、すべてのパッケージが`apt::update`の後に来るように制御することもできますが、その場合、循環依存が発生したり、[仮想リソース](https://docs.puppetlabs.com/puppet/latest/reference/lang_collectors.html#behavior)と関係したりすることがあります。以下のコマンドを実行する前に、すべてのパッケージのプロバイダがaptに設定されていることを確認してください。 ```puppet Class['apt::update'] -> Package <| provider == 'apt' |> ``` ## 開発 Puppet ForgeのPuppet Labsモジュールはオープンプロジェクトで、良い状態に保つためには、コミュニティの貢献が必要不可欠です。Puppetが役に立つはずでありながら、私たちがアクセスできないプラットフォームやハードウェア、ソフトウェア、デプロイ構成は無数にあります。私たちの目標は、できる限り簡単に変更に貢献し、みなさまの環境で私たちのモジュールが機能できるようにすることにあります。最高の状態を維持できるようにするために、コントリビュータが従う必要のあるいくつかのガイドラインが存在します。 詳細については、[モジュール貢献ガイド](https://docs.puppetlabs.com/forge/contributing.html)を参照してください。 すでにご協力いただいている方のリストについては、[コントリビュータのリスト](https://github.com/puppetlabs/puppetlabs-apt/graphs/contributors)をご覧ください。 diff --git a/spec/classes/apt_spec.rb b/spec/classes/apt_spec.rb index ca11d4a..84c6574 100644 --- a/spec/classes/apt_spec.rb +++ b/spec/classes/apt_spec.rb @@ -1,540 +1,608 @@ require 'spec_helper' sources_list = { ensure: 'file', path: '/etc/apt/sources.list', owner: 'root', group: 'root', notify: 'Class[Apt::Update]' } sources_list_d = { ensure: 'directory', path: '/etc/apt/sources.list.d', owner: 'root', group: 'root', purge: false, recurse: false, notify: 'Class[Apt::Update]' } preferences = { ensure: 'file', path: '/etc/apt/preferences', owner: 'root', group: 'root', notify: 'Class[Apt::Update]' } preferences_d = { ensure: 'directory', path: '/etc/apt/preferences.d', owner: 'root', group: 'root', purge: false, recurse: false, notify: 'Class[Apt::Update]' } apt_conf_d = { ensure: 'directory', path: '/etc/apt/apt.conf.d', owner: 'root', group: 'root', purge: false, recurse: false, notify: 'Class[Apt::Update]' } describe 'apt' do let(:facts) do { os: { family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, lsbdistid: 'Debian', osfamily: 'Debian', lsbdistcodename: 'jessie', } end context 'with defaults' do it { is_expected.to contain_file('sources.list').that_notifies('Class[Apt::Update]').only_with(sources_list) } it { is_expected.to contain_file('sources.list.d').that_notifies('Class[Apt::Update]').only_with(sources_list_d) } it { is_expected.to contain_file('preferences').that_notifies('Class[Apt::Update]').only_with(preferences) } it { is_expected.to contain_file('preferences.d').that_notifies('Class[Apt::Update]').only_with(preferences_d) } it { is_expected.to contain_file('apt.conf.d').that_notifies('Class[Apt::Update]').only_with(apt_conf_d) } it { is_expected.to contain_file('/etc/apt/auth.conf').with_ensure('absent') } it 'lays down /etc/apt/apt.conf.d/15update-stamp' do is_expected.to contain_file('/etc/apt/apt.conf.d/15update-stamp').with(group: 'root', owner: 'root').with_content( %r{APT::Update::Post-Invoke-Success {"touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true";};}, ) end it { is_expected.to contain_exec('apt_update').with(refreshonly: 'true') } it { is_expected.not_to contain_apt__setting('conf-proxy') } end describe 'proxy=' do context 'when host=localhost' do let(:params) { { proxy: { 'host' => 'localhost' } } } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8080/";}, ).without_content( %r{Acquire::https::proxy}, ) } end context 'when host=localhost and port=8180' do let(:params) { { proxy: { 'host' => 'localhost', 'port' => 8180 } } } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8180/";}, ).without_content( %r{Acquire::https::proxy}, ) } end context 'when host=localhost and https=true' do let(:params) { { proxy: { 'host' => 'localhost', 'https' => true } } } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8080/";}, ).with_content( %r{Acquire::https::proxy "https://localhost:8080/";}, ) } end context 'when host=localhost and direct=true' do let(:params) { { proxy: { 'host' => 'localhost', 'direct' => true } } } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8080/";}, ).with_content( %r{Acquire::https::proxy "DIRECT";}, ) } end context 'when host=localhost and https=true and direct=true' do let(:params) { { proxy: { 'host' => 'localhost', 'https' => true, 'direct' => true } } } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8080/";}, ).with_content( %r{Acquire::https::proxy "https://localhost:8080/";}, ) } it { is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content( %r{Acquire::http::proxy "http://localhost:8080/";}, ).without_content( %r{Acquire::https::proxy "DIRECT";}, ) } end context 'when ensure=absent' do let(:params) { { proxy: { 'ensure' => 'absent' } } } it { is_expected.to contain_apt__setting('conf-proxy').with(ensure: 'absent', priority: '01') } end end context 'with lots of non-defaults' do let :params do { update: { 'frequency' => 'always', 'timeout' => 1, 'tries' => 3 }, purge: { 'sources.list' => false, 'sources.list.d' => false, 'preferences' => false, 'preferences.d' => false, 'apt.conf.d' => false }, } end it { is_expected.to contain_file('sources.list').with(content: nil) } it { is_expected.to contain_file('sources.list.d').with(purge: false, recurse: false) } it { is_expected.to contain_file('preferences').with(ensure: 'file') } it { is_expected.to contain_file('preferences.d').with(purge: false, recurse: false) } it { is_expected.to contain_file('apt.conf.d').with(purge: false, recurse: false) } it { is_expected.to contain_exec('apt_update').with(refreshonly: false, timeout: 1, tries: 3) } end + context 'with lots of non-defaults' do + let :params do + { + update: { 'frequency' => 'always', 'timeout' => 1, 'tries' => 3 }, + purge: { 'sources.list' => true, 'sources.list.d' => true, + 'preferences' => true, 'preferences.d' => true, + 'apt.conf.d' => true }, + } + end + + it { + is_expected.to contain_file('sources.list').with(content: "# Repos managed by puppet.\n") + } + + it { + is_expected.to contain_file('sources.list.d').with(purge: true, + recurse: true) + } + + it { + is_expected.to contain_file('preferences').with(ensure: 'absent') + } + + it { + is_expected.to contain_file('preferences.d').with(purge: true, + recurse: true) + } + + it { + is_expected.to contain_file('apt.conf.d').with(purge: true, + recurse: true) + } + + it { + is_expected.to contain_exec('apt_update').with(refreshonly: false, + timeout: 1, + tries: 3) + } + end + + context 'with defaults for sources_list_force' do + let :params do + { + update: { 'frequency' => 'always', 'timeout' => 1, 'tries' => 3 }, + purge: { 'sources.list' => true }, + sources_list_force: false, + } + end + + it { + is_expected.to contain_file('sources.list').with(content: "# Repos managed by puppet.\n") + } + end + + context 'with non defaults for sources_list_force' do + let :params do + { + update: { 'frequency' => 'always', 'timeout' => 1, 'tries' => 3 }, + purge: { 'sources.list' => true }, + sources_list_force: true, + } + end + + it { + is_expected.to contain_file('sources.list').with(ensure: 'absent') + } + end + context 'with entries for /etc/apt/auth.conf' do facts_hash = { 'Ubuntu 14.04' => { os: { family: 'Debian', name: 'Ubuntu', release: { major: '14', full: '14.04' } }, osfamily: 'Debian', lsbdistcodename: 'trusty', lsbdistid: 'Ubuntu', lsbdistrelease: '14.04', }, 'Ubuntu 16.04' => { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', lsbdistrelease: '16.04', }, 'Ubuntu 18.04' => { os: { family: 'Debian', name: 'Ubuntu', release: { major: '18', full: '18.04' } }, osfamily: 'Debian', lsbdistcodename: 'bionic', lsbdistid: 'Ubuntu', lsbdistrelease: '18.04', }, 'Debian 7.0' => { os: { family: 'Debian', name: 'Debian', release: { major: '7', full: '7.0' } }, lsbdistid: 'Debian', osfamily: 'Debian', lsbdistcodename: 'wheezy', }, 'Debian 8.0' => { os: { family: 'Debian', name: 'Debian', release: { major: '8', full: '8.0' } }, lsbdistid: 'Debian', osfamily: 'Debian', lsbdistcodename: 'jessie', }, 'Debian 9.0' => { os: { family: 'Debian', name: 'Debian', release: { major: '9', full: '9.0' } }, lsbdistid: 'Debian', osfamily: 'Debian', lsbdistcodename: 'stretch', }, 'Debian 10.0' => { os: { family: 'Debian', name: 'Debian', release: { major: '10', full: '10.0' } }, lsbdistid: 'Debian', osfamily: 'Debian', lsbdistcodename: 'buster', }, } facts_hash.each do |os, facts| context "on #{os}" do let(:facts) do facts end let(:params) do { auth_conf_entries: [ { machine: 'deb.example.net', login: 'foologin', password: 'secret', }, { machine: 'apt.example.com', login: 'aptlogin', password: 'supersecret', }, ], } end context 'with manage_auth_conf => true' do let(:params) do super().merge(manage_auth_conf: true) end # Going forward starting with Ubuntu 16.04 and Debian 9.0 # /etc/apt/auth.conf is owned by _apt. In previous versions it is # root. auth_conf_owner = case os when 'Ubuntu 14.04', 'Debian 7.0', 'Debian 8.0' 'root' else '_apt' end auth_conf_content = "// This file is managed by Puppet. DO NOT EDIT. machine deb.example.net login foologin password secret machine apt.example.com login aptlogin password supersecret " it { is_expected.to contain_file('/etc/apt/auth.conf').with(ensure: 'present', owner: auth_conf_owner, group: 'root', mode: '0600', notify: 'Class[Apt::Update]', content: auth_conf_content) } end context 'with manage_auth_conf => false' do let(:params) do super().merge(manage_auth_conf: false) end it { is_expected.not_to contain_file('/etc/apt/auth.conf') } end end context 'with improperly specified entries for /etc/apt/auth.conf' do let(:params) do { auth_conf_entries: [ { machinn: 'deb.example.net', username: 'foologin', password: 'secret', }, { machine: 'apt.example.com', login: 'aptlogin', password: 'supersecret', }, ], } end it { is_expected.to raise_error(Puppet::Error) } end end end context 'with sources defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', lsbdistrelease: '16.04', } end let(:params) do { sources: { 'debian_unstable' => { 'location' => 'http://debian.mirror.iweb.ca/debian/', 'release' => 'unstable', 'repos' => 'main contrib non-free', 'key' => { 'id' => '150C8614919D8446E01E83AF9AA38DCD55BE302B', 'server' => 'subkeys.pgp.net' }, 'pin' => '-10', 'include' => { 'src' => true }, }, 'puppetlabs' => { 'location' => 'http://apt.puppetlabs.com', 'repos' => 'main', 'key' => { 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', 'server' => 'pgp.mit.edu' }, }, } } end it { is_expected.to contain_apt__setting('list-debian_unstable').with(ensure: 'present') } it { is_expected.to contain_file('/etc/apt/sources.list.d/debian_unstable.list').with_content(%r{^deb http://debian.mirror.iweb.ca/debian/ unstable main contrib non-free$}) } it { is_expected.to contain_file('/etc/apt/sources.list.d/debian_unstable.list').with_content(%r{^deb-src http://debian.mirror.iweb.ca/debian/ unstable main contrib non-free$}) } it { is_expected.to contain_apt__setting('list-puppetlabs').with(ensure: 'present') } it { is_expected.to contain_file('/etc/apt/sources.list.d/puppetlabs.list').with_content(%r{^deb http://apt.puppetlabs.com xenial main$}) } end context 'with confs defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', } end let(:params) do { confs: { 'foo' => { 'content' => 'foo', }, 'bar' => { 'content' => 'bar', }, } } end it { is_expected.to contain_apt__conf('foo').with(content: 'foo') } it { is_expected.to contain_apt__conf('bar').with(content: 'bar') } end context 'with keys defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', } end let(:params) do { keys: { '55BE302B' => { 'server' => 'subkeys.pgp.net', }, 'EF8D349F' => { 'server' => 'pgp.mit.edu', }, } } end it { is_expected.to