Add apt::keyring defined type which creates modern-style keyrings

[jorhett]

This PR attempts to get most of the work in place to handle modern apt gpg keyrings, without breaking existing behavior. resolves #1034

This allows a simple key download behavior:

# This will create /etc/apt/keyrings/puppetlabs.gpg
apt::keyring { 'puppetlabs':
  source => 'https://apt.puppetlabs.com/keyring.gpg',
}

Modifications to the allowed values for key parameter of apt::source allows a unified definition:

apt::source { 'puppetlabs':
  comment  => 'Puppet8',
  location => 'https://apt.puppetlabs.com/',
  repos    => 'puppet8',
  key      => {
    'name'   => 'puppetlabs',
    'source' => 'https://apt.puppetlabs.com/keyring.gpg',
  },
}

The goal of this PR is to lay down a lot of the logic and see if some of the directions are worth pursing, before I dump hours into creating tests, etc. I'm looking for feedback here.

Some alternate design choices

• Could have expanded the choices for keyring parameter instead of key -- might read better?
• Could use a native Ruby type if someone wants to write that

Some things that should be improved

• tests
• should do fingerprint verification of gpg keys
• add optional parameter to force new keyring style (for Ubuntu 22.04+, etc)

[CLAassistant]

All committers have signed the CLA.

[puppet-community-rangefinder[bot]]

apt is a class

Breaking changes to this file WILL impact these 251 modules (exact match):

