Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

[COOK-445] added support for non-key server keys

  • Loading branch information...
commit 586c7c3711b9c3f9ed50620f3333db0badcd758a 1 parent 9251f4b
Seth Chisamore schisamo authored
67 apt/README.md
View
@@ -23,11 +23,56 @@ Configures the node to use the apt-cacher server as a client.
Resources/Providers
===================
-This cookbook contains an LWRP, `apt_repository`, which provides the `add` and `remove` actions for managing additional software repositories with entries in the `/etc/apt/sources.list.d/` directory. The LWRP also supports passing in a `key` and `keyserver` as attributes.
+This LWRP provides an easy way to manage additional APT repositories.
-* `add` takes a number of attributes and creates a repository file and builds the repository listing.
-* `remove` deletes the `/etc/apt/sources.list.d/#{new_resource.repo_name}-sources.list` file identified by the `repo_name` passed as the resource name.
+# Actions
+- :add: creates a repository file and builds the repository listing
+- :remove: removes the repository file
+
+# Attribute Parameters
+
+- repo_name: name attribute. The name of the channel to discover
+- uri: the base of the Debian distribution
+- distribution: this is usually your release's codename...ie something like `karmic`, `lucid` or `maverick`
+- components: package groupings..when it doubt use `main`
+- deb_src: whether or not to add the repository as a source repo as well
+- key_server: the GPG keyserver where the key for the repo should be retrieved
+- key: if a `key_server` is provided, this is assumed to be the fingerprint, otherwise it is the URI to the GPG key for the repo
+
+# Example
+
+ # add the Zenoss repo
+ apt_repository "zenoss" do
+ uri "http://dev.zenoss.org/deb"
+ components ["main","stable"]
+ action :add
+ end
+
+ # add the Nginx PPA; grab key from keyserver
+ apt_repository "nginx-php" do
+ uri "http://ppa.launchpad.net/nginx/php5/ubuntu"
+ distribution node['lsb']['codename']
+ components ["main"]
+ keyserver "keyserver.ubuntu.com"
+ key "C300EE8C"
+ action :add
+ end
+
+ # add the Cloudkick Repo
+ apt_repository "cloudkick" do
+ uri "http://packages.cloudkick.com/ubuntu"
+ distribution node['lsb']['codename']
+ components ["main"]
+ key "http://packages.cloudkick.com/cloudkick.packages.key"
+ action :add
+ end
+
+ # remove Zenoss repo
+ apt_repository "zenoss" do
+ action :remove
+ end
+
Usage
=====
@@ -41,26 +86,12 @@ The above will run during execution phase since it is a normal template resource
Put `recipe[apt::cacher]` in the run_list for a server to provide APT caching and add `recipe[apt::cacher-client]` on the rest of the Debian-based nodes to take advantage of the caching server.
-An example of The LWRP `apt_repository` `add` action:
-
- apt_repository "zenoss" do
- uri "http://dev.zenoss.org/deb"
- distribution "main"
- components ["stable"]
- action :add
- end
-
-and the `remove` action:
-
- apt_repository "zenoss" do
- action :remove
- end
-
License and Author
==================
Author:: Joshua Timberman (<joshua@opscode.com>)
Author:: Matt Ray (<matt@opscode.com>)
+Author:: Seth Chisamore (<schisamo@opscode.com>)
Copyright 2009-2011 Opscode, Inc.
