apt
Version information
This version is compatible with:
- Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x
- Puppet >= 6.0.0 < 8.0.0
- ,
Tasks:
- apt
Start using this module
Add this module to your Puppetfile:
mod 'puppetlabs-apt', '8.0.0'
Learn more about managing modules with a PuppetfileDocumentation
apt
Table of Contents
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with apt
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
Module Description
The apt module lets you use Puppet to manage APT (Advanced Package Tool) sources, keys, and other configuration options.
APT is a package manager available on Debian, Ubuntu, and several other operating systems. The apt module provides a series of classes, defines, types, and facts to help you automate APT package management.
Note: Prior to Puppet 7, for this module to correctly autodetect which version of
Debian/Ubuntu (or derivative) you're running, you need to make sure the lsb-release
package is
installed. With Puppet 7 the lsb-release
package is not needed.
Setup
What apt affects
- Your system's
preferences
file andpreferences.d
directory - Your system's
sources.list
file andsources.list.d
directory - Your system's
apt.conf.d
directory - System repositories
- Authentication keys
Note: This module offers purge
parameters which, if set to true
, destroy any configuration on the node's sources.list(.d)
, preferences(.d)
and apt.conf.d
that you haven't declared through Puppet. The default for these parameters is false
.
Beginning with apt
To use the apt module with default parameters, declare the apt
class.
include apt
Note: The main apt
class is required by all other classes, types, and defined types in this module. You must declare it whenever you use the module.
Usage
Add GPG keys
Warning: Using short key IDs presents a serious security issue, potentially leaving you open to collision attacks. We recommend you always use full fingerprints to identify your GPG keys. This module allows short keys, but issues a security warning if you use them.
Declare the apt::key
defined type:
apt::key { 'puppetlabs':
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'pgp.mit.edu',
options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"',
}
Prioritize backports
class { 'apt::backports':
pin => 500,
}
By default, the apt::backports
class drops a pin file for backports, pinning it to a priority of 200. This is lower than the normal default of 500, so packages with ensure => latest
don't get upgraded from backports without your explicit permission.
If you raise the priority through the pin
parameter to 500, normal policy goes into effect and Apt installs or upgrades to the newest version. This means that if a package is available from backports, it and its dependencies are pulled in from backports unless you explicitly set the ensure
attribute of the package
resource to installed
/present
or a specific version.
Update the list of packages
By default, Puppet runs apt-get update
on the first Puppet run after you include the apt
class, and anytime notify => Exec['apt_update']
occurs; i.e., whenever config files get updated or other relevant changes occur. If you set update['frequency']
to 'always', the update runs on every Puppet run. You can also set update['frequency']
to 'daily' or 'weekly':
class { 'apt':
update => {
frequency => 'daily',
},
}
When Exec['apt_update']
is triggered, it generates a notice
-level message. Because the default logging level for agents is notice
, this causes the repository update to appear in agent logs. To silence these updates from the default log output, set the loglevel metaparameter for Exec['apt_update']
above the agent logging level:
class { 'apt':
update => {
frequency => 'daily',
loglevel => 'debug',
},
}
NOTE: Every
Exec['apt_update']
run will generate a corrective change, even if the apt caches are not updated. For example, setting an update frequency ofalways
can result in every Puppet run resulting in a corrective change. This is a known issue. For details, see MODULES-10763.
Pin a specific release
apt::pin { 'karmic': priority => 700 }
apt::pin { 'karmic-updates': priority => 700 }
apt::pin { 'karmic-security': priority => 700 }
You can also specify more complex pins using distribution properties:
apt::pin { 'stable':
priority => -10,
originator => 'Debian',
release_version => '3.0',
component => 'main',
label => 'Debian'
}
To pin multiple packages, pass them to the packages
parameter as an array or a space-delimited string.
Add a Personal Package Archive (PPA) repository
apt::ppa { 'ppa:drizzle-developers/ppa': }
Add an Apt source to /etc/apt/sources.list.d/
apt::source { 'debian_unstable':
comment => 'This is the iWeb Debian unstable mirror',
location => 'http://debian.mirror.iweb.ca/debian/',
release => 'unstable',
repos => 'main contrib non-free',
pin => '-10',
key => {
'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
'server' => 'subkeys.pgp.net',
},
include => {
'src' => true,
'deb' => true,
},
}
To use the Puppet Apt repository as a source:
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
repos => 'main',
key => {
'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
'server' => 'pgp.mit.edu',
},
}
Configure Apt from Hiera
Instead of specifying your sources directly as resources, you can instead just include the apt
class, which will pick up the values automatically from hiera.
apt::sources:
'debian_unstable':
comment: 'This is the iWeb Debian unstable mirror'
location: 'http://debian.mirror.iweb.ca/debian/'
release: 'unstable'
repos: 'main contrib non-free'
pin: '-10'
key:
id: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553'
server: 'subkeys.pgp.net'
include:
src: true
deb: true
'puppetlabs':
location: 'http://apt.puppetlabs.com'
repos: 'main'
key:
id: '6F6B15509CF8E59E6E469F327F438280EF8D349F'
server: 'pgp.mit.edu'
Replace the default sources.list
file
The following example replaces the default /etc/apt/sources.list
. Along with this code, be sure to use the purge
parameter, or you might get duplicate source warnings when running Apt.
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-security":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-security"
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-updates":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-updates"
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-backports":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-backports"
}
Manage login configuration settings for an APT source or proxy in /etc/apt/auth.conf
Starting with APT version 1.5, you can define login configuration settings, such as
username and password, for APT sources or proxies that require authentication
in the /etc/apt/auth.conf
file. This is preferable to embedding login
information directly in source.list
entries, which are usually world-readable.
The /etc/apt/auth.conf
file follows the format of netrc (used by ftp or
curl) and has restrictive file permissions. See here for details.
Use the optional apt::auth_conf_entries
parameter to specify an array of hashes containing login configuration settings. These hashes may only contain the machine
, login
and password
keys.
class { 'apt':
auth_conf_entries => [
{
'machine' => 'apt-proxy.example.net',
'login' => 'proxylogin',
'password' => 'proxypassword',
},
{
'machine' => 'apt.example.com/ubuntu',
'login' => 'reader',
'password' => 'supersecret',
},
],
}
Reference
Facts
-
apt_updates
: The number of installed packages with available updates fromupgrade
. -
apt_dist_updates
: The number of installed packages with available updates fromdist-upgrade
. -
apt_security_updates
: The number of installed packages with available security updates fromupgrade
. -
apt_security_dist_updates
: The number of installed packages with available security updates fromdist-upgrade
. -
apt_package_updates
: The names of all installed packages with available updates fromupgrade
. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. -
apt_package_dist_updates
: The names of all installed packages with available updates fromdist-upgrade
. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. -
apt_update_last_success
: The date, in epochtime, of the most recent successfulapt-get update
run (based on the mtime of /var/lib/apt/periodic/update-success-stamp). -
apt_reboot_required
: Determines if a reboot is necessary after updates have been installed.
More Information
See REFERENCE.md for all other reference documentation.
Limitations
This module is not designed to be split across run stages.
