Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x
- Puppet >= 6.21.0 < 9.0.0
- , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'stschulte-rpmkey', '2.0.1'Learn more about managing modules with a PuppetfileDocumentation
Puppet RPMKEY Module
This repository aims to ease the GPG keymanagement with rpm
Background
A package maintainer can sign his RPM packages with a secret gpg key. This
allows a third party (e.g. you) to verify the package with the corresponding
public key. The rpm utility has its own keyring and commands to import and
remove public gpg keys.
A key can be imported with rpm --import and will then present itself as an
installed package of the form gpgkey-#{keyid}-#{signature_date}. In the same
way the key can be removed from the keyring by removing the corresponding
package with rpm --erase
The puppet way
The new puppet rpmkey type treats a single key as a puppet resource so you
can e.g. specify
rpmkey { '0608B895':
ensure => present,
source => 'https://fedoraproject.org/static/0608B895.txt',
}
The above resource will import the key if it is not already present. If you want to make sure that a key is absent (remove it when it is present) specify the following instead:
rpmkey { '0608B895':
ensure => absent,
}
The name of the rpmkey resource has to be the keyID of the gpg key. If
you have the public key available as a file but you are unsure of the correct
keyID, use gpg to extract the keyID. For example, to find the keyID used
by EPEL 7:
$ gpg ./RPM-GPG-KEY-EPEL-7
pub 4096R/352C64E5 2013-12-16 Fedora EPEL (7) <epel@fedoraproject.org>
The string after the / is what rpmkey expects (352C64E5).
Running the tests
The easiest way to run the tests is via bundler
bundle install
bundle exec rake spec SPEC_OPTS='--format documentation'
Contribution
Thanks to the following contributers, who made this module more usable:
- Gene Liverman
- Michael Moll
- duritong
Reference
Table of Contents
Resource types
rpmkey: Define public GPG keys that should be part of the rpm keyring.
Resource types
rpmkey
Define public GPG keys that should be part of the rpm keyring.
Properties
The following properties are available in the rpmkey type.
ensure
Valid values: present, absent
The basic property that the resource should be in.
Default value: present
Parameters
The following parameters are available in the rpmkey type.
name
namevar
The name of the key. This is the keyID (in hex) in uppercase.
provider
The specific backend to use for this rpmkey resource. You will seldom need to specify this --- Puppet will usually
discover the appropriate provider for your platform.
source
The source of the public key if the key is not already imported.
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
[2.0.1] - 2024-05-20
Changed
- Updated badges
[2.0.0] - 2024-05-20
Added
- Support RHEL8 and CentOS 8
- Add version requirement in
metadata.json(>= 6.21.0 < 9.0.0)
Changed
- Update structure to work with latest puppet version
[1.0.3] - 2015-02-04
Fixed
- do not crash on unexpected rpm output
- improve test coverage
[1.0.2] - 2015-02-01
Added
- Add SLES and CentOS as supported operating systems (thanks to Michael Moll and Gene Liverman for testing)
Changed
- If the source parameter specifies a local file that you also manage through a puppet file resource, the file resource will be autorequired by the rpmkey resource (Thanks to duritong for implementing this)
[1.0.1] - 2015-01-22
Changed
- Update metadata.json with tested operating systems
[1.0.0] - 2015-01-21
Added
- Initial release for puppet forge
This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to <https://unlicense.org>