apt
Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- ,
Tasks:
- apt
Start using this module
Add this module to your Puppetfile:
mod 'puppetlabs-apt', '10.0.0'
Learn more about managing modules with a PuppetfileDocumentation
apt
Table of Contents
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with apt
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- License
- Development - Guide for contributing to the module
Module Description
The apt module lets you use Puppet to manage APT (Advanced Package Tool) sources, keys, and other configuration options.
APT is a package manager available on Debian, Ubuntu, and several other operating systems. The apt module provides a series of classes, defines, types, and facts to help you automate APT package management.
Note: Prior to Puppet 7, for this module to correctly autodetect which version of
Debian/Ubuntu (or derivative) you're running, you need to make sure the lsb-release
package is
installed. With Puppet 7 the lsb-release
package is not needed.
Setup
What apt affects
- Your system's
preferences
file andpreferences.d
directory - Your system's
sources.list
file andsources.list.d
directory - Your system's
apt.conf.d
directory - System repositories
- Authentication keys
Note: This module offers purge
parameters which, if set to true
, destroy any configuration on the node's sources.list(.d)
, preferences(.d)
and apt.conf.d
that you haven't declared through Puppet. The default for these parameters is false
.
Beginning with apt
To use the apt module with default parameters, declare the apt
class.
include apt
Note: The main apt
class is required by all other classes, types, and defined types in this module. You must declare it whenever you use the module.
Usage
Add GPG keys
You can fetch GPG keys via HTTP, Puppet URI, or local filesystem. The key can be in GPG binary format, or ASCII armored, but the filename should have the appropriate extension (.gpg
for keys in binary format; or .asc
for ASCII armored keys).
Fetch via HTTP
apt::keyring { 'puppetlabs-keyring.gpg':
source => 'https://apt.puppetlabs.com/keyring.gpg',
}
Fetch via Puppet URI
apt::keyring { 'puppetlabs-keyring.gpg':
source => 'puppet:///modules/my_module/local_puppetlabs-keyring.gpg',
}
Alternatively apt::key
can be used.
Warning apt::key
is deprecated in the latest Debian and Ubuntu releases. Please use apt::keyring instead.
Warning: Using short key IDs presents a serious security issue, potentially leaving you open to collision attacks. We recommend you always use full fingerprints to identify your GPG keys. This module allows short keys, but issues a security warning if you use them.
Declare the apt::key
defined type:
apt::key { 'puppetlabs':
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'pgp.mit.edu',
options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"',
}
Prioritize backports
class { 'apt::backports':
pin => 500,
}
By default, the apt::backports
class drops a pin file for backports, pinning it to a priority of 200. This is lower than the normal default of 500, so packages with ensure => latest
don't get upgraded from backports without your explicit permission.
If you raise the priority through the pin
parameter to 500, normal policy goes into effect and Apt installs or upgrades to the newest version. This means that if a package is available from backports, it and its dependencies are pulled in from backports unless you explicitly set the ensure
attribute of the package
resource to installed
/present
or a specific version.
Update the list of packages
By default, Puppet runs apt-get update
on the first Puppet run after you include the apt
class, and anytime notify => Exec['apt_update']
occurs; i.e., whenever config files get updated or other relevant changes occur. If you set update['frequency']
to 'always', the update runs on every Puppet run. You can also set update['frequency']
to 'hourly', 'daily', 'weekly' or any integer value >= 60:
class { 'apt':
update => {
frequency => 'daily',
},
}
When Exec['apt_update']
is triggered, it generates a notice
-level message. Because the default logging level for agents is notice
, this causes the repository update to appear in agent logs. To silence these updates from the default log output, set the loglevel metaparameter for Exec['apt_update']
above the agent logging level:
class { 'apt':
update => {
frequency => 'daily',
loglevel => 'debug',
},
}
NOTE: Every
Exec['apt_update']
run will generate a corrective change, even if the apt caches are not updated. For example, setting an update frequency ofalways
can result in every Puppet run resulting in a corrective change. This is a known issue. For details, see MODULES-10763.
Pin a specific release
apt::pin { 'karmic': priority => 700 }
apt::pin { 'karmic-updates': priority => 700 }
apt::pin { 'karmic-security': priority => 700 }
You can also specify more complex pins using distribution properties:
apt::pin { 'stable':
priority => -10,
originator => 'Debian',
release_version => '3.0',
component => 'main',
label => 'Debian'
}
To pin multiple packages, pass them to the packages
parameter as an array or a space-delimited string.
Add a Personal Package Archive (PPA) repository
apt::ppa { 'ppa:drizzle-developers/ppa': }
Add an Apt source to /etc/apt/sources.list.d/
apt::source { 'debian_unstable':
comment => 'This is the iWeb Debian unstable mirror',
location => 'http://debian.mirror.iweb.ca/debian/',
release => 'unstable',
repos => 'main contrib non-free non-free-firmware',
pin => '-10',
key => {
'id' => 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553',
'server' => 'subkeys.pgp.net',
},
include => {
'src' => true,
'deb' => true,
},
}
To use the Puppet Apt repository as a source:
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
repos => 'main',
key => {
'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
'server' => 'pgp.mit.edu',
},
}
Adding name and source to the key parameter of apt::source, which then manages modern apt gpg keyrings
The name
parameter of key hash should contain the filename with extension (such as puppetlabs.gpg
).
apt::source { 'puppetlabs':
comment => 'Puppet8',
location => 'https://apt.puppetlabs.com/',
repos => 'puppet8',
key => {
'name' => 'puppetlabs.gpg',
'source' => 'https://apt.puppetlabs.com/keyring.gpg',
},
}
Generating a DEB822 .sources file
You can also generate a DEB822 format .sources file. This example covers most of the available options.
