Skip to content

Commit

Permalink
Use modern APT keyrings on Debian family
Browse files Browse the repository at this point in the history 
This makes use of puppetlabs/puppetlabs-apt#1128
to store the public key in `/etc/apt/keyrings` and add a `signed-by`
option to the `sources.list.d` entry.
  • Loading branch information
@kenyon
kenyon committed Jan 3, 2024
1 parent 757dc37 commit 7246980
Show file tree
Hide file tree
Showing 4 changed files with 2 additions and 28 deletions.
9 changes: 0 additions & 9 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -312,12 +312,10 @@
# @param docker_ce_cli_package_name
# @param docker_ce_source_location
# @param docker_ce_key_source
# @param docker_ce_key_id
# @param docker_ce_release
# @param docker_package_location
# @param docker_package_key_source
# @param docker_package_key_check_source
# @param docker_package_key_id
# @param docker_package_release
# @param docker_engine_start_command
# @param docker_engine_package_name
Expand All @@ -326,7 +324,6 @@
# @param docker_ee_package_name
# @param docker_ee_source_location
# @param docker_ee_key_source
# @param docker_ee_key_id
# @param docker_ee_repos
# @param docker_ee_release
# @param package_release
Expand Down Expand Up @@ -359,12 +356,10 @@
String[1] $docker_ce_cli_package_name = $docker::params::docker_ce_cli_package_name,
Optional[String] $docker_ce_source_location = $docker::params::package_ce_source_location,
Optional[String] $docker_ce_key_source = $docker::params::package_ce_key_source,
Optional[String] $docker_ce_key_id = $docker::params::package_ce_key_id,
Optional[String] $docker_ce_release = $docker::params::package_ce_release,
Optional[String] $docker_package_location = $docker::params::package_source_location,
Optional[String] $docker_package_key_source = $docker::params::package_key_source,
Optional[Boolean] $docker_package_key_check_source = $docker::params::package_key_check_source,
Optional[String] $docker_package_key_id = $docker::params::package_key_id,
Optional[String] $docker_package_release = $docker::params::package_release,
String $docker_engine_start_command = $docker::params::docker_engine_start_command,
String $docker_engine_package_name = $docker::params::docker_engine_package_name,
Expand All @@ -373,7 +368,6 @@
Optional[String] $docker_ee_package_name = $docker::params::package_ee_package_name,
Optional[String] $docker_ee_source_location = $docker::params::package_ee_source_location,
Optional[String] $docker_ee_key_source = $docker::params::package_ee_key_source,
Optional[String] $docker_ee_key_id = $docker::params::package_ee_key_id,
Optional[String] $docker_ee_repos = $docker::params::package_ee_repos,
Optional[String] $docker_ee_release = $docker::params::package_ee_release,
Optional[Variant[String,Array[String]]] $tcp_bind = $docker::params::tcp_bind,
Expand Down Expand Up @@ -548,7 +542,6 @@
$package_location = $docker::docker_ee_source_location
$package_key_source = $docker::docker_ee_key_source
$package_key_check_source = $docker_package_key_check_source
$package_key = $docker::docker_ee_key_id
$package_repos = $docker::docker_ee_repos
$release = $docker::docker_ee_release
$docker_start_command = $docker::docker_ee_start_command
Expand All @@ -558,7 +551,6 @@
'Debian' : {
$package_location = $docker_ce_source_location
$package_key_source = $docker_ce_key_source
$package_key = $docker_ce_key_id
$package_repos = $docker_ce_channel
$release = $docker_ce_release
}
Expand Down Expand Up @@ -586,7 +578,6 @@
$package_location = $docker_package_location
$package_key_source = $docker_package_key_source
$package_key_check_source = $docker_package_key_check_source
$package_key = $docker_package_key_id
$package_repos = 'main'
$release = $docker_package_release
}
Expand Down
16 changes: 0 additions & 16 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@
$docker_ee_start_command = 'dockerd'
$docker_ee_source_location = undef
$docker_ee_key_source = undef
$docker_ee_key_id = undef
$docker_ee_repos = stable
$tcp_bind = undef
$tls_enable = false
Expand Down Expand Up @@ -168,7 +167,6 @@

