Installation fails on Debian/Ubuntu wheren configuring the apt keyring

[freym]

Affected Puppet, Ruby, OS and module versions/distributions

• Puppet: 7.32.1
• Ruby:
• Distribution: Debian/Ubuntu
• Module version: 6.0.0

How to reproduce (e.g Puppet code you use)

class { 'icinga2': manage_repos => true, }

What are you seeing

When the module tries to install the apt keyring, puppet aborts because the user/group 'nagios' does not exist on the system.

What behaviour did you expect instead

It should install the apt keyring.

Output log

Info: Using environment 'test_icinga2' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Notice: Requesting catalog from Notice: Catalog compiled by Info: Caching catalog for Info: Applying configuration version 'cd50cad411cf3d06febb26c9c7c91d8c206a9484' Error: Could not find user nagios Error: /Stage[main]/Icinga::Repos::Apt/Apt::Keyring[icinga.key]/File[/etc/apt/keyrings]/owner: change from 'root' to 'nagios' failed: Could not find user nagios Error: Could not find group nagios

Any additional information you'd like to impart

I am not a puppet expert but I think the problem is the following: The module sets the default owner/group for all file resources^1. These defaults are apparently used later when configuring the apt keyring directory^2. Perhaps it will be enough if this line is executed a little earlier^3

[lbetz]

Hm, never happend here. But the directory '/etc/apt/keyrings' isn't managed by the module puppet-icinga2 neither puppet-icinga.

What kind of version you use for the modules apt and icinga?

The keyring dir is handeld by puppetlabs-apt, see https://github.com/puppetlabs/puppetlabs-apt/blob/e0b3a5db6abb043f106614dffe341f68d88158ab/manifests/keyring.pp#L43

without any owner or group membership. Is there some code around the class declarition?

[freym]

Sorry my bad. We have set a default in our old Icinga even earlier.