Use the source_format
parameter to choose between 'list' and 'sources' (DEB822) formats.
apt::source { 'debian':
source_format => 'sources'
comment => 'Official Debian Repository',
enabled => true,
types => ['deb', 'deb-src'],
location => ['http://fr.debian.org/debian', 'http://de.debian.org/debian']
release => ['stable', 'stable-updates', 'stable-backports'],
repos => ['main', 'contrib', 'non-free'],
architecture => ['amd64', 'i386'],
allow_unsigned => true,
keyring => '/etc/apt/keyrings/debian.gpg'
notify_update => false
}
Configure Apt from Hiera
Instead of specifying your sources directly as resources, you can instead just include the apt
class, which will pick up the values automatically from hiera.
apt::sources:
'debian_unstable':
comment: 'This is the iWeb Debian unstable mirror'
location: 'http://debian.mirror.iweb.ca/debian/'
release: 'unstable'
repos: 'main contrib non-free non-free-firmware'
pin: '-10'
key:
id: 'A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553'
server: 'subkeys.pgp.net'
include:
src: true
deb: true
'puppetlabs':
location: 'http://apt.puppetlabs.com'
repos: 'main'
key:
id: '6F6B15509CF8E59E6E469F327F438280EF8D349F'
server: 'pgp.mit.edu'
Replace the default sources.list
file
The following example replaces the default /etc/apt/sources.list
. Along with this code, be sure to use the purge
parameter, or you might get duplicate source warnings when running Apt.
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-security":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-security"
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-updates":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-updates"
}
apt::source { "archive.ubuntu.com-${facts['os']['distro']['codename']}-backports":
location => 'http://archive.ubuntu.com/ubuntu',
key => '630239CC130E1A7FD81A27B140976EAF437D05B5',
repos => 'main universe multiverse restricted',
release => "${facts['os']['distro']['codename']}-backports"
}
Manage login configuration settings for an APT source or proxy in /etc/apt/auth.conf
Starting with APT version 1.5, you can define login configuration settings, such as
username and password, for APT sources or proxies that require authentication
in the /etc/apt/auth.conf
file. This is preferable to embedding login
information directly in source.list
entries, which are usually world-readable.
The /etc/apt/auth.conf
file follows the format of netrc (used by ftp or
curl) and has restrictive file permissions. See here for details.
Use the optional apt::auth_conf_entries
parameter to specify an array of hashes containing login configuration settings. These hashes may only contain the machine
, login
and password
keys.
class { 'apt':
auth_conf_entries => [
{
'machine' => 'apt-proxy.example.net',
'login' => 'proxylogin',
'password' => 'proxypassword',
},
{
'machine' => 'apt.example.com/ubuntu',
'login' => 'reader',
'password' => 'supersecret',
},
],
}
Reference
Facts
-
apt_updates
: The number of installed packages with available updates fromupgrade
. -
apt_dist_updates
: The number of installed packages with available updates fromdist-upgrade
. -
apt_security_updates
: The number of installed packages with available security updates fromupgrade
. -
apt_security_dist_updates
: The number of installed packages with available security updates fromdist-upgrade
. -
apt_package_updates
: The names of all installed packages with available updates fromupgrade
. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. -
apt_package_dist_updates
: The names of all installed packages with available updates fromdist-upgrade
. In Facter 2.0 and later this data is formatted as an array; in earlier versions it is a comma-delimited string. -
apt_update_last_success
: The date, in epochtime, of the most recent successfulapt-get update
run (based on the mtime of /var/lib/apt/periodic/update-success-stamp). -
apt_reboot_required
: Determines if a reboot is necessary after updates have been installed.
More Information
See REFERENCE.md for all other reference documentation.
Limitations
This module is not designed to be split across run stages.
For an extensive list of supported operating systems, see metadata.json
Adding new sources or PPAs
If you are adding a new source or PPA and trying to install packages from the new source or PPA on the same Puppet run, your package
resource should depend on Class['apt::update']
, as well as depending on the Apt::Source
or the Apt::Ppa
. You can also add collectors to ensure that all packages happen after apt::update
, but this can lead to dependency cycles and has implications for virtual resources. Before running the command below, ensure that all packages have the provider set to apt.
Class['apt::update'] -> Package <| provider == 'apt' |>
License
This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of AGPL, BSD-2, BSD-3, GPL2.0, LGPL, MIT and MPL Licensing.
Development
Acceptance tests for this module leverage puppet_litmus. To run the acceptance tests follow the instructions here. You can also find a tutorial and walkthrough of using Litmus and the PDK on YouTube.
If you run into an issue with this module, or if you would like to request a feature, please file a ticket. Every Monday the Puppet IA Content Team has office hours in the Puppet Community Slack, alternating between an EMEA friendly time (1300 UTC) and an Americas friendly time (0900 Pacific, 1700 UTC).
If you have problems getting this module up and running, please contact Support.
If you submit a change to this module, be sure to regenerate the reference documentation as follows:
puppet strings generate --format markdown --out REFERENCE.md
Reference
Table of Contents
Classes
Public Classes
apt
: Main class, includes all other classes.apt::backports
: Manages backports.
Private Classes
apt::update
: Updates the list of available packages using apt-get update.
Defined types
apt::conf
: Specifies a custom Apt configuration file.apt::key
: Manages the GPG keys that Apt uses to authenticate packages.apt::keyring
: Manage GPG keyrings for apt repositoriesapt::mark
: Manages apt-mark settingsapt::pin
: Manages Apt pins. Does not trigger an apt-get update run.apt::ppa
: Manages PPA repositories usingadd-apt-repository
. Not supported on Debian.apt::setting
: Manages Apt configuration files.apt::source
: Manages the Apt sources in /etc/apt/sources.list.d/.
