diff --git a/manifests/apt.pp b/manifests/apt.pp index 02a73f5..e462d28 100644 --- a/manifests/apt.pp +++ b/manifests/apt.pp @@ -10,32 +10,80 @@ Boolean $repo_gpgcheck = $cvmfs::repo_gpgcheck, ) { # We already reject arrays of more than one element in init.pp - $_location = Array($repo_base,true)[0] - Apt::Source { - allow_insecure => ! $repo_gpgcheck, - comment => 'CernVM File System', - location => $_location, - key => { + if ($facts['os']['name'] == 'Debian' and versioncmp($facts['os']['release']['major'],'12') <= 0 ) or + ($facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['major'],'24.04') <= 0 ) { + $_source_format = 'list' + $_key = { ensure => refreshed, id => 'FD80468D49B3B24C341741FC8CE0A76C497EA957', source => $repo_gpgkey, - }, - repos => 'main', + } + $_keyring = undef + $_location = Array($repo_base,true)[0] # Take first one for old format. + $_release_cvmfs = "${facts['os']['distro']['codename']}-prod" + $_release_testing = "${facts['os']['distro']['codename']}-testing" + $_release_future = "${facts['os']['distro']['codename']}-future" + $_repos = 'main' + + # These _ensure and _enabled parameters + # https://github.com/puppetlabs/puppetlabs-apt/pull/1243 + # You cannot use "ensure" => absent with format 'sources'. + # You cannot use "enabled" => ... with format 'list'. + # + $_repo_testing_ensure = bool2str($repo_testing_enabled,'present','absent') + $_repo_future_ensure = bool2str($repo_future_enabled,'present','absent') + $_repo_testing_enabled = undef + $_repo_future_enabled = undef + } else { # deb822 + + $_source_format = 'sources' + $_location = Array($repo_base,true) + $_release_cvmfs = ["${facts['os']['distro']['codename']}-prod"] + $_release_testing = ["${facts['os']['distro']['codename']}-testing"] + $_release_future = ["${facts['os']['distro']['codename']}-future"] + $_repos = ['main'] + + $_key = undef + $_keyring = '/etc/apt/keyrings/cernvm.gpg' + + # see above + $_repo_testing_ensure = 'present' + $_repo_future_ensure = 'present' + $_repo_testing_enabled = $repo_testing_enabled + $_repo_future_enabled = $repo_future_enabled + + apt::keyring { 'cernvm.gpg': + source => $repo_gpgkey, + before => [Apt::Source['cvmfs'],Apt::Source['cvmfs-testing'],Apt::Source['cvmfs-future']], + } + } + + Apt::Source { + comment => 'CernVM File System', + source_format => $_source_format, + allow_insecure => ! $repo_gpgcheck, + location => $_location, + key => $_key, + keyring => $_keyring, + repos => $_repos, notify_update => true, } apt::source { 'cvmfs': ensure => 'present', - release => "${facts['os']['distro']['codename']}-prod", + release => $_release_cvmfs, } apt::source { 'cvmfs-testing': - ensure => bool2str($repo_testing_enabled,'present','absent'), - release => "${facts['os']['distro']['codename']}-testing", + ensure => $_repo_testing_ensure, + release => $_release_testing, + enabled => $_repo_testing_enabled, } + apt::source { 'cvmfs-future': - ensure => bool2str($repo_future_enabled,'present','absent'), - release => "${facts['os']['distro']['codename']}-future", + ensure => $_repo_future_ensure, + release => $_release_future, + enabled => $_repo_future_enabled, } } diff --git a/metadata.json b/metadata.json index ec1022e..62ccc2a 100644 --- a/metadata.json +++ b/metadata.json @@ -12,7 +12,7 @@ "license": "Apache-2.0", "dependencies": [ { - "version_requirement": ">= 7.0.0 < 11.0.0", + "version_requirement": ">= 10.0.0 < 11.0.0", "name": "puppetlabs/apt" }, { @@ -29,7 +29,8 @@ "operatingsystem": "Debian", "operatingsystemrelease": [ "11", - "12" + "12", + "13" ] }, { diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index 4befc5d..8d830b1 