For an extensive list of supported operating systems, see metadata.json
Adding new sources or PPAs
If you are adding a new source or PPA and trying to install packages from the new source or PPA on the same Puppet run, your package
resource should depend on Class['apt::update']
, as well as depending on the Apt::Source
or the Apt::Ppa
. You can also add collectors to ensure that all packages happen after apt::update
, but this can lead to dependency cycles and has implications for virtual resources. Before running the command below, ensure that all packages have the provider set to apt.
Class['apt::update'] -> Package <| provider == 'apt' |>
Development
Acceptance tests for this module leverage puppet_litmus. To run the acceptance tests follow the instructions here. You can also find a tutorial and walkthrough of using Litmus and the PDK on YouTube.
If you run into an issue with this module, or if you would like to request a feature, please file a ticket. Every Monday the Puppet IA Content Team has office hours in the Puppet Community Slack, alternating between an EMEA friendly time (1300 UTC) and an Americas friendly time (0900 Pacific, 1700 UTC).
If you have problems getting this module up and running, please contact Support.
If you submit a change to this module, be sure to regenerate the reference documentation as follows:
puppet strings generate --format markdown --out REFERENCE.md
Reference
Table of Contents
Classes
Public Classes
apt
: Main class, includes all other classes.apt::backports
: Manages backports.
Private Classes
apt::params
: Provides defaults for the Apt module parameters.apt::update
: Updates the list of available packages using apt-get update.
Defined types
apt::conf
: Specifies a custom Apt configuration file.apt::key
: Manages the GPG keys that Apt uses to authenticate packages.apt::mark
: defined typeapt::markapt::pin
: Manages Apt pins. Does not trigger an apt-get update run.apt::ppa
: Manages PPA repositories usingadd-apt-repository
. Not supported on Debian.apt::setting
: Manages Apt configuration files.apt::source
: Manages the Apt sources in /etc/apt/sources.list.d/.
Resource types
Public Resource types
Private Resource types
apt_key
: This type provides Puppet with the capabilities to manage GPG keys needed by apt to perform package validation. Apt has it's own GPG keyring that can be manipulated through theapt-key
command.
Data types
Apt::Auth_conf_entry
: Login configuration settings that are recorded in the file/etc/apt/auth.conf
.Apt::Proxy
: Configures Apt to connect to a proxy server.
Tasks
init
: Allows you to perform apt functions
Classes
apt
Main class, includes all other classes.
- See also
- https://docs.puppetlabs.com/references/latest/function.html#createresources
- for the create resource function
- https://docs.puppetlabs.com/references/latest/function.html#createresources
Parameters
The following parameters are available in the apt
class:
provider
keyserver
key_options
ppa_options
ppa_package
backports
confs
update
purge
proxy
sources
keys
ppas
pins
settings
manage_auth_conf
auth_conf_entries
auth_conf_owner
root
sources_list
sources_list_d
conf_d
preferences
preferences_d
config_files
sources_list_force
update_defaults
purge_defaults
proxy_defaults
include_defaults
apt_conf_d
source_key_defaults
provider
Data type: String
Specifies the provider that should be used by apt::update.
Default value: $apt::params::provider
keyserver
Data type: String
Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or hkp://).
Default value: $apt::params::keyserver
key_options
Data type: Optional[String]
Specifies the default options for apt::key resources.
Default value: $apt::params::key_options
ppa_options
Data type: Optional[String]
Supplies options to be passed to the add-apt-repository
command.
Default value: $apt::params::ppa_options
ppa_package
Data type: Optional[String]
Names the package that provides the apt-add-repository
command.
Default value: $apt::params::ppa_package
backports
Data type: Optional[Hash]
Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys:
Options:
- :location
String
: See apt::backports for documentation. - :repos
String
: See apt::backports for documentation. - :key
String
: See apt::backports for documentation.
Default value: $apt::params::backports
confs
Data type: Hash
Creates new apt::conf
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::confs
update
Data type: Hash
Configures various update settings. Valid options: a hash made up from the following keys:
Options:
- :frequency
String
: Specifies how often to runapt-get update
. If the exec resourceapt_update
is notified,apt-get update
runs regardless of this value. Valid options: 'always' (at every Puppet run); 'daily' (if the value ofapt_update_last_success
is less than current epoch time minus 86400); 'weekly' (if the value ofapt_update_last_success
is less than current epoch time minus 604800); and 'reluctantly' (only if the exec resourceapt_update
is notified). Default: 'reluctantly'. - :loglevel
Integer
: Specifies the log level of logs outputted to the console. Default: undef. - :timeout
Integer
: Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef. - :tries
Integer
: Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef.
Default value: $apt::params::update
purge
Data type: Hash
Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys:
Options:
- :sources.list
Boolean
: Specifies whether to purge any unmanaged entries from sources.list. Default false. - :sources.list.d
Boolean
: Specifies whether to purge any unmanaged entries from sources.list.d. Default false. - :preferences
Boolean
: Specifies whether to purge any unmanaged entries from preferences. Default false. - :preferences.d.
Boolean
: Specifies whether to purge any unmanaged entries from preferences.d. Default false.
Default value: $apt::params::purge
proxy
Data type: Apt::Proxy
Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy.
Default value: $apt::params::proxy
sources
Data type: Hash
Creates new apt::source
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::sources
keys
Data type: Hash
Creates new apt::key
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::keys
ppas
Data type: Hash
Creates new apt::ppa
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::ppas
pins
Data type: Hash
Creates new apt::pin
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::pins
settings
Data type: Hash
Creates new apt::setting
resources. Valid options: a hash to be passed to the create_resources function linked above.
Default value: $apt::params::settings
manage_auth_conf
Data type: Boolean
Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent.
Default value: $apt::params::manage_auth_conf
auth_conf_entries
Data type: Array[Apt::Auth_conf_entry]
An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent.
Default value: $apt::params::auth_conf_entries
auth_conf_owner
Data type: String
The owner of the file /etc/apt/auth.conf. Default: '_apt' or 'root' on old releases.
Default value: $apt::params::auth_conf_owner
root
Data type: String
Specifies root directory of Apt executable.
Default value: $apt::params::root
sources_list
Data type: String
Specifies the path of the sources_list file to use.
Default value: $apt::params::sources_list
sources_list_d
Data type: String
Specifies the path of the sources_list.d file to use.
Default value: $apt::params::sources_list_d
conf_d
Data type: String
Specifies the path of the conf.d file to use.
Default value: $apt::params::conf_d
preferences
Data type: String
Specifies the path of the preferences file to use.
Default value: $apt::params::preferences
preferences_d
Data type: String
Specifies the path of the preferences.d file to use.
Default value: $apt::params::preferences_d
config_files
Data type: Hash
A hash made up of the various configuration files used by Apt.
Default value: $apt::params::config_files
sources_list_force
Data type: Boolean
Specifies whether to perform force purge or delete. Default false.