Resource types
Private Resource types
apt_key
: This type provides Puppet with the capabilities to manage GPG keys needed by apt to perform package validation. Apt has it's own GPG keyring that can be manipulated through theapt-key
command.
Data types
Apt::Auth_conf_entry
: Login configuration settings that are recorded in the file/etc/apt/auth.conf
.Apt::Proxy
: Configures Apt to connect to a proxy server.Apt::Proxy_Per_Host
: Adds per-host overrides to the system default APT proxy configuration
Tasks
init
: Allows you to perform apt-get functions
Classes
apt
Main class, includes all other classes.
- See also
- https://docs.puppetlabs.com/references/latest/function.html#createresources
- for the create resource function
- https://docs.puppetlabs.com/references/latest/function.html#createresources
Parameters
The following parameters are available in the apt
class:
provider
keyserver
key_options
ppa_options
ppa_package
backports
confs
update
update_defaults
purge
purge_defaults
proxy
proxy_defaults
sources
keys
keyrings
ppas
pins
settings
manage_auth_conf
auth_conf_entries
auth_conf_owner
root
sources_list
sources_list_d
conf_d
preferences
preferences_d
config_files
sources_list_force
include_defaults
apt_conf_d
source_key_defaults
provider
Data type: Stdlib::Absolutepath
Specifies the provider that should be used by apt::update.
Default value: '/usr/bin/apt-get'
keyserver
Data type: Stdlib::Host
Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, or hkp://).
Default value: 'keyserver.ubuntu.com'
key_options
Data type: Optional[String[1]]
Specifies the default options for apt::key resources.
Default value: undef
ppa_options
Data type: Optional[Array[String[1]]]
Supplies options to be passed to the add-apt-repository
command.
Default value: undef
ppa_package
Data type: Optional[String[1]]
Names the package that provides the apt-add-repository
command.
Default value: undef
backports
Data type: Optional[Hash]
Specifies some of the default parameters used by apt::backports. Valid options: a hash made up from the following keys:
Options:
- :location
String
: See apt::backports for documentation. - :repos
String
: See apt::backports for documentation. - :key
String
: See apt::backports for documentation.
Default value: undef
confs
Data type: Hash
Hash of apt::conf
resources.
Default value: {}
update
Data type: Hash
Configures various update settings. Valid options: a hash made up from the following keys:
Options:
- :frequency
String
: Specifies how often to runapt-get update
. If the exec resourceapt_update
is notified,apt-get update
runs regardless of this value. Valid options: 'always' (at every Puppet run); 'hourly' (if the value ofapt_update_last_success
is less than current epoch time minus 3600); 'daily' (if the value ofapt_update_last_success
is less than current epoch time minus 86400); 'weekly' (if the value ofapt_update_last_success
is less than current epoch time minus 604800); Integer (if the value ofapt_update_last_success
is less than current epoch time minus provided Integer value); 'reluctantly' (only if the exec resourceapt_update
is notified). Default: 'reluctantly'. - :loglevel
Integer
: Specifies the log level of logs outputted to the console. Default: undef. - :timeout
Integer
: Specifies how long to wait for the update to complete before canceling it. Valid options: an integer, in seconds. Default: undef. - :tries
Integer
: Specifies how many times to retry the update after receiving a DNS or HTTP error. Default: undef.
Default value: {}
update_defaults
Data type: Hash
The default update settings that are combined and merged with the passed update
value
Default value:
{
'frequency' => 'reluctantly',
'loglevel' => undef,
'timeout' => undef,
'tries' => undef,
}
purge
Data type: Hash
Specifies whether to purge any existing settings that aren't managed by Puppet. Valid options: a hash made up from the following keys:
Options:
- :sources.list
Boolean
: Specifies whether to purge any unmanaged entries from sources.list. Default false. - :sources.list.d
Boolean
: Specifies whether to purge any unmanaged entries from sources.list.d. Default false. - :preferences
Boolean
: Specifies whether to purge any unmanaged entries from preferences. Default false. - :preferences.d.
Boolean
: Specifies whether to purge any unmanaged entries from preferences.d. Default false.
Default value: {}
purge_defaults
Data type: Hash
The default purge settings that are combined and merged with the passed purge
value
Default value:
{
'sources.list' => false,
'sources.list.d' => false,
'preferences' => false,
'preferences.d' => false,
'apt.conf.d' => false,
}
proxy
Data type: Apt::Proxy
Configures Apt to connect to a proxy server. Valid options: a hash matching the locally defined type apt::proxy.
Default value: {}
proxy_defaults
Data type: Hash
The default proxy settings that are combined and merged with the passed proxy
value
Default value:
{
'ensure' => undef,
'host' => undef,
'port' => 8080,
'https' => false,
'https_acng' => false,
'direct' => false,
}
sources
Data type: Hash
Hash of apt::source
resources.
Default value: {}
keys
Data type: Hash
Hash of apt::key
resources.
Default value: {}
keyrings
Data type: Hash
Hash of apt::keyring
resources.
Default value: {}
ppas
Data type: Hash
Hash of apt::ppa
resources.
Default value: {}
pins
Data type: Hash
Hash of apt::pin
resources.
Default value: {}
settings
Data type: Hash
Hash of apt::setting
resources.
Default value: {}
manage_auth_conf
Data type: Boolean
Specifies whether to manage the /etc/apt/auth.conf file. When true, the file will be overwritten with the entries specified in the auth_conf_entries parameter. When false, the file will be ignored (note that this does not set the file to absent.
Default value: true
auth_conf_entries
Data type: Array[Apt::Auth_conf_entry]
An optional array of login configuration settings (hashes) that are recorded in the file /etc/apt/auth.conf. This file has a netrc-like format (similar to what curl uses) and contains the login configuration for APT sources and proxies that require authentication. See https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html for details. If specified each hash must contain the keys machine, login and password and no others. Specifying manage_auth_conf and not specifying this parameter will set /etc/apt/auth.conf to absent.