* [rtyler-puppet](https://github.com/rtyler/puppet-puppet.git) * [garethr-nginx](https://github.com/garethr/garethr-nginx.git) * [garethr-pypy](https://github.com/garethr/garethr-pypy.git) * [kritz-vagrantlamp](https://github.com/kritznl/vagrantlamp) * [rfletcher-ec2_consistent_snapshot](https://forge.puppet.com/rfletcher/ec2_consistent_snapshot) * [garethr-rustlang](https://github.com/garethr/garethr-rustlang.git) * [jeoffreybauvin-gitlab_ci_multi_runner](https://github.com/Jeoffreybauvin/gitlab-ci-multi-runner) * [dalaro-titan](https://forge.puppet.com/dalaro/titan) * [neo4j-neo4j](https://github.com/simpsonjulian/puppet-neo4j) * [elithrar-golang](https://github.com/elithrar/puppet-golang-backports.git) * [ploperations-puppetlabs_apt](https://github.com/puppetlabs-operations/puppet-puppetlabs_apt) * [fnerdwq-omd](https://github.com/fnerdwq/puppet-omd.git) * [trulabs-kamailio](https://github.com/trulabs/puppet-kamailio) * [spantree-nginx](https://github.com/Spantree/puppet-nginx) * [Siteminds-gogs](https://github.com/Siteminds/puppet-gogs.git) * [deviseit-barman](https://github.com/deviseit/puppet-barman.git) * [adcade-java7](https://forge.puppet.com/adcade/java7) * [fortin-tor](https://github.com/shaftoe/puppet-tor) * [kogitoapp-kapacitor](https://github.com/kogitoapp/puppet-kapacitor) * [flatline235-aptsimplesoftware](https://github.com/flat235/puppet-aptsimplesoftware.git) * [tmont-rethinkdb](https://github.com/tmont/puppet-rethinkdb) * [deric-r](https://github.com/deric/deric-r) * [Envek-erlang](https://github.com/Envek/puppet-erlang.git) * [pcfens-topbeat](https://github.com/pcfens/puppet-topbeat) * [4n0m4l0u5-configure_nginx](https://github.com/4n0m4l0u5/configure_nginx) * [tracywebtech-java](https://github.com/TracyWebTech/puppet-java) * [cethy-gaudi](https://github.com/cethy/cethy-gaudi.git) * [garethr-mirageos](https://github.com/garethr/garethr-mirageos.git) * [binarin-workstation](https://forge.puppet.com/binarin/workstation) * [robinvdvleuten-phpenv](https://github.com/RobinvdVleuten/puppet-phpenv) * [hfm-h2o](https://github.com/hfm/puppet-h2o) * [trepasi-kibana5](https://github.com/rtib/puppet-kibana5) * [garethr-golang](https://github.com/garethr/garethr-golang.git) * [binarin-binarin](https://forge.puppet.com/binarin/binarin) * [deric-java](https://github.com/deric/puppet-java/archive/master.zip) * [a2tar-nodejs](https://github.com/a2tar/puppet_nodejs.git) * [walkamongus-pdagent](https://github.com/walkamongus/puppet-pdagent.git) * [a2tar-redis](https://github.com/a2tar/redis.git) * [meeh-java](https://github.com/meeh420/puppet-java.git) * [stevenrombauts-logdna](https://github.com/stevenrombauts/puppet-logdna.git) * [qroac-isp3node](https://github.com/qroac/puppet-ispconfig) * [locp-odoo9](https://github.com/locp/puppet-odoo) * [guimaluf-gvpe](https://github.com/guimaluf/puppet-gvpe) * [giavac-homer](https://github.com/giavac/giavac-homer) * [devsec-suricata](https://github.com/odinje/puppet-suricata) * [justintw-develop_environment](https://github.com/JustinTW/justintw-develop_environment) * [garethr-sysdig](https://github.com/garethr/garethr-sysdig.git) * [aageyev-redis](https://bitbucket.org/aageyev/redis) * [m3del-sabnzbd](https://github.com/nctiggy/m3del-sabnzbd) * [cpick-hub](https://github.com/cpick/puppet-hub.git) * [dowlingw-kodi](https://github.com/dowlingw/puppet-kodi) * [praekeltfoundation-webupd8_oracle_java](https://github.com/praekeltfoundation/puppet-webupd8_oracle_java) * [cyberkov-openhab](https://github.com/cyberkov/puppet-openhab) * [a2tar-openvpn](https://github.com/a2tar/openvpn.git) * [aageyev-nodejs](https://bitbucket.org/aageyev/nodejs) * [BradChesney79-arduino](https://github.com/bradchesney79/arduino) * [ngiger-x2go](https://forge.puppet.com/ngiger/x2go) * [dowlingw-nvidia](https://github.com/dowlingw/puppet-nvidia) * [igovua-nodejs](https://bitbucket.org/egovinfrastructure/puppet_module_nodejs.git) * [cristaldo-libreoffice](https://github.com/cristaldo/libreoffice.git) * [a2tar-dnsmasq](https://github.com/a2tar/dnsmasq.git) * [a2labs-nginx](https://aageyev@bitbucket.org/a2labs/nginx.git) * [ericsysmin-oraclejava](https://github.com/ericsysmin/ericsysmin-oraclejava) * [a2labs-php](https://bitbucket.org/a2labs/php.git) * [justintw-developer_environment](https://github.com/JustinTW/justintw-developer_environment) * [bluesman-crossbar](https://github.com/blues-man/crossbar-puppet.git) * [zivtech-rethinkdb](https://github.com/zivtech/puppet-rethinkdb.git) * [markb-docker_registry](https://forge.puppet.com/markb/docker_registry) * [gwaldvogel-liveconfig](https://github.com/gwaldvogel/puppet-liveconfig) * [driebit-zotonic](https://github.com/driebit/puppet-zotonic.git) * [ipcrm-lacework](https://github.com/ipcrm/ipcrm-lacework.git) * [alanpetersen-gitfusion](https://github.com/alanpetersen/gitfusion) * [tsuru-tsuru](https://github.com/tsuru/puppet-tsuru) * [petems-fish](https://github.com/petems/petems-fish) * [loomsen-bloonix_agent](https://github.com/loomsen/puppet-bloonix_agent) * [continuent-percona_repo](https://github.com/continuent/continuent-percona_repo) * [fe80-java](https://github.com/fe80/puppet-java.git) * [praekeltfoundation-xylem](https://github.com/praekeltfoundation/puppet-xylem) * [basholabs-riak](https://github.com/basho-labs/puppet-riak) * [praekeltfoundation-gluster](https://github.com/praekeltfoundation/puppet-gluster) * [alanpetersen-helix](https://github.com/alanpetersen/helix) * [norisnetwork-heartbeat](https://github.com/noris-network/norisnetwork-heartbeat) * [locp-odoo](https://github.com/locp/puppet-odoo) * [alanpetersen-gitswarm](https://github.com/alanpetersen/gitswarm) * [praekeltfoundation-consular](https://github.com/praekeltfoundation/puppet-consular) * [deric-fhgfs](https://github.com/deric/puppet-fhgfs) * [norisnetwork-auditbeat](https://github.com/noris-network/norisnetwork-auditbeat) * [brwyatt-flatpak](https://github.com/brwyatt/puppet-flatpak) * [deric-torque](https://github.com/deric/puppet-torque.git) * [desertkun-nginx](https://github.com/desertkun/puppet-nginx.git) * [helio-fluentbit](https://github.com/helio/puppet-fluentbit) * [garethr-erlang](https://github.com/garethr/garethr-erlang.git) * [johnlawerance-xtrabackup](https://github.com/johnlawerance/xtrabackup) * [deric-java_binary](https://github.com/deric/puppet-java/archive/master.zip) * [puppet-opensearch](https://github.com/voxpupuli/puppet-opensearch) * [monkygames-landscape](https://bitbucket.org/monkygames/puppet-landscape.git) * [vll-synergy](https://github.com/indigo-dc/puppet-synergy) * [project0-bareos](https://github.com/project0/puppet-bareos) * [southernhill-phpldapadmin](https://github.com/southernhill/puppet-phpldapadmin.git) * [n3snah-powershell7](https://github.com/n3snah/powershell7) * [hfm-percona](https://github.com/hfm/puppet-percona) * [johnlawerance-crucible](https://github.com/johnlawerance/crucible.git) * [vide-omsa](https://github.com/vide/puppet-omsa) * [nono-zfs](https://forge-git.ircam.fr/puppet-module-base-zfs.git) * [krakatoa-haproxy](https://github.com/krakatoa1987/puppetlabs-haproxy) * [thbe-bareos](https://github.com/thbe/puppet-bareos.git) * [deric-pgprobackup](https://github.com/deric/puppet-pgprobackup) * [olivierHa-influxdb](https://github.com/olivierHa/puppet-influxdb) * [abaranov-wireguard](https://github.com/spacedog/puppet-wirguard) * [chartbeat-confluent_kafka](http://github.com/chartbeat-labs/puppet-confluent-kafka) * [shoekstra-owncloud](https://github.com/shoekstra/puppet-owncloud.git) * [wywygmbh-fluentd](https://github.com/wywy/puppet-fluentd) * [kallies-x2go](https://github.com/kallies/puppet-x2go.git) * [wavesoftware-xtreemfs](https://github.com/wavesoftware/puppet-xtreemfs.git) * [potto-marathon](http://github.com/potto007/puppet-marathon) * [monkygames-nvidia](https://bitbucket.org/monkygames/puppet-nvidia) * [rpignolet-mongodb](https://github.com/rpignolet/puppetlabs-mongodb.git) * [spantree-java7](https://github.com/Spantree/puppet-java7.git) * [spantree-java8](https://github.com/Spantree/puppet-java8.git) * [deric-beegfs](https://github.com/deric/puppet-beegfs) * [yorick-beid](https://github.com/yorickps/puppet-beid) * [spjmurray-jenkins](https://github.com/spjmurray/puppet-jenkins) * [norisnetwork-packetbeat](https://github.com/noris-network/norisnetwork-packetbeat) * [puppet-bareos](https://github.com/voxpupuli/puppet-bareos) * [nrvale0-keepass2](https://github.com/nrvale0/puppet-keepass2) * [artberri-yarn](https://github.com/artberri/puppet-yarn) * [puppet-tvheadend](https://github.com/voxpupuli/puppet-tvheadend.git) * [vholer-hp_sdr](https://github.com/vholer/puppet-hp_sdr.git) * [puppetlabs-mongodb](https://github.com/puppetlabs/puppetlabs-mongodb) * [petems-cockpit](https://github.com/petems/petems-cockpit) * [cmantix-nginxphp](https://bitbucket.org/hfraser/puppet-nginx-php) * [dsestero-sonarqube](https://github.com/dsestero/sonarqube.git) * [tapajos-ruby_stable](https://github.com/tapajos/puppet-ruby-stable) * [cheasles-synapse](https://github.com/cheasles/puppet-synapse.git) * [TubeMogul-druid](https://github.com/tubemogul/puppet-druid.git) * [instana-agent](https://github.com/instana/instana-agent-puppet) * [chartbeat-varnish](https://github.com/chartbeat-labs/puppet-varnish) * [darkmantle-java](https://github.com/darkmantle/puppet-java) * [tanny1910-omd](https://github.com/GRIF-IRFU/puppet-omd.git) * [kogitoapp-chronograf](https://github.com/kogitoapp/puppet-chronograf) * [marcdeop-ratticdb](https://github.com/marcdeop/ratticdb) * [opstudio-duplicity](https://git.opstudio.pro/modules/duplicity.git) * [fschaer-omd](https://github.com/GRIF-IRFU/puppet-omd) * [puppetfinland-xtrabackup](https://github.com/Puppet-Finland/puppet-xtrabackup.git) * [librato-librato](https://github.com/librato/puppet-librato) * [cloudpassage-cloudpassage](https://github.com/cloudpassage/puppet-cloudpassage.git) * [vpgrp-omsa](https://git.vpgrp.io/puppet/puppet-omsa) * [ncorrare-yubikey](https://github.com/ncorrare/ncorrare-yubikey) * [mvisonneau-curator](https://github.com/mvisonneau/puppet-curator) * [deric-mesos](http://github.com/deric/puppet-mesos) * [vpgrp-docker](https://git.vpgrp.io/puppet/puppet-docker) * [initforthe-yarn](https://github.com/initforthe/puppet-yarn) * [midonet-cassandra](https://github.com/midonet/puppet-cassandra) * [zend-zend_common](https://github.com/zendtech/puppet-zend-common) * [whefter-syncthing](https://github.com/whefter/puppet-syncthing.git) * [dmcnicks-mcoconfig](http://github.com/dmcnicks/dmcnicks-mcoconfig) * [brwyatt-syncthing](https://github.com/brwyatt/puppet-syncthing.git) * [continuent-tungsten](https://github.com/continuent/continuent-tungsten) * [oxc-rspamd](https://github.com/oxc/puppet-rspamd) * [oris-nginx](https://bitbucket.org/oris/env-puppet-module-nginx) * [codingfuture-cfsystem](https://github.com/codingfuture/puppet-cfsystem) * [spjmurray-puppet](https://github.com/spjmurray/puppet-puppet) * [vpgrp-influxdb](https://github.com/veepee-puppet/puppet-influxdb) * [s12v-blackfire](https://github.com/s12v/puppet-blackfire) * [rtyler-jenkins](https://github.com/jenkinsci/puppet-jenkins) * [pest-blackfire](https://github.com/puppets-epic-show-theatre/puppet-curator) * [puppet-falco](https://github.com/voxpupuli/puppet-falco) * [edestecd-software](https://github.com/edestecd/puppet-software.git) * [puppetlabs-influxdb](https://github.com/puppetlabs/influxdb) * [otherskins-ansible](https://github.com/otherskins/puppet-ansible.git) * [dsestero-java](https://github.com/dsestero/java.git) * [MiamiOH-httpproxy](https://github.com/MiamiOH/puppet-httpproxy.git) * [nexcess-ksplice](https://github.com/nexcess/puppet-ksplice) * [rehan-git](https://github.com/rehanone/puppet-git.git) * [camptocamp-puppetserver](https://github.com/camptocamp/puppet-puppetserver) * [edestecd-mariadb](https://github.com/edestecd/puppet-mariadb.git) * [cesnet-java_ng](https://github.com/MetaCenterCloudPuppet/cesnet-java_ng) * [joelkle-salt](https://github.com/JoelKle/puppet-salt) * [puppet-hashi_stack](https://github.com/voxpupuli/puppet-hashi_stack) * [jlambert121-curator](https://github.com/jlambert121/jlambert121-curator) * [abstractit-puppet](https://github.com/abstractitptyltd/abstractit-puppet) * [bfraser-grafana](https://github.com/bfraser/puppet-grafana.git) * [factorit-grafana](https://github.com/bfraser/puppet-grafana.git) * [gajdaw-symfony](https://github.com/puppet-by-examples/puppet-symfony) * [bashtoni-varnish](https://github.com/BashtonLtd/puppet-varnish) * [puppet-puppetserver](https://github.com/voxpupuli/puppet-puppetserver) * [puppetfinland-mysql](https://github.com/Puppet-Finland/puppet-mysql.git) * [mindhive-nvidia_docker_runtime](https://github.com/mindhivenz/nvidia_docker_runtime) * [sensson-powerdns](https://github.com/sensson/puppet-powerdns) * [puppetfinland-freight](https://github.com/Puppet-Finland/puppet-freight.git) * [puppet-cassandra](https://github.com/voxpupuli/puppet-cassandra) * [razorsedge-cloudera](https://github.com/razorsedge/puppet-cloudera.git) * [TubeMogul-aptly](https://github.com/tubemogul/puppet-aptly.git) * [icinga-icinga](https://github.com/icinga/puppet-icinga) * [arioch-redis](https://github.com/arioch/puppet-redis) * [puppet-jenkins](https://github.com/voxpupuli/puppet-jenkins) * [puppetfinland-openvpn](https://github.com/Puppet-Finland/puppet-openvpn.git) * [cristifalcas-curator](https://github.com/cristifalcas/puppet-curator) * [spjmurray-ceph](https://github.com/spjmurray/puppet-ceph) * [pest-curator](https://github.com/puppets-epic-show-theatre/puppet-curator) * [cesnet-site_hadoop](https://github.com/MetaCenterCloudPuppet/cesnet-site_hadoop) * [rehan-nginx](https://github.com/rehanone/puppet-nginx.git) * [openstack-ceph](https://opendev.org/openstack/puppet-ceph.git) * [simp-postgresql](https://github.com/simp/puppetlabs-postgresql.git) * [puppet-mongodb](https://github.com/voxpupuli/puppet-mongodb) * [memoussati-postgresql](https://github.com/puppetlabs/puppetlabs-postgresql.git) * [puppet-virtualbox](https://github.com/voxpupuli/puppet-virtualbox) * [puppet-lldpd](https://github.com/voxpupuli/puppet-lldpd) * [memoussati-docker](https://github.com/garethr/garethr-docker.git) * [mvasilenko-docker](https://github.com/mvasilenko/garethr-docker.git) * [garethr-docker](https://github.com/garethr/garethr-docker.git) * [ape-elasticsearch](https://github.com/pecharmin/puppet-elasticsearch) * [puppet-rsyslog](https://github.com/voxpupuli/puppet-rsyslog) * [puppet-gluster](https://github.com/voxpupuli/puppet-gluster.git) * [razorsedge-vmwaretools](https://github.com/razorsedge/puppet-vmwaretools.git) * [puppetlabs-docker](https://github.com/puppetlabs/puppetlabs-docker) * [elastic-elastic_stack](https://github.com/elastic/puppet-elastic-stack) * [puppet-unattended_upgrades](https://github.com/voxpupuli/puppet-unattended_upgrades.git) * [puppet-elastic_stack](https://github.com/voxpupuli/puppet-elastic-stack) * [puppet-php](https://github.com/voxpupuli/puppet-php) * [puppetlabs-postgresql](https://github.com/puppetlabs/puppetlabs-postgresql) * [puppet-zabbix](https://github.com/voxpupuli/puppet-zabbix.git) * [factorit-jasperreports_server](https://github.com/jbbrunsveld/jasperreports_server) * [tsuru-base](https://github.com/tsuru/puppet-tsuru) * [willdurand-bazinga](https://forge.puppet.com/willdurand/bazinga) * [spjmurray-kubernetes](https://github.com/spjmurray/puppet-kubernetes) * [horsefish-bmc](https://github.com/horsefish/bmc) * [bjorns-acmd](https://github.com/bjorns/aem-cmd) * [signalfx-collectd](https://github.com/signalfx/puppet_collectd) * [badquanta-badstation](https://github.com/BadQuanta/badquanta-badstation) * [elasticsearch-elasticsearch](https://github.com/elastic/puppet-elasticsearch) * [joshuaspence-phabricator](https://github.com/joshuaspence/puppet-phabricator) * [lesaux-kibana4](https://github.com/lesaux/puppet-kibana4.git) * [vshn-gitlab](https://github.com/vshn/puppet-gitlab) * [puppet-collectd](https://github.com/voxpupuli/puppet-collectd) * [locp-opscenter](https://github.com/locp/opscenter) * [threatstack-threatstack](https://github.com/threatstack/threatstack-puppet) * [theforeman-foreman](https://github.com/theforeman/puppet-foreman) * [covata-safeshare](https://bitbucket.org/covata/puppet_covata_services) * [jcustenborder-confluent](https://github.com/jcustenborder/puppet-confluent) * [pcfens-filebeat](https://github.com/pcfens/puppet-filebeat) * [puppetlabs-puppet_agent](https://github.com/puppetlabs/puppetlabs-puppet_agent) * [midonet-midonet](https://github.com/midonet/puppet-midonet) * [lookatitude-zserver](https://github.com/lookatitude/Zserver) * [abstractit-icinga](https://github.com/abstractitptyltd/abstractit-icinga) * [jcalles-php](https://github.com/mayflower/puppet-php) * [mayflower-php](https://github.com/mayflower/puppet-php) * [danzilio-virtualbox](https://github.com/danzilio/danzilio-virtualbox) * [jfryman-nginx](https://github.com/jfryman/puppet-nginx.git) * [locp-cassandra](https://github.com/locp/cassandra) * [hackerhappyhour-docker](https://github.com/HackerHappyHour/hackerhappyhour-docker.git)

