From dace42e6f85266664307f9aa373573b35687a3fa Mon Sep 17 00:00:00 2001 From: mwernet Date: Mon, 2 Jan 2023 16:26:05 +0100 Subject: [PATCH 01/31] Use apt::source keyring to fix apt-key deprecated warnings --- files/etc/apt/keyrings/docker.gpg | Bin 0 -> 2760 bytes manifests/init.pp | 2 ++ manifests/params.pp | 1 + manifests/repos.pp | 30 ++++++++++++++++++++++++++---- 4 files changed, 29 insertions(+), 4 deletions(-) create mode 100644 files/etc/apt/keyrings/docker.gpg diff --git a/files/etc/apt/keyrings/docker.gpg b/files/etc/apt/keyrings/docker.gpg new file mode 100644 index 0000000000000000000000000000000000000000..e5dc8cfda8e5d37f69956520048140c9baab9803 GIT binary patch literal 2760 zcmV;(3ODtc0u2OMt=cL95CGv?mVEyU+3FP&iF2?(b<6@*g&o7k_7E+vfpyDoj$zjA zGV5WMs<5X`yaKG4`1D^?%Ti#*f9W@2In1 z#V#$cv(vuM$1G5W?m=#;?M(Cxek`gIB|ZeE>e*?4HA0Yo?Le89KO(!1UAgKnfVKJp ze7*UXLf?I!keb9u+BFqeeB``A$gwvu)M9q}dT8YU+=NzEb9$;fT&a6fycOmt+QBrl zSljK4NaNyiOYqwZ!pA8r^c00OKI|6ITnqr2;lfcg2)^}~s|^iuXkp-Z9zw?u9f%Gl zIKx%?805>Gz6o0*0IGj52V2W@R3^r4ggg+8qe2>{F;knjCB39B|n)&}Ia))TWmVOS1zJD$Q<&mo|g~V`#5B$6N zxLlw5L@k&9cvMyuB!wfYMH5Y?I18^yQU0Cn< zQ+Vm-4&d0rzki{yJhx4HVp!v=n%$Eu4}XG1@@3Rpmx4E2z!ZF5gVt7hXhF3JhQ)dC z^v|>E6|i%rp_>2^0RRECD@1Q&Yh`jEQe|vqVRL05C__acWMyJ0AUtGmV{2t{KxA)Y zYh`jSV{dIfi2^qS69EbUAq4_ht>?f38!rV52?z%R1r-Vj2nz)k0s{d60v-VZ7k~f? z2@s8efIJSr&4{we5B?+>qpu&7G$uCr{9l#Rccf8iLHFK8*j}rX=-CG)$dc?$piG&n zyvm)ljwUsM!bnCjBbuvmg?VD7{XegYqwDC-jwi9@5G?Wk0W>(My&0lUwT?!h+_)r; ziSkkZTf)_`7M(d9Eygf&;f2K#dl0cev@e`hmk( zZtk3Hs%->NGPyLrr#y%lgx{LEI^lyjO4KBwd}kap{2xYFqV-F2>Yq zG-gdq-7QDsOB?=ysoxG@7KH&vE_?hnRc?txWkz9<=VtFx@Ut8hfLi2;JwF@%ZMK$zRb;~8!vOdFX75Fk8*e>XpOrG|YsSZ2f#t_(HJ z+2iiq+kTKEd{!m%PjyDuMW8T;FZ!)Cg>O6x2SR3fyfZ=kBSDUz=aV8M^lA(&u0B2M z-aM5?LcHpf3Iqah6nv_W(wZrA8IAR4qXOaf%g7n?TNrw7a0Kc^OVl3Z8#a2R3m+9$ z8(5MM+x77e+YoN$TgPo5x1IH2GV6I8ege0YQtX?0EQiH**C+5Ml4{T8)OO+-PfE3sg1Paga|nw;9NrvW?0Q{d=P|r_7drn! z8&M^%eloEvv)?t~lG>1q+=qlCndr6=1Yy(%>dfgbh&%TXeRWyM$f8?S{8ygGsA8pS zM?IBQwFu-HaGRib&`sVMSJXjhuE(AOvYeGL$vD)^dqADy%5oai-WdX=OaMym$#l_A z7d>5VEn*PN1N}x~{PYrGX`90HOmI4|Rc$_R*_61pBoGZVu(mO4MgBSA z3G&qBk^c}(l#fx^d_Tr93{<%g;efsvX)qQ8<7p74rQ;AUmvbi*yka|wYGA+9!(&uJ z3tZ#|GLLIrw5-@~{uvdM_93`x8jgYT%ZPhr3MqBNEu`I@f@nl~3G(!ilEW9!nGG{5 zNIRRPhlryvj{p$?00D^vJ_Hy62mlEM0$8ouDgqk<0x1a)je&qX4!_Na!CfE(8370Y z1_c6Gt=cL83JDN?psB<1bNtxVU=ROn3Hco$6RNCn?dy%AGv~v}na?1gs^YJhXA)JR zJ_hRT#t5-)YKUBmhDT{(!zP43W=13FLVlQQY&Uywe9iI|Dk@tr8RUEXt!L9asCk14 z$moeFun}{2z@`Y8KUEy#Y?ttc*0nt%%r%bCd4pClxDY!t`M2qFddF+NHq%TDA5Z73 zoZ<)UWl<6+4{!S>HvV2YFUNmbNfe7l7outUhag5HvTFpov{9)%SU3wB^qK~XMv`AX!x<6%-nu+;S&pdG~rCcpO z05M&Fwf!q>>kU>E8(Zk`CG@{MMFpYoH>2^}r{N(ze}#nyK^=2d^FwnaCSIuyoty8V z$MgLSEc6&fC;Zgt2oP+BME)7IvYQ`*`)m(a>t+0)T%TWxv;Hw42=h!wN&j`JBw0E> z50`dHHM+RTjBnAsX^_gE8Q9$kh)YxA+2aP#nvkSPSGK0POS-qBfqQ0U`6_z!bL?8k zW-GmuFEE@S55O+}&SbUnxDWqc+d9(t{vtC%96$nq3|U&n$e6E6Na09qb+{@cv1jZ| z3ANPzBC8hPZX%fd!AicAGHUi1CEtQTkg6rlJ&izkT=Qe0t#FL~*@%Q@afty20kH zP@b&1>Szr#R<^(R$ZDQ+tX1BmAvCn7XbkFG{bvJsln04BkS2;}7+r)m!j=C|-@2Mb zZaVA|!c_0vpuO@|Zgh7CYc|rUFc^1cmciEIZ-OsoUfh8=!gs&KS$I6fh;IjUD`52- z$hYta7J<u zKyfV{PWt21mmL1oc+`{DV3Y`cYIUjP(OqJCF?#$b(-lq(eagmRKXj;3eca9O(@= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars + # fix deprecated apt-key warnings + file { $keyring: + ensure => file, + source => "puppet:///modules/${module_name}/etc/apt/keyrings/docker.gpg", + mode => '0644', + owner => 'root', + group => 'root', + } + $key_options = { + keyring => $keyring, + } + } + else { + $key_options = { + key => { + id => $package_key, + source => $key_source, + }, + } + } + if ($docker::use_upstream_package_source) { apt::source { 'docker': location => $location, architecture => $architecture, release => $release, repos => $package_repos, - key => { - id => $package_key, - source => $key_source, - }, include => { src => false, }, + * => $key_options, } $url_split = split($location, '/') From 0e75587b5e94fe733da33125316c57259f43e5a8 Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Mon, 2 Jan 2023 16:35:39 +0100 Subject: [PATCH 02/31] Change type to Stdlib::Absolutepath Co-authored-by: Tim Meusel --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 7deb1ec7..de304e8e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -467,7 +467,7 @@ Optional[Boolean] $service_hasrestart = $docker::params::service_hasrestart, Optional[Variant[String,Array]] $registry_mirror = $docker::params::registry_mirror, Boolean $acknowledge_unsupported_os = false, - Optional[String] $keyring = $docker::params::keyring, + Stdlib::Absolutepath $keyring = '/etc/apt/keyrings/docker.gpg', # Windows specific parameters Optional[String] $docker_msft_provider_version = $docker::params::docker_msft_provider_version, From 31a1d8c9b73132ee19df2c4b034a537cc9b2cbcd Mon Sep 17 00:00:00 2001 From: mwernet Date: Mon, 2 Jan 2023 16:37:58 +0100 Subject: [PATCH 03/31] Remove keyring-variable; not longer needed because of commit 0e75587b5e94fe733da33125316c57259f43e5a8 --- manifests/params.pp | 1 - 1 file changed, 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index d349191e..8a8580dd 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -194,7 +194,6 @@ } else { $detach_service_in_init = true } - $keyring = '/etc/apt/keyrings/docker.gpg' } 'RedHat' : { $service_after_override = undef From ccd3074ec9ff1bd0a09e3e8dad4b33ae3fa9fddc Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Tue, 3 Jan 2023 07:47:56 +0100 Subject: [PATCH 04/31] Add param description --- manifests/init.