Default value: []
auth_conf_owner
Data type: String[1]
The owner of the file /etc/apt/auth.conf.
Default value: '_apt'
root
Data type: Stdlib::Absolutepath
Specifies root directory of Apt executable.
Default value: '/etc/apt'
sources_list
Data type: Stdlib::Absolutepath
Specifies the path of the sources_list file to use.
Default value: "${root}/sources.list"
sources_list_d
Data type: Stdlib::Absolutepath
Specifies the path of the sources_list.d file to use.
Default value: "${root}/sources.list.d"
conf_d
Data type: Stdlib::Absolutepath
Specifies the path of the conf.d file to use.
Default value: "${root}/apt.conf.d"
preferences
Data type: Stdlib::Absolutepath
Specifies the path of the preferences file to use.
Default value: "${root}/preferences"
preferences_d
Data type: Stdlib::Absolutepath
Specifies the path of the preferences.d file to use.
Default value: "${root}/preferences.d"
config_files
Data type: Hash
A hash made up of the various configuration files used by Apt.
Default value:
{
'conf' => {
'path' => $conf_d,
'ext' => '',
},
'pref' => {
'path' => $preferences_d,
'ext' => '.pref',
},
'list' => {
'path' => $sources_list_d,
'ext' => '.list',
},
'sources' => {
'path' => $sources_list_d,
'ext' => '.sources',
},
}
sources_list_force
Data type: Boolean
Specifies whether to perform force purge or delete.
Default value: false
include_defaults
Data type: Hash
The package types to include by default.
Default value:
{
'deb' => true,
'src' => false,
}
apt_conf_d
Data type: Stdlib::Absolutepath
The path to the file apt.conf.d
Default value: "${root}/apt.conf.d"
source_key_defaults
Data type: Hash
The fault source_key
settings
Default value:
{
'server' => $keyserver,
'options' => undef,
'content' => undef,
'source' => undef,
}
apt::backports
Manages backports.
Examples
Set up a backport source for Ubuntu
include apt::backports
Parameters
The following parameters are available in the apt::backports
class:
location
Data type: Optional[Stdlib::HTTPUrl]
Specifies an Apt repository containing the backports to manage. Valid options: a string containing a URL. Default value for Debian and Ubuntu varies:
-
Debian: 'http://deb.debian.org/debian'
-
Ubuntu: 'http://archive.ubuntu.com/ubuntu'
Default value: undef
release
Data type: Optional[String[1]]
Specifies a distribution of the Apt repository containing the backports to manage. Used in populating the sources.list
configuration file.
Default: on Debian and Ubuntu, ${fact('os.distro.codename')}-backports
. We recommend keeping this default, except on other operating
systems.
Default value: undef
repos
Data type: Optional[String[1]]
Specifies a component of the Apt repository containing the backports to manage. Used in populating the sources.list
configuration file.
Default value for Debian and Ubuntu varies:
-
Debian: 'main contrib non-free non-free-firmware'
-
Ubuntu: 'main universe multiverse restricted'
Default value: undef
key
Data type: Optional[Variant[String[1], Hash]]
Specifies a key to authenticate the backports. Valid options: a string to be passed to the id parameter of the apt::key defined type, or a hash of parameter => value pairs to be passed to apt::key's id, server, content, source, and/or options parameters.
Default value: undef
keyring
Data type: Stdlib::AbsolutePath
Absolute path to a file containing the PGP keyring used to sign this repository. Value is passed to the apt::source and used to set signed-by on the source entry.
Default value: "/usr/share/keyrings/${facts['os']['name'].downcase}-archive-keyring.gpg"
pin
Data type: Variant[Integer, String[1], Hash]
Specifies a pin priority for the backports. Valid options: a number or string to be passed to the id
parameter of the apt::pin
defined
type, or a hash of parameter => value
pairs to be passed to apt::pin
's corresponding parameters.
Default value: 200
include
Data type: Hash
Specifies whether to include 'deb' or 'src', or both.
Default value: {}
Defined types
apt::conf
Specifies a custom Apt configuration file.
Parameters
The following parameters are available in the apt::conf
defined type:
content
Data type: Optional[String[1]]
Required unless ensure
is set to 'absent'. Directly supplies content for the configuration file.
Default value: undef
ensure
Data type: Enum['present', 'absent']
Specifies whether the configuration file should exist.
Default value: present
priority
Data type: Variant[String[1], Integer[0]]
Determines the order in which Apt processes the configuration file. Files with lower priority numbers are loaded first. Valid options: a string containing an integer or an integer.
Default value: 50
notify_update
Data type: Optional[Boolean]
Specifies whether to trigger an apt-get update
run.
Default value: undef
apt::key
Manages the GPG keys that Apt uses to authenticate packages.
- Note The apt::key defined type makes use of the apt_key type, but includes extra functionality to help prevent duplicate keys.
Examples
Declare Apt key for apt.puppetlabs.com source
apt::key { 'puppetlabs':
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'keyserver.ubuntu.com',
options => 'http-proxy="http://proxyuser:proxypass@example.org:3128"',
}
Parameters
The following parameters are available in the apt::key
defined type:
id
Data type: Pattern[/\A(0x)?[0-9a-fA-F]{8}\Z/, /\A(0x)?[0-9a-fA-F]{16}\Z/, /\A(0x)?[0-9a-fA-F]{40}\Z/]
Specifies a GPG key to authenticate Apt package signatures. Valid options: a string containing a key ID (8 or 16 hexadecimal characters, optionally prefixed with "0x") or a full key fingerprint (40 hexadecimal characters).