Breaking changes to this file MAY impact these 47 modules (near match):

* [edgester-buildbot](https://forge.puppet.com/edgester/buildbot) * [factorit-icingaweb2](https://github.com/Icinga/puppet-icingaweb2.git) * [rgevaert-mysql](https://github.com/rgevaert/puppet-mysql) * [luckyknight-hhvm](https://github.com/craigcarnell/puppet-hhvm.git) * [vinodverma7584-truesightmeter](https://github.com/VinodVerma7584/boundary_puppet) * [nrvale0-openmediavault](https://github.com/nrvale0/puppet-openmediavault.git) * [aniketmehta-elasticsearch](https://github.com/aniketmehta/elasticsearch) * [gjerjens-zabbix_agent2](https://gitlab.com/gjerjens/zabbix_agent2) * [elasticsearch-logstashforwarder](https://github.com/elastic/puppet-logstashforwarder) * [hfm-octopass](https://github.com/hfm/puppet-octopass) * [hackerhorse-puppet_deluge](https://github.com/RainbowHackerHorse/puppet_deluge) * [Firebladee-newrelic](https://github.com/Firebladee/newrelic) * [puppetfinland-hwraid](https://github.com/Puppet-Finland/puppet-hwraid.git) * [meltwater-marathon](https://github.com/meltwater/puppet-marathon) * [eyp-postgresql](https://github.com/NTTCom-MS/eyp-postgresql) * [hfm-proxysql](https://github.com/hfm/puppet-proxysql) * [eyp-php](https://github.com/NTTCom-MS/eyp-php) * [elasticsearch-logstash](https://github.com/elastic/puppet-logstash) * [jethrocarr-soe](https://github.com/jethrocarr/puppet-soe) * [nrvale0-plexmediaserver](https://github.com/nrvale0/puppet-plexmediaserver) * [Lavaburn-flapjack](https://github.com/Lavaburn/puppet-flapjack.git) * [sematext-spm_monitor](http://sematext.com) * [lwo-dataverse](https://github.com/IQSS/dataverse-puppet) * [puppetfinland-postgresql](https://github.com/Puppet-Finland/puppet-postgresql.git) * [jay-nodejs](https://github.com/mootpt/puppet-nodejs) * [camptocamp-dell](https://github.com/camptocamp/puppet-dell) * [hfm-tinyproxy](https://github.com/hfm/puppet-tinyproxy) * [nibalizer-zfs](https://github.com/nibalizer/puppet-module-zfs.git) * [puppetfinland-nginx](https://github.com/Puppet-Finland/puppet-nginx.git) * [puppet-puppetwebhook](https://github.com/voxpupuli/puppet-puppetwebhook.git) * [hfm-stns](https://github.com/STNS/puppet-stns) * [boundary-boundary](https://github.com/boundary/boundary_puppet) * [puppet-borg](https://github.com/voxpupuli/puppet-borg.git) * [sensu-sensuclassic](https://github.com/sensu/puppet-module-sensuclassic) * [puppet-nginx](https://github.com/voxpupuli/puppet-nginx.git) * [opendaylight-opendaylight](https://git.opendaylight.org/gerrit/p/integration/packaging/puppet-opendaylight.git) * [elastic-kibana](https://github.com/elastic/puppet-kibana) * [puppet-rundeck](https://github.com/voxpupuli/puppet-rundeck.git) * [puppet-kibana](https://github.com/voxpupuli/puppet-kibana) * [puppet-redis](https://github.com/voxpupuli/puppet-redis.git) * [puppet-nodejs](https://github.com/voxpupuli/puppet-nodejs) * [eyp-nrpe](https://github.com/NTTCom-MS/eyp-nrpe) * [geoffwilliams-r_profile](https://github.com/GeoffWilliams/r_profile) * [puppet-grafana](https://github.com/voxpupuli/puppet-grafana.git) * [mvasilenko-sensu](https://github.com/mvasilenko/sensu-puppet) * [camptocamp-varnish](https://github.com/camptocamp/puppet-varnish) * [puppetlabs-nodejs](https://github.com/puppetlabs/puppetlabs-nodejs)

apt::params is a class

that may have no external impact to Forge modules.

apt::source is a type

Breaking changes to this file WILL impact these 347 modules (exact match):