14 apt/metadata.json
View
@@ -1,17 +1,13 @@
{
"name": "apt",
"description": "Configures apt and apt services and an LWRP for managing apt repositories",
- "long_description": "Description\n===========\n\nConfigures various APT components on Debian-like systems. Also includes a LWRP.\n\nRecipes\n=======\n\ndefault\n-------\n\nThe default recipe runs apt-get update during the Compile Phase of the Chef run to ensure that the system's package cache is updated with the latest. It is recommended that this recipe appear first in a node's run list (directly or through a role) to ensure that when installing packages, Chef will be able to download the latest version available on the remote APT repository.\n\nThis recipe also sets up a local cache directory for preseeding packages.\n\ncacher\n------\n\nInstalls the apt-cacher package and service so the system can be an APT cache.\n\nproxy\n-----\n\nInstalls the apt-proxy package and service so the system can be an APT proxy.\n\nResources/Providers\n===================\n\nThis cookbook contains an LWRP, `apt_repository`, which provides the `add` and `remove` actions for managing additional software repositories with entries in the `/etc/apt/sources.list.d/` directory. The LWRP also supports passing in a `key` and `keyserver` as attributes.\n\n* `add` takes a number of attributes and creates a repository file and builds the repository listing.\n* `remove` deletes the `/etc/apt/sources.list.d/#{new_resource.repo_name}-sources.list` file identified by the `repo_name` passed as the resource name.\n\nUsage\n=====\n\nPut `recipe[apt]` first in the run list. If you have other recipes that you want to use to configure how apt behaves, like new sources, notify the execute resource to run, e.g.:\n\n template \"/etc/apt/sources.list.d/my_apt_sources.list\" do\n notifies :run, resources(:execute => \"apt-get update\"), :immediately\n end\n\nThe above will run during execution phase since it is a normal template resource, and should appear before other package resources that need the sources in the template.\n\nAn example of The LWRP `apt_repository` `add` action:\n\n apt_repository \"zenoss\" do\n uri \"http://dev.zenoss.org/deb\"\n distribution \"main\"\n components [\"stable\"]\n action :add\n end\n\nAn example of `apt_repository` using a signing key:\n\n apt_repository \"hardy-rsyslog-ppa\" do\n uri \"http://ppa.launchpad.net/a.bono/rsyslog/ubuntu\"\n distribution \"hardy\"\n components [\"main\"]\n keyserver \"keyserver.ubuntu.com\"\n key \"C0061A4A\"\n action :add\n notifies :run, \"execute[apt-get update]\", :immediately\n end\n\nand the `remove` action:\n\n apt_repository \"zenoss\" do\n action :remove\n end\n\nLicense and Author\n==================\n\nAuthor:: Joshua Timberman (<joshua@opscode.com>)\nAuthor:: Matt Ray (<matt@opscode.com>)\n\nCopyright 2009-2011 Opscode, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n",
+ "long_description": "Description\n===========\n\nConfigures various APT components on Debian-like systems. Also includes a LWRP.\n\nRecipes\n=======\n\ndefault\n-------\nThe default recipe runs apt-get update during the Compile Phase of the Chef run to ensure that the system's package cache is updated with the latest. It is recommended that this recipe appear first in a node's run list (directly or through a role) to ensure that when installing packages, Chef will be able to download the latest version available on the remote APT repository.\n\nThis recipe also sets up a local cache directory for preseeding packages.\n\ncacher\n------\nInstalls the apt-cacher package and service so the system can provide APT caching. You can check the usage report at http://{hostname}:3142/report. The cacher recipe includes the `cacher-client` recipe, so it helps seed itself.\n\ncacher-client\n-------------\nConfigures the node to use the apt-cacher server as a client.\n\nResources/Providers\n===================\n\nThis LWRP provides an easy way to manage additional APT repositories.\n\n# Actions\n\n- :add: creates a repository file and builds the repository listing\n- :remove: removes the repository file\n\n# Attribute Parameters\n\n- repo_name: name attribute. The name of the channel to discover\n- uri: the base of the Debian distribution\n- distribution: this is usually your release's codename...ie something like `karmic`, `lucid` or `maverick`\n- components: package groupings..when it doubt use `main`\n- deb_src: whether or not to add the repository as a source repo as well\n- key_server: the GPG keyserver where the key for the repo should be retrieved\n- key: if a `key_server` is provided, this is assumed to be the fingerprint, otherwise it is the URI to the GPG key for the repo\n\n# Example\n\n # add the Zenoss repo\n apt_repository \"zenoss\" do\n uri \"http://dev.zenoss.org/deb\"\n components [\"main\",\"stable\"]\n action :add\n end\n \n # add the Nginx PPA; grab key from keyserver\n apt_repository \"nginx-php\" do\n uri \"http://ppa.launchpad.net/nginx/php5/ubuntu\"\n