Default value: $title
ensure
Data type: Enum['present', 'absent', 'refreshed']
Specifies whether the key should exist. Using refreshed
will make keys
auto update when they have expired (assuming a new key exists on the key
server).
Default value: present
content
Data type: Optional[String[1]]
Supplies the entire GPG key. Useful in case the key can't be fetched from a remote location and using a file resource is inconvenient.
Default value: undef
source
Data type: Optional[Pattern[/\Ahttps?:\/\//, /\Aftp:\/\//, /\A\/\w+/]]
Specifies the location of an existing GPG key file to copy. Valid options: a string containing a URL (ftp://, http://, or https://) or an absolute path.
Default value: undef
server
Data type: Pattern[/\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$/]
Specifies a keyserver to provide the GPG key. Valid options: a string containing a domain name or a full URL (http://, https://, hkp:// or hkps://). The hkps:// protocol is currently only supported on Ubuntu 18.04.
Default value: $apt::keyserver
weak_ssl
Data type: Boolean
Specifies whether strict SSL verification on a https URL should be disabled.
Default value: false
options
Data type: Optional[String[1]]
Passes additional options to apt-key adv --keyserver-options
.
Default value: $apt::key_options
apt::keyring
Manage GPG keyrings for apt repositories
Examples
Download the puppetlabs apt keyring
apt::keyring { 'puppetlabs-keyring.gpg':
source => 'https://apt.puppetlabs.com/keyring.gpg',
}
Deploy the apt source and associated keyring file
apt::source { 'puppet8-release':
location => 'http://apt.puppetlabs.com',
repos => 'puppet8',
key => {
name => 'puppetlabs-keyring.gpg',
source => 'https://apt.puppetlabs.com/keyring.gpg'
}
}
Parameters
The following parameters are available in the apt::keyring
defined type:
dir
Data type: Stdlib::Absolutepath
Path to the directory where the keyring will be stored.
Default value: '/etc/apt/keyrings'
filename
Data type: String[1]
Optional filename for the keyring. It should also contain extension along with the filename.
Default value: $name
mode
Data type: Stdlib::Filemode
File permissions of the keyring.
Default value: '0644'
source
Data type: Optional[Stdlib::Filesource]
Source of the keyring file. Mutually exclusive with 'content'.
Default value: undef
content
Data type: Optional[String[1]]
Content of the keyring file. Mutually exclusive with 'source'.
Default value: undef
ensure
Data type: Enum['present','absent']
Ensure presence or absence of the resource.
Default value: 'present'
apt::mark
Manages apt-mark settings
Parameters
The following parameters are available in the apt::mark
defined type:
setting
Data type: Enum['auto','manual','hold','unhold']
Specifies the behavior of apt in case of no more dependencies installed https://manpages.debian.org/stable/apt/apt-mark.8.en.html
apt::pin
Manages Apt pins. Does not trigger an apt-get update run.
- See also
- https://manpages.debian.org/stable/apt/apt_preferences.5.en.html
- for context on these parameters
- https://manpages.debian.org/stable/apt/apt_preferences.5.en.html
Parameters
The following parameters are available in the apt::pin
defined type:
ensure
explanation
order
packages
priority
release
release_version
component
originator
label
origin
version
codename
ensure
Data type: Enum['file', 'present', 'absent']
Specifies whether the pin should exist.
Default value: present
explanation
Data type: Optional[String[1]]
Supplies a comment to explain the pin. Default: "${caller_module_name}: ${name}".
Default value: undef
order
Data type: Variant[Integer[0]]
Determines the order in which Apt processes the pin file. Files with lower order numbers are loaded first.
Default value: 50
packages
Data type: Variant[String[1], Array[String[1]]]
Specifies which package(s) to pin.
Default value: '*'
priority
Data type: Variant[Integer, String[1]]
Sets the priority of the package. If multiple versions of a given package are available, apt-get
installs the one with the highest
priority number (subject to dependency constraints).
Default value: 0
release
Data type: Optional[String[1]]
Tells APT to prefer packages that support the specified release. Typical values include 'stable', 'testing', and 'unstable'.
Default value: undef
release_version
Data type: Optional[String[1]]
Tells APT to prefer packages that support the specified operating system release version (such as Debian release version 7).
Default value: undef
component
Data type: Optional[String[1]]
Names the licensing component associated with the packages in the directory tree of the Release file.
Default value: undef
originator
Data type: Optional[String[1]]
Names the originator of the packages in the directory tree of the Release file.
Default value: undef
label
Data type: Optional[String[1]]
Names the label of the packages in the directory tree of the Release file.
Default value: undef
origin
Data type: Optional[String[1]]
The package origin (the hostname part of the package's sources.list entry)
Default value: undef
version
Data type: Optional[String[1]]
The version of the package
Default value: undef
codename
Data type: Optional[String[1]]
The codename of the release
Default value: undef
apt::ppa
Manages PPA repositories using add-apt-repository
. Not supported on Debian.
Examples
Declaration of an Apt PPA
apt::ppa { 'ppa:openstack-ppa/bleeding-edge': }
Parameters
The following parameters are available in the apt::ppa
defined type:
ensure
Data type: Enum['present', 'absent']
Specifies whether the PPA should exist.
Default value: 'present'
options
Data type: Optional[Array[String[1]]]
Supplies options to be passed to the add-apt-repository
command.
Default value: $apt::ppa_options
release
Data type: Optional[String[1]]
Specifies the operating system of your node. Valid options: a string containing a valid LSB distribution codename.
Optional if puppet facts show os.distro.codename
returns your correct distribution release codename.
Default value: fact('os.distro.codename')
dist
Data type: Optional[String[1]]
Specifies the distribution of your node. Valid options: a string containing a valid distribution codename.