* [garethr-spotify](https://forge.puppet.com/garethr/spotify) * [bltavares-baseline](https://github.com/bltavares/vagrant-baseline) * [jamesawesome-medibuntu](https://github.com/medibuntu/puppet-medibuntu) * [madhukarn-percona_galera_cluster](https://github.com/madhu2852/Percona-Galera-Cluster.git) * [garethr-nginx](https://github.com/garethr/garethr-nginx.git) * [skottler-foreman](https://forge.puppet.com/skottler/foreman) * [rtyler-puppet](https://github.com/rtyler/puppet-puppet.git) * [dalaro-titan](https://forge.puppet.com/dalaro/titan) * [jeoffreybauvin-gitlab_ci_multi_runner](https://github.com/Jeoffreybauvin/gitlab-ci-multi-runner) * [garethr-garethr](https://forge.puppet.com/garethr/garethr) * [bzed-maxscale](https://www.github.com/bzed/bzed-maxscale/) * [garethr-freight](https://forge.puppet.com/garethr/freight) * [renanvicente-shellshock](https://github.com/renanvicente/puppet-shellshock) * [neo4j-neo4j](https://github.com/simpsonjulian/puppet-neo4j) * [jmkeyes-unifi](https://github.com/jmkeyes/puppet-unifi) * [extraordinaire-stackdriver](https://github.com/extraordinaire/puppet-stackdriver) * [prachetasp-rabbitmq](https://github.com/prachetasp/puppetlabs-rabbitmq.git) * [andrewshawcare-wakanda](https://forge.puppet.com/andrewshawcare/wakanda) * [ploperations-puppetlabs_apt](https://github.com/puppetlabs-operations/puppet-puppetlabs_apt) * [trulabs-kamailio](https://github.com/trulabs/puppet-kamailio) * [fnerdwq-omd](https://github.com/fnerdwq/puppet-omd.git) * [jmkeyes-gocd](https://github.com/jmkeyes/puppet-gocd) * [spantree-nginx](https://github.com/Spantree/puppet-nginx) * [Siteminds-gogs](https://github.com/Siteminds/puppet-gogs.git) * [mvasilenko-gocd](https://github.com/mvasilenko/puppet-gocd) * [puppetlabs-logentries](https://github.com/puppetlabs/puppetlabs-logentries) * [hfm-h2o](https://github.com/hfm/puppet-h2o) * [deviseit-barman](https://github.com/deviseit/puppet-barman.git) * [fortin-tor](https://github.com/shaftoe/puppet-tor) * [pcfens-topbeat](https://github.com/pcfens/puppet-topbeat) * [alkivi-zabbix](https://github.com/alkivi-sas/puppet-zabbix) * [rfranzen-puppet_agent](https://gitlab.com/rfranzen/puppet-puppet_agent) * [tmont-rethinkdb](https://github.com/tmont/puppet-rethinkdb) * [kogitoapp-kapacitor](https://github.com/kogitoapp/puppet-kapacitor) * [thexa4-apt_testing](https://github.com/thexa4/puppet-apt_testing) * [narasimhasv-docker](https://forge.puppet.com/narasimhasv/docker) * [cethy-gaudi](https://github.com/cethy/cethy-gaudi.git) * [alkivi-owncloud](https://github.com/alkivi-sas/puppet-owncloud) * [mpiscaer-dnsdist](https://github.com/mpiscaer/puppet_dnsdist) * [Envek-erlang](https://github.com/Envek/puppet-erlang.git) * [victorsmirnov-php7](https://github.com/victorsmirnov/puppet-php7) * [deric-r](https://github.com/deric/deric-r) * [binarin-workstation](https://forge.puppet.com/binarin/workstation) * [flatline235-aptsimplesoftware](https://github.com/flat235/puppet-aptsimplesoftware.git) * [meeh-java](https://github.com/meeh420/puppet-java.git) * [trepasi-kibana5](https://github.com/rtib/puppet-kibana5) * [deric-java](https://github.com/deric/puppet-java/archive/master.zip) * [walkamongus-pdagent](https://github.com/walkamongus/puppet-pdagent.git) * [gremlin-gremlin_agent](https://github.com/gremlin/puppet-gremlin_agent) * [capsi-beats](https://github.com/capsi-informatique/puppet-beats) * [andrewwippler-do_agent](https://github.com/andrewwippler/do_agent) * [dploeger-pagespeed](https://github.com/dploeger/puppet-pagespeed) * [jarv-randrust](https://github.com/RyanJarv/puppet-randrust) * [binarin-binarin](https://forge.puppet.com/binarin/binarin) * [ftiff-r1soft_cdp_agent](https://github.com/esl-francois/puppet-r1soft-cdp-agent) * [locp-odoo9](https://github.com/locp/puppet-odoo) * [stevenrombauts-logdna](https://github.com/stevenrombauts/puppet-logdna.git) * [garethr-sysdig](https://github.com/garethr/garethr-sysdig.git) * [jeekl-weechat](https://forge.puppet.com/jeekl/weechat) * [mayflower-hhvm](https://github.com/Mayflower/puppet-hhvm) * [giavac-homer](https://github.com/giavac/giavac-homer) * [rcoleman-hipchat](https://github.com/rcoleman/puppet-module-hipchat.git) * [ngiger-x2go](https://forge.puppet.com/ngiger/x2go) * [a2tar-openvpn](https://github.com/a2tar/openvpn.git) * [google-glogging](https://github.com/GoogleCloudPlatform/puppet-google-logging) * [cyberkov-openhab](https://github.com/cyberkov/puppet-openhab) * [ftaeger-mariadbrepo](https://github.com/ftaeger/ftaeger-mariadbrepo) * [hyper3xpl0iter-webmin](https://github.com/hyper3xpl0iter/puppet-webmin) * [srf-fluentd](https://github.com/mmz-srf/puppet-fluentd.git) * [tfoote-ros](https://github.com/tfoote/puppet-ros) * [cristaldo-libreoffice](https://github.com/cristaldo/libreoffice.git) * [ericsysmin-oraclejava](https://github.com/ericsysmin/ericsysmin-oraclejava) * [joshbeard-graylog_collector](https://github.com/joshbeard/puppet-graylog_collector) * [bluesman-crossbar](https://github.com/blues-man/crossbar-puppet.git) * [alisio-openvidu](https://github.com/alisio/alisio-openvidu) * [coreymbe-nodripa](https://github.com/coreymbe/nodripa) * [bschmidt-puppetclient](https://github.com/bernhardschmidt/puppetclient) * [blom-couchbase](https://github.com/blom/puppet-couchbase) * [norisnetwork-ceph](https://github.com/noris-network/puppet-ceph) * [thexa4-fusiondirectory_schema](https://github.com/thexa4/puppet-fusiondirectory_schema) * [markb-docker_registry](https://forge.puppet.com/markb/docker_registry) * [ipcrm-lacework](https://github.com/ipcrm/ipcrm-lacework.git) * [zivtech-rethinkdb](https://github.com/zivtech/puppet-rethinkdb.git) * [gwaldvogel-liveconfig](https://github.com/gwaldvogel/puppet-liveconfig) * [alanpetersen-gitfusion](https://github.com/alanpetersen/gitfusion) * [mdwheele-fastx](https://github.com/mdwheele/puppet-module-fastx) * [tsuru-tsuru](https://github.com/tsuru/puppet-tsuru) * [loomsen-bloonix_agent](https://github.com/loomsen/puppet-bloonix_agent) * [continuent-percona_repo](https://github.com/continuent/continuent-percona_repo) * [igorolivei-vscode](https://github.com/igorolivei/puppet-vscode) * [petems-fish](https://github.com/petems/petems-fish) * [gardouille-megacli](https://git.101010.fr/puppet/megacli) * [yguenane-mariadbrepo](https://github.com/Mylezeem/puppet-mariadbrepo) * [p0deje-firefox](https://github.com/p0deje/puppet-display) * [norisnetwork-heartbeat](https://github.com/noris-network/norisnetwork-heartbeat) * [praekeltfoundation-xylem](https://github.com/praekeltfoundation/puppet-xylem) * [alanpetersen-helix](https://github.com/alanpetersen/helix) * [basholabs-riak](https://github.com/basho-labs/puppet-riak) * [cornuwel-proxmox](https://github.com/SineQuaNonSoftware/puppet-proxmox) * [locp-odoo](https://github.com/locp/puppet-odoo) * [fe80-java](https://github.com/fe80/puppet-java.git) * [gardouille-proxmox](https://git.101010.fr/puppet/proxmox) * [gini-virtualbox](https://github.com/gini/puppet-virtualbox) * [alanpetersen-gitswarm](https://github.com/alanpetersen/gitswarm) * [coreymbe-pe_migrate](https://github.com/coreymbe/pe_migrate) * [deric-fhgfs](https://github.com/deric/puppet-fhgfs) * [norisnetwork-auditbeat](https://github.com/noris-network/norisnetwork-auditbeat) * [pauloconnor-uchiwa](https://forge.puppet.com/pauloconnor/uchiwa) * [brwyatt-flatpak](https://github.com/brwyatt/puppet-flatpak) * [puppet-opensearch](https://github.com/voxpupuli/puppet-opensearch) * [blockops-tailscale](https://gitlab.com/blockops/puppet-tailscale.git) * [helio-fluentbit](https://github.com/helio/puppet-fluentbit) * [synyx-elasticsearch](https://github.com/synyx/puppet-elasticsearch.git) * [deric-torque](https://github.com/deric/puppet-torque.git) * [Lavaburn-cloudstack](https://github.com/Lavaburn/puppet-cloudstack) * [stesie-gluon](https://github.com/ffansbach/gluon-puppet) * [garethr-erlang](https://github.com/garethr/garethr-erlang.git) * [deric-java_binary](https://github.com/deric/puppet-java/archive/master.zip) * [johnlawerance-xtrabackup](https://github.com/johnlawerance/xtrabackup) * [desertkun-nginx](https://github.com/desertkun/puppet-nginx.git) * [lboynton-r1soft_cdp_agent](https://github.com/lboynton/puppet-r1soft-cdp-agent) * [kemra102-zabbix](https://github.com/kemra102/puppet-zabbix) * [gini-cassandra](https://github.com/gini/puppet-cassandra) * [n3snah-powershell7](https://github.com/n3snah/powershell7) * [hfm-percona](https://github.com/hfm/puppet-percona) * [vll-synergy](https://github.com/indigo-dc/puppet-synergy) * [project0-bareos](https://github.com/project0/puppet-bareos) * [southernhill-phpldapadmin](https://github.com/southernhill/puppet-phpldapadmin.git) * [synyx-mongodb](https://github.com/synyx/puppet-mongodb.git) * [nono-zfs](https://forge-git.ircam.fr/puppet-module-base-zfs.git) * [vide-omsa](https://github.com/vide/puppet-omsa) * [krakatoa-haproxy](https://github.com/krakatoa1987/puppetlabs-haproxy) * [thbe-bareos](https://github.com/thbe/puppet-bareos.git) * [tomohiro-mackerel_agent](https://github.com/Tomohiro/puppet-mackerel_agent) * [abaranov-wireguard](https://github.com/spacedog/puppet-wirguard) * [olivierHa-influxdb](https://github.com/olivierHa/puppet-influxdb) * [deric-pgprobackup](https://github.com/deric/puppet-pgprobackup) * [synyx-graylog2](https://github.com/synyx/puppet-graylog2.git) * [chartbeat-confluent_kafka](http://github.com/chartbeat-labs/puppet-confluent-kafka) * [shoekstra-owncloud](https://github.com/shoekstra/puppet-owncloud.git) * [wavesoftware-xtreemfs](https://github.com/wavesoftware/puppet-xtreemfs.git) * [potto-marathon](http://github.com/potto007/puppet-marathon) * [wywygmbh-fluentd](https://github.com/wywy/puppet-fluentd) * [kallies-x2go](https://github.com/kallies/puppet-x2go.git) * [monkygames-nvidia](https://bitbucket.org/monkygames/puppet-nvidia) * [poolski-beats](https://github.com/poolski/puppet-beats) * [spantree-java7](https://github.com/Spantree/puppet-java7.git) * [spantree-java8](https://github.com/Spantree/puppet-java8.git) * [rpignolet-mongodb](https://github.com/rpignolet/puppetlabs-mongodb.git) * [deric-beegfs](https://github.com/deric/puppet-beegfs) * [logdna-logdna](https://github.com/logdna/puppet-logdna) * [msimonin-cassandra](https://github.com/msimonin/puppet-cassandra) * [nodes-php](https://github.com/jippi/puppet-php.git) * [signalfx-splunk_otel_collector](https://github.com/signalfx/splunk-otel-collector) * [ceritsc-hp_sdr](https://github.com/CERIT-SC/puppet-hp_sdr.git) * [vpgrp-pdagent](https://git.vpgrp.io/puppet/puppet-pdagent) * [spjmurray-jenkins](https://github.com/spjmurray/puppet-jenkins) * [gdsoperations-aptly](https://github.com/gds-operations/puppet-aptly) * [artberri-yarn](https://github.com/artberri/puppet-yarn) * [sarus-couchdb](https://github.com/isberg1/couchdb) * [puppet-bareos](https://github.com/voxpupuli/puppet-bareos) * [norisnetwork-packetbeat](https://github.com/noris-network/norisnetwork-packetbeat) * [inkblot-riak](https://github.com/inkblot/puppet-riak) * [egiqc-umd](https://github.com/egi-qc/puppet-umd.git) * [vholer-hp_sdr](https://github.com/vholer/puppet-hp_sdr.git) * [genv-osquery](https://github.com/gibbs/puppet-osquery) * [maxchk-varnish](https://forge.puppet.com/maxchk/varnish) * [petems-cockpit](https://github.com/petems/petems-cockpit) * [aitalian-mspackages](https://github.com/aitalian/puppet-mspackages) * [puppet-tvheadend](https://github.com/voxpupuli/puppet-tvheadend.git) * [graylog-graylog](https://github.com/Graylog2/puppet-graylog) * [zivtech-zivtech_apt](https://github.com/zivtech/puppet-zivtech_apt) * [panaman-webmin](https://github.com/panaman/puppet-webmin) * [puppetlabs-mongodb](https://github.com/puppetlabs/puppetlabs-mongodb) * [dsestero-sonarqube](https://github.com/dsestero/sonarqube.git) * [csanchez-owncloud](http://github.com/carlossg/puppet