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index de304e8e..97b202ce 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -348,6 +348,8 @@ # @param service_hasrestart # @param acknowledge_unsupported_os # @param keyring +# Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. +# See https://wiki.debian.org/DebianRepository/UseThirdParty for details. # class docker ( Optional[String] $version = $docker::params::version, From 46e2a9c1ee791f831245c8400475eccfec43b3b2 Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Tue, 3 Jan 2023 07:49:20 +0100 Subject: [PATCH 05/31] Use content => binary_file() instead of source Co-authored-by: Kenyon Ralph --- manifests/repos.pp | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index c72abf74..cff2fb60 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -28,11 +28,11 @@ if ( $facts['os']['distro']['id'] == 'Debian' and versioncmp($facts['os']['distro']['release']['major'],'10') >= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars # fix deprecated apt-key warnings file { $keyring: - ensure => file, - source => "puppet:///modules/${module_name}/etc/apt/keyrings/docker.gpg", - mode => '0644', - owner => 'root', - group => 'root', + ensure => file, + content => binary_file("${module_name}/etc/apt/keyrings/docker.gpg"), + mode => '0644', + owner => 'root', + group => 'root', } $key_options = { keyring => $keyring, From d453a2b818ff5067c77deac5158182c4a9a832da Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Tue, 3 Jan 2023 07:50:30 +0100 Subject: [PATCH 06/31] Improve linting by removing obsolet spaces Co-authored-by: Kenyon Ralph --- manifests/repos.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index cff2fb60..984b2b8c 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -40,7 +40,7 @@ } else { $key_options = { - key => { + key => { id => $package_key, source => $key_source, }, From ee35dbb9c1c178c922a2e964b1a28c1ec154f462 Mon Sep 17 00:00:00 2001 From: mwernet Date: Tue, 3 Jan 2023 07:52:06 +0100 Subject: [PATCH 07/31] Bump puppetlabs-apt required version to 8.1.0 --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 9c53f485..bf645f95 100644 --- a/metadata.json +++ b/metadata.json @@ -14,7 +14,7 @@ }, { "name": "puppetlabs/apt", - "version_requirement": ">= 4.4.1 < 10.0.0" + "version_requirement": ">= 8.1.0 < 10.0.0" }, { "name": "puppetlabs/powershell", From 15bb484240250e3e2db2330edf1187e255fd5012 Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Tue, 3 Jan 2023 08:00:41 +0100 Subject: [PATCH 08/31] Add param description in repos.pp --- manifests/repos.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/manifests/repos.pp b/manifests/repos.pp index 984b2b8c..e8f9a24a 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -9,6 +9,8 @@ # @param architecture # # @param keyring +# Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. +# See https://wiki.debian.org/DebianRepository/UseThirdParty for details. # class docker::repos ( $location = $docker::package_location, From 9a8251ccc7cf4208c2455599fae3677128c64012 Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 12:47:44 +0100 Subject: [PATCH 09/31] Try unit tests --- spec/classes/init_spec.rb | 1 + spec/helper/get_defaults.rb | 1 + spec/shared_examples/repos.rb | 45 +++++++++++++++++++++++------------ 3 files changed, 32 insertions(+), 15 deletions(-) diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index a2d3fb5e..af91caf4 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -180,6 +180,7 @@ 'tmp_dir' => defaults['tmp_dir'], 'use_upstream_package_source' => defaults['use_upstream_package_source'], 'version' => defaults['version'], + 'keyring' => defaults['keyring'], }.merge(default_params).merge(local_params) let(:facts) do diff --git a/spec/helper/get_defaults.rb b/spec/helper/get_defaults.rb index a7d883e2..41eb67fd 100644 --- a/spec/helper/get_defaults.rb +++ b/spec/helper/get_defaults.rb @@ -88,6 +88,7 @@ def get_defaults(_facts) tmp_dir = '/tmp/' tmp_dir_config = true version = :undef + keyring = '/etc/apt/keyrings/docker.gpg' if _facts[:os]['family'] == 'windows' compose_install_path = "#{_facts['docker_program_files_path']}/Docker" diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 9e3c0b46..b50e58e8 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -27,21 +27,36 @@ package_repos = values['package_repos'] if params['use_upstream_package_source'] - it { - is_expected.to contain_apt__source('docker').with( - 'location' => location, - 'architecture' => architecture, - 'release' => release, - 'repos' => package_repos, - 'key' => { - 'id' => package_key, - 'source' => key_source, - }, - 'include' => { - 'src' => false, - }, - ) - } + if ( facts[:os]['distro']['id'] == 'Debian' and int(facts['os']['distro']['release']['major']) >= 10 ) or ( facts[:os]['distro']['id'] == 'Ubuntu' and int(facts['os']['distro']['release']['major']) >= 22 ) + it { + is_expected.to contain_apt__source('docker').with( + 'location' => location, + 'architecture' => architecture, + 'release' => release, + 'repos' => package_repos, + 'keyring' => params['keyring'], + 'include' => { + 'src' => false, + }, + ) + } + else + it { + is_expected.to contain_apt__source('docker').with( + 'location' => location, + 'architecture' => architecture, + 'release' => release, + 'repos' => package_repos, + 'key' => { + 'id' => package_key, + 'source' => key_source, + }, + 'include' => { + 'src' => false, + }, + ) + } + end url_split = location.split('/') repo_host = url_split[2] From 006e6049beb15ba68e04c4fed72e22f9f8629bf9 Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 13:36:25 +0100 Subject: [PATCH 10/31] Revert "Try unit tests" This reverts commit 9a8251ccc7cf4208c2455599fae3677128c64012. --- spec/classes/init_spec.rb | 1 - spec/helper/get_defaults.rb | 1 - spec/shared_examples/repos.rb | 45 ++++++++++++----------------------- 3 files changed, 15 insertions(+), 32 deletions(-) diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index af91caf4..a2d3fb5e 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -180,7 +180,6 @@ 'tmp_dir' => defaults['tmp_dir'], 'use_upstream_package_source' => defaults['use_upstream_package_source'], 