Optional if puppet facts show os.name
returns your correct distribution name.
Default value: $facts['os']['name']
package_name
Data type: Optional[String[1]]
Names the package that provides the apt-add-repository
command.
Default value: $apt::ppa_package
package_manage
Data type: Boolean
Specifies whether Puppet should manage the package that provides apt-add-repository
.
Default value: false
apt::setting
Manages Apt configuration files.
- See also
- https://www.puppet.com/docs/puppet/latest/types/file.html#file-attributes
- for more information on source and content parameters
- https://www.puppet.com/docs/puppet/latest/types/file.html#file-attributes
Parameters
The following parameters are available in the apt::setting
defined type:
priority
Data type: Variant[String[1], Integer[0]]
Determines the order in which Apt processes the configuration file. Files with higher priority numbers are loaded first.
Default value: 50
ensure
Data type: Enum['file', 'present', 'absent']
Specifies whether the file should exist.
Default value: file
source
Data type: Optional[String[1]]
Required, unless content
is set. Specifies a source file to supply the content of the configuration file. Cannot be used in combination
with content
. Valid options: see link above for Puppet's native file type source attribute.
Default value: undef
content
Data type: Optional[String[1]]
Required, unless source
is set. Directly supplies content for the configuration file. Cannot be used in combination with source
. Valid
options: see link above for Puppet's native file type content attribute.
Default value: undef
notify_update
Data type: Boolean
Specifies whether to trigger an apt-get update
run.
Default value: true
apt::source
Manages the Apt sources in /etc/apt/sources.list.d/.
Examples
Install the puppetlabs apt source
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
repos => 'main',
key => {
id => '6F6B15509CF8E59E6E469F327F438280EF8D349F',
server => 'keyserver.ubuntu.com',
},
}
Download key behaviour to handle modern apt gpg keyrings. The name
parameter in the key hash should be given with
extension. Absence of extension will result in file formation with just name and no extension.
apt::source { 'puppetlabs':
location => 'http://apt.puppetlabs.com',
comment => 'Puppet8',
key => {
'name' => 'puppetlabs.gpg',
'source' => 'https://apt.puppetlabs.com/keyring.gpg',
},
}
Install the puppetlabs apt source (deb822 format)
apt::source { 'puppetlabs':
source_format => 'sources'
location => ['http://apt.puppetlabs.com'],
repos => ['puppet8'],
keyring => '/etc/apt/keyrings/puppetlabs.gpg',
}
Parameters
The following parameters are available in the apt::source
defined type:
source_format
location
types
enabled
comment
ensure
release
repos
include
key
keyring
pin
architecture
allow_unsigned
allow_insecure
notify_update
check_valid_until
source_format
Data type: Enum['list', 'sources']
The file format to use for the apt source. See https://wiki.debian.org/SourcesList
Default value: 'list'
location
Data type: Optional[Variant[String[1], Array[String[1]]]]
Required, unless ensure is set to 'absent'. Specifies an Apt repository. Valid options: a string containing a repository URL. DEB822: Supports an array of URL values
Default value: undef
types
Data type: Array[Enum['deb','deb-src'], 1, 2]
DEB822: The package types this source manages.
Default value: ['deb']
enabled
Data type: Boolean
DEB822: Enable or Disable the APT source.
Default value: true
comment
Data type: String[1]
Supplies a comment for adding to the Apt source file.
Default value: $name
ensure
Data type: Enum['present', 'absent']
Specifies whether the Apt source file should exist.
Default value: present
release
Data type: Optional[Variant[String[0], Array[String[0]]]]
Specifies a distribution of the Apt repository. DEB822: Supports an array of values
Default value: undef
repos
Data type: Variant[String[1], Array[String[1]]]
Specifies a component of the Apt repository. DEB822: Supports an array of values
Default value: 'main'
include
Data type: Hash
Configures include options. Valid options: a hash of available keys.
Options:
- :deb
Boolean
: Specifies whether to request the distribution's compiled binaries. - :src
Boolean
: Specifies whether to request the distribution's uncompiled source code.
Default value: {}
key
Data type: Optional[Variant[String[1], Hash]]
Creates an apt::keyring
in /etc/apt/keyrings
(or anywhere on disk given filename
) Valid options:
- a hash of
parameter => value
pairs to be passed tofile
:name
(title),content
,source
,filename
The following inputs are valid for the (deprecated) apt::key
defined type. Valid options:
- a string to be passed to the
id
parameter of theapt::key
defined type - a hash of
parameter => value
pairs to be passed toapt::key
:id
,server
,content
,source
,weak_ssl
,options
Default value: undef
keyring
Data type: Optional[Stdlib::AbsolutePath]
Absolute path to a file containing the PGP keyring used to sign this repository. Value is used to set signed-by on the source entry.
This is not necessary if the key is installed with key
param above.
See https://wiki.debian.org/DebianRepository/UseThirdParty for details.
Default value: undef
pin
Data type: Optional[Variant[Hash, Integer, String[1]]]
Creates a declaration of the apt::pin defined type. Valid options: a number or string to be passed to the priority
parameter of the
apt::pin
defined type, or a hash of parameter => value
pairs to be passed to apt::pin
's corresponding parameters.
Default value: undef
architecture
Data type: Optional[Variant[String[1], Array[String[1]]]]
Tells Apt to only download information for specified architectures. Valid options: a string containing one or more architecture names, separated by commas (e.g., 'i386' or 'i386,alpha,powerpc'). (if unspecified, Apt downloads information for all architectures defined in the Apt::Architectures option) DEB822: Supports an array of values
Default value: undef
allow_unsigned
Data type: Optional[Boolean]
Specifies whether to authenticate packages from this release, even if the Release file is not signed or the signature can't be checked.