-owncloud) * [tapajos-ruby_stable](https://github.com/tapajos/puppet-ruby-stable) * [104corp-corp104_influxdb](https://github.com/104corp/corp104_influxdb) * [TubeMogul-druid](https://github.com/tubemogul/puppet-druid.git) * [dodevops-xymon](https://github.com/dodevops/puppet-xymon) * [csanchez-plex](http://github.com/carlossg/puppet-plex) * [dschaaff-hipchatclient](https://github.com/dschaaff/puppet-hipchatclient.git) * [cheasles-synapse](https://github.com/cheasles/puppet-synapse.git) * [tanny1910-omd](https://github.com/GRIF-IRFU/puppet-omd.git) * [instana-agent](https://github.com/instana/instana-agent-puppet) * [chartbeat-varnish](https://github.com/chartbeat-labs/puppet-varnish) * [mightp-influxdb](https://github.com/magnuslarsen/puppet-influxdb) * [fschaer-omd](https://github.com/GRIF-IRFU/puppet-omd) * [kogitoapp-chronograf](https://github.com/kogitoapp/puppet-chronograf) * [librato-librato](https://github.com/librato/puppet-librato) * [puppetfinland-xtrabackup](https://github.com/Puppet-Finland/puppet-xtrabackup.git) * [cloudpassage-cloudpassage](https://github.com/cloudpassage/puppet-cloudpassage.git) * [Enucatl-i2pd](https://github.com/Enucatl/i2pd) * [mfedotov-clickhouse](https://github.com/MaxFedotov/puppet-clickhouse.git) * [vpgrp-omsa](https://git.vpgrp.io/puppet/puppet-omsa) * [vshn-uhosting](https://github.com/vshn/uhosting) * [mvisonneau-curator](https://github.com/mvisonneau/puppet-curator) * [puppet-erlang](https://github.com/voxpupuli/puppet-erlang) * [vpgrp-docker](https://git.vpgrp.io/puppet/puppet-docker) * [opentable-puppetversion](https://github.com/opentable/puppet-puppetversion) * [initforthe-yarn](https://github.com/initforthe/puppet-yarn) * [TubeMogul-maxscale](https://github.com/tubemogul/puppet-maxscale.git) * [midonet-cassandra](https://github.com/midonet/puppet-cassandra) * [panopta-panopta](https://github.com/panopta/puppet) * [zend-zend_common](https://github.com/zendtech/puppet-zend-common) * [whefter-syncthing](https://github.com/whefter/puppet-syncthing.git) * [dmcnicks-mcoconfig](http://github.com/dmcnicks/dmcnicks-mcoconfig) * [scoutapp-scoutd](https://forge.puppet.com/scoutapp/scoutd) * [brwyatt-syncthing](https://github.com/brwyatt/puppet-syncthing.git) * [deric-clickhouse](https://github.com/deric/puppet-clickhouse.git) * [encore-fluentd](https://github.com/EncoreTechnologies/puppet-fluentd) * [signalfx-signalfx_agent](https://github.com/signalfx/signalfx-agent) * [continuent-tungsten](https://github.com/continuent/continuent-tungsten) * [graylog2-graylog2](https://github.com/Graylog2/graylog2-puppet.git) * [sensson-r1soft](https://github.com/sensson/puppet-r1soft) * [Asher256-lizardfs](https://github.com/Asher256/puppet-lizardfs) * [oxc-rspamd](https://github.com/oxc/puppet-rspamd) * [oris-nginx](https://bitbucket.org/oris/env-puppet-module-nginx) * [eNovance-ceph](https://github.com/enovance/puppet-ceph) * [codingfuture-cffirehol](https://github.com/codingfuture/puppet-cffirehol) * [codingfuture-cfsystem](https://github.com/codingfuture/puppet-cfsystem) * [spjmurray-puppet](https://github.com/spjmurray/puppet-puppet) * [stephenrjohnson-puppet](https://github.com/stephenrjohnson/puppetlabs-puppet.git) * [datacentred-telegraf](https://github.com/datacentred/puppet-telegraf) * [vpgrp-influxdb](https://github.com/veepee-puppet/puppet-influxdb) * [s12v-blackfire](https://github.com/s12v/puppet-blackfire) * [rtyler-jenkins](https://github.com/jenkinsci/puppet-jenkins) * [treydock-perfsonar](https://github.com/treydock/puppet-module-perfsonar) * [puppet-falco](https://github.com/voxpupuli/puppet-falco) * [kiran-vnc](https://github.com/marthakiran/puppet-vnc) * [pest-blackfire](https://github.com/puppets-epic-show-theatre/puppet-curator) * [edestecd-software](https://github.com/edestecd/puppet-software.git) * [puppetlabs-influxdb](https://github.com/puppetlabs/influxdb) * [yankcrime-telegraf](https://github.com/yankcrime/puppet-telegraf) * [otherskins-ansible](https://github.com/otherskins/puppet-ansible.git) * [nexcess-ksplice](https://github.com/nexcess/puppet-ksplice) * [camptocamp-puppetserver](https://github.com/camptocamp/puppet-puppetserver) * [yelp-uchiwa](https://forge.puppet.com/yelp/uchiwa) * [edestecd-mariadb](https://github.com/edestecd/puppet-mariadb.git) * [joelkle-salt](https://github.com/JoelKle/puppet-salt) * [opuscodium-odoo](https://github.com/opus-codium/puppet-odoo) * [puppet-hashi_stack](https://github.com/voxpupuli/puppet-hashi_stack) * [Kotty666-maxscale](https://github.com/Kotty666/Kotty666-maxscale) * [jlambert121-curator](https://github.com/jlambert121/jlambert121-curator) * [serverdensity-serverdensity_agent](https://github.com/serverdensity/puppet-serverdensity/) * [abstractit-puppet](https://github.com/abstractitptyltd/abstractit-puppet) * [claranet-newrelic](https://github.com/claranet/puppet-newrelic.git) * [HEPPuppet-htcondor](https://github.com/HEP-Puppet) * [bfraser-grafana](https://github.com/bfraser/puppet-grafana.git) * [stackstorm-st2](https://github.com/StackStorm/puppet-st2) * [godp1301-postgresql](https://github.com/godp1301/puppetlabs-postgresql.git) * [factorit-grafana](https://github.com/bfraser/puppet-grafana.git) * [puppetlabs-puppet_metrics_dashboard](https://github.com/puppetlabs/puppet_metrics_dashboard) * [bashtoni-varnish](https://github.com/BashtonLtd/puppet-varnish) * [puppet-varnish](https://github.com/voxpupuli/puppet-varnish) * [puppetfinland-mysql](https://github.com/Puppet-Finland/puppet-mysql.git) * [puppet-puppetserver](https://github.com/voxpupuli/puppet-puppetserver) * [fraenki-galera](https://github.com/fraenki/puppet-galera) * [osc-openondemand](https://github.com/osc/puppet-module-openondemand) * [mindhive-nvidia_docker_runtime](https://github.com/mindhivenz/nvidia_docker_runtime) * [sensson-powerdns](https://github.com/sensson/puppet-powerdns) * [puppetfinland-freight](https://github.com/Puppet-Finland/puppet-freight.git) * [puppet-cassandra](https://github.com/voxpupuli/puppet-cassandra) * [razorsedge-cloudera](https://github.com/razorsedge/puppet-cloudera.git) * [TubeMogul-aptly](https://github.com/tubemogul/puppet-aptly.git) * [icinga-icinga](https://github.com/icinga/puppet-icinga) * [arioch-redis](https://github.com/arioch/puppet-redis) * [puppet-jenkins](https://github.com/voxpupuli/puppet-jenkins) * [puppetfinland-openvpn](https://github.com/Puppet-Finland/puppet-openvpn.git) * [phagedorn-mongodb](git clone https://github.com/phagedorn/puppet-mongodb.git) * [cristifalcas-curator](https://github.com/cristifalcas/puppet-curator) * [dwerder-mongodb](git clone https://github.com/echocat/puppet-mongodb.git) * [smash-tor](https://gitlab.com/shared-puppet-modules-group/tor) * [golja-influxdb](https://github.com/n1tr0g/golja-influxdb) * [spjmurray-ceph](https://github.com/spjmurray/puppet-ceph) * [iu-duo_unix](https://github.com/indiana-university/puppet-duo_unix) * [pest-curator](https://github.com/puppets-epic-show-theatre/puppet-curator) * [cesnet-site_hadoop](https://github.com/MetaCenterCloudPuppet/cesnet-site_hadoop) * [rehan-nginx](https://github.com/rehanone/puppet-nginx.git) * [openstack-ceph](https://opendev.org/openstack/puppet-ceph.git) * [ehime-newrelic](https://github.com/ehime/puppet-newrelic.git) * [fsalum-newrelic](https://github.com/fsalum/puppet-newrelic.git) * [simp-postgresql](https://github.com/simp/puppetlabs-postgresql.git) * [puppet-mongodb](https://github.com/voxpupuli/puppet-mongodb) * [puppet-telegraf](https://github.com/voxpupuli/puppet-telegraf) * [puppet-gitlab_ci_runner](https://github.com/voxpupuli/puppet-gitlab_ci_runner) * [wazuh-wazuh](https://github.com/wazuh/wazuh-puppet) * [memoussati-postgresql](https://github.com/puppetlabs/puppetlabs-postgresql.git) * [puppet-virtualbox](https://github.com/voxpupuli/puppet-virtualbox) * [puppet-fetchcrl](https://github.com/voxpupuli/puppet-fetchcrl) * [puppet-lldpd](https://github.com/voxpupuli/puppet-lldpd) * [claranet-varnish](https://github.com/claranet/puppet-varnish) * [mugurax-collectd](https://github.com/voxpupuli/puppet-collectd) * [memoussati-docker](https://github.com/garethr/garethr-docker.git) * [mvasilenko-docker](https://github.com/mvasilenko/garethr-docker.git) * [garethr-docker](https://github.com/garethr/garethr-docker.git) * [ape-elasticsearch](https://github.com/pecharmin/puppet-elasticsearch) * [puppetlabs-rabbitmq](https://github.com/puppetlabs/puppetlabs-rabbitmq) * [puppet-gluster](https://github.com/voxpupuli/puppet-gluster.git) * [puppet-proxysql](https://github.com/voxpupuli/puppet-proxysql.git) * [razorsedge-vmwaretools](https://github.com/razorsedge/puppet-vmwaretools.git) * [puppetlabs-docker](https://github.com/puppetlabs/puppetlabs-docker) * [elastic-elastic_stack](https://github.com/elastic/puppet-elastic-stack) * [puppetlabs-kubernetes](https://github.com/puppetlabs/puppetlabs-kubernetes) * [puppet-elastic_stack](https://github.com/voxpupuli/puppet-elastic-stack) * [puppet-php](https://github.com/voxpupuli/puppet-php) * [puppet-cvmfs](https://github.com/voxpupuli/puppet-cvmfs.git) * [treydock-globus](https://github.com/treydock/puppet-module-globus) * [puppetlabs-postgresql](https://github.com/puppetlabs/puppetlabs-postgresql) * [puppet-zabbix](https://github.com/voxpupuli/puppet-zabbix.git) * [tsuru-base](https://github.com/tsuru/puppet-tsuru) * [willdurand-bazinga](https://forge.puppet.com/willdurand/bazinga) * [spjmurray-kubernetes](https://github.com/spjmurray/puppet-kubernetes) * [nix-jboss](https://github.com/puppetnix/jboss) * [horsefish-bmc](https://github.com/horsefish/bmc) * [konstantin-fluentd](https://github.com/soylent/konstantin-fluentd) * [lrfurtado-aptly](https://github.com/gds-operations/puppet-aptly) * [jamesnetherton-google_chrome](https://github.com/jamesnetherton/puppet-google-chrome) * [danielburrell-ppa](https://github.com/danielburrell/solong-ppa.git) * [rplessl-telegraf](https://github.com/rplessl/puppet-telegraf.git) * [aursu-dockerinstall](https://github.com/aursu/puppet-dockerinstall) * [newrelic-newrelic_infra](https://github.com/newrelic/infrastructure-agent-puppet) * [elasticsearch-elasticsearch](https://github.com/elastic/puppet-elasticsearch) * [aursu-kubeinstall](https://github.com/aursu/puppet-kubeinstall.git) * [choria-choria](https://github.com/choria-io/puppet-choria) * [jsnshrmn-twlight](https://github.com/WikipediaLibrary/twlight_puppet) * [lesaux-kibana4](https://github.com/lesaux/puppet-kibana4.git) * [vshn-gitlab](https://github.com/vshn/puppet-gitlab) * [puppet-collectd](https://github.com/voxpupuli/puppet-collectd) * [locp-opscenter](https://github.com/locp/opscenter) * [threatstack-threatstack](https://github.com/threatstack/threatstack-puppet) * [openstack-openstack_extras](https://opendev.org/openstack/puppet-openstack_extras.git) * [theforeman-foreman](https://github.com/theforeman/puppet-foreman) * [datadog-datadog_agent](https://github.com/DataDog/puppet-datadog-agent.git) * [covata-safeshare](https://bitbucket.org/covata/puppet_covata_services) * [jcustenborder-confluent](https://github.com/jcustenborder/puppet-confluent) * [pcfens-filebeat](https://github.com/pcfens/puppet-filebeat) * [puppetlabs-puppet_agent](https://github.com/puppetlabs/puppetlabs-puppet_agent) * [midonet-midonet](https://github.com/midonet/puppet-midonet) * [lookatitude-zserver](https://github.com/lookatitude/Zserver) * [jcalles-php](https://github.com/mayflower/puppet-php) * [mayflower-php](https://github.com/mayflower/puppet-php) * [danzilio-virtualbox](https://github.com/danzilio/danzilio-virtualbox) * [wdijkerman-zabbix](https://github.com/dj-wasabi/puppet-zabbix.git) * [jfryman-nginx](https://github.com/jfryman/puppet-nginx.git) * [locp-cassandra](https://github.com/locp/cassandra) * [hackerhappyhour-docker](https://github.com/HackerHappyHour/hackerhappyhour-docker.git)