'version' => defaults['version'], - 'keyring' => defaults['keyring'], }.merge(default_params).merge(local_params) let(:facts) do diff --git a/spec/helper/get_defaults.rb b/spec/helper/get_defaults.rb index 41eb67fd..a7d883e2 100644 --- a/spec/helper/get_defaults.rb +++ b/spec/helper/get_defaults.rb @@ -88,7 +88,6 @@ def get_defaults(_facts) tmp_dir = '/tmp/' tmp_dir_config = true version = :undef - keyring = '/etc/apt/keyrings/docker.gpg' if _facts[:os]['family'] == 'windows' compose_install_path = "#{_facts['docker_program_files_path']}/Docker" diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index b50e58e8..9e3c0b46 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -27,36 +27,21 @@ package_repos = values['package_repos'] if params['use_upstream_package_source'] - if ( facts[:os]['distro']['id'] == 'Debian' and int(facts['os']['distro']['release']['major']) >= 10 ) or ( facts[:os]['distro']['id'] == 'Ubuntu' and int(facts['os']['distro']['release']['major']) >= 22 ) - it { - is_expected.to contain_apt__source('docker').with( - 'location' => location, - 'architecture' => architecture, - 'release' => release, - 'repos' => package_repos, - 'keyring' => params['keyring'], - 'include' => { - 'src' => false, - }, - ) - } - else - it { - is_expected.to contain_apt__source('docker').with( - 'location' => location, - 'architecture' => architecture, - 'release' => release, - 'repos' => package_repos, - 'key' => { - 'id' => package_key, - 'source' => key_source, - }, - 'include' => { - 'src' => false, - }, - ) - } - end + it { + is_expected.to contain_apt__source('docker').with( + 'location' => location, + 'architecture' => architecture, + 'release' => release, + 'repos' => package_repos, + 'key' => { + 'id' => package_key, + 'source' => key_source, + }, + 'include' => { + 'src' => false, + }, + ) + } url_split = location.split('/') repo_host = url_split[2] From b3d5f7c8940030df376401e5811eeb2afd3e2962 Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 14:10:27 +0100 Subject: [PATCH 11/31] Working unit-test with STATIC keyring path (WIP) --- spec/shared_examples/repos.rb | 46 +++++++++++++++++++++++------------ 1 file changed, 31 insertions(+), 15 deletions(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 9e3c0b46..17647946 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -27,21 +27,37 @@ package_repos = values['package_repos'] if params['use_upstream_package_source'] - it { - is_expected.to contain_apt__source('docker').with( - 'location' => location, - 'architecture' => architecture, - 'release' => release, - 'repos' => package_repos, - 'key' => { - 'id' => package_key, - 'source' => key_source, - }, - 'include' => { - 'src' => false, - }, - ) - } + # check if debian version is atleast 10 and ubuntu version is atleast 22 + if ( facts[:operatingsystem] == 'Debian' and facts[:operatingsystemrelease] =~ /1[0-9]/ ) or ( facts[:operatingsystem] == 'Ubuntu' and facts[:operatingsystemrelease] =~ /2[2-9]/ ) + it { + is_expected.to contain_apt__source('docker').with( + 'location' => location, + 'architecture' => architecture, + 'release' => release, + 'repos' => package_repos, + 'keyring' => '/etc/apt/keyrings/docker.gpg', + 'include' => { + 'src' => false, + }, + ) + } + else + it { + is_expected.to contain_apt__source('docker').with( + 'location' => location, + 'architecture' => architecture, + 'release' => release, + 'repos' => package_repos, + 'key' => { + 'id' => package_key, + 'source' => key_source, + }, + 'include' => { + 'src' => false, + }, + ) + } + end url_split = location.split('/') repo_host = url_split[2] From 5373deaf806f0784c8c6423dd5aa7ae25f546610 Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 14:22:15 +0100 Subject: [PATCH 12/31] Add additional unit-test; configure inheritance of param --- spec/classes/init_spec.rb | 4 ++++ spec/helper/get_defaults.rb | 2 ++ spec/shared_examples/repos.rb | 11 ++++++++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index a2d3fb5e..78cd9335 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -30,6 +30,9 @@ 'docker_msft_provider_version' => '123', 'nuget_package_provider_version' => '41', }, + 'with keyring set to optional path' => { + 'keyring' => '/root/keyrings/docker.gpg', + }, } describe 'docker', type: :class do @@ -180,6 +183,7 @@ 'tmp_dir' => defaults['tmp_dir'], 'use_upstream_package_source' => defaults['use_upstream_package_source'], 'version' => defaults['version'], + 'keyring' => defaults['keyring'] }.merge(default_params).merge(local_params) let(:facts) do diff --git a/spec/helper/get_defaults.rb b/spec/helper/get_defaults.rb index a7d883e2..ac7b40e2 100644 --- a/spec/helper/get_defaults.rb +++ b/spec/helper/get_defaults.rb @@ -88,6 +88,7 @@ def get_defaults(_facts) tmp_dir = '/tmp/' tmp_dir_config = true version = :undef + keyring = '/etc/apt/keyrings/docker.gpg' if _facts[:os]['family'] == 'windows' compose_install_path = "#{_facts['docker_program_files_path']}/Docker" @@ -487,5 +488,6 @@ def get_defaults(_facts) 'tmp_dir_config' => tmp_dir_config, 'use_upstream_package_source' => use_upstream_package_source, 'version' => version, + 'keyring' => keyring, } end diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 17647946..8e9f4d68 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -11,6 +11,7 @@ key_source = values['package_key_source'] key_check_source = values['package_key_check_source'] architecture = facts[:os]['architecture'] + keyring = params['keyring'] unless params['prerequired_packages'].empty? params['prerequired_packages'].each do |package| @@ -29,13 +30,21 @@ if params['use_upstream_package_source'] # check if debian version is atleast 10 and ubuntu version is atleast 22 if ( facts[:operatingsystem] == 'Debian' and facts[:operatingsystemrelease] =~ /1[0-9]/ ) or ( facts[:operatingsystem] == 'Ubuntu' and facts[:operatingsystemrelease] =~ /2[2-9]/ ) + it { + is_expected.to contain_file(keyring).with( + 'ensure' => 'file', + 'mode' => '0644', + 'owner' => 'root', + 'group' => 'root', + ) + } it { is_expected.to contain_apt__source('docker').with( 'location' => location, 'architecture' => architecture, 'release' => release, 'repos' => package_repos, - 'keyring' => '/etc/apt/keyrings/docker.gpg', + 'keyring' => keyring, 'include' => { 'src' => false, }, From fe8cbe7af332c1424a678314779da5cbea4b87af Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 16:18:58 +0100 Subject: [PATCH 13/31] Satisfy Static & Syntax Tests --- spec/shared_examples/repos.