From 620f0a970ea55b05a4ee87125d586dc073bda96a Mon Sep 17 00:00:00 2001 From: "Daniel E. White" Date: Fri, 28 Sep 2018 13:11:45 -0400 Subject: [PATCH 1/3] New function Get public keys out of a key file --- functions/get_gpg_keys.rb | 24 ++++++++++++++++++++++++ manifests/gpgkey.pp | 35 ++++++++++++++++++----------------- 2 files changed, 42 insertions(+), 17 deletions(-) create mode 100644 functions/get_gpg_keys.rb diff --git a/functions/get_gpg_keys.rb b/functions/get_gpg_keys.rb new file mode 100644 index 00000000..6771469d --- /dev/null +++ b/functions/get_gpg_keys.rb @@ -0,0 +1,24 @@ +Puppet::Functions.create_function(:'yum::get_gpg_keys') do + dispatch :get_gpg_keys do + param 'String', :key_file + end + + def get_gpg_keys(key_file) + keys = [] + if File.exist?(key_file) + cmd = "/usr/bin/gpg #{key_file}" + outt = Puppet::Util::Execution.execute(cmd).split("\n") + # Iterate thru each output line + outt.each do |line| + # Only public keys + if line[0..2] == 'pub' + the_key = line.split(' ')[1].split('/')[1].downcase + keys.push(the_key) + end + end + else + Puppet.warning("Key file '#(key_file)' does not exist") + end + keys + end +end diff --git a/manifests/gpgkey.pp b/manifests/gpgkey.pp index 170b7e7c..b020d825 100644 --- a/manifests/gpgkey.pp +++ b/manifests/gpgkey.pp @@ -58,25 +58,26 @@ mode => $mode, } - $rpmname = "gpg-pubkey-$(gpg ${path} | head -1 | cut -c12-20 | \ -tr '[A-Z]' '[a-z]')" + $keys = yum::get_gpg_keys($path) - case $ensure { - 'present', default: { - exec { "rpm-import-${name}": - path => '/bin:/usr/bin:/sbin/:/usr/sbin', - command => "rpm --import ${path}", - unless => "rpm -q ${rpmname}", - require => File[$path], + $keys.each |$one_key| { + $the_rpmname = "gpg-pubkey-${one_key}" + case $ensure { + 'present', default: { + exec { "rpm-import-${name}": + path => '/bin:/usr/bin:/sbin/:/usr/sbin', + command => "rpm --import ${path}", + unless => "rpm -q ${the_rpmname}", + require => File[$path], + } } - } - - 'absent': { - exec { "rpm-delete-${name}": - path => '/bin:/usr/bin:/sbin/:/usr/sbin', - command => "rpm -e ${rpmname}", - onlyif => ["test -f ${path}", "rpm -q ${rpmname}"], - before => File[$path], + 'absent': { + exec { "rpm-delete-${name}": + path => '/bin:/usr/bin:/sbin/:/usr/sbin', + command => "rpm -e ${the_rpmname}", + onlyif => ["test -f ${path}", "rpm -q ${the_rpmname}"], + before => File[$path], + } } } } From f99c0fdf404d182b2622e09c417e78887fa4f075 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Sun, 7 Oct 2018 09:29:05 +0200 Subject: [PATCH 2/3] move function to the apropriate dir --- {functions => lib/puppet/functions/yum}/get_gpg_keys.rb | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {functions => lib/puppet/functions/yum}/get_gpg_keys.rb (100%) diff --git a/functions/get_gpg_keys.rb b/lib/puppet/functions/yum/get_gpg_keys.rb similarity index 100% rename from functions/get_gpg_keys.rb rename to lib/puppet/functions/yum/get_gpg_keys.rb From 6b65992be6ff36303abe2ff3c31155a799cdd917 Mon Sep 17 00:00:00 2001 From: Tim Meusel Date: Sun, 7 Oct 2018 09:29:18 +0200 Subject: [PATCH 3/3] use datatype for array iteration --- manifests/gpgkey.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/gpgkey.pp b/manifests/gpgkey.pp index b020d825..50b6968b 100644 --- a/manifests/gpgkey.pp +++ b/manifests/gpgkey.pp @@ -60,8 +60,8 @@ $keys = yum::get_gpg_keys($path) - $keys.each |$one_key| { - $the_rpmname = "gpg-pubkey-${one_key}" + $keys.each |String $key| { + $the_rpmname = "gpg-pubkey-${key}" case $ensure { 'present', default: { exec { "rpm-import-${name}":