Default value: undef
allow_insecure
Data type: Optional[Boolean]
Specifies whether to allow downloads from insecure repositories.
Default value: undef
notify_update
Data type: Boolean
Specifies whether to trigger an apt-get update
run.
Default value: true
check_valid_until
Data type: Optional[Boolean]
Specifies whether to check if the package release date is valid.
Default value: undef
Data types
Apt::Auth_conf_entry
Login configuration settings that are recorded in the file /etc/apt/auth.conf
.
- See also
- https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html
- for more information
Alias of
Struct[{
machine => String[1],
login => String,
password => String
}]
Parameters
The following parameters are available in the Apt::Auth_conf_entry
data type:
machine
Hostname of machine to connect to.
login
Specifies the username to connect with.
password
Specifies the password to connect with.
Apt::Proxy
Configures Apt to connect to a proxy server.
Alias of
Struct[{
ensure => Optional[Enum['file', 'present', 'absent']],
host => Optional[String],
port => Optional[Integer[0, 65535]],
https => Optional[Boolean],
https_acng => Optional[Boolean],
direct => Optional[Boolean],
perhost => Optional[Array[Apt::Proxy_Per_Host]],
}]
Parameters
The following parameters are available in the Apt::Proxy
data type:
ensure
Specifies whether the proxy should exist. Valid options: 'file', 'present', and 'absent'. Prefer 'file' over 'present'.
host
Specifies a proxy host to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: a string containing a hostname.
port
Specifies a proxy port to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: an integer containing a port number.
https
Specifies whether to enable https proxies.
direct
Specifies whether or not to use a DIRECT
https proxy if http proxy is used but https is not.
Apt::Proxy_Per_Host
Adds per-host overrides to the system default APT proxy configuration
Alias of
Struct[{
scope => String,
host => Optional[String],
port => Optional[Integer[1, 65535]],
https => Optional[Boolean],
direct => Optional[Boolean],
}]
Parameters
The following parameters are available in the Apt::Proxy_Per_Host
data type:
scope
Specifies the scope of the override. Valid options: a string containing a hostname.
host
Specifies a proxy host to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: a string containing a hostname.
port
Specifies a proxy port to be stored in /etc/apt/apt.conf.d/01proxy
. Valid options: an integer containing a port number.
https
Specifies whether to enable https for this override.
direct
Specifies whether or not to use a DIRECT
target to bypass the system default proxy.
Tasks
init
Allows you to perform apt-get functions
Supports noop? false
Parameters
action
Data type: Enum[update, upgrade, dist-upgrade, autoremove]
Action to perform with apt-get
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v10.0.0 - 2024-11-25
Changed
- Debian: add non-free-firmware repo component #1180 (kenyon)
- Drop support for EoL Debian 10 "buster" #1177 (kenyon)
Added
Fixed
- apt::setting: Dont expect source/content when removing settings #1208 (bastelfreak)
Other
- apt::keyring: Require "source" or "content" only if ensure=present #1198 (webcompas)
- Eliminate
params.pp
andcreate_resources()
#1172 (kenyon)
v9.4.0 - 2024-02-15
v9.3.0 - 2024-02-15
Added
- Backports: add keyring support #1162 (kenyon)
- Support "hourly" and Integer as value for update frequency (fixes #1157) #1159 (webcompas)
Fixed
- replace deprecated merge() with native puppet code #1154 (bastelfreak)
Other
- release_prep: Use puppetlabs_spec_helper 7.x #1164 (bastelfreak)
v9.2.0 - 2023-12-04
Added
- Allow passing all
keyring
params inapt::source
#1147 (kenyon) - Cleanup Debian 9 and Ubuntu pre-18.04 specialcases #1142 (evgeni)
- Add support for modern keyrings #1128 (praj1001)
Fixed
- (CAT-1483) - Enhancement of handling of apt::source's repos and release parameters #1138 (Ramesh7)
- backports: don't hardcode an old gpg key for Ubuntu #1129 (kenyon)
v9.1.0 - 2023-06-08
Changed
- (CONT-773) Add Support for Puppet 8 / Remove Support for Puppet 6 #1101 (david22swan)
Added
- Require stdlib 9.0.0 or newer #1114 (smortex)
- (CONT-1028) puppetlabs/stdlib: Allow 9.x #1113 (bastelfreak)
- (CONT-581) Adding deferred function support for password field #1110 (Ramesh7)
Fixed
v9.0.2 - 2023-03-14
Fixed
- Adopt new parameter defaults in template #1090 (tuxmea)
- (CONT-493) PPA validation adjustment #1085 (LukasAud)
- fix typo in source.pp #1082 (bastelfreak)
- fix: remove
apt::
prefix from fact variables #1081 (johanfleury) - Updated mark as title can contain dot (fixes #1074) #1075 (xepa)
v9.0.1 - 2022-12-21
Fixed
- (bugfix) - Declare minimum Puppet version 6.24.0 #1079 (pmcmaw)
- Do not remove PPA sources.list.d files if purge is enabled #1069 (Programie)
- (CONT-173) - Updating deprecated facter instances #1068 (jordanbreen28)
- pdksync - (CONT-130) Dropping Support for Debian 9 #1065 (jordanbreen28)