Default value: $apt::params::sources_list_force
update_defaults
Data type: Hash
Default value: $apt::params::update_defaults
purge_defaults
Data type: Hash
Default value: $apt::params::purge_defaults
proxy_defaults
Data type: Hash
Default value: $apt::params::proxy_defaults
include_defaults
Data type: Hash
Default value: $apt::params::include_defaults
apt_conf_d
Data type: String
Default value: $apt::params::apt_conf_d
source_key_defaults
Data type: Hash
Default value: $apt::params::source_key_defaults
apt::backports
Manages backports.
Examples
Set up a backport source for Linux Mint qiana
class { 'apt::backports':
location => 'http://us.archive.ubuntu.com/ubuntu',
release => 'trusty-backports',
repos => 'main universe multiverse restricted',
key => {
id => '630239CC130E1A7FD81A27B140976EAF437D05B5',
server => 'hkps.pool.sks-keyservers.net',
},
}
Parameters
The following parameters are available in the apt::backports
class:
location
Data type: Optional[String]
Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and Ubuntu varies:
-
Debian: 'http://deb.debian.org/debian'
-
Ubuntu: 'http://archive.ubuntu.com/ubuntu'
Default value: undef
release
Data type: Optional[String]
Specifies a distribution of the Apt repository containing the backports to manage. Used in populating the source.list
configuration file.
Default: on Debian and Ubuntu, ${facts['os']['distro']['codename']}-backports
. We recommend keeping this default, except on other operating
systems.
Default value: undef
repos
Data type: Optional[String]
Specifies a component of the Apt repository containing the backports to manage. Used in populating the source.list
configuration file.
Default value for Debian and Ubuntu varies:
-
Debian: 'main contrib non-free'
-
Ubuntu: 'main universe multiverse restricted'
Default value: undef
key
Data type: Optional[Variant[String, Hash]]
Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters. Default value for Debian and Ubuntu varies:
-
Debian: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553'
-
Ubuntu: '630239CC130E1A7FD81A27B140976EAF437D05B5'
Default value: undef
pin
Data type: Optional[Variant[Integer, String, Hash]]
Specifies a pin priority for the backports. Valid options: a number or string to be passed to the id
parameter of the apt::pin
defined
type, or a hash of parameter => value
pairs to be passed to apt::pin
's corresponding parameters.
Default value: 200
include
Data type: Optional[Variant[Hash]]
Specifies whether to include 'deb' or 'src', or both.
Default value: {}
Defined types
apt::conf
Specifies a custom Apt configuration file.
Parameters
The following parameters are available in the apt::conf
defined type:
content
Data type: Optional[String]
Required unless ensure
is set to 'absent'. Directly supplies content for the configuration file.
Default value: undef
ensure
Data type: Enum['present', 'absent']
Specifies whether the configuration file should exist. Valid options: 'present' and 'absent'.
Default value: present
priority
Data type: Variant[String, Integer]
Determines the order in which Apt processes the configuration file. Files with lower priority numbers are loaded first. Valid options: a string containing an integer or an integer.
Default value: 50
notify_update
Data type: Optional[Boolean]
Specifies whether to trigger an apt-get update
run.
Default value: undef
apt::key
Manages the GPG keys that Apt uses to authenticate packages.
- Note The apt::key defined type makes use of the apt_key type, but includes extra functionality to help prevent duplicate keys.
Examples
Declare Apt key for apt.puppetlabs.com source
apt::key { 'puppetlabs':
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'hkps.pool.sks-keyservers.net',
options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"',
}
Parameters
The following parameters are available in the apt::key
defined type:
id
Data type: Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/]
Specifies a GPG key to authenticate Apt package signatures. Valid options: a string containing a key ID (8 or 16 hexadecimal characters, optionally prefixed with "0x") or a full key fingerprint (40 hexadecimal characters).
Default value: $title
ensure
Data type: Enum['present', 'absent', 'refreshed']
Specifies whether the key should exist. Valid options: 'present', 'absent' or 'refreshed'. Using 'refreshed' will make keys auto update when they have expired (assuming a new key exists on the key server).
Default value: present
content
Data type: Optional[String]
Supplies the entire GPG key. Useful in case the key can't be fetched from a remote location and using a file resource is inconvenient.
Default value: undef
source
Data type: Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]]
Specifies the location of an existing GPG key file to copy. Valid options: a string containing a URL (ftp://, http://, or https://) or an absolute path.
Default value: undef
server
Data type: Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$/]
Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, hkp:// or hkps://). The hkps:// protocol is currently only supported on Ubuntu 18.04.
Default value: $::apt::keyserver
weak_ssl
Data type: Boolean
Specifies whether strict SSL verification on a https URL should be disabled. Valid options: true or false.
Default value: false
options
Data type: Optional[String]
Passes additional options to apt-key adv --keyserver-options
.
Default value: $::apt::key_options
apt::mark
defined typeapt::mark
Parameters
The following parameters are available in the apt::mark
defined type:
setting
Data type: Enum['auto','manual','hold','unhold']
auto, manual, hold, unhold specifies the behavior of apt in case of no more dependencies installed https://manpages.debian.org/sretch/apt/apt-mark.8.en.html
apt::pin
Manages Apt pins. Does not trigger an apt-get update run.
- See also
- http://linux.die.net/man/5/apt_preferences
- for context on these parameters
- http://linux.die.net/man/5/apt_preferences
Parameters
The following parameters are available in the apt::pin
defined type:
ensure
explanation
order
packages
priority
release
release_version
component
originator
label
origin
version
codename
ensure
Data type: Optional[Enum['file', 'present', 'absent']]
Specifies whether the pin should exist. Valid options: 'file', 'present', and 'absent'.
Default value: present
explanation
Data type: Optional[String]
Supplies a comment to explain the pin. Default: "${caller_module_name}: ${name}".
Default value: undef
order
Data type: Variant[Integer]
Determines the order in which Apt processes the pin file. Files with lower order numbers are loaded first.
Default value: 50
packages
Data type: Variant[String, Array]
Specifies which package(s) to pin.
Default value: '*'
priority
Data type: Variant[Numeric, String]
Sets the priority of the package. If multiple versions of a given package are available, apt-get
installs the one with the highest
priority number (subject to dependency constraints). Valid options: an integer.
Default value: 0
release
Data type: Optional[String]
Tells APT to prefer packages that support the specified release. Typical values include 'stable', 'testing', and 'unstable'.
Default value: ''
release_version
Data type: Optional[String]
Tells APT to prefer packages that support the specified operating system release version (such as Debian release version 7).
Default value: ''
component
Data type: Optional[String]
Names the licensing component associated with the packages in the directory tree of the Release file.
Default value: ''
originator
Data type: Optional[String]
Names the originator of the packages in the directory tree of the Release file.
Default value: ''
label
Data type: Optional[String]
Names the label of the packages in the directory tree of the Release file.
Default value: ''
origin
Data type: Optional[String]
Default value: ''
version
Data type: Optional[String]
Default value: ''
codename
Data type: Optional[String]
Default value: ''
apt::ppa
Manages PPA repositories using add-apt-repository
. Not supported on Debian.
Examples
Example declaration of an Apt PPA
apt::ppa{ 'ppa:openstack-ppa/bleeding-edge': }
Parameters
The following parameters are available in the apt::ppa
defined type:
ensure
Data type: String
Specifies whether the PPA should exist. Valid options: 'present' and 'absent'.