contain_apt__key('55BE302B').with(server: 'subkeys.pgp.net') } it { is_expected.to contain_apt__key('EF8D349F').with(server: 'pgp.mit.edu') } end context 'with ppas defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', lsbdistrelease: '16.04', } end let(:params) do { ppas: { 'ppa:drizzle-developers/ppa' => {}, 'ppa:nginx/stable' => {}, } } end it { is_expected.to contain_apt__ppa('ppa:drizzle-developers/ppa') } it { is_expected.to contain_apt__ppa('ppa:nginx/stable') } end context 'with settings defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', } end let(:params) do { settings: { 'conf-banana' => { 'content' => 'banana' }, 'pref-banana' => { 'content' => 'banana' }, } } end it { is_expected.to contain_apt__setting('conf-banana') } it { is_expected.to contain_apt__setting('pref-banana') } end context 'with pins defined on valid osfamily' do let :facts do { os: { family: 'Debian', name: 'Ubuntu', release: { major: '16', full: '16.04' } }, osfamily: 'Debian', lsbdistcodename: 'xenial', lsbdistid: 'Ubuntu', } end let(:params) do { pins: { 'stable' => { 'priority' => 600, 'order' => 50 }, 'testing' => { 'priority' => 700, 'order' => 100 }, } } end it { is_expected.to contain_apt__pin('stable') } it { is_expected.to contain_apt__pin('testing') } end describe 'failing tests' do context "with purge['sources.list']=>'banana'" do let(:params) { { purge: { 'sources.list' => 'banana' } } } it do is_expected.to raise_error(Puppet::Error) end end context "with purge['sources.list.d']=>'banana'" do let(:params) { { purge: { 'sources.list.d' => 'banana' } } } it do is_expected.to raise_error(Puppet::Error) end end context "with purge['preferences']=>'banana'" do let(:params) { { purge: { 'preferences' => 'banana' } } } it do is_expected.to raise_error(Puppet::Error) end end context "with purge['preferences.d']=>'banana'" do let(:params) { { purge: { 'preferences.d' => 'banana' } } } it do is_expected.to raise_error(Puppet::Error) end end context "with purge['apt.conf.d']=>'banana'" do let(:params) { { purge: { 'apt.conf.d' => 'banana' } } } it do is_expected.to raise_error(Puppet::Error) end end end end diff --git a/spec/unit/facter/apt_dist_has_updates_spec.rb b/spec/unit/facter/apt_dist_has_updates_spec.rb index 6130f27..8d188b0 100644 --- a/spec/unit/facter/apt_dist_has_updates_spec.rb +++ b/spec/unit/facter/apt_dist_has_updates_spec.rb @@ -1,39 +1,41 @@ require 'spec_helper' describe 'apt_has_dist_updates fact' do subject { Facter.fact(:apt_has_dist_updates).value } before(:each) { Facter.clear } describe 'on non-Debian distro' do before(:each) do + # Adding temporary workaround for this ticket https://tickets.puppetlabs.com/browse/IAC-1143 + Facter.clear allow(Facter.fact(:osfamily)).to receive(:value).once.and_return('Redhat') end it { is_expected.to be_nil } end describe 'on Debian based distro missing apt-get' do before(:each) do allow(Facter.fact(:osfamily)).to receive(:value).once.and_return('Debian') allow(File).to receive(:executable?) # Stub all other calls allow(File).to receive(:executable?).with('/usr/bin/apt-get').and_return(false) end it { is_expected.to be_nil } end describe 'on Debian based distro' do before(:each) do allow(Facter.fact(:osfamily)).to receive(:value).once.and_return('Debian') allow(File).to receive(:executable?) # Stub all other calls allow(Facter::Util::Resolution).to receive(:exec) # Catch all other calls allow(File).to receive(:executable?).with('/usr/bin/apt-get').and_return(true) allow(Facter::Util::Resolution).to receive(:exec).with('/usr/bin/apt-get -s -o Debug::NoLocking=true upgrade 2>&1').and_return('test') apt_output = "Inst extremetuxracer [2015f-0+deb8u1] (2015g-0+deb8u1 Debian:stable-updates [all])\n" \ "Conf extremetuxracer (2015g-0+deb8u1 Debian:stable-updates [all])\n" \ "Inst planet.rb [13-1.1] (22-2~bpo8+1 