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 8e9f4d68..462cdf73 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -29,7 +29,7 @@ if params['use_upstream_package_source'] # check if debian version is atleast 10 and ubuntu version is atleast 22 - if ( facts[:operatingsystem] == 'Debian' and facts[:operatingsystemrelease] =~ /1[0-9]/ ) or ( facts[:operatingsystem] == 'Ubuntu' and facts[:operatingsystemrelease] =~ /2[2-9]/ ) + if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[0-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) it { is_expected.to contain_file(keyring).with( 'ensure' => 'file', @@ -37,7 +37,7 @@ 'owner' => 'root', 'group' => 'root', ) - } + } it { is_expected.to contain_apt__source('docker').with( 'location' => location, From d250ce35756a78e0e0a3dc33ead1819feff2d77c Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 18:50:12 +0100 Subject: [PATCH 14/31] Remove gpg-key from trusted.gpg store --- manifests/repos.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/repos.pp b/manifests/repos.pp index e8f9a24a..bedab4f6 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -39,6 +39,10 @@ $key_options = { keyring => $keyring, } + apt::key { 'remove-key-from-trusted.gpg-store': + ensure => absent, + id => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', + } } else { $key_options = { From acce35951a76355834669927cd49210189613899 Mon Sep 17 00:00:00 2001 From: mwernet Date: Wed, 4 Jan 2023 20:02:09 +0100 Subject: [PATCH 15/31] Add test for absence of docker-key --- manifests/repos.pp | 2 +- spec/shared_examples/repos.rb | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index bedab4f6..cd3f6a4d 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -39,7 +39,7 @@ $key_options = { keyring => $keyring, } - apt::key { 'remove-key-from-trusted.gpg-store': + apt::key { 'docker-key-in-trusted.gpg': ensure => absent, id => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', } diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 462cdf73..46771954 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -50,6 +50,13 @@ }, ) } + it { + is_expected.to contain_apt__key('docker-key-in-trusted.gpg').with({ + 'ensure' => 'absent', + 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', + }) + } + else it { is_expected.to contain_apt__source('docker').with( From 04ef1a934e886973b9e503f71a7ba4d55f22f752 Mon Sep 17 00:00:00 2001 From: mwernet Date: Thu, 5 Jan 2023 07:46:15 +0100 Subject: [PATCH 16/31] Correct syntax to satisfy static tests --- spec/shared_examples/repos.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 46771954..3846c362 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -51,10 +51,10 @@ ) } it { - is_expected.to contain_apt__key('docker-key-in-trusted.gpg').with({ + is_expected.to contain_apt__key('docker-key-in-trusted.gpg').with( 'ensure' => 'absent', 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', - }) + ) } else From 6dd28789bc164d58c067a0101a7574566c995957 Mon Sep 17 00:00:00 2001 From: mwernet Date: Thu, 5 Jan 2023 07:47:11 +0100 Subject: [PATCH 17/31] Remove trailing whitespace! --- spec/shared_examples/repos.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 3846c362..7003e17e 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -56,7 +56,6 @@ 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', ) } - else it { is_expected.to contain_apt__source('docker').with( From a1b7602b4c27288ce9c64269fb5eb3f3fcffb725 Mon Sep 17 00:00:00 2001 From: mwernet Date: Thu, 5 Jan 2023 12:38:57 +0100 Subject: [PATCH 18/31] Get keyring from official download.docker.com --- files/etc/apt/keyrings/docker.gpg | Bin 2760 -> 0 bytes manifests/init.pp | 4 +++ manifests/params.pp | 1 + manifests/repos.pp | 49 ++++++++++++++++++++++++------ spec/classes/init_spec.rb | 6 +++- spec/helper/get_defaults.rb | 2 ++ spec/shared_examples/repos.rb | 38 ++++++++++++++++++++--- 7 files changed, 85 insertions(+), 15 deletions(-) delete mode 100644 files/etc/apt/keyrings/docker.gpg diff --git a/files/etc/apt/keyrings/docker.gpg b/files/etc/apt/keyrings/docker.gpg deleted file mode 100644 index e5dc8cfda8e5d37f69956520048140c9baab9803..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2760 zcmV;(3ODtc0u2OMt=cL95CGv?mVEyU+3FP&iF2?(b<6@*g&o7k_7E+vfpyDoj$zjA zGV5WMs<5X`yaKG4`1D^?%Ti#*f9W@2In1 z#V#$cv(vuM$1G5W?m=#;?M(Cxek`gIB|ZeE>e*?4HA0Yo?Le89KO(!1UAgKnfVKJp ze7*UXLf?I!keb9u+BFqeeB``A$gwvu)M9q}dT8YU+=NzEb9$;fT&a6fycOmt+QBrl zSljK4NaNyiOYqwZ!pA8r^c00OKI|6ITnqr2;lfcg2)^}~s|^iuXkp-Z9zw?u9f%Gl zIKx%?805>Gz6o0*0IGj52V2W@R3^r4ggg+8qe2>{F;knjCB39B|n)&}Ia))TWmVOS1zJD$Q<&mo|g~V`#5B$6N zxLlw5L@k&9cvMyuB!wfYMH5Y?I18^yQU0Cn< zQ+Vm-4&d0rzki{yJhx4HVp!v=n%$Eu4}XG1@@3Rpmx4E2z!ZF5gVt7hXhF3JhQ)dC z^v|>E6|i%rp_>2^0RRECD@1Q&Yh`jEQe|vqVRL05C__acWMyJ0AUtGmV{2t{KxA)Y zYh`jSV{dIfi2^qS69EbUAq4_ht>?f38!rV52?z%R1r-Vj2nz)k0s{d60v-VZ7k~f? z2@s8efIJSr&4{we5B?+>qpu&7G$uCr{9l#Rccf8iLHFK8*j}rX=-CG)$dc?$piG&n zyvm)ljwUsM!bnCjBbuvmg?VD7{XegYqwDC-jwi9@5G?Wk0W>(My&0lUwT?!h+_)r; ziSkkZTf)_`7M(d9Eygf&;f2K#dl0cev@e`hmk( zZtk3Hs%->NGPyLrr#y%lgx{LEI^lyjO4KBwd}kap{2xYFqV-F2>Yq zG-gdq-7QDsOB?