Default value: 'present'
options
Data type: Optional[String]
Supplies options to be passed to the add-apt-repository
command. Default: '-y'.
Default value: $::apt::ppa_options
release
Data type: Optional[String]
Specifies the operating system of your node. Valid options: a string containing a valid LSB distribution codename.
Optional if puppet facts show os.distro.codename
returns your correct distribution release codename.
Default value: $facts['os']['distro']['codename']
dist
Data type: Optional[String]
Specifies the distribution of your node. Valid options: a string containing a valid distribution codename.
Optional if puppet facts show os.name
returns your correct distribution name.
Default value: $facts['os']['name']
package_name
Data type: Optional[String]
Names the package that provides the apt-add-repository
command. Default: 'software-properties-common'.
Default value: $::apt::ppa_package
package_manage
Data type: Boolean
Specifies whether Puppet should manage the package that provides apt-add-repository
.
Default value: false
apt::setting
Manages Apt configuration files.
- See also
- https://docs.puppetlabs.com/references/latest/type.html#file-attributes
- for more information on source and content parameters
- https://docs.puppetlabs.com/references/latest/type.html#file-attributes
Parameters
The following parameters are available in the apt::setting
defined type:
priority
Data type: Variant[String, Integer, Array]
Determines the order in which Apt processes the configuration file. Files with higher priority numbers are loaded first.
Default value: 50
ensure
Data type: Optional[Enum['file', 'present', 'absent']]
Specifies whether the file should exist. Valid options: 'present', 'absent', and 'file'.
Default value: file
source
Data type: Optional[String]
Required, unless content
is set. Specifies a source file to supply the content of the configuration file. Cannot be used in combination
with content
. Valid options: see link above for Puppet's native file type source attribute.
Default value: undef
content
Data type: Optional[String]
Required, unless source
is set. Directly supplies content for the configuration file. Cannot be used in combination with source
. Valid
options: see link above for Puppet's native file type content attribute.
Default value: undef
notify_update
Data type: Boolean
Specifies whether to trigger an apt-get update
run.
Default value: true
apt::source
Manages the Apt sources in /etc/apt/sources.list.d/.
Examples
Install the puppetlabs apt source
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
repos => 'main',
key => {
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'hkps.pool.sks-keyservers.net',
},
}
Parameters
The following parameters are available in the apt::source
defined type:
location
Data type: Optional[String]
Required, unless ensure is set to 'absent'. Specifies an Apt repository. Valid options: a string containing a repository URL.
Default value: undef
comment
Data type: String
Supplies a comment for adding to the Apt source file.
Default value: $name
ensure
Data type: String
Specifies whether the Apt source file should exist. Valid options: 'present' and 'absent'.
Default value: present
release
Data type: Optional[String]
Specifies a distribution of the Apt repository.
Default value: undef
repos
Data type: String
Specifies a component of the Apt repository.
Default value: 'main'
include
Data type: Optional[Variant[Hash]]
Configures include options. Valid options: a hash of available keys.
Options:
- :deb
Boolean
: Specifies whether to request the distribution's compiled binaries. Default true. - :src
Boolean
: Specifies whether to request the distribution's uncompiled source code. Default false.
Default value: {}
key
Data type: Optional[Variant[String, Hash]]
Creates a declaration of the apt::key defined type. Valid options: a string to be passed to the id
parameter of the apt::key
defined type, or a hash of parameter => value
pairs to be passed to apt::key
's id
, server
, content
, source
, and/or
options
parameters.
Default value: undef
pin
Data type: Optional[Variant[Hash, Numeric, String]]
Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the id
parameter of the
apt::pin
defined type, or a hash of parameter => value
pairs to be passed to apt::pin
's corresponding parameters.
Default value: undef
architecture
Data type: Optional[String]
Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). Default: undef (if unspecified, Apt downloads information for all architectures defined in the Apt::Architectures option).
Default value: undef
allow_unsigned
Data type: Boolean
Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked.
Default value: false
notify_update
Data type: Boolean
Specifies whether to trigger an apt-get update
run.
Default value: true
Resource types
Data types
Apt::Auth_conf_entry
Login configuration settings that are recorded in the file /etc/apt/auth.conf
.
- See also
- https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html
- for more information
Alias of
Struct[{
machine => String[1],
login => String,
password => String
}]
Parameters
The following parameters are available in the Apt::Auth_conf_entry
data type:
machine
Hostname of machine to connect to.
login
Specifies the username to connect with.
password
Specifies the password to connect with.
Apt::Proxy
Configures Apt to connect to a proxy server.
Alias of
Struct[{
ensure => Optional[Enum['file', 'present', 'absent']],
host => Optional[String],
port => Optional[Integer[0, 65535]],
https => Optional[Boolean],
https_acng => Optional[Boolean],
direct => Optional[Boolean],
}]
Parameters
The following parameters are available in the Apt::Proxy
data type:
ensure
Specifies whether the proxy should exist. Valid options: 'file', 'present', and 'absent'. Prefer 'file' over 'present'.
host
Specifies a proxy host to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: a string containing a hostname.
port
Specifies a proxy port to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: an integer containing a port number.
https
Specifies whether to enable https proxies.
direct
Specifies whether or not to use a DIRECT
https proxy if http proxy is used but https is not.