Debian Backports:jessie-backports [all])\n" \ "Conf planet.rb (22-2~bpo8+1 Debian Backports:jessie-backports [all])\n" allow(Facter::Util::Resolution).to receive(:exec).with('/usr/bin/apt-get -s -o Debug::NoLocking=true dist-upgrade 2>&1').and_return(apt_output) end it { is_expected.to be true } end end diff --git a/spec/unit/puppet/provider/apt_key_spec.rb b/spec/unit/puppet/provider/apt_key_spec.rb index ca35ff7..7b87017 100644 --- a/spec/unit/puppet/provider/apt_key_spec.rb +++ b/spec/unit/puppet/provider/apt_key_spec.rb @@ -1,215 +1,216 @@ require 'spec_helper' describe Puppet::Type.type(:apt_key).provider(:apt_key) do describe 'instances' do it 'has an instance method' do expect(described_class).to respond_to :instances end end describe 'prefetch' do it 'has a prefetch method' do expect(described_class).to respond_to :prefetch end end context 'self.instances no key' do before :each do + # Unable to remove `master` from below terminology as it relies on outside code allow(described_class).to receive(:apt_key).with( ['adv', '--no-tty', '--list-keys', '--with-colons', '--fingerprint', '--fixed-list-mode'], ).and_return('uid:-::::1284991450::07BEBE04F4AE4A8E885A761325717D8509D9C1DC::Ubuntu Extras Archive Automatic Signing Key ::::::::::0:') end it 'returns no resources' do expect(described_class.instances.size).to eq(0) end end context 'self.instances multiple keys' do before :each do command_output = <<-OUTPUT Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.DU0GdRxjmE --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/puppetlabs-pc1-keyring.gpg --no-tty --list-keys --with-colons --fingerprint --fixed-list-mode tru:t:1:1549900774:0:3:1:5 pub:-:1024:17:40976EAF437D05B5:1095016255:::-:::scESC: fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5: uid:-::::1095016255::B84AE656F4F5A826C273A458512EF8E282754CE1::Ubuntu Archive Automatic Signing Key : sub:-:2048:16:251BEFF479164387:1095016263::::::e: pub:-:1024:17:46181433FBB75451:1104433784:::-:::scSC: fpr:::::::::C5986B4F1257FFA86632CBA746181433FBB75451: OUTPUT allow(described_class).to receive(:apt_key).with( ['adv', '--no-tty', '--list-keys', '--with-colons', '--fingerprint', '--fixed-list-mode'], ).and_return(command_output) end it 'returns 2 resources' do expect(described_class.instances.size).to eq(2) expect(described_class.instances[0].name).to eq('630239CC130E1A7FD81A27B140976EAF437D05B5') expect(described_class.instances[0].id).to eq('40976EAF437D05B5') expect(described_class.instances[1].name).to eq('C5986B4F1257FFA86632CBA746181433FBB75451') expect(described_class.instances[1].id).to eq('46181433FBB75451') end end context 'create apt_key resource' do it 'apt_key with content set and source nil' do expect(described_class).to receive(:apt_key).with(['adv', '--no-tty', '--keyserver', :"keyserver.ubuntu.com", '--recv-keys', 'C105B9DE']) resource = Puppet::Type::Apt_key.new(name: 'source and content nil', id: 'C105B9DE', ensure: 'present') provider = described_class.new(resource) expect(provider).not_to be_exist provider.create expect(provider).to be_exist end it 'apt_key content and source nil, options set' do expect(described_class).to receive(:apt_key).with(['adv', '--no-tty', '--keyserver', :"keyserver.ubuntu.com", '--keyserver-options', 'jimno', '--recv-keys', 'C105B9DE']) resource = Puppet::Type::Apt_key.new(name: 'source and content nil', id: 'C105B9DE', options: 'jimno', ensure: 'present') provider = described_class.new(resource) expect(provider).not_to be_exist provider.create expect(provider).to be_exist end it 'apt_key with content set' do expect(described_class).to receive(:apt_key).with(array_including('add', kind_of(String))) resource = Puppet::Type::Apt_key.new(name: 'gsd', id: 'C105B9DE', content: 'asad', ensure: 'present') provider = described_class.new(resource) expect(provider).not_to be_exist expect(provider).to receive(:tempfile).and_return(Tempfile.new('foo')) provider.create expect(provider).to be_exist end it 'apt_key with source set' do expect(described_class).to receive(:apt_key).with(array_including('add', kind_of(String))) resource = Puppet::Type::Apt_key.new(name: 'gsd', id: 'C105B9DE', source: 'ftp://bla/herpderp.gpg', ensure: 'present') provider = described_class.new(resource) expect(provider).not_to be_exist expect(provider).to receive(:source_to_file).and_return(Tempfile.new('foo')) provider.create expect(provider).to be_exist end it 'apt_key with source and weak ssl verify set' do expect(described_class).to receive(:apt_key).with(array_including('add', kind_of(String))) resource = Puppet::Type::Apt_key.new(name: 'gsd', id: 'C105B9DE', source: 'https://bla/herpderp.gpg', ensure: 'present', weak_ssl: true) provider = described_class.new(resource) expect(provider).not_to be_exist expect(provider).to receive(:source_to_file).and_return(Tempfile.new('foo')) provider.create expect(provider).to be_exist end describe 'different valid id keys' do hash_of_keys = { '32bit key id' => 'EF8D349F', '64bit key id' => '7F438280EF8D349F', '160bit key fingerprint' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', '32bit key id lowercase' => 'EF8D349F'.downcase, '64bit key id lowercase' => '7F438280EF8D349F'.downcase, '160bit key fingerprint lowercase' => '6F6B15509CF8E59E6E469F327F438280EF8D349F'.downcase, '32bit key id 0x formatted' => '0xEF8D349F', '64bit key id 0x formatted' => '0x7F438280EF8D349F', '160bit key fingerprint 0x formatted' => '0x6F6B15509CF8E59E6E469F327F438280EF8D349F', } hash_of_keys.each do |key_type, value| it "#{key_type} #{value} is valid" do expect(described_class).to receive(:apt_key).with(array_including('adv', '--no-tty', '--keyserver', :"keyserver.ubuntu.com", '--recv-keys')) resource = Puppet::Type::Apt_key.new(name: 'source and content nil', id: value, ensure: 'present') provider = described_class.new(resource) expect(provider).not_to be_exist provider.create expect(provider).to be_exist end end end it 'apt_key with invalid key length' do expect { Puppet::Type::Apt_key.new(name: 'source and content nil', id: '1', ensure: 'present') }.to raise_error(Puppet::ResourceError, %r{Parameter id failed on Apt_key}) end end context 'key_line_hash function' do it 'matches rsa' do expect(described_class.key_line_hash('pub:-:1024:1:40976EAF437D05B5:1095016255:::-:::scESC:', 'fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:')).to include( key_expiry: nil, key_fingerprint: '630239CC130E1A7FD81A27B140976EAF437D05B5', key_long: '40976EAF437D05B5', key_short: '437D05B5', key_size: '1024', key_type: :rsa, ) end it 'matches dsa' do expect(described_class.key_line_hash('pub:-:1024:17:40976EAF437D05B5:1095016255:::-:::scESC:', 'fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:')).to include( key_expiry: nil, key_fingerprint: '630239CC130E1A7FD81A27B140976EAF437D05B5', key_long: '40976EAF437D05B5', key_short: '437D05B5', key_size: '1024', key_type: :dsa, ) end it 'matches ecc' do expect(described_class.key_line_hash('pub:-:1024:18:40976EAF437D05B5:1095016255:::-:::scESC:', 'fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:')).to include( key_expiry: nil, key_fingerprint: '630239CC130E1A7FD81A27B140976EAF437D05B5', key_long: '40976EAF437D05B5', key_short: '437D05B5', key_size: '1024', key_type: :ecc, ) end it 'matches ecdsa' do expect(described_class.key_line_hash('pub:-:1024:19:40976EAF437D05B5:1095016255:::-:::scESC:', 'fpr:::::::::630239CC130E1A7FD81A27B140976EAF437D05B5:')).to include( key_expiry: nil, key_fingerprint: '630239CC130E1A7FD81A27B140976EAF437D05B5', key_long: '40976EAF437D05B5', key_short: '437D05B5', key_size: '1024', key_type: :ecdsa, ) end end end