Breaking changes to this file MAY impact these 88 modules (near match):

* [link0-influxdb](https://github.com/link0/puppet-influxdb) * [shidima-logstash_forwarder](https://github.com/christiaan-janssen/logstash_forwarder) * [jeroenmoors-ceph](https://forge.puppet.com/jeroenmoors/ceph) * [link0-grafana](https://github.com/link0/puppet-grafana) * [factorit-icingaweb2](https://github.com/Icinga/puppet-icingaweb2.git) * [alkivi-openerp](https://github.com/alkivi-sas/puppet-openerp) * [mbarr-moderninfra](https://github.com/matthewbarr/moderninfra) * [rcoleman-dropbox](https://github.com/rcoleman/puppet-module-dropbox.git) * [aniketmehta-elasticsearch](https://github.com/aniketmehta/elasticsearch) * [gwieczorek-proxmox_backup](https://github.com/onitopl/puppet-proxmox-backup) * [vinodverma7584-truesightmeter](https://github.com/VinodVerma7584/boundary_puppet) * [braiins-zabbix](https://github.com/braiins/puppet-zabbix.git) * [nrvale0-openmediavault](https://github.com/nrvale0/puppet-openmediavault.git) * [gjerjens-zabbix_agent2](https://gitlab.com/gjerjens/zabbix_agent2) * [elasticsearch-logstashforwarder](https://github.com/elastic/puppet-logstashforwarder) * [hfm-octopass](https://github.com/hfm/puppet-octopass) * [aageyev-mysql](https://github.com/aageyev/mysql.git) * [arioch-nginx](https://forge.puppet.com/arioch/nginx) * [romgo-squash_tm](https://github.com/hdep/puppet-squash_tm) * [logentries-logentries](https://github.com/logentries) * [kclnmssys-influxdb](https://github.com/kcl-nmssys/puppet-influxdb/) * [semaphore-yggdrasil](https://github.com/rtprio/puppet-yggdrasil.git) * [caius-prometheus](https://github.com/caius/puppet-prometheus) * [calston-tensor](https://github.com/calston/tensor/) * [Firebladee-newrelic](https://github.com/Firebladee/newrelic) * [fraenki-wforce](https://github.com/fraenki/puppet-wforce) * [puppetfinland-hwraid](https://github.com/Puppet-Finland/puppet-hwraid.git) * [jgreat-docker](https://github.com/jgreat/puppet-docker.git) * [jza34-desktop](https://github.com/jza34/puppet-desktop) * [meltwater-marathon](https://github.com/meltwater/puppet-marathon) * [eyp-postgresql](https://github.com/NTTCom-MS/eyp-postgresql) * [eyp-php](https://github.com/NTTCom-MS/eyp-php) * [tedivm-hieratic](https://github.com/tedivm/puppet-hieratic) * [elasticsearch-logstash](https://github.com/elastic/puppet-logstash) * [ceritsc-perun](https://github.com/CERIT-SC/puppet-perun.git) * [jtopjian-cubbystack](https://github.com/jtopjian/puppet-cubbystack) * [ploperations-nginx](https://github.com/puppetlabs-operations/puppet-nginx) * [nrvale0-plexmediaserver](https://github.com/nrvale0/puppet-plexmediaserver) * [puppet-prosody](https://github.com/voxpupuli/puppet-prosody) * [Lavaburn-flapjack](https://github.com/Lavaburn/puppet-flapjack.git) * [runthebusiness-firefox](https://forge.puppet.com/runthebusiness/firefox) * [innogames-clickhouse](http://github.com/innogames/puppet-clickhouse) * [renanvicente-goaccess](https://github.com/renanvicente/puppet-goaccess) * [Asher256-redis_cluster](https://github.com/Asher256/puppet-redis_cluster) * [narasimhasv-openstack](https://forge.puppet.com/narasimhasv/openstack) * [lwo-dataverse](https://github.com/IQSS/dataverse-puppet) * [sematext-spm_monitor](http://sematext.com) * [puppetfinland-postgresql](https://github.com/Puppet-Finland/puppet-postgresql.git) * [camptocamp-qgis](https://github.com/camptocamp/puppet-qgis) * [jlondon-couchbase](https://github.com/justicel/puppet-couchbase.git) * [savoirfaire-mono](https://github.com/savoiringfaire/puppet-mono) * [hfm-vaz](https://github.com/hfm/puppet-vaz) * [runthebusiness-zendserver](https://forge.puppet.com/runthebusiness/zendserver) * [jay-nodejs](https://github.com/mootpt/puppet-nodejs) * [spotify-puppetexplorer](https://github.com/spotify/puppet-puppetexplorer.git) * [mtulio-zabbix](https://github.com/mtulio/puppet-mod-zabbix) * [ceh-nagios](https://github.com/NERC-CEH/puppet-nagios) * [camptocamp-dell](https://github.com/camptocamp/puppet-dell) * [codingfuture-cflogsink](https://github.com/codingfuture/puppet-cflogsink) * [vStone-percona](https://github.com/vStone/puppet-percona) * [codingfuture-cfdb](https://github.com/codingfuture/puppet-cfdb) * [codingfuture-cfweb](https://github.com/codingfuture/puppet-cfweb) * [puppetfinland-nginx](https://github.com/Puppet-Finland/puppet-nginx.git) * [mlambrichs-neo4j](https://github.com/mlambrichs/puppet-neo4j) * [puppet-puppetwebhook](https://github.com/voxpupuli/puppet-puppetwebhook.git) * [tobru-knot](https://github.com/tobru/puppet-knot) * [ccin2p3-syslog_ng](https://github.com/ccin2p3/puppet-syslog_ng) * [hfm-stns](https://github.com/STNS/puppet-stns) * [inkblot-tor](https://github.com/inkblot/puppet-tor.git) * [boundary-boundary](https://github.com/boundary/boundary_puppet) * [sensu-sensuclassic](https://github.com/sensu/puppet-module-sensuclassic) * [puppet-nginx](https://github.com/voxpupuli/puppet-nginx.git) * [puppetlabs-openstack](https://github.com/puppetlabs/puppetlabs-openstack.git) * [puppet-rundeck](https://github.com/voxpupuli/puppet-rundeck.git) * [puppet-redis](https://github.com/voxpupuli/puppet-redis.git) * [puppet-nodejs](https://github.com/voxpupuli/puppet-nodejs) * [objectiflibre-puppet](https://github.com/ObjectifLibre/puppet-puppet.git) * [eyp-saltstack](https://github.com/NTTCom-MS/eyp-saltstack) * [echoes-wrappers](https://github.com/echoes-tech/puppet-wrappers) * [soli-wrappers](https://github.com/solution-libre/puppet-wrappers) * [geoffwilliams-r_profile](https://github.com/GeoffWilliams/r_profile) * [puppet-grafana](https://github.com/voxpupuli/puppet-grafana.git) * [puppet-rabbitmq](https://github.com/voxpupuli/puppet-rabbitmq) * [example42-mariadb](https://github.com/example42/puppet-mariadb) * [mvasilenko-sensu](https://github.com/mvasilenko/sensu-puppet) * [sensu-sensu](https://github.com/sensu/sensu-puppet) * [camptocamp-varnish](https://github.com/camptocamp/puppet-varnish) * [puppetlabs-nodejs](https://github.com/puppetlabs/puppetlabs-nodejs)