Tasks
init
Allows you to perform apt functions
Supports noop? false
Parameters
action
Data type: Enum[update, upgrade, dist-upgrade, autoremove]
Action to perform
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Change log
All notable changes to this project will be documented in this file. The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v8.0.0 (2021-03-01)
Changed
- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 #969 (carabasdaniel)
v7.7.1 (2021-02-15)
Fixed
v7.7.0 (2020-12-08)
Added
- pdksync - (feat) - Add support for Puppet 7 #958 (daianamezdrea)
- Make auth.conf contents Sensitive #953 (suchpuppet)
v7.6.0 (2020-09-15)
Added
- (MODULES-10804) option to force purge source.lists file #948 (sheenaajay)
Fixed
- (IAC-978) - Removal of inappropriate terminology #947 (david22swan)
v7.5.0 (2020-08-12)
Added
- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch main #940 (david22swan)
- patch-acng-ssl-support #938 (mdklapwijk)
- (IAC-746) - Add ubuntu 20.04 support #936 (david22swan)
Fixed
- (MODULES-10763) loglevel won't affect reports #942 (gguillotte)
v7.4.2 (2020-05-14)
Fixed
v7.4.1 (2020-03-10)
Fixed
- (MODULES-10583) Revert "MODULES-10548: make files readonly" #920 (carabasdaniel)
v7.4.0 (2020-03-03)
Added
- Add 'include' param to apt::backports #910 (paladox)
- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored #902 (david22swan)
Fixed
- MODULES-10548: make files readonly #906 (anarcat)
- MODULES-10543: only consider lsbdistcodename for apt-transport-https #905 (anarcat)
- MODULES-10543: remove sources.list file on purging #904 (anarcat)
- MODULES-10063, extend apt::key to support deeplinks #892 (atarax)
- Include apt in apt::backports #891 (zivis)
v7.3.0 (2019-12-11)
Added
Fixed
v7.2.0 (2019-10-29)
Added
- Add apt::mark defined type #879 (tuxmea)
- (FM-8394) add debian 10 testing #876 (ThoughtCrhyme)
- Add apt::key_options for default apt::key options #873 (raphink)
- implement apt.conf.d purging #869 (lelutin)
Fixed
- Install gnupg instead of dirmngr #866 (martijndegouw)
v7.1.0 (2019-07-30)
Added
- (FM-8215) Convert to using litmus #864 (florindragos)
v7.0.1 (2019-05-13)
7.0.0 (2019-04-24)
Changed
- pdksync - (MODULES-8444) - Raise lower Puppet bound #853 (david22swan)
Added
6.3.0 (2019-01-21)
Added
- Add support for dist-upgrade & autoremove action #832 (aboks)
- (MODULES-8321) - Add manage_auth_conf parameter #831 (eimlav)
Fixed
- (MODULES-8418) Fix /etc/apt/auth.conf owner changing endlessly #836 (antaflos)
- pdksync - (FM-7655) Fix rubygems-update for ruby \< 2.3 #835 (tphoney)
- (MODULES-8326) - apt-transport-https not ensured properly #830 (eimlav)
6.2.1 (2018-11-20)
Fixed
6.2.0 (2018-11-19)
Added
- (MODULES-8081): add support for hkps:// protocol in apt::key #815 (simondeziel)
Fixed
- Apt-key fixes to properly work on Debian 9 #822 (ekohl)
- (maint) - Update Link to REFERENCE.md #811 (pmcmaw)
6.1.1 (2018-10-01)
Fixed
6.1.0 (2018-09-28)
Added
- pdksync - (FM-7392) - Puppet 6 Testing Changes #800 (pmcmaw)
- pdksync - (MODULES-6805) metadata.json shows support for puppet 6 #798 (tphoney)
- (MODULES-3307) - Auto update expired keys #795 (eimlav)
- (FM-7316) - Implementation of the i18n process #789 (david22swan)
- Introduce an Apt::Proxy type to validate the hash #773 (ekohl)
Fixed
- (MODULES-6408) - Fix dirmngr install failing #801 (eimlav)
- (MODULES-1630) - Expanding source list fix to cover all needed versions #788 (david22swan)
6.0.0 (2018-08-24)
Changed
- (MODULES-7668) Remove support for Puppet 4.7 #780 (jarretlavallee)
Added
- Check existence of gpg key in apt:ppa #774 (wenzhengjiang)
- Make sure PPA source file is absent when apt-add-repository fails #768 (wenzhengjiang)
5.0.1
Fixed
5.0.0 (2018-07-18)
Changed
- [FM-6956] Removal of unsupported Debian 7 from apt #760 (david22swan)
Added
- (MODULES-7467) Update apt to support Ubuntu 18.04 #769 (david22swan)
- Support managing login configurations in /etc/apt/auth.conf #752 (antaflos)
Fixed
- (MODULES-7327) - Update README with supported OS #767 (pmcmaw)
- (bugfix) Dont run ftp tests in travis #766 (tphoney)
- (maint) make apt testing more stable, cleanup #764 (tphoney)
- Remove .length from variable $pin_release in app #754 (paladox)
- Replace UTF-8 whitespace in comment #748 (bernhardschmidt)
- Fix "E: Unable to locate package -y" #747 (aboks)
- Fix automatic coercion warning #743 (smortex)
Supported Release 4.5.1
Summary
This release fixes CVE-2018-6508 which is a potential arbitrary code execution via tasks.
Fixed
- Fix init task for arbitrary remote code
Supported Release 4.5.0
Summary
This release uses the PDK convert functionality which in return makes the module PDK compliant. It also includes a roll up of maintenance changes.
Added
- PDK convert apt (MODULES-6452).
- Testing on Travis using rvm 2.4.1.
- Modulesync updates.
Fixed
- Changes to address additional Rubocop failures.
- (maint) Addressing puppet-lint doc warnings.
Removed
gem update bundler
command in .travis.yml due to (MODULES-6339).
Supported Release 4.4.1
Summary
This release is to update the formatting of the module, Rubocop having been run for all ruby files and been set to run automatically on all future commits.
Changed
- Rubocop has been implemented.
Supported Release 4.4.0
Summary
This release is a rollup of new features and fixes.
Added
- Install
apt-transport-https
if using Debian 7, 8, 9 or Ubuntu 14.04, 16.04. - Adds a boolean option
direct
to proxy settings to bypasshttps_proxy
if not set. - Adds facter facts for
dist-upgrade
apt updates.
Changed
- Update class is now private.
- Some tidyup of ruby code from Rubocop.
- Fixed circular dependency for package dirmngr.
- Debian updates are no longer treated as security updates.
- Legacy functions have been removed.
- Updates to tests.
Fixed
- (MODULES-4265) Detect security updates from multiple sources.
Supported Release 4.3.0
Summary
This release is adding Tasks to the apt module.
Added
- Add a task that allows apt-get update and upgrade
Supported Release 4.2.0
Summary
This release is primarily to fix an error around GPG keys in Debian 9, but includes some other small features and fixes as well.
Added
apt_package_security_updates
fact- The ability to modify the loglevel of
Exec['apt_update'}
- Puppet 5 support
Changed
- Ubuntu 16.04 now uses
software-priorities-common
Removed
- Debian 6, Ubuntu 10.04 and 12.04 support. Existing compatibility remains intact but bugs will not be prioritized for these OSes.
Fixed
- (MODULES-4686) an error that was causing GPG keyserver imports to fail on Debian 9
Supported Release 4.1.0
Summary
This release removes Data in Modules due to current compatibility issues and reinstates the params.pp file. Also includes a couple of bug fixes.
Features
- (MODULES-4973) Data in Modules which was introduced in the last release has now been reverted due to compatibility issues.
Bugfixes
- Now apt_key only sends the auth basic header when userinfo can be parsed from the URL.
- Reverted the removal of Evolving Web's attribution in NOTICE file.
- Test added to ensure empty string allowed for $release in apt::source.
Supported Release 3.0.0 and 4.0.0
Summary
This release adds new Puppet 4 features: data in modules, EPP templates, the $facts hash, and data types. This release is fully backwards compatible to existing Puppet 4 configurations and provides you with deprecation warnings for every argument that will not work as expected with the final 4.0.0 release. See the stdlib docs here for an in-depth discussion of this: https://github.com/puppetlabs/puppetlabs-stdlib#validate_legacy
If you want to learn more about the new features used or you wish to upgrade a module yourself, have a look at the NTP: A Puppet 4 language update blog post.
If you're still running Puppet 3, remain on the latest puppetlabs-apt 2.x release for now, and see the documentation to upgrade to Puppet 4.
Changes
Data in modules: Moves all distribution and OS-dependent defaults into YAML files in data/, alleviating the need for a params class. Note that while this feature is currently still classed as experimental, the final implementation will support the changes here. EPP templating: Uses the Puppet language as a base for templates to create simpler and safer templates. No need for Ruby anymore! The $facts hash: Makes facts visibly distinct from other variables for more readable and maintainable code. This helps eliminate confusion if you use a local variable whose name happens to match that of a common fact. Data types for validation: Helps you find and replace deprecated code in existing validate functions with stricter, more readable data type notation. First upgrade to the 3.0.0 release of this module, and address all deprecation warnings before upgrading to the final 4.0.0 release. Please see the stdlib docs for an in-depth discussion of this process.