- (GH-1057) Regex fix to allow dotted resources #1058 (LukasAud)
- (GH-1055) Fix hardcoded cache path #1056 (chelnak)
- (GH-cat-9) Update module to match current syntax standard #1053 (david22swan)
v9.0.0 - 2022-08-18
Changed
Added
- Deal with net-ftp being unavailable #1050 (ekohl)
- pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04 #1046 (david22swan)
Fixed
v8.5.0 - 2022-08-03
Added
- (GH-1038) add support for
check-valid-until
configuration #1042 (david22swan)
v8.4.1 - 2022-06-20
Fixed
- (ISSUE-1036) Conditional
gnupg
include added to init.pp #1039 (david22swan)
v8.4.0 - 2022-06-06
Changed
- (GH-iac-334) Remove code specific to unsupported OSs #1024 (david22swan)
Added
Fixed
- pdksync - (GH-iac-334) Remove Support for Ubuntu 14.04 #1023 (david22swan)
- pdksync - (GH-iac-334) Remove Support for Ubuntu 16.04 #1022 (david22swan)
- (MODULES-11301) Don't install gnupg if not needed #1020 (simondeziel)
- Use fact() function for all os.distro.* facts #1017 (root-expert)
- (maint) Fix resource ordering when apt-transport-https is needed #1015 (smortex)
- Omit empty options in source.list template to fix MODULES-11174 #1013 (mpdude)
- Replace
arm64
foraarch64
in::apt::source
#1012 (mpdude) - Fixed gpg file for Ubuntu versions 21.04 and later. #1011 (Conzar)
- (MODULES-10763) Remove frequency collector #1010 (LTangaF)
v8.3.0 - 2021-10-04
Added
- (MODULES-11173) Add per-host overrides for apt::proxy #1007 (maturnbull)
Fixed
- pdksync - (IAC-1598) - Remove Support for Debian 8 #1008 (david22swan)
v8.2.0 - 2021-08-25
Added
Fixed
v8.1.0 - 2021-07-26
Added
- [MODULES-9695] - Add support for signed-by in source entries #991 (johanfleury)
Fixed
- apt::source: pass the weak_ssl param to apt::key #993 (kenyon)
- (IAC-1597) Increasing MAX_RETRY_COUNT #987 (pmcmaw)
v8.0.2 - 2021-03-29
Fixed
- (MODULES-10971) - Ensure
apt::keyserver
is considered when creating a default apt:source #981 (david22swan) - (IAC-1497) - Removal of unsupported
translate
dependency #979 (david22swan)
v8.0.1 - 2021-03-15
Fixed
- MODULES-10956 remove redundant code in provider apt_key #973 (moritz-makandra)
v8.0.0 - 2021-03-01
Changed
- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 #969 (carabasdaniel)
v7.7.1 - 2021-02-16
Fixed
v7.7.0 - 2020-12-08
Added
- pdksync - (feat) - Add support for Puppet 7 #958 (daianamezdrea)
- Make auth.conf contents Sensitive #953 (suchpuppet)
v7.6.0 - 2020-09-15
Added
- (MODULES-10804) option to force purge source.lists file #948 (sheenaajay)
Fixed
- (IAC-978) - Removal of inappropriate terminology #947 (david22swan)
v7.5.0 - 2020-08-13
Added
- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch main #940 (david22swan)
- patch-acng-ssl-support #938 (mdklapwijk)
- (IAC-746) - Add ubuntu 20.04 support #936 (david22swan)
Fixed
- (MODULES-10763) loglevel won't affect reports #942 (gguillotte)
v7.4.2 - 2020-05-14
Fixed
v7.4.1 - 2020-03-23
Fixed
- Do not specify file modes unless relevant #923 (anarcat)
- (MODULES-10583) Revert "MODULES-10548: make files readonly" #920 (carabasdaniel)
v7.4.0 - 2020-03-03
Added
- Add 'include' param to apt::backports #910 (paladox)
- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored #902 (david22swan)
Fixed
- MODULES-10548: make files readonly #906 (anarcat)
- MODULES-10543: only consider lsbdistcodename for apt-transport-https #905 (anarcat)
- MODULES-10543: remove sources.list file on purging #904 (anarcat)
- Include apt in apt::backports #891 (zivis)
v7.3.0 - 2019-12-16
Added
Fixed
- MODULES-10063, extend apt::key to support deeplinks, this time with f… #894 (kaessert)
- MODULES-10063, extend apt::key to support deeplinks #892 (kaessert)
v7.2.0 - 2019-10-29
Added
- Add apt::mark defined type #879 (tuxmea)
- (FM-8394) add debian 10 testing #876 (ThoughtCrhyme)
- Add apt::key_options for default apt::key options #873 (raphink)
- implement apt.conf.d purging #869 (lelutin)
Fixed
- Install gnupg instead of dirmngr #866 (martijndegouw)
v7.1.0 - 2019-07-30
Added
- (FM-8215) Convert to using litmus #864 (florindragos)
v7.0.1 - 2019-05-14
7.0.0 - 2019-04-24
Changed
- pdksync - (MODULES-8444) - Raise lower Puppet bound #853 (david22swan)
Added
6.3.0 - 2019-01-22
Added
- Add support for dist-upgrade & autoremove action #832 (aboks)
- (MODULES-8321) - Add manage_auth_conf parameter #831 (eimlav)
Fixed
- (MODULES-8418) Fix /etc/apt/auth.conf owner changing endlessly #836 (antaflos)
- pdksync - (FM-7655) Fix rubygems-update for ruby < 2.3 #835 (tphoney)
- (MODULES-8326) - apt-transport-https not ensured properly #830 (eimlav)
6.2.1 - 2018-11-21
Fixed
6.2.0 - 2018-11-19
Added
- (MODULES-8081): add support for hkps:// protocol in apt::key #815 (simondeziel)
Fixed
- Apt-key fixes to properly work on Debian 9 #822 (ekohl)
- (maint) - Update Link to REFERENCE.md #811 (pmcmaw)
6.1.1 - 2018-10-02
Fixed
6.1.0 - 2018-10-01
Added
- pdksync - (FM-7392) - Puppet 6 Testing Changes #800 (pmcmaw)
- pdksync - (MODULES-6