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -91,7 +91,7 @@ # cvmfs-config repository should be disable by default. # case facts[:os]['name'] - when 'RedHat', 'AlmaLinux', 'Rocky' + when 'RedHat', 'AlmaLinux', 'Rocky', 'CentOS' case facts[:os]['release']['major'] when '8' it { @@ -161,32 +161,125 @@ it { is_expected.to contain_yumrepo('cvmfs-config').with_baseurl('https://cvmrepo.s3.cern.ch/cvmrepo/yum/cvmfs-config/fedora/42/x86_64 https://cvmrepo.web.cern.ch/cvmrepo/yum/cvmfs-config/fedora/42/x86_64') } end else + it { + is_expected.to contain_apt__source('cvmfs').with( + { + 'allow_insecure' => false, + 'allow_unsigned' => nil, + } + ) + } + + it { + is_expected.to contain_apt__source('cvmfs-testing').with( + { + 'allow_insecure' => false, + 'allow_unsigned' => nil, + } + ) + } + + it { + is_expected.to contain_apt__source('cvmfs-future').with( + { + 'allow_insecure' => false, + 'allow_unsigned' => nil, + } + ) + } + case facts[:os]['distro']['codename'] + when 'bullseye' + it { + is_expected.to contain_apt__source('cvmfs').with_release('bullseye-prod') + is_expected.to contain_apt__source('cvmfs-testing').with_release('bullseye-testing') + is_expected.to contain_apt__source('cvmfs-future').with_release('bullseye-future') + } when 'bookworm' + it { + is_expected.to contain_apt__source('cvmfs').with_release('bookworm-prod') + is_expected.to contain_apt__source('cvmfs-testing').with_release('bookworm-testing') + is_expected.to contain_apt__source('cvmfs-future').with_release('bookworm-future') + } + + when 'noble' + it { + is_expected.to contain_apt__source('cvmfs').with_release('noble-prod') + is_expected.to contain_apt__source('cvmfs-testing').with_release('noble-testing') + is_expected.to contain_apt__source('cvmfs-future').with_release('noble-future') + } + + when 'jammy' + it { + is_expected.to contain_apt__source('cvmfs').with_release('jammy-prod') + is_expected.to contain_apt__source('cvmfs-testing').with_release('jammy-testing') + is_expected.to contain_apt__source('cvmfs-future').with_release('jammy-future') + } + + when 'focal' + it { + is_expected.to contain_apt__source('cvmfs').with_release('focal-prod') + is_expected.to contain_apt__source('cvmfs-testing').with_release('focal-testing') + is_expected.to contain_apt__source('cvmfs-future').with_release('focal-future') + } + when 'trixie' + it { + is_expected.to contain_apt__source('cvmfs').with_release(['trixie-prod']) + is_expected.to contain_apt__source('cvmfs-testing').with_release(['trixie-testing']) + is_expected.to contain_apt__source('cvmfs-future').with_release(['trixie-future']) + } + + else + raise("Debian family codename, #{facts[:os]['distro']['codename']} is unknown to tests, add that case") + end + case [facts[:os]['name'], facts[:os]['release']['major']] + when %w[Debian 11], %w[Debian 12], ['Ubuntu', '20.04'], ['Ubuntu', '22.04'], ['Ubuntu', '24.04'] it { is_expected.to contain_apt__source('cvmfs').with( { - 'ensure' => 'present', - 'location' => 'https://cvmrepo.s3.cern.ch/cvmrepo/apt', - 'release' => 'bookworm-prod', - 'allow_insecure' => false, - 'allow_unsigned' => nil, + ensure: 'present', + location: 'https://cvmrepo.s3.cern.ch/cvmrepo/apt', + } + ) + is_expected.to contain_apt__source('cvmfs-testing').with( + { + ensure: 'absent', + location: 'https://cvmrepo.s3.cern.ch/cvmrepo/apt', + } + ) + is_expected.to contain_apt__source('cvmfs-future').with( + { + ensure: 'absent', + location: 'https://cvmrepo.s3.cern.ch/cvmrepo/apt', } ) } - + else it { + is_expected.to contain_apt__source('cvmfs').with( + { + ensure: 'present', + enabled: true, + location: ['https://cvmrepo.s3.cern.ch/cvmrepo/apt'], + } + ) is_expected.to