$package_ce_source_location = "https://download.docker.com/linux/${os_lc}"
$package_ce_key_source = "https://download.docker.com/linux/${os_lc}/gpg"
$package_ce_key_id = '9DC858229FC7DD38854AE2D88D81803C0EBFCD88'
if (versioncmp($facts['facterversion'], '2.4.6') <= 0) {
$package_ce_release = $facts['os']['lsb']['distcodename']
} else {
Expand All @@ -177,10 +175,8 @@
$package_source_location = 'http://apt.dockerproject.org/repo'
$package_key_source = 'https://apt.dockerproject.org/gpg'
$package_key_check_source = undef
$package_key_id = '58118E89F3A912897C070ADBF76221572C52609D'
$package_ee_source_location = $docker_ee_source_location
$package_ee_key_source = $docker_ee_key_source
$package_ee_key_id = $docker_ee_key_id
if (versioncmp($facts['facterversion'], '2.4.6') <= 0) {
$package_ee_release = $facts['os']['lsb']['distcodename']
} else {
Expand Down Expand Up @@ -211,18 +207,15 @@

$apt_source_pin_level = undef
$detach_service_in_init = false
$package_ce_key_id = undef
$package_ce_key_source = 'https://download.docker.com/linux/centos/gpg'
$package_ce_release = undef
$package_ce_source_location = "https://download.docker.com/linux/centos/${facts['os']['release']['major']}/${facts['os']['architecture']}/${docker_ce_channel}"
$package_ee_key_id = $docker_ee_key_id
$package_ee_key_source = $docker_ee_key_source
$package_ee_package_name = $docker_ee_package_name
$package_ee_release = undef
$package_ee_repos = $docker_ee_repos
$package_ee_source_location = $docker_ee_source_location
$package_key_check_source = true
$package_key_id = undef
$package_key_source = 'https://yum.dockerproject.org/gpg'
$package_release = undef
$package_source_location = "https://yum.dockerproject.org/repo/main/centos/${facts['os']['release']['major']}"
Expand All @@ -247,18 +240,15 @@
$docker_group = 'docker'
$package_ce_source_location = undef
$package_ce_key_source = undef
$package_ce_key_id = undef
$package_ce_repos = undef
$package_ce_release = undef
$package_key_id = undef
$package_release = undef
$package_source_location = undef
$package_key_source = undef
$package_key_check_source = undef
$package_ee_source_location = undef
$package_ee_package_name = $docker_ee_package_name
$package_ee_key_source = undef
$package_ee_key_id = undef
$package_ee_repos = undef
$package_ee_release = undef
$use_upstream_package_source = undef
Expand All @@ -284,17 +274,14 @@
$package_key_source = undef
$package_key_check_source = undef
$package_source_location = undef
$package_key_id = undef
$package_repos = undef
$package_release = undef
$package_ce_key_source = undef
$package_ce_source_location = undef
$package_ce_key_id = undef
$package_ce_repos = undef
$package_ce_release = undef
$package_ee_source_location = undef
$package_ee_key_source = undef
$package_ee_key_id = undef
$package_ee_release = undef
$package_ee_repos = undef
$package_ee_package_name = undef
Expand Down Expand Up @@ -324,17 +311,14 @@
$package_key_source = undef
$package_key_check_source = undef
$package_source_location = undef
$package_key_id = undef
$package_repos = undef
$package_release = undef
$package_ce_key_source = undef
$package_ce_source_location = undef
$package_ce_key_id = undef
$package_ce_repos = undef
$package_ce_release = undef
$package_ee_source_location = undef
$package_ee_key_source = undef
$package_ee_key_id = undef
$package_ee_release = undef
$package_ee_repos = undef
$package_ee_package_name = undef
Expand Down
3 changes: 1 addition & 2 deletions manifests/repos.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
case $facts['os']['family'] {
'Debian': {
$release = $docker::release
$package_key = $docker::package_key
$package_repos = $docker::package_repos

if ($docker::use_upstream_package_source) {
Expand All @@ -29,7 +28,7 @@
release => $release,
repos => $package_repos,
key => {
id => $package_key,
name => 'docker.asc',
source => $key_source,
},
include => {
Expand Down
2 changes: 1 addition & 1 deletion metadata.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
},
{
"name": "puppetlabs/apt",
"version_requirement": ">= 4.4.1 < 10.0.0"
"version_requirement": ">= 9.2.0 < 10.0.0"
},
{
"name": "puppetlabs/powershell",
Expand Down

0 comments on commit 7246980

Please sign in to comment.