=ysoxG@7KH&vE_?hnRc?txWkz9<=VtFx@Ut8hfLi2;JwF@%ZMK$zRb;~8!vOdFX75Fk8*e>XpOrG|YsSZ2f#t_(HJ z+2iiq+kTKEd{!m%PjyDuMW8T;FZ!)Cg>O6x2SR3fyfZ=kBSDUz=aV8M^lA(&u0B2M z-aM5?LcHpf3Iqah6nv_W(wZrA8IAR4qXOaf%g7n?TNrw7a0Kc^OVl3Z8#a2R3m+9$ z8(5MM+x77e+YoN$TgPo5x1IH2GV6I8ege0YQtX?0EQiH**C+5Ml4{T8)OO+-PfE3sg1Paga|nw;9NrvW?0Q{d=P|r_7drn! z8&M^%eloEvv)?t~lG>1q+=qlCndr6=1Yy(%>dfgbh&%TXeRWyM$f8?S{8ygGsA8pS zM?IBQwFu-HaGRib&`sVMSJXjhuE(AOvYeGL$vD)^dqADy%5oai-WdX=OaMym$#l_A z7d>5VEn*PN1N}x~{PYrGX`90HOmI4|Rc$_R*_61pBoGZVu(mO4MgBSA z3G&qBk^c}(l#fx^d_Tr93{<%g;efsvX)qQ8<7p74rQ;AUmvbi*yka|wYGA+9!(&uJ z3tZ#|GLLIrw5-@~{uvdM_93`x8jgYT%ZPhr3MqBNEu`I@f@nl~3G(!ilEW9!nGG{5 zNIRRPhlryvj{p$?00D^vJ_Hy62mlEM0$8ouDgqk<0x1a)je&qX4!_Na!CfE(8370Y z1_c6Gt=cL83JDN?psB<1bNtxVU=ROn3Hco$6RNCn?dy%AGv~v}na?1gs^YJhXA)JR zJ_hRT#t5-)YKUBmhDT{(!zP43W=13FLVlQQY&Uywe9iI|Dk@tr8RUEXt!L9asCk14 z$moeFun}{2z@`Y8KUEy#Y?ttc*0nt%%r%bCd4pClxDY!t`M2qFddF+NHq%TDA5Z73 zoZ<)UWl<6+4{!S>HvV2YFUNmbNfe7l7outUhag5HvTFpov{9)%SU3wB^qK~XMv`AX!x<6%-nu+;S&pdG~rCcpO z05M&Fwf!q>>kU>E8(Zk`CG@{MMFpYoH>2^}r{N(ze}#nyK^=2d^FwnaCSIuyoty8V z$MgLSEc6&fC;Zgt2oP+BME)7IvYQ`*`)m(a>t+0)T%TWxv;Hw42=h!wN&j`JBw0E> z50`dHHM+RTjBnAsX^_gE8Q9$kh)YxA+2aP#nvkSPSGK0POS-qBfqQ0U`6_z!bL?8k zW-GmuFEE@S55O+}&SbUnxDWqc+d9(t{vtC%96$nq3|U&n$e6E6Na09qb+{@cv1jZ| z3ANPzBC8hPZX%fd!AicAGHUi1CEtQTkg6rlJ&izkT=Qe0t#FL~*@%Q@afty20kH zP@b&1>Szr#R<^(R$ZDQ+tX1BmAvCn7XbkFG{bvJsln04BkS2;}7+r)m!j=C|-@2Mb zZaVA|!c_0vpuO@|Zgh7CYc|rUFc^1cmciEIZ-OsoUfh8=!gs&KS$I6fh;IjUD`52- z$hYta7J<u zKyfV{PWt21mmL1oc+`{DV3Y`cYIUjP(OqJCF?#$b(-lq(eagmRKXj;3eca9O(@= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars # fix deprecated apt-key warnings + if $curl_ensure { + ensure_packages(['curl']) + } + if $gpg_ensure { + ensure_packages(['gpg']) + } + if $keyring_force_update { + exec { 'Remove Docker-GPG-Key': + path => '/bin/', + cwd => '/tmp', + command => "rm ${keyring}", + } + Exec['Remove Docker-GPG-Key'] -> Exec['Install Docker-GPG-Key'] + } + exec { 'Install Docker-GPG-Key': + path => '/usr/bin/', + cwd => '/tmp', + command => "curl -fsSL https://download.docker.com/linux/${docker::os_lc}/gpg | gpg --dearmor -o ${keyring}", + creates => $keyring, + require => Package['curl','gpg'], + } file { $keyring: - ensure => file, - content => binary_file("${module_name}/etc/apt/keyrings/docker.gpg"), - mode => '0644', - owner => 'root', - group => 'root', + ensure => file, + mode => '0644', + owner => 'root', + group => 'root', } $key_options = { keyring => $keyring, diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 78cd9335..52ee37f0 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -33,6 +33,9 @@ 'with keyring set to optional path' => { 'keyring' => '/root/keyrings/docker.gpg', }, + 'with keyring set to force update' => { + 'keyring_force_update' => true, + }, } describe 'docker', type: :class do @@ -183,7 +186,8 @@ 'tmp_dir' => defaults['tmp_dir'], 'use_upstream_package_source' => defaults['use_upstream_package_source'], 'version' => defaults['version'], - 'keyring' => defaults['keyring'] + 'keyring' => defaults['keyring'], + 'keyring_force_update' => defaults['keyring_force_update'], }.merge(default_params).merge(local_params) let(:facts) do diff --git a/spec/helper/get_defaults.rb b/spec/helper/get_defaults.rb index ac7b40e2..869bda49 100644 --- a/spec/helper/get_defaults.rb +++ b/spec/helper/get_defaults.rb @@ -89,6 +89,7 @@ def get_defaults(_facts) tmp_dir_config = true version = :undef keyring = '/etc/apt/keyrings/docker.gpg' + keyring_force_update = false if _facts[:os]['family'] == 'windows' compose_install_path = "#{_facts['docker_program_files_path']}/Docker" @@ -489,5 +490,6 @@ def get_defaults(_facts) 'use_upstream_package_source' => use_upstream_package_source, 'version' => version, 'keyring' => keyring, + 'keyring_force_update' => keyring_force_update, } end diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 7003e17e..d46b15e3 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -12,6 +12,7 @@ key_check_source = values['package_key_check_source'] architecture = facts[:os]['architecture'] keyring = params['keyring'] + os_lc = params['os_lc'] unless params['prerequired_packages'].empty? params['prerequired_packages'].each do |package| @@ -30,15 +31,45 @@ if params['use_upstream_package_source'] # check if debian version is atleast 10 and ubuntu version is atleast 22 if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[0-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) + # if params['curl_ensure'] + # it { + # is_expected.to contain_package('curl') + # } + # end + # if params['gpg_ensure'] + # it { + # is_expected.to contain_package('gpg') + # } + # end + if params['keyring_force_update'] + it { + is_expected.to contain_exec('Remove Docker-GPG-Key').with( + 'path' => '/bin/', + 'cwd' => '/tmp', + 'command' => "rm #{keyring}", + ).that_comes_before('Exec[Install Docker-GPG-Key]') + } + end it { + is_expected.to contain_exec('Install Docker-GPG-Key').with( + 'path' => '/usr/bin/', + 'cwd' => '/tmp', + 'command' => "curl -fsSL https://download.docker.com/linux/#{os_lc}/gpg | gpg --dearmor -o #{keyring}", + 'creates' => keyring, + ).that_requires( + [ + 'Package[curl]', + 'Package[gpg]', + ], + ) + is_expected.to contain_file(keyring).with( 'ensure' => 'file', 'mode' => '0644', 'owner' => 'root', 'group' => 'root', ) - } - it { + is_expected.to contain_apt__source('docker').with( 'location' => location, 'architecture' => architecture, @@ -49,8 +80,7 @@ 'src' => false, }, ) - } - it { + is_expected.to contain_apt__key('docker-key-in-trusted.gpg').with( 'ensure' => 'absent', 'id' => '9DC858229FC7DD38854AE2D88D81803C0EBFCD88', From bc5ce1e6527d0bc491c508303cf31668fc7c26d7 Mon Sep 17 00:00:00 2001 From: mwernet Date: Thu, 5 Jan 2023 12:46:55 +0100 Subject: [PATCH 19/31] Remove not working tests --- spec/shared_examples/repos.rb | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index