search

puppetlabs / puppetlabs-puppet_agent

Module for managing Puppet-Agent
Apache License 2.0
41 stars 192 forks source link

Add GPG check to SUSE repository #709

Closed mhashizume closed 6 months ago

mhashizume commented 6 months ago

This PR adds a GPG check to SUSE repos created by this module. This mirrors behavior already found in public release packages (see https://github.com/puppetlabs/puppetlabs-release/blob/main/source/yum.puppet.com/puppet-release.sles.template#L6) and the pe_repo module.

I tested this on SLES 12: 

leaky-toolmaker:~ # /opt/puppetlabs/puppet/bin/puppet --version
7.28.0
leaky-toolmaker:~ # cat /etc/zypp/repos.d/pc_repo.repo
[pc_repo]
name = pc_repo
enabled = 1
gpgcheck = 1
autorefresh = 0
baseurl = http://yum.puppet.com/sles/12/PC1/x86_64?ssl_verify=no
type = rpm-md
leaky-toolmaker:~ # cat test.pp
class { '::puppet_agent':
  package_version => '7.29.1',
}
leaky-toolmaker:~ # /opt/puppetlabs/bin/puppet apply test.pp
Notice: Compiled catalog for leaky-toolmaker.delivery.puppetlabs.net in environment production in 0.15 seconds
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406]/ensure: defined content as '{sha256}4d5a9c73f97235eebe8c69f728aa2efcc8e1ee02282f972efdbbbd3a430be454'
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet]/ensure: defined content as '{sha256}7908698a5b6c4ff2d555edd1a6d594d1c2071481e1e1f7fd753274a1ab201675'
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Exec[import-GPG-KEY-puppet]/returns: executed successfully
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo name]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo enabled]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo gpgcheck]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo autorefresh]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo baseurl]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Ini_setting[zypper pc_repo type]/ensure: created
Notice: /Stage[main]/Puppet_agent::Osfamily::Suse/Exec[refresh-pc_repo]/returns: executed successfully
Notice: /Stage[main]/Puppet_agent::Install::Suse/Package[puppet-agent]/ensure: ensure changed '7.28.0-1.sles12' to '7.29.1'
Notice: Stopping run after puppet-agent upgrade. Run puppet agent -t or apply your manifest again to finish the transaction.
Notice: Applied catalog in 5.81 seconds