This module is declared in 235 of 580 indexed public Puppetfiles.

---

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

[dhs-rec]

This allows a simple key download behavior:

# This will create /etc/apt/keyrings/puppetlabs.gpg
apt::keyring { 'puppetlabs':
  source => 'https://apt.puppetlabs.com/keyring.gpg',
}

Will there be an option to store the keyring in /usr/share/keyrings (in case it is later managed by a package)?

[jorhett]

Will there be an option to store the keyring in /usr/share/keyrings (in case it is later managed by a package)?

You can pass any filename you want via the filename parameter. However, /usr/share/keyrings should never be (directly) managed by Puppet. Everything in that directory should match to a package.

[dhs-rec]

Will there be an option to store the keyring in /usr/share/keyrings (in case it is later managed by a package)?

You can pass any filename you want via the filename parameter.

Ah, didn't see that parameter in the example.

However, /usr/share/keyrings should never be (directly) managed by Puppet.

Why not? How else should the initial setup, before the package containing the key is installed, be done, then? File resources have the replace parameter, exactly for this purpose. I'm aware this would require a bit more code, though...

[wornet-mwo]

/usr/share is for data which does not need to be modified (see the FHS). So in regular case, no changes in /usr/share/keyrings should be made by puppet, unless explicitely intended by the author of the host manifest. There is an use case for doing against the standard: installing a package which adds the same keyring again. But from my point of view the filename parameter is the right way to use it. Also the default in /etc/apt/keyrings is a good way to go.

[dhs-rec]

In this case, a change in /usr/share/keyrings IS intended. The key is needed initially to setup the repo, from which a package is installed that manages the key afterwards. Thus, Puppet SHOULD be able to initially install a key into /usr/share/keyrings, but don't touch it again if it's already there.

Please see https://wiki.debian.org/DebianRepository/UseThirdParty for the details.

[jamesps-ebi]

In this case, a change in /usr/share/keyrings IS intended. The key is needed initially to setup the repo, from which a package is installed that manages the key afterwards. Thus, Puppet SHOULD be able to initially install a key into /usr/share/keyrings, but don't touch it again if it's already there.