Bugfixes
- Fix apt::source epp template regression introduced in 3.0.0 for the architecture parameter
Supported Release 2.4.0
Summary
A release that includes only a couple of additional features, but includes several cleanups and bugfixes around existing issues.
Features
- Tests updated to check for idempotency.
- (MODULES-4224) Implementation of beaker-module_install_helper.
- Deprecation warnings are now handled by the deprecation function in stdlib.
Bugfixes
- Now http and https sources fixed for apt_key and can take a userinfo.
- GPG key update.
- Notify_update param now defaults to true to avoid validation errors.
- Implement retry on tests which pull key from a key server which sometimes times out (transient error).
- String comparison error now comphensated for in update.pp.
- (MODULES-4104) Removal of the port number from repository location in order to get the host name of the repository.
- Puppet lint warnings addressed.
- A few small readme issues addressed.
Supported Release 2.3.0
Summary
A release containing many bugfixes with additional features.
Features
- Apt_updates facts now use /usr/bin/apt-get.
- Addition of notify update to apt::source.
- Update to newest modulesync_configs.
- Installs software-properties-common for Xenial.
- Modulesync updates.
- Add ability to specify a hash of apt::conf defines.
Bugfixes
- A clean up of spec/defines/key_compat_specs, also now runs under STRICT_VARIABLES.
- Apt::setting expects priority to be an integer, set defaults accordingly.
- Fixed version check for Ubuntu on 16.04.
- Now uses hkps.pool.sks-keyservers.net instead of pgp.mit.edu.
- Updates and fixes to tests. General cleanup.
- Fixed regexp for $ensure params.
- Apt/params: Remove unused LSB facts.
- Replaced
-s
with-f
in ppa rspec tests - After the repository is added, the "${::apt::sources_list_d}/${sources_list_d_filename}" file is created as an empty file. The unless condition of Exec["add-apt-repository-${name}"] calls test -s, which returns 1 if the file is empty. Because the file is empty, the unless condition is never true and the repository is added on every execution. This change replaces the -s test condition with -f, which is true if the file exists or false otherwise. - Limit non-strict parsing to pre-3.5.0 only - Puppet 3.5.0 introduced strict variables and the module handles strict variables by using the defined() function. This does not work on prior versions of puppet so we now gate based on that version. Puppet 4 series has a new setting
strict
that may be set to enforce strict variables whilestrict_variables
remains unset (see PUP-6358) which causes the conditional in manifests/params.pp to erroniously use non-strict 3.5-era parsing and fail. This new conditional corrects the cases such that strict variable behavior happens on versions 3.5.0 and later.
Supported Release 2.2.2
Summary
Several bug fixes and the addition of support updates to Debian 8 and Ubuntu Wily.
Bugfixes
- Small fixes to descriptions within the readme and the addition of some examples.
- Updates to run on Ubuntu Wily.
- Fixed apt_key tempfile race condition.
- Run stages limitation added to the documentation.
- Remove unneeded whitespace in source.list template.
- Handle PPA names that contain a plus character.
- Update to current msync configs.
- Avoid duplicate package resources when package_manage => true.
- Avoid multiple package resource declarations.
- Ensure PPAs in tests have valid form.
- Look for correct sources.list.d file for apt::ppa.
- Debian 8 support addiiton to metadata.
Supported Release 2.2.1
Summary
Small release for support of newer PE versions. This increments the version of PE in the metadata.json file.
2015-09-29 - Supported Release 2.2.0
Summary
This release includes a few bugfixes.
Features
- Adds an
ensure
parameter for user control of proxy presence. - Adds ability to set
notify_update
toapt::conf
(MODULES-2269). - Apt pins no longer trigger an
apt-get update
run. - Adds support for creating pins from main class.
Bugfixes
- Updates to use the official Debian mirrors.
- Fixes path to
preferences
andpreferences.d
- Fixes pinning for backports (MODULES-2446).
- Fixes the name/extension of the preferences files.
2015-07-28 - Supported Release 2.1.1
Summary
This release includes a few bugfixes.
Bugfixes
- Fix incorrect use of anchoring (MODULES-2190)
- Use correct comment type for apt.conf files
- Test fixes
- Documentation fixes
2015-06-16 - Supported Release 2.1.0
Summary
This release largely makes apt::key
and apt::source
API-compatible with the 1.8.x versions for ease in upgrading, and also addresses some compatibility issues with older versions of Puppet.
Features
- Add API compatibility to
apt::key
andapt::source
- Added
apt_reboot_required
fact
Bugfixes
- Fix compatibility with Puppet versions 3.0-3.4
- Work around future parser bug PUP-4133
2015-04-28 - Supported Release 2.0.1
Summary
This bug fixes a few compatibility issues that came up with the 2.0.0 release, and includes test and documentation updates.
Bugfixes
- Fix incompatibility with keyrings containing multiple keys
- Fix bugs preventing the module from working with Puppet < 3.5.0
2015-04-07 - Supported Release 2.0.0
Summary
This is a major rewrite of the apt module. Many classes and defines were removed, but all existing functionality should still work. Please carefully review documentation before upgrading.
Backwards-incompatible changes
As this is a major rewrite of the module there are a great number of backwards incompatible changes. Please review this and the updated README carefully before upgrading.
apt_key
keyserver_options
parameter renamed tooptions
apt::backports
- This no longer works out of the box on Linux Mint. If using this on mint, you must specify the
location
,release
,repos
, andkey
parameters. Example
apt::builddep
- This define was removed. Functionality can be matched passing 'build-dep' to
install_options
in the package resource. Example
apt::debian::testing
- This class was removed. Manually add an
apt::source
instead. Example
apt::debian::unstable
- This class was removed. Manually add an
apt::source
instead. Example
apt::force
- This define was removed. Functionallity can be matched by setting
install_options
in the package resource. See here for how to set the options.
apt::hold
- This define was removed. Simply use an
apt::pin
withpriority => 1001
for the same functionality.
apt
always_apt_update
- This parameter was removed. Useupdate => { 'frequency' => 'always' }
instead.apt_update_frequency
- This parameter was removed. Useupdate => { 'frequency' => <frequency> }
instead.disable_keys
- This parameter was removed. See this example if you need this functionality.proxy_host
- This parameter was removed. Useproxy => { 'host' => <host> }
instead.proxy_port
- This parameter was removed. Useproxy => { 'port' => <port> }
instead.purge_sources_list
- This parameter was removed. Usepurge => { 'sources.list' => <bool> }
instead.purge_sources_list_d
- This parameter was removed. Usepurge => { 'sources.list.d' => <bool> }
instead.purge_preferences
- This parameter was removed. Usepurge => { 'preferences' => <bool> }
instead.purge_preferences_d
- This parameter was removed. Usepurge => { 'preferences.d' => <bool> }
instead.update_timeout
- This parameter was removed. Useupdate => { 'timeout' => <timeout> }
instead.update_tries
- This parameter was removed. Useupdate => { 'tries' => <tries> }
instead.
