-
Notifications
You must be signed in to change notification settings - Fork 461
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add apt::keyring defined type #1120
Conversation
# Ensure presence or absence of the resource. | ||
# | ||
define apt::keyring ( | ||
Stdlib::Absolutepath $keyring_dir = '/etc/apt/keyrings', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is already defined as apt::params::trusted_gpg_d
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
True, but for new-style APT keyrings, /etc/apt/keyrings
is the preferred location.
Changing it only here means the new-style keyrings can be deployed to /etc/apt/keyrings
by default, without affecting the rest of the module.
Enum['present','absent'] $ensure = 'present', | ||
) { | ||
ensure_resource('file', $keyring_dir, { ensure => 'directory', mode => '0755', }) | ||
if $source and $content { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We probably want a similar check when none of source
and content
is set. The provided unit test in this regard is incomplete because I would expect such code to fail.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea. I have added another condition which will catch this scenario.
Applying suggestions from code review Co-authored-by: Romain Tartière <[email protected]>
Should be closed, was done in #1128. |
Thanks @kenyon! |
Summary
Add a new defined type for adding GPG keyrings.
Additional Context
apt-key is deprecated in the latest Debian and Ubuntu releases. Therefore we should move away from the old
apt::key
defined type which relies on it.With this we can manage apt keyrings directly with the apt module. Further work would be required to integrate this directly into the
apt::source
like howapt::key
is currently.Reference - https://wiki.debian.org/DebianRepository/UseThirdParty
Related Issues (if any)
#1034
Checklist
puppet apply
)