distribution node['lsb']['codename']\n components [\"main\"]\n keyserver \"keyserver.ubuntu.com\"\n key \"C300EE8C\"\n action :add\n end\n \n # add the Cloudkick Repo\n apt_repository \"cloudkick\" do\n uri \"http://packages.cloudkick.com/ubuntu\"\n distribution node['lsb']['codename']\n components [\"main\"]\n key \"http://packages.cloudkick.com/cloudkick.packages.key\"\n action :add\n end\n \n # remove Zenoss repo\n apt_repository \"zenoss\" do\n action :remove\n end\n \nUsage\n=====\n\nPut `recipe[apt]` first in the run list. If you have other recipes that you want to use to configure how apt behaves, like new sources, notify the execute resource to run, e.g.:\n\n template \"/etc/apt/sources.list.d/my_apt_sources.list\" do\n notifies :run, resources(:execute => \"apt-get update\"), :immediately\n end\n\nThe above will run during execution phase since it is a normal template resource, and should appear before other package resources that need the sources in the template.\n\nPut `recipe[apt::cacher]` in the run_list for a server to provide APT caching and add `recipe[apt::cacher-client]` on the rest of the Debian-based nodes to take advantage of the caching server.\n\nLicense and Author\n==================\n\nAuthor:: Joshua Timberman (<joshua@opscode.com>)\nAuthor:: Matt Ray (<matt@opscode.com>)\nAuthor:: Seth Chisamore (<schisamo@opscode.com>)\n\nCopyright 2009-2011 Opscode, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n",
"maintainer": "Opscode, Inc.",
"maintainer_email": "cookbooks@opscode.com",
"license": "Apache 2.0",
"platforms": {
- "ubuntu": [
-
- ],
- "debian": [
-
- ]
+ "ubuntu": ">= 0.0.0",
+ "debian": ">= 0.0.0"
},
"dependencies": {
},
@@ -32,7 +28,7 @@
"recipes": {
"apt": "Runs apt-get update during compile phase and sets up preseed directories",
"apt::cacher": "Set up an APT cache",
- "apt::proxy": "Set up an APT proxy"
+ "apt::cacher-client": "Client for the apt::cacher server"
},
- "version": "1.0.0"
+ "version": "1.1.1"
}
2  apt/metadata.rb
View
@@ -3,7 +3,7 @@
license "Apache 2.0"
description "Configures apt and apt services and an LWRP for managing apt repositories"
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version "1.1.0"
+version "1.1.1"
recipe "apt", "Runs apt-get update during compile phase and sets up preseed directories"
recipe "apt::cacher", "Set up an APT cache"
recipe "apt::cacher-client", "Client for the apt::cacher server"
50 apt/providers/repository.rb
View
@@ -1,13 +1,42 @@
+#
+# Cookbook Name:: apt
+# Provider:: repository
+#
+# Copyright 2010-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
action :add do
unless ::File.exists?("/etc/apt/sources.list.d/#{new_resource.repo_name}-source.list")
Chef::Log.info "Adding #{new_resource.repo_name} repository to /etc/apt/sources.list.d/#{new_resource.repo_name}-source.list"
# add key
- if new_resource.key && new_resource.keyserver
- e = execute "install-key #{new_resource.key}" do
+ if new_resource.keyserver && new_resource.key
+ execute "install-key #{new_resource.key}" do
command "apt-key adv --keyserver #{new_resource.keyserver} --recv #{new_resource.key}"
- action :run
- end
- e.run_action(:run)
+ action :nothing
+ end.run_action(:run)
+ elsif new_resource.key && (new_resource.key =~ /http/)
+ key_name = new_resource.key.split(/\//).last
+ remote_file "#{Chef::Config[:file_cache_path]}/#{key_name}" do
+ source new_resource.key
+ mode "0644"
+ action :nothing
+ end.run_action(:create_if_missing)
+ execute "install-key #{key_name}" do
+ command "apt-key add #{Chef::Config[:file_cache_path]}/#{key_name}"
+ action :nothing
+ end.run_action(:run)
end
# build our listing
repository = "deb"
@@ -22,13 +51,12 @@
group "root"
mode 0644
content repository + "\n"
- action :create
- end
- e = execute "update package index" do
+ action :nothing
+ end.run_action(:create)
+ execute "update package index" do
command "apt-get update"
- action :run
- end
- e.run_action(:run)
+ action :nothing
+ end.run_action(:run)
new_resource.updated_by_last_action(true)
end
end
27 apt/resources/repository.rb
View
@@ -1,11 +1,30 @@
+#
+# Cookbook Name:: apt
+# Resource:: repository
+#
+# Copyright 2010-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
actions :add, :remove
#name of the repo, used for source.list filename
attribute :repo_name, :kind_of => String, :name_attribute => true
-attribute :key, :kind_of => String, :default => nil
-attribute :keyserver, :kind_of => String, :default => nil
attribute :uri, :kind_of => String
-#whether or not to add the repository as a source repo as well
-attribute :deb_src, :default => false
attribute :distribution, :kind_of => String
attribute :components, :kind_of => Array, :default => []
+#whether or not to add the repository as a source repo as well
+attribute :deb_src, :default => false
+attribute :keyserver, :kind_of => String, :default => nil
+attribute :key, :kind_of => String, :default => nil
Please sign in to comment.
Something went wrong with that request. Please try again.