apt::key
key
- This parameter was renamed toid
.key_content
- This parameter was renamed tocontent
.key_source
- This parameter was renamed tosource
.key_server
- This parameter was renamed toserver
.key_options
- This parameter was renamed tooptions
.
apt::release
- This class was removed. See this example for how to achieve this functionality.
apt::source
include_src
- This parameter was removed. Useinclude => { 'src' => <bool> }
instead. NOTE This now defaults to false.include_deb
- This parameter was removed. Useinclude => { 'deb' => <bool> }
instead.required_packages
- This parameter was removed. Use package resources for these packages if needed.key
- This can either be a key id or a hash including key options. If using a hash,key => { 'id' => <id> }
must be specified.key_server
- This parameter was removed. Usekey => { 'server' => <server> }
instead.key_content
- This parameter was removed. Usekey => { 'content' => <content> }
instead.key_source
- This parameter was removed. Usekey => { 'source' => <source> }
instead.trusted_source
- This parameter was renamed toallow_unsigned
.
apt::unattended_upgrades
- This class was removed and is being republished under the puppet-community namespace. The git repository is available here and it will be published to the forge here.
Changes to default behavior
- By default purge unmanaged files in 'sources.list', 'sources.list.d', 'preferences', and 'preferences.d'.
- Changed default for
package_manage
inapt::ppa
tofalse
. Set totrue
in a single PPA if you need the package to be managed. apt::source
will no longer include thesrc
entries by default.pin
inapt::source
now defaults toundef
instead offalse
Features
- Added the ability to pass hashes of
apt::key
s,apt::ppa
s, andapt::setting
s toapt
. - Added 'https' key to
proxy
hash to allow disablinghttps_proxy
for theapt::ppa
environment. - Added
apt::setting
define to abstract away configuration. - Added the ability to pass hashes to
pin
andkey
inapt::backports
andapt::source
.
Bugfixes
- Fixes for strict variables.
2015-03-17 - Supported Release 1.8.0
Summary
This is the last planned feature release of the 1.x series of this module. All new features will be evaluated for puppetlabs-apt 2.x.
This release includes many important features, including support for full fingerprints, and fixes issues where apt_key
was not supporting user/password and apt_has_updates
was not properly parsing the apt-check
output.
Changes to default behavior
- The apt module will now throw warnings if you don't use full fingerprints for
apt_key
s
Features
- Use gpg to check keys to work around https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/1409117 (MODULES-1675)
- Add 'oldstable' to the default update origins for wheezy
- Add utopic, vivid, and cumulus compatibility
- Add support for full fingerprints
- New parameter for
apt::source
trusted_source
- New parameters for
apt::ppa
package_name
package_manage
- New parameter for
apt::unattended_upgrades
legacy_origin
- Separate
apt::pin
fromapt::backports
to allow pin by release instead of origin
Bugfixes
- Cleanup lint and future parser issues
- Fix to support username and passwords again for
apt_key
(MODULES-1119) - Fix issue where
apt::force
$install_check
didn't work with non-English locales (MODULES-1231) - Allow 5 digit ports in
apt_key
- Fix for
ensure => absent
inapt_key
(MODULES-1661) - Fix
apt_has_updates
not parsingapt-check
output correctly - Fix inconsistent headers across files (MODULES-1200)
- Clean up formatting for 50unattended-upgrades.erb
2014-10-28 - Supported Release 1.7.0
Summary
This release includes several new features, documentation and test improvements, and a few bug fixes.
Features
- Updated unit and acceptance tests
- Update module to work with Linux Mint
- Documentation updates
- Future parser / strict variables support
- Improved support for long GPG keys
- New parameters!
- Added
apt_update_frequency
to apt - Added
cfg_files
andcfg_missing
parameters to apt::force - Added
randomsleep
to apt::unattended_upgrades
- Added
- Added
apt_update_last_success
fact - Refactored facts for performance improvements
Bugfixes
- Update apt::builddep to require Exec['apt_update'] instead of notifying it
- Clean up lint errors
2014-08-20 - Supported Release 1.6.0
Summary
Features
- Allow URL or domain name for key_server parameter
- Allow custom comment for sources list
- Enable auto-update for Debian squeeze LTS
- Add facts showing available updates
- Test refactoring
Bugfixes
- Allow dashes in URL or domain for key_server parameter
2014-08-13 - Supported Release 1.5.3
Summary
This is a bugfix releases. It addresses a bad regex, failures with unicode characters, and issues with the $proxy_host handling in apt::ppa.
Features
- Synced files from Modulesync
Bugfixes
- Fix regex to follow APT requirements in apt::pin
- Fix for unicode characters
- Fix inconsistent $proxy_host handling in apt and apt::ppa
- Fix typo in README
- Fix broken acceptance tests
2014-07-15 - Supported Release 1.5.2
Summary
This release merely updates metadata.json so the module can be uninstalled and upgraded via the puppet module command.
2014-07-10 - Supported Release 1.5.1
Summary
This release has added tests to ensure graceful failure on OSX.
2014-06-04 - Release 1.5.0
Summary
This release adds support for Ubuntu 14.04. It also includes many new features and important bugfixes. One huge change is that apt::key was replaced with apt_key, which allows you to use puppet resource apt_key to inventory keys on your system.
Special thanks to daenney, our intrepid unofficial apt maintainer!
Features
- Add support for Ubuntu Trusty!
- Add apt::hold define
- Generate valid *.pref files in apt::pin
- Made pin_priority configurable for apt::backports
- Add apt_key type and provider
- Rename "${apt_conf_d}/proxy" to "${apt_conf_d}/01proxy"
- apt::key rewritten to use apt_key type
- Add support for update_tries to apt::update
Bugfixes
- Typo fixes
- Fix unattended upgrades
- Removed bogus line when using purge_preferences
- Fix apt::force to upgrade allow packages to be upgraded to the pacakge from the specified release
2014-03-04 - Supported Release 1.4.2
Summary
This is a supported release. This release tidies up 1.4.1 and re-enables support for Ubuntu 10.04
Features
Bugfixes
- Fix apt:ppa to include the -y Ubuntu 10.04 requires.
- Documentation changes.
- Test fixups.
Known Bugs
- No known issues.
2014-02-13 1.4.1
Summary
This is a bugfix release.
Bugfixes
- Fix apt::force unable to upgrade packages from releases other than its original
- Removed a few refeneces to aptitude instead of apt-get for portability
- Removed call to getparam() due to stdlib dependency
- Correct apt::source template when architecture is provided
- Retry package installs if apt is locked
- Use root to exec in apt::ppa
- Updated tests and converted acceptance tests to beaker
2013-10-08 - Release 1.4.0
Summary
Minor bugfix and allow the timeout to be adjusted.
Features
- Add an
updates_timeout
to apt::params
Bugfixes
- Ensure apt::ppa can read a ppa removed by hand.
