corpus_parole: dev/provisioning/modules/yum/manifests/gpgkey.pp@b0b56e0f8c7f (annotated)

28 b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	1	# Define: yum::gpgkey
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	2	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	3	# This definition saves and imports public GPG key for RPM. Key can
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	4	# be stored on Puppet's fileserver or as inline content. Key can be
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	5	# also removed from system.
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	6	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	7	# Parameters:
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	8	# [path] - alternative file location (defaults to name)
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	9	# [ensure] - specifies if key should be present or absent
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	10	# [content] - content
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	11	# [source] - source (e.g.: puppet:///)
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	12	# [owner] - file owner
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	13	# [group] - file group
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	14	# [mode] - file mode
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	15	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	16	# Actions:
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	17	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	18	# Requires:
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	19	# RPM based system
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	20	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	21	# Sample usage:
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	22	# yum::gpgkey { '/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-smoketest1':
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	23	# ensure => present,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	24	# content => '-----BEGIN PGP PUBLIC KEY BLOCK-----
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	25	# ...
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	26	# -----END PGP PUBLIC KEY BLOCK-----';
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	27	# }
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	28	#
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	29	define yum::gpgkey (
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	30	$path = $name,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	31	$ensure = present,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	32	$content = '',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	33	$source = '',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	34	$owner = 'root',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	35	$group = 'root',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	36	$mode = '0644'
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	37	) {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	38	validate_absolute_path($path)
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	39	validate_string($owner, $group, $mode)
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	40
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	41	file { $path:
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	42	ensure => $ensure,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	43	owner => $owner,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	44	group => $group,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	45	mode => $mode,
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	46	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	47
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	48	if ($content == '') and ($source == '') {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	49	fail('Missing params: $content or $source must be specified')
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	50	} elsif $content {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	51	File[$path] {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	52	content => $content
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	53	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	54	} else {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	55	File[$path] {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	56	source => $source
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	57	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	58	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	59
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	60	$rpmname = "gpg-pubkey-$( \
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	61	gpg --quiet --with-colon --homedir=/root --throw-keyids <${path} \| \
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	62	cut -d: -f5 \| cut -c9- \| tr '[A-Z]' '[a-z]' \| head -1)"
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	63
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	64	case $ensure {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	65	present: {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	66	exec { "rpm-import-${name}":
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	67	path => '/bin:/usr/bin:/sbin/:/usr/sbin',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	68	command => "rpm --import ${path}",
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	69	unless => "rpm -q ${rpmname}",
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	70	require => File[$path],
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	71	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	72	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	73
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	74	absent: {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	75	exec { "rpm-delete-${name}":
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	76	path => '/bin:/usr/bin:/sbin/:/usr/sbin',
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	77	command => "rpm -e ${rpmname}",
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	78	onlyif => ["test -f ${path}", "rpm -q ${rpmname}"],
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	79	before => File[$path],
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	80	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	81	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	82
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	83	default: {
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	84	fail("Invalid ensure state: ${ensure}")
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	85	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	86	}
b0b56e0f8c7f Add contributor edition ymh <ymh.work@gmail.com> parents: diff changeset	87	}

author	ymh <ymh.work@gmail.com>
	Fri, 15 Jan 2016 15:35:00 +0100
changeset 28	b0b56e0f8c7f
permissions	-rw-r--r--