contain_apt__source('cvmfs-testing').with( { - 'ensure' => 'absent', - 'location' => 'https://cvmrepo.s3.cern.ch/cvmrepo/apt', - 'release' => 'bookworm-testing', - 'allow_insecure' => false, - 'allow_unsigned' => nil, + ensure: 'present', + enabled: false, + location: ['https://cvmrepo.s3.cern.ch/cvmrepo/apt'], + } + ) + is_expected.to contain_apt__source('cvmfs-future').with( + { + ensure: 'present', + enabled: false, + location: ['https://cvmrepo.s3.cern.ch/cvmrepo/apt'], } ) } end + end context 'with repo_future_enabled true' do @@ -207,7 +300,8 @@ it { is_expected.to contain_apt__source('cvmfs-future').with( { - 'ensure' => 'present', + 'ensure' => 'present', + 'enabled' => true, } ) } @@ -274,8 +368,20 @@ it { is_expected.to contain_yumrepo('cvmfs-testing').with_baseurl(%r{^http://example.org/base/cvmfs-testing/(EL|fedora)/\d+/x86_64$}) } it { is_expected.to contain_yumrepo('cvmfs-config').with_baseurl(%r{^http://example.org/base/cvmfs-config/(EL|fedora)/\d+/x86_64$}) } else - it { is_expected.to contain_apt__source('cvmfs').with_location('http://example.org/base') } - it { is_expected.to contain_apt__source('cvmfs-testing').with_location('http://example.org/base') } + case [facts[:os]['name'], facts[:os]['release']['major']] + when %w[Debian 11], %w[Debian 12], ['Ubuntu', '20.04'], ['Ubuntu', '22.04'], ['Ubuntu', '24.04'] + it { + is_expected.to contain_apt__source('cvmfs').with_location('http://example.org/base') + is_expected.to contain_apt__source('cvmfs-testing').with_location('http://example.org/base') + is_expected.to contain_apt__source('cvmfs-future').with_location('http://example.org/base') + } + else + it { + is_expected.to contain_apt__source('cvmfs').with_location(['http://example.org/base']) + is_expected.to contain_apt__source('cvmfs-testing').with_location(['http://example.org/base']) + is_expected.to contain_apt__source('cvmfs-future').with_location(['http://example.org/base']) + } + end end end @@ -291,8 +397,8 @@ it { is_expected.to contain_yumrepo('cvmfs-testing').with_baseurl(%r{^http://example.org/base/cvmfs-testing/(EL|fedora)/\d+/x86_64$}) } it { is_expected.to contain_yumrepo('cvmfs-config').with_baseurl(%r{^http://example.org/base/cvmfs-config/(EL|fedora)/\d+/x86_64$}) } else - it { is_expected.to contain_apt__source('cvmfs').with_location('http://example.org/base') } - it { is_expected.to contain_apt__source('cvmfs-testing').with_location('http://example.org/base') } + it { is_expected.to contain_apt__source('cvmfs').with_location(['http://example.org/base']) } + it { is_expected.to contain_apt__source('cvmfs-testing').with_location(['http://example.org/base']) } end end @@ -355,11 +461,20 @@ it { is_expected.to contain_yumrepo('cvmfs-testing').with_gpgkey('http://example.org/key.gpg') } it { is_expected.to contain_yumrepo('cvmfs-config').with_gpgkey('http://example.org/key.gpg') } else - it { - is_expected.to contain_apt__source('cvmfs').with_key( - { 'ensure' => 'refreshed', 'id' => 'FD80468D49B3B24C341741FC8CE0A76C497EA957', 'source' => 'http://example.org/key.gpg' } - ) - } + case [facts[:os]['name'], facts[:os]['release']['major']] + when %w[Debian 11], %w[Debian 12], ['Ubuntu', '20.04'], ['Ubuntu', '22.04'], ['Ubuntu', '24.04'] + it { + is_expected.to contain_apt__source('cvmfs').with_key( + { 'ensure' => 'refreshed', 'id' => 'FD80468D49B3B24C341741FC8CE0A76C497EA957', 'source' => 'http://example.org/key.gpg' } + ) + is_expected.to contain_apt__source('cvmfs').without_keyring + } + else + it { + is_expected.to contain_apt__source('cvmfs').with_keyring('/etc/apt/keyrings/cernvm.gpg') + is_expected.to contain_apt__source('cvmfs').without_key + } + end end end