2013-10-08 - Release 1.3.0
Summary
This major feature in this release is the new apt::unattended_upgrades class, allowing you to handle Ubuntu's unattended feature. This allows you to select specific packages to automatically upgrade without any further user involvement.
In addition we extend our Wheezy support, add proxy support to apt:ppa and do various cleanups and tweaks.
Features
- Add apt::unattended_upgrades support for Ubuntu.
- Add wheezy backports support.
- Use the geoDNS http.debian.net instead of the main debian ftp server.
- Add
options
parameter to apt::ppa in order to pass options to apt-add-repository command. - Add proxy support for apt::ppa (uses proxy_host and proxy_port from apt).
Bugfixes
- Fix regsubst() calls to quote single letters (for future parser).
- Fix lint warnings and other misc cleanup.
2013-07-03 - Release 1.2.0
Features
- Add geppetto
.project
natures - Add GH auto-release
- Add
apt::key::key_options
parameter - Add complex pin support using distribution properties for
apt::pin
via new properties:apt::pin::codename
apt::pin::release_version
apt::pin::component
apt::pin::originator
apt::pin::label
- Add source architecture support to
apt::source::architecture
Bugfixes
- Use apt-get instead of aptitude in apt::force
- Update default backports location
- Add dependency for required packages before apt-get update
2013-06-02 - Release 1.1.1
Summary
This is a bug fix release that resolves a number of issues:
- By changing template variable usage, we remove the deprecation warnings for Puppet 3.2.x
- Fixed proxy file removal, when proxy absent
Some documentation, style and whitespaces changes were also merged. This release also introduced proper rspec-puppet unit testing on Travis-CI to help reduce regression.
Thanks to all the community contributors below that made this patch possible.
Detail Changes
- fix minor comment type (Chris Rutter)
- whitespace fixes (Michael Moll)
- Update travis config file (William Van Hevelingen)
- Build all branches on travis (William Van Hevelingen)
- Standardize travis.yml on pattern introduced in stdlib (William Van Hevelingen)
- Updated content to conform to README best practices template (Lauren Rother)
- Fix apt::release example in readme (Brian Galey)
- add @ to variables in template (Peter Hoeg)
- Remove deprecation warnings for pin.pref.erb as well (Ken Barber)
- Update travis.yml to latest versions of puppet (Ken Barber)
- Fix proxy file removal (Scott Barber)
- Add spec test for removing proxy configuration (Dean Reilly)
- Fix apt::key listing longer than 8 chars (Benjamin Knofe)
Release 1.1.0
Summary
This release includes Ubuntu 12.10 (Quantal) support for PPAs.
2012-05-25 - Puppet Labs info@puppetlabs.com - Release 0.0.4
Summary
- Fix ppa list filename when there is a period in the PPA name
- Add .pref extension to apt preferences files
- Allow preferences to be purged
- Extend pin support
2012-05-04 - Puppet Labs info@puppetlabs.com - Release 0.0.3
Summary
- only invoke apt-get update once
- only install python-software-properties if a ppa is added
- support 'ensure => absent' for all defined types
- add apt::conf
- add apt::backports
- fixed Modulefile for module tool dependency resolution
- configure proxy before doing apt-get update
- use apt-get update instead of aptitude for apt::ppa
- add support to pin release
2012-03-26 - Puppet Labs info@puppetlabs.com - Release 0.0.2
Summary
- 41cedbb (#13261) Add real examples to smoke tests.
- d159a78 (#13261) Add key.pp smoke test
- 7116c7a (#13261) Replace foo source with puppetlabs source
- 1ead0bf Ignore pkg directory.
- 9c13872 (#13289) Fix some more style violations
- 0ea4ffa (#13289) Change test scaffolding to use a module & manifest dir fixture path
- a758247 (#13289) Clean up style violations and fix corresponding tests
- 99c3fd3 (#13289) Add puppet lint tests to Rakefile
- 5148cbf (#13125) Apt keys should be case insensitive
- b9607a4 Convert apt::key to use anchors
2012-03-07 - Puppet Labs info@puppetlabs.com - Release 0.0.1
Summary
- d4fec56 Modify apt::source release parameter test
- 1132a07 (#12917) Add contributors to README
- 8cdaf85 (#12823) Add apt::key defined type and modify apt::source to use it
- 7c0d10b (#12809) $release should use $lsbdistcodename and fall back to manual input
- be2cc3e (#12522) Adjust spec test for splitting purge
- 7dc60ae (#12522) Split purge option to spare sources.list
- 9059c4e Fix source specs to test all key permutations
- 8acb202 Add test for python-software-properties package
- a4af11f Check if python-software-properties is defined before attempting to define it.
- 1dcbf3d Add tests for required_packages change
- f3735d2 Allow duplicate $required_packages
- 74c8371 (#12430) Add tests for changes to apt module
- 97ebb2d Test two sources with the same key
- 1160bcd (#12526) Add ability to reverse apt { disable_keys => true }
- 2842d73 Add Modulefile to puppet-apt
- c657742 Allow the use of the same key in multiple sources
- 8c27963 (#12522) Adding purge option to apt class
- 997c9fd (#12529) Add unit test for apt proxy settings
- 50f3cca (#12529) Add parameter to support setting a proxy for apt
- d522877 (#12094) Replace chained .with_* with a hash
- 8cf1bd0 (#12094) Remove deprecated spec.opts file
- 2d688f4 (#12094) Add rspec-puppet tests for apt
- 0fb5f78 (#12094) Replace name with path in file resources
- f759bc0 (#11953) Apt::force passes $version to aptitude
- f71db53 (#11413) Add spec test for apt::force to verify changes to unless
- 2f5d317 (#11413) Update dpkg query used by apt::force
- cf6caa1 (#10451) Add test coverage to apt::ppa
- 0dd697d include_src parameter in example; Whitespace cleanup
- b662eb8 fix typos in "repositories"
- 1be7457 Fix (#10451) - apt::ppa fails to "apt-get update" when new PPA source is added
- 864302a Set the pin priority before adding the source (Fix #10449)
- 1de4e0a Refactored as per mlitteken
- 1af9a13 Added some crazy bash madness to check if the ppa is installed already. Otherwise the manifest tries to add it on every run!
- 52ca73e (#8720) Replace Apt::Ppa with Apt::Builddep
- 5c05fa0 added builddep command.
- a11af50 added the ability to specify the content of a key
- c42db0f Fixes ppa test.
- 77d2b0d reformatted whitespace to match recommended style of 2 space indentation.
- 27ebdfc ignore swap files.
- 377d58a added smoke tests for module.
- 18f614b reformatted apt::ppa according to recommended style.
- d8a1e4e Created a params class to hold global data.
- 636ae85 Added two params for apt class
- 148fc73 Update LICENSE.
- ed2d19e Support ability to add more than one PPA
- 420d537 Add call to apt-update after add-apt-repository in apt::ppa
- 945be77 Add package definition for python-software-properties
- 71fc425 Abs paths for all commands
- 9d51cd1 Adding LICENSE
- 71796e3 Heading fix in README
- 87777d8 Typo in README
- f848bac First commit
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 4.16.0 < 8.0.0)
- puppetlabs/translate (>= 1.0.0 < 3.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.