Please see https://wiki.debian.org/DebianRepository/UseThirdParty for the details.

I see this as a chicken and egg situation. I know that some Google packages like Google Chrome do exactly this. If you install the package from .deb, it creates the repo configuration and GPG key under /usr/share/keyrings

But if you want to manage the repo and key via Puppet, how should that be done? There doesn't seem a clean solution.

Probably in situations like this, you can remove the repo created by the .deb and add a new Puppet managed one with the 'signed-by' parameter pointing to a GPG key under /etc/apt/keyrings

[dhs-rec]

But if you want to manage the repo and key via Puppet, how should that be done? There doesn't seem a clean solution.

Yes, there is: https://www.puppet.com/docs/puppet/7/types/file.html#file-attribute-replace

[dploeger]

@jorhett Are you still working on this? Need any help?

[rwaffen]

i'm also interested in this. any news here?

[jorhett]

In this case, a change in /usr/share/keyrings IS intended. The key is needed initially to setup the repo, from which a package is installed that manages the key afterwards. Thus, Puppet SHOULD be able to initially install a key into /usr/share/keyrings, but don't touch it again if it's already there. Please see https://wiki.debian.org/DebianRepository/UseThirdParty for the details.

@dhs-rec actually you need to go back and re-read that same document.

Let me quote that document for you:

If future updates to the certificate will be managed by an apt/dpkg package as recommended below, then it SHOULD be downloaded into /usr/share/keyrings using the same filename that will be provided by the package.

This is very direct and explicit. The only keys that should be in /usr/share/keyrings should be installed by a package, and have exactly the same filename as the package. They then go further to say:

If it will be managed locally , it SHOULD be downloaded into /etc/apt/keyrings instead.

So the only compliant way for Puppet to put a key in /usr/share/keyrings is to install a debian package that does it. Any manual additions (e.g. THIS MODULE) should be in /etc/apt/keyrings.

@jorhett Are you still working on this? Need any help?

TBH this was honestly my attempt to remind Puppet that their "supported" module doesn't support any non-EOL version of the operating system. Kind of like elbow, elbow... hey, if you're going to claim this module is supported, then you need to update to post-2012 Debian standards. Because it only works with loud warnings on anything since 2012, and it doesn't work at all on the last 3 releases of the operating system.

I might have some time to poke at this in the future, but waiting for someone to give you a fix doesn't quite fit the "supported" paradigm as I understand it.

[dhs-rec]

@dhs-rec actually you need to go back and re-read that same document.

@jorhett, believe me, I've read this multiple times.

Let me quote that document for you:

If future updates to the certificate will be managed by an apt/dpkg package as recommended below, then it SHOULD be downloaded into /usr/share/keyrings using the same filename that will be provided by the package.

This is very direct and explicit. The only keys that should be in /usr/share/keyrings should be installed by a package, and have exactly the same filename as the package. They then go further to say:

You seem to completely ignore the "If future updates..." part of this paragraph, as well as "...it SHOULD be downloaded into...". Tell me: Who should do this download if not Puppet (given that one has to manage tens or hundreds of nodes)?

So, what this really means, once again, is: The key should initially be stored in /usr/share/keyrings, but then not touched anymore, except by the package that manages it. If you think about it, how else should this work? Where should the key be stored before you can install the package that manages it? In another location? You would have two keys, then, right? Which one would you use? How would you manage the change in the sources.list file?

This only makes sense if Puppet manages keys in /usr/share/keyrings initially (which means: using a file resource with replace => false), and those in /etc/apt/keyrings all the time.

[jorhett]

You seem to completely ignore the "If future updates..." part of this paragraph, as well as "...it SHOULD be downloaded into...". Tell me: Who should do this download if not Puppet (given that one has to manage tens or hundreds of nodes)?

If you're downloading it (not installing a package), it should be in /etc/apt/keyrings -- end of subject. No exceptions. The doc is very clear.

So, what this really means, once again, is: The key should initially be stored in /usr/share/keyrings, but then not touched anymore, except by the package that manages it.
... This only makes sense if Puppet manages keys in /usr/share/keyrings initially (which means: using a file resource with replace => false), and those in /etc/apt/keyrings all the time.

I'm really not trying to be rude when I say this, but these convoluted statements of your don't make any sense at all. There is no reason to have two different file resources. You can't point a repo at two different key files, why would you create two different ones? Having the same key twice will cause problems. Stop imagining some scenario that doesn't exist.

• /usr/share/keyrings should contains keys installed by packages and should be named the same as the package which installed it
• /etc/apt/keyrings EVERYTHING ELSE, no exceptions

[wornet-mwo]

No need to offend here, as there is no reason to. @jorhett has planned to implement a filename parameter which is perfectly fine. So @dhs-rec, you can place your keyring whereever you want even to /var/run if you think it's a great idea. No need to change defaults here, where /etc/apt/keyrings is a well documented default from debian side.

Let's focus on the implementation - which is somehow missing, at least i did not find the defined type in your commit - am I missing something here (can't find a keyring.pp or a define in your changes)? Also there are some requested changes by @bastelfreak.

[dhs-rec]

You seem to completely ignore the "If future updates..." part of this paragraph, as well as "...it SHOULD be downloaded into...". Tell me: Who should do this download if not Puppet (given that one has to manage tens or hundreds of nodes)?

If you're downloading it (not installing a package), it should be in /etc/apt/keyrings -- end of subject. No exceptions. The doc is very clear.

@jorhett , yes, it is very clear, indeed. It says (as you already cited above):

If future updates to the certificate will be managed by an apt/dpkg package as recommended below, then it SHOULD be downloaded into /usr/share/keyrings...

That is to overcome the chicken and egg problem you have in this case, because you need the keyfile in order to be able to install the package that manages it in the future. Thus, it should initially be downloaded into /usr/share/keyrings.

I'm really not trying to be rude when I say this, but these convoluted statements of your don't make any sense at all. There is no reason to have two different file resources. You can't point a repo at two different key files, why would you create two different ones? Having the same key twice will cause problems. Stop imagining some scenario that doesn't exist.

But that's what you get if the the Puppet class installs the keyfile into /etc/apt/keyrings only. Then you install the package that manages the key in /usr/share/keyrings. And then? How to proceed from this? The keyfile from the package is the one that should be referred to in the sources.list file.

I didn't write anything about two file resources. Of course, we need just one. But if the path starts with /usr/share/keyrings/, it should contain a replace => false.

* `/usr/share/keyrings` should contains keys installed by packages and should be named the same as the package which installed it

Yes, of course. I didn't write anything else, except for the last words: "... package which will install it"

* `/etc/apt/keyrings` EVERYTHING ELSE, no exceptions

Sure

Could be something like this:

...
file { 'keyring':
  path => $destination,
  ...
  replace => ($destination !~ /^\/usr\/share\/keyrings\/.*$/),
  ...
}
...

[dhs-rec]

Here are some sample installation instructions (from Element Desktop), which exactly reflect what I wrote above:

sudo wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | sudo tee /etc/apt/sources.list.d/element-io.list sudo apt update sudo apt install element-desktop

The element-desktop package has a dependency on element-io-archive-keyring, which is the package that manages the keyring file afterwards. But the keyring file needed to be downloaded once, manually, in order to be able to install that package.

[jorhett]

That is to overcome the chicken and egg problem you have in this case

There is no chicken and egg problem here. You can install release packages with keys without sticking a key file in /usr/share/keyrings. This whole conundrum lies entirely in your imagination. This entire discussion is a waste of time.

[jorhett]

Here are some sample installation instructions (from Element Desktop), which exactly reflect what I wrote above:

sudo wget -O /usr/share/keyrings/element-io-archive-keyring.gpg https://packages.element.io/debian/element-io-archive-keyring.gpg echo "deb [signed-by=/usr/share/keyrings/element-io-archive-keyring.gpg] https://packages.element.io/debian/ default main" | sudo tee /etc/apt/sources.list.d/element-io.list sudo apt update sudo apt install element-desktop

The element-desktop package has a dependency on element-io-archive-keyring, which is the package that manages the keyring file afterwards. But the keyring file needed to be downloaded once, manually, in order to be able to install that package.

Those instructions are flat out wrong, but hey -- you can do it a number of different ways. Say that you really wanted to do it this way, my PR offered that ability, no? So what is it that you keep arguing about? If you really want to violate the guidelines, nothing in my PR would prevent that.

Now, is Puppet going to take responsibility for fixing their SUPPOSEDLY "supported" module which works with correctly exactly zero non-EOL versions of Debian?

[jorhett]

Let's focus on the implementation

🤷‍♀️ Like I said, this was my poke to remind Puppet to fix their "supported" module. I might have been willing to do all the work before, but given how I'm getting treated here I have better things to do with my time than fix their problems so they can make money from it.

[kenyon]

@jorhett best just to block known bad community member @dhs-rec.

[jamesps-ebi]

In #1120 I submitted a draft for a new apt::keyring defined type that could be made to work with the changes proposed here.

There's some overlap between the two PRs though.

Since this PR already has most of the surrounding work done, maybe we can look at cherry-picking just the defined-type and adapt it to work with these changes.

[kenyon]

Should be closed, was done in #1128.