Skip to content

Commit

Permalink
Merge pull request #1162 from kenyon/backports-keyring
Browse files Browse the repository at this point in the history 
Backports: add keyring support
  • Loading branch information
@bastelfreak
bastelfreak committed Feb 15, 2024
2 parents 3e364df + 46f53b8 commit a843b84
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 71 deletions.
4 changes: 0 additions & 4 deletions examples/backports.pp
View file
Expand Up @@ -4,8 +4,4 @@
location => 'http://us.archive.ubuntu.com/ubuntu',
release => 'trusty-backports',
repos => 'main universe multiverse restricted',
key => {
id => '630239CC130E1A7FD81A27B140976EAF437D05B5',
server => 'keyserver.ubuntu.com',
},
}
34 changes: 22 additions & 12 deletions manifests/backports.pp
View file
@@ -1,15 +1,7 @@
# @summary Manages backports.
#
# @example Set up a backport source for Linux Mint qiana
# class { 'apt::backports':
# location => 'http://us.archive.ubuntu.com/ubuntu',
# release => 'trusty-backports',
# repos => 'main universe multiverse restricted',
# key => {
# id => '630239CC130E1A7FD81A27B140976EAF437D05B5',
# server => 'keyserver.ubuntu.com',
# },
# }
# @example Set up a backport source for Ubuntu
# include apt::backports
#
# @param location
# Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and
Expand All @@ -36,6 +28,11 @@
# Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a
# hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters.
#
# @param keyring
# Absolute path to a file containing the PGP keyring used to sign this
# repository. Value is passed to the apt::source and used to set signed-by on
# the source entry.
#
# @param pin
# Specifies a pin priority for the backports. Valid options: a number or string to be passed to the `id` parameter of the `apt::pin` defined
# type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters.
Expand All @@ -48,6 +45,7 @@
Optional[String] $release = undef,
Optional[String] $repos = undef,
Optional[Variant[String, Hash]] $key = undef,
Stdlib::AbsolutePath $keyring = "/usr/share/keyrings/${facts['os']['name'].downcase}-archive-keyring.gpg",
Variant[Integer, String, Hash] $pin = 200,
Variant[Hash] $include = {},
) {
Expand All @@ -56,32 +54,43 @@
if $location {
$_location = $location
}

if $release {
$_release = $release
}

if $repos {
$_repos = $repos
}

if (!($facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu')) {
unless $location and $release and $repos and $key {
fail('If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key')
unless $location and $release and $repos {
fail('If not on Debian or Ubuntu, you must explicitly pass location, release, and repos')
}
}

unless $location {
$_location = $apt::backports['location']
}

unless $release {
if fact('os.distro.codename') {
$_release = "${fact('os.distro.codename')}-backports"
} else {
fail('os.distro.codename fact not available: release parameter required')
}
}

unless $repos {
$_repos = $apt::backports['repos']
}

$_keyring = if $key {
undef
} else {
$keyring
}

if $pin =~ Hash {
$_pin = $pin
} elsif $pin =~ Numeric or $pin =~ String {
Expand All @@ -101,6 +110,7 @@
repos => $_repos,
include => $include,
key => $key,
keyring => $_keyring,
pin => $_pin,
}
}
115 changes: 60 additions & 55 deletions spec/classes/apt_backports_spec.rb
View file
Expand Up @@ -3,32 +3,39 @@
require 'spec_helper'

describe 'apt::backports', type: :class do
let(:pre_condition) { "class{ '::apt': }" }
let(:pre_condition) { 'include apt' }

describe 'debian/ubuntu tests' do
context 'with defaults on deb' do
context 'with defaults on debian' do
let(:facts) do
{
os: {
family: 'Debian',
name: 'Debian',
release: {
major: '9',
full: '9.0'
full: '11.8',
major: '11',
minor: '8'
},
distro: {
codename: 'stretch',
codename: 'bullseye',
id: 'Debian'
}
}
}
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://deb.debian.org/debian',
repos: 'main contrib non-free',
release: 'stretch-backports',
pin: { 'priority' => 200, 'release' => 'stretch-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://deb.debian.org/debian',
repos: 'main contrib non-free',
release: 'bullseye-backports',
pin: {
'priority' => 200,
'release' => 'bullseye-backports'
},
keyring: '/usr/share/keyrings/debian-archive-keyring.gpg',
)
}
end

Expand All @@ -39,22 +46,28 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
}
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu',
repos: 'main universe multiverse restricted',
release: 'bionic-backports',
pin: { 'priority' => 200, 'release' => 'bionic-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu',
repos: 'main universe multiverse restricted',
release: 'jammy-backports',
pin: {
'priority' => 200,
'release' => 'jammy-backports'
},
keyring: '/usr/share/keyrings/ubuntu-archive-keyring.gpg',
)
}
end

Expand All @@ -65,11 +78,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand All @@ -86,11 +99,13 @@
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu-test',
key: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
repos: 'main',
release: 'vivid',
pin: { 'priority' => 90, 'release' => 'vivid' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu-test',
key: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
repos: 'main',
release: 'vivid',
pin: { 'priority' => 90, 'release' => 'vivid' },
)
}
end

Expand All @@ -101,11 +116,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand All @@ -123,13 +138,15 @@
end

it {
expect(subject).to contain_apt__source('backports').with(key: { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' },
pin: { 'priority' => '90' })
expect(subject).to contain_apt__source('backports').with(
key: { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' },
pin: { 'priority' => '90' },
)
}
end
end

describe 'mint tests' do
describe 'linuxmint tests' do
let(:facts) do
{
os: {
Expand Down Expand Up @@ -158,11 +175,13 @@
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu',
key: '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos: 'main universe multiverse restricted',
release: 'trusty-backports',
pin: { 'priority' => 200, 'release' => 'trusty-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu',
key: '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos: 'main universe multiverse restricted',
release: 'trusty-backports',
pin: { 'priority' => 200, 'release' => 'trusty-backports' },
)
}
end

Expand All @@ -176,7 +195,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end

Expand All @@ -190,7 +209,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end

Expand All @@ -204,21 +223,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
end
end

context 'with missing key' do
let(:params) do
{
location: 'http://archive.ubuntu.com/ubuntu',
release: 'trusty-backports',
repos: 'main universe multiverse restricted'
}
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end
end
Expand All @@ -230,11 +235,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand Down

0 comments on commit a843b84

Please sign in to comment.