Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix(repositories): force aptkey if signed-by and allow aptkey #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

fix(repositories): force aptkey if signed-by and allow aptkey #77

wants to merge 5 commits into from

Conversation

didiermfb
Copy link
Contributor

@didiermfb didiermfb commented Mar 11, 2025
edited
Loading

PR progress checklist (to be filled in by reviewers)

  • Changes to documentation are appropriate (or tick if not required)
  • Changes to tests are appropriate (or tick if not required)
  • Reviews completed

What type of PR is this?

Primary type

  • [build] Changes related to the build system
  • [chore] Changes to the build process or auxiliary tools and libraries such as documentation generation
  • [ci] Changes to the continuous integration configuration
  • [feat] A new feature
  • [fix] A bug fix
  • [perf] A code change that improves performance
  • [refactor] A code change that neither fixes a bug nor adds a feature
  • [revert] A change used to revert a previous commit
  • [style] Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.)

Secondary type

  • [docs] Documentation changes
  • [test] Adding missing or correcting existing tests

Does this PR introduce a BREAKING CHANGE?

No.

Related issues and/or pull requests

#76

Describe the changes you're proposing

If key_url is definedand aptkey is not defined, force aptkey to false when signed-by is present in opts.
Use aptkey if defined in any case.
Allow to define keyring directory and clean this directory (cleaning is set to false by default)

Pillar / config required to test the proposed changes

Added to pillar.example

Debug log showing how the proposed changes work

Documentation checklist

  • Updated the README (e.g. Available states).
  • Updated pillar.example.

Testing checklist

  • Included in Kitchen (i.e. under state_top).
  • Covered by new/existing tests (e.g. InSpec, Serverspec, etc.).
  • Updated the relevant test pillar.

Additional context

keyring directory is managed automatically by salt not by this formula (didn't see any possible configuration in pkgrepo to change this) The directory is just set to be able to clean this directory.
It should be better to define all the signed-by in the same directory (except for keyrings pushed by the keyring_package)

@didiermfb didiermfb changed the title Force aptkey to false if signed-by in opts and aptkey not defined … fix(repositories): Force aptkey if signed-by and allow aptkey Mar 11, 2025
@didiermfb didiermfb force-pushed the master branch 2 times, most recently from b2a8458 to ed5c2a3 Compare March 11, 2025 14:11
@didiermfb didiermfb changed the title fix(repositories): Force aptkey if signed-by and allow aptkey fix(repositories): force aptkey if signed-by and allow aptkey Mar 11, 2025
@didiermfb didiermfb marked this pull request as ready for review March 11, 2025 15:10
@didiermfb didiermfb force-pushed the master branch 2 times, most recently from 31e228f to 37042f5 Compare March 11, 2025 15:48
@didiermfb didiermfb requested a review from a team as a code owner March 11, 2025 15:48
@didiermfb didiermfb force-pushed the master branch 8 times, most recently from 6874579 to 74cd91e Compare March 12, 2025 14:14
@didiermfb
Copy link
Contributor Author

I also :

  • modify the pre-commit.ci config to make it work again
  • adjust kitchen for current supported versions (debian, ubuntu and salt) travis and gitlab ci were also edited for the new versions but I let debian 12 and ubuntu 24.04 disabled in the CI
  • removed CI for debian 9

@didiermfb didiermfb force-pushed the master branch 5 times, most recently from 5d2e90b to 9058b32 Compare March 13, 2025 09:31
@sir-ragna
Copy link

features

The additional features from my side.

Describe the changes you're proposing

  • When setting apt:clean_sources_list_d=true files that are not required to be removed are not removed
  • A feature is added so that adding apt:repositories:repo:unmanaged=true allows you to specifically exclude a sources.list file from getting removed (or managed at all). This is handy in case another formula is managing this file.

Pillar / config required to test the proposed changes

apt:
  clean_sources_list_d: true
  respositories:
    rabbitmq:
      unmanaged: true # useful when rabbitmq.list is managed by another formula
      filename: rabbitmq.list # this is optional, will use <repo-name>.list by default, instead of "<repo-name>-<type>.list"

Documentation checklist

  • Updated the README (e.g. Available states).
  • Updated pillar.example.

Testing checklist

  • Included in Kitchen (i.e. under state_top).
  • Covered by new/existing tests (e.g. InSpec, Serverspec, etc.).
  • Updated the relevant test pillar.

Additional context

Added a Salt state to the tests to verify it isn't removed.

repos_maintained_by_another_formula:
  file.managed:
    - name: /etc/apt/sources.list.d/unmanaged.list
    - mode: '0644'
    - contents: "## unmanged list file that shouldn't be removed"

@didiermfb
Copy link
Contributor Author

Closing this PR to split changes and use specific branches.

@didiermfb didiermfb closed this Apr 10, 2025
@didiermfb didiermfb mentioned this pull request Apr 11, 2025
Merged
19 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javierbertoli javierbertoli Awaiting requested review from javierbertoli javierbertoli is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@didiermfb @sir-ragna