Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Backports: add keyring support #1162

Merged
merged 3 commits into from
Feb 15, 2024
Merged

Backports: add keyring support #1162

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4b6742b
backports unit tests: minor fixes and updates
kenyon Jan 1, 2024
2239623
backports: improve test formatting
kenyon Jan 1, 2024
46f53b8
backports: add keyring support
kenyon Jan 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 0 additions & 4 deletions examples/backports.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,4 @@
location => 'http://us.archive.ubuntu.com/ubuntu',
release => 'trusty-backports',
repos => 'main universe multiverse restricted',
key => {
id => '630239CC130E1A7FD81A27B140976EAF437D05B5',
server => 'keyserver.ubuntu.com',
},
}
34 changes: 22 additions & 12 deletions manifests/backports.pp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,7 @@
# @summary Manages backports.
#
# @example Set up a backport source for Linux Mint qiana
# class { 'apt::backports':
# location => 'http://us.archive.ubuntu.com/ubuntu',
# release => 'trusty-backports',
# repos => 'main universe multiverse restricted',
# key => {
# id => '630239CC130E1A7FD81A27B140976EAF437D05B5',
# server => 'keyserver.ubuntu.com',
# },
# }
# @example Set up a backport source for Ubuntu
# include apt::backports
#
# @param location
# Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and
Expand All @@ -36,6 +28,11 @@
# Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a
# hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters.
#
# @param keyring
# Absolute path to a file containing the PGP keyring used to sign this
# repository. Value is passed to the apt::source and used to set signed-by on
# the source entry.
#
# @param pin
# Specifies a pin priority for the backports. Valid options: a number or string to be passed to the `id` parameter of the `apt::pin` defined
# type, or a hash of `parameter => value` pairs to be passed to `apt::pin`'s corresponding parameters.
Expand All @@ -48,6 +45,7 @@
Optional[String] $release = undef,
Optional[String] $repos = undef,
Optional[Variant[String, Hash]] $key = undef,
Stdlib::AbsolutePath $keyring = "/usr/share/keyrings/${facts['os']['name'].downcase}-archive-keyring.gpg",
Variant[Integer, String, Hash] $pin = 200,
Variant[Hash] $include = {},
) {
Expand All @@ -56,32 +54,43 @@
if $location {
$_location = $location
}

if $release {
$_release = $release
}

if $repos {
$_repos = $repos
}

if (!($facts['os']['name'] == 'Debian' or $facts['os']['name'] == 'Ubuntu')) {
unless $location and $release and $repos and $key {
fail('If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key')
unless $location and $release and $repos {
fail('If not on Debian or Ubuntu, you must explicitly pass location, release, and repos')
}
}

unless $location {
$_location = $apt::backports['location']
}

unless $release {
if fact('os.distro.codename') {
$_release = "${fact('os.distro.codename')}-backports"
} else {
fail('os.distro.codename fact not available: release parameter required')
}
}

unless $repos {
$_repos = $apt::backports['repos']
}

$_keyring = if $key {
undef
} else {
$keyring
}

if $pin =~ Hash {
$_pin = $pin
} elsif $pin =~ Numeric or $pin =~ String {
Expand All @@ -101,6 +110,7 @@
repos => $_repos,
include => $include,
key => $key,
keyring => $_keyring,
pin => $_pin,
}
}
115 changes: 60 additions & 55 deletions spec/classes/apt_backports_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,32 +3,39 @@
require 'spec_helper'

describe 'apt::backports', type: :class do
let(:pre_condition) { "class{ '::apt': }" }
let(:pre_condition) { 'include apt' }

describe 'debian/ubuntu tests' do
context 'with defaults on deb' do
context 'with defaults on debian' do
let(:facts) do
{
os: {
family: 'Debian',
name: 'Debian',
release: {
major: '9',
full: '9.0'
full: '11.8',
major: '11',
minor: '8'
},
distro: {
codename: 'stretch',
codename: 'bullseye',
id: 'Debian'
}
}
}
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://deb.debian.org/debian',
repos: 'main contrib non-free',
release: 'stretch-backports',
pin: { 'priority' => 200, 'release' => 'stretch-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://deb.debian.org/debian',
repos: 'main contrib non-free',
release: 'bullseye-backports',
pin: {
'priority' => 200,
'release' => 'bullseye-backports'
},
keyring: '/usr/share/keyrings/debian-archive-keyring.gpg',
)
}
end

Expand All @@ -39,22 +46,28 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
}
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu',
repos: 'main universe multiverse restricted',
release: 'bionic-backports',
pin: { 'priority' => 200, 'release' => 'bionic-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu',
repos: 'main universe multiverse restricted',
release: 'jammy-backports',
pin: {
'priority' => 200,
'release' => 'jammy-backports'
},
keyring: '/usr/share/keyrings/ubuntu-archive-keyring.gpg',
)
}
end

Expand All @@ -65,11 +78,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand All @@ -86,11 +99,13 @@
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu-test',
key: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
repos: 'main',
release: 'vivid',
pin: { 'priority' => 90, 'release' => 'vivid' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu-test',
key: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
repos: 'main',
release: 'vivid',
pin: { 'priority' => 90, 'release' => 'vivid' },
)
}
end

Expand All @@ -101,11 +116,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand All @@ -123,13 +138,15 @@
end

it {
expect(subject).to contain_apt__source('backports').with(key: { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' },
pin: { 'priority' => '90' })
expect(subject).to contain_apt__source('backports').with(
key: { 'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553' },
pin: { 'priority' => '90' },
)
}
end
end

describe 'mint tests' do
describe 'linuxmint tests' do
let(:facts) do
{
os: {
Expand Down Expand Up @@ -158,11 +175,13 @@
end

it {
expect(subject).to contain_apt__source('backports').with(location: 'http://archive.ubuntu.com/ubuntu',
key: '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos: 'main universe multiverse restricted',
release: 'trusty-backports',
pin: { 'priority' => 200, 'release' => 'trusty-backports' })
expect(subject).to contain_apt__source('backports').with(
location: 'http://archive.ubuntu.com/ubuntu',
key: '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos: 'main universe multiverse restricted',
release: 'trusty-backports',
pin: { 'priority' => 200, 'release' => 'trusty-backports' },
)
}
end

Expand All @@ -176,7 +195,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end

Expand All @@ -190,7 +209,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end

Expand All @@ -204,21 +223,7 @@
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
end
end

context 'with missing key' do
let(:params) do
{
location: 'http://archive.ubuntu.com/ubuntu',
release: 'trusty-backports',
repos: 'main universe multiverse restricted'
}
end

it do
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, repos, and key})
expect(subject).to raise_error(Puppet::Error, %r{If not on Debian or Ubuntu, you must explicitly pass location, release, and repos})
end
end
end
Expand All @@ -230,11 +235,11 @@
family: 'Debian',
name: 'Ubuntu',
release: {
major: '18',
full: '18.04'
major: '22.04',
full: '22.04'
},
distro: {
codename: 'bionic',
codename: 'jammy',
id: 'Ubuntu'
}
}
Expand Down
Loading