d46b15e3..ef9b0743 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -31,16 +31,6 @@ if params['use_upstream_package_source'] # check if debian version is atleast 10 and ubuntu version is atleast 22 if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[0-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) - # if params['curl_ensure'] - # it { - # is_expected.to contain_package('curl') - # } - # end - # if params['gpg_ensure'] - # it { - # is_expected.to contain_package('gpg') - # } - # end if params['keyring_force_update'] it { is_expected.to contain_exec('Remove Docker-GPG-Key').with( From ee6570d59dbf9029febf726ac500345dd59037da Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Thu, 12 Jan 2023 08:45:58 +0100 Subject: [PATCH 20/31] Update manifests/init.pp Co-authored-by: Kenyon Ralph --- manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/init.pp b/manifests/init.pp index 31e8226c..d6690647 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -351,7 +351,7 @@ # Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. # See https://wiki.debian.org/DebianRepository/UseThirdParty for details. # -# @param gpg_force_update +# @param keyring_force_update # Forces to update the with keyring provided gpg key. # class docker ( From 84b217c43f7911a0bd16e520f9f8270966dbc8a9 Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Thu, 12 Jan 2023 08:46:13 +0100 Subject: [PATCH 21/31] Update manifests/repos.pp Co-authored-by: Kenyon Ralph --- manifests/repos.pp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index 5026fcea..23594104 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -17,7 +17,8 @@ # # @param gpg_ensure # Whether or not the gpg package is ensured by this module. -# +# @param keyring_force_update +# Forces to update the with keyring provided gpg key. class docker::repos ( $location = $docker::package_location, $key_source = $docker::package_key_source, From 177dfe6158f8bc2dbf4d623cf964d67463f64ea3 Mon Sep 17 00:00:00 2001 From: mwernet Date: Tue, 17 Jan 2023 17:12:37 +0100 Subject: [PATCH 22/31] Handle docker-Keyring download via archive-module --- manifests/repos.pp | 24 ++++++++++++------------ metadata.json | 4 ++++ spec/shared_examples/repos.rb | 16 ++++++++++------ 3 files changed, 26 insertions(+), 18 deletions(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index 23594104..d738d5bc 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -12,11 +12,9 @@ # Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. # See https://wiki.debian.org/DebianRepository/UseThirdParty for details. # -# @param curl_ensure -# Whether or not the curl package is ensured by this module. -# # @param gpg_ensure # Whether or not the gpg package is ensured by this module. +# # @param keyring_force_update # Forces to update the with keyring provided gpg key. class docker::repos ( @@ -39,9 +37,6 @@ if ( $facts['os']['distro']['id'] == 'Debian' and versioncmp($facts['os']['distro']['release']['major'],'10') >= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars # fix deprecated apt-key warnings - if $curl_ensure { - ensure_packages(['curl']) - } if $gpg_ensure { ensure_packages(['gpg']) } @@ -53,12 +48,17 @@ } Exec['Remove Docker-GPG-Key'] -> Exec['Install Docker-GPG-Key'] } - exec { 'Install Docker-GPG-Key': - path => '/usr/bin/', - cwd => '/tmp', - command => "curl -fsSL https://download.docker.com/linux/${docker::os_lc}/gpg | gpg --dearmor -o ${keyring}", - creates => $keyring, - require => Package['curl','gpg'], + archive { $keyring: + ensure => present, + source => "https://download.docker.com/linux/${docker::os_lc}/gpg", + extract => true, + extract_command => 'gpg', + extract_flags => "--dearmor -o ${keyring}", + extract_path => '/tmp', + path => '/tmp/docker.gpg', + creates => $keyring, + cleanup => true, + require => Package['gpg'], } file { $keyring: ensure => file, diff --git a/metadata.json b/metadata.json index bf645f95..6a322c61 100644 --- a/metadata.json +++ b/metadata.json @@ -23,6 +23,10 @@ { "name": "puppetlabs/reboot", "version_requirement": ">=2.0.0 < 5.0.0" + }, + { + "name": "voxpupuli/puppet-archive", + "version_requirement": ">= v1.0.0" } ], "operatingsystem_support": [ diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index ef9b0743..3685072a 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -41,14 +41,18 @@ } end it { - is_expected.to contain_exec('Install Docker-GPG-Key').with( - 'path' => '/usr/bin/', - 'cwd' => '/tmp', - 'command' => "curl -fsSL https://download.docker.com/linux/#{os_lc}/gpg | gpg --dearmor -o #{keyring}", - 'creates' => keyring, + is_expected.to contain_archive(keyring).with( + 'ensure' => 'present', + 'source' => "https://download.docker.com/linux/#{os_lc}/gpg", + 'extract' => true, + 'extract_command' => 'gpg', + 'extract_flags' => "--dearmor -o ${keyring}", + 'extract_path' => '/tmp', + 'path' => '/tmp/docker.gpg', + 'creates' => $keyring, + 'cleanup' => true, ).that_requires( [ - 'Package[curl]', 'Package[gpg]', ], ) From 19fa70a866902f481f784bb397bdeca46e1f8644 Mon Sep 17 00:00:00 2001 From: mwernet Date: Tue, 17 Jan 2023 21:41:16 +0100 Subject: [PATCH 23/31] Prepare Unit-Tests --- manifests/repos.pp | 5 +++-- spec/shared_examples/repos.rb | 16 +++++++--------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index d738d5bc..a3bb1aa8 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -23,7 +23,6 @@ $key_check_source = $docker::package_key_check_source, $architecture = $facts['os']['architecture'], $keyring = $docker::keyring, - $curl_ensure = $docker::params::curl_ensure, $gpg_ensure = $docker::params::gpg_ensure, $keyring_force_update = $docker::keyring_force_update, ) { @@ -36,6 +35,7 @@ $package_repos = $docker::package_repos if ( $facts['os']['distro']['id'] == 'Debian' and versioncmp($facts['os']['distro']['release']['major'],'10') >= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars + include archive # fix deprecated apt-key warnings if $gpg_ensure { ensure_packages(['gpg']) @@ -46,8 +46,9 @@ cwd => '/tmp', command => "rm ${keyring}", } - Exec['Remove Docker-GPG-Key'] -> Exec['Install Docker-GPG-Key'] + Exec['Remove Docker-GPG-Key'] -> Archive[$keyring] } + archive { $keyring: ensure => present, source => "https://download.docker.com/linux/${docker::os_lc}/gpg", diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 3685072a..11553b74 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -37,25 +37,23 @@ 'path' => '/bin/', 'cwd' => '/tmp', 'command' => "rm #{keyring}", - ).that_comes_before('Exec[Install Docker-GPG-Key]') + ).that_comes_before("Archive[#{keyring}]") } end it { - is_expected.to contain_archive(keyring).with( + is_expected.to contain_class('archive') + is_expected.to contain_archive(keyring) + .with( 'ensure' => 'present', 'source' => "https://download.docker.com/linux/#{os_lc}/gpg", 'extract' => true, 'extract_command' => 'gpg', - 'extract_flags' => "--dearmor -o ${keyring}", + 'extract_flags' => "--dearmor -o #{keyring}", 'extract_path' => '/tmp', 'path' => '/tmp/docker.gpg', - 'creates' => $keyring, + 'creates' => keyring, 'cleanup' => true, - ).that_requires( - [ - 'Package[gpg]', - ], - ) + ).that_requires('Package[gpg]') is_expected.to contain_file(keyring).with( 'ensure' => 'file', From 05d75b548cf8b4695591e53bbb927c0bc9ed6d4e Mon Sep 17 00:00:00 2001 From: mwernet Date: Fri, 3 Feb 2023 13:06:35 +0100 Subject: [PATCH 24/31] Add 'puppet/archive' Module as dependency --- .fixtures.yml | 1 + metadata.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.fixtures.yml b/.fixtures.yml index 6cfc04e8..6ba32d49 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -4,6 +4,7 @@ fixtures: apt: 'puppetlabs-apt' powershell: 'puppetlabs-powershell' reboot: 'puppetlabs-reboot' + archive: 'puppet-archive' repositories: facts: 'https://github.com/puppetlabs/puppetlabs-facts.git' puppet_agent: 'https://github.com/puppetlabs/puppetlabs-puppet_agent.git' diff --git a/metadata.json b/metadata.json index 6a322c61..d5037ad1 100644 --- a/metadata.json +++ b/metadata.json @@ -25,7 +25,7 @@ "version_requirement": ">=2.0.0 < 5.0.0" }, { - "name": "voxpupuli/puppet-archive", + "name": "puppet/archive", "version_requirement": ">= v1.0.0" } ], From 6c53719936e4c560c9c0b37ace2233d426d288aa Mon Sep 17 00:00:00 2001 From: mwernet Date: Fri, 3 Feb 2023 15:57:52 +0100 Subject: [PATCH 25/31] remove lsb-release dependency, change to deb 11 --- manifests/repos.pp | 2 +- spec/shared_examples/repos.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifests/repos.pp b/manifests/repos.pp index a3bb1aa8..aa34fa02 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -34,7 +34,7 @@ $package_key = $docker::package_key $package_repos = $docker::package_repos - if ( $facts['os']['distro']['id'] == 'Debian' and versioncmp($facts['os']['distro']['release']['major'],'10') >= 0 ) or ( $facts['os']['distro']['id'] == 'Ubuntu' and versioncmp($facts['os']['distro']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars + if ( $facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'],'11' ) >= 0 ) or ( $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'],'22') >= 0 ) { # lint:ignore:140chars include archive # fix deprecated apt-key warnings if $gpg_ensure { diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 11553b74..51c54bc5 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -29,8 +29,8 @@ package_repos = values['package_repos'] if params['use_upstream_package_source'] - # check if debian version is atleast 10 and ubuntu version is atleast 22 - if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[0-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) + # check if debian version is atleast 11 and ubuntu version is atleast 22 + if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[1-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) if params['keyring_force_update'] it { is_expected.to contain_exec('Remove Docker-GPG-Key').with( From e5eab7658787544e3cd3da3d33df5986a023287f Mon Sep 17 00:00:00 2001 From: mwernet Date: Fri, 3 Feb 2023 16:25:07 +0100 Subject: [PATCH 26/31] change upper and lower versions for archive dep --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index d5037ad1..46c8a913 100644 --- a/metadata.json +++ b/metadata.json @@ -26,7 +26,7 @@ }, { "name": "puppet/archive", - "version_requirement": ">= v1.0.0" + "version_requirement": ">= v4.4.0 < 8.0.0" } ], "operatingsystem_support": [ From 75b70d8bb8671530710cfe48c152dc2f6abc00e8 Mon Sep 17 00:00:00 2001 From: mwernet Date: Fri, 3 Feb 2023 16:39:36 +0100 Subject: [PATCH 27/31] Remove 'keyring_force_update' since not indempotent --- manifests/init.pp | 4 ---- manifests/repos.pp | 11 ----------- spec/classes/init_spec.rb | 4 ---- spec/helper/get_defaults.rb | 2 -- spec/shared_examples/repos.rb | 9 --------- 5 files changed, 30 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index d6690647..97b202ce 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -351,9 +351,6 @@ # Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry. # See https://wiki.debian.org/DebianRepository/UseThirdParty for details. # -# @param keyring_force_update -# Forces to update the with keyring provided gpg key. -# class docker ( Optional[String] $version = $docker::params::version, String $ensure = $docker::params::ensure, @@ -473,7 +470,6 @@ Optional[Variant[String,Array]] $registry_mirror = $docker::params::registry_mirror, Boolean $acknowledge_unsupported_os = false, Stdlib::Absolutepath $keyring = '/etc/apt/keyrings/docker.gpg', - Boolean $keyring_force_update = false, # Windows specific parameters Optional[String] $docker_msft_provider_version = $docker::params::docker_msft_provider_version, diff --git a/manifests/repos.pp b/manifests/repos.pp index aa34fa02..8ee3c3f9 100644 --- a/manifests/repos.pp +++ b/manifests/repos.pp @@ -15,8 +15,6 @@ # @param gpg_ensure # Whether or not the gpg package is ensured by this module. # -# @param keyring_force_update -# Forces to update the with keyring provided gpg key. class docker::repos ( $location = $docker::package_location, $key_source = $docker::package_key_source, @@ -24,7 +22,6 @@ $architecture = $facts['os']['architecture'], $keyring = $docker::keyring, $gpg_ensure = $docker::params::gpg_ensure, - $keyring_force_update = $docker::keyring_force_update, ) { ensure_packages($docker::prerequired_packages) @@ -40,14 +37,6 @@ if $gpg_ensure { ensure_packages(['gpg']) } - if $keyring_force_update { - exec { 'Remove Docker-GPG-Key': - path => '/bin/', - cwd => '/tmp', - command => "rm ${keyring}", - } - Exec['Remove Docker-GPG-Key'] -> Archive[$keyring] - } archive { $keyring: ensure => present, diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 52ee37f0..b84a47c1 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -33,9 +33,6 @@ 'with keyring set to optional path' => { 'keyring' => '/root/keyrings/docker.gpg', }, - 'with keyring set to force update' => { - 'keyring_force_update' => true, - }, } describe 'docker', type: :class do @@ -187,7 +184,6 @@ 'use_upstream_package_source' => defaults['use_upstream_package_source'], 'version' => defaults['version'], 'keyring' => defaults['keyring'], - 'keyring_force_update' => defaults['keyring_force_update'], }.merge(default_params).merge(local_params) let(:facts) do diff --git a/spec/helper/get_defaults.rb b/spec/helper/get_defaults.rb index 869bda49..ac7b40e2 100644 --- a/spec/helper/get_defaults.rb +++ b/spec/helper/get_defaults.rb @@ -89,7 +89,6 @@ def get_defaults(_facts) tmp_dir_config = true version = :undef keyring = '/etc/apt/keyrings/docker.gpg' - keyring_force_update = false if _facts[:os]['family'] == 'windows' compose_install_path = "#{_facts['docker_program_files_path']}/Docker" @@ -490,6 +489,5 @@ def get_defaults(_facts) 'use_upstream_package_source' => use_upstream_package_source, 'version' => version, 'keyring' => keyring, - 'keyring_force_update' => keyring_force_update, } end diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index 51c54bc5..fa00235c 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -31,15 +31,6 @@ if params['use_upstream_package_source'] # check if debian version is atleast 11 and ubuntu version is atleast 22 if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[1-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) - if params['keyring_force_update'] - it { - is_expected.to contain_exec('Remove Docker-GPG-Key').with( - 'path' => '/bin/', - 'cwd' => '/tmp', - 'command' => "rm #{keyring}", - ).that_comes_before("Archive[#{keyring}]") - } - end it { is_expected.to contain_class('archive') is_expected.to contain_archive(keyring) From 496b931a5b08c637434ea72d181dc79cbc652323 Mon Sep 17 00:00:00 2001 From: mwernet Date: Fri, 3 Feb 2023 17:00:45 +0100 Subject: [PATCH 28/31] Change contribution information --- CONTRIBUTING.md | 2 +- CONTRIBUTORS.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e7a3a7c3..aced8499 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,3 +1,3 @@ # Contributing to Puppet modules -Check out our [Contributing to Supported Modules Blog Post](https://puppetlabs.github.io/iac/docs/contributing_to_a_module.html) to find all the information that you will need. +Check out our [Contributing to Supported Modules Blog Post](https://www.puppet.com/docs/puppet/latest/contributing.html) to find all the information that you will need. diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index edaaf389..946d8a1b 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -185,3 +185,4 @@ 1 Joshua Spence 1 Justin Riley 1 Schusler, Olaf + 1 Wernet, Marc-Oliver \ No newline at end of file From c4f50c7c32ea234eee68c53deac28de9717efcff Mon Sep 17 00:00:00 2001 From: mwernet Date: Mon, 6 Feb 2023 09:25:21 +0100 Subject: [PATCH 29/31] metadata.json fix typo in version --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 46c8a913..2ea74f80 100644 --- a/metadata.json +++ b/metadata.json @@ -26,7 +26,7 @@ }, { "name": "puppet/archive", - "version_requirement": ">= v4.4.0 < 8.0.0" + "version_requirement": ">= 4.4.0 < 8.0.0" } ], "operatingsystem_support": [ From 7238bd542e053414fa8ecc6b0cbafef474ce1d27 Mon Sep 17 00:00:00 2001 From: mwernet Date: Tue, 7 Feb 2023 08:29:54 +0100 Subject: [PATCH 30/31] Satisfy Static & Syntax Tests --- spec/shared_examples/repos.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/spec/shared_examples/repos.rb b/spec/shared_examples/repos.rb index fa00235c..2b8b0496 100644 --- a/spec/shared_examples/repos.rb +++ b/spec/shared_examples/repos.rb @@ -33,8 +33,7 @@ if (facts[:operatingsystem] == 'Debian' && facts[:operatingsystemrelease] =~ /1[1-9]/) || (facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] =~ /2[2-9]/) it { is_expected.to contain_class('archive') - is_expected.to contain_archive(keyring) - .with( + is_expected.to contain_archive(keyring).with( 'ensure' => 'present', 'source' => "https://download.docker.com/linux/#{os_lc}/gpg", 'extract' => true, From 436a88ae64114422e796fcf871b9fece7a5a837f Mon Sep 17 00:00:00 2001 From: Olli Wernet <61321118+vegaaz@users.noreply.github.com> Date: Thu, 4 May 2023 16:22:39 +0200 Subject: [PATCH 31/31] Update metadata.json --- metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 12ae19a8..bc272cca 100644 --- a/metadata.json +++ b/metadata.json @@ -22,7 +22,7 @@ }, { "name": "puppetlabs/reboot", - "version_requirement": ">=2.0.0 < 5.0.0" + "version_requirement": ">=2.0.0 < 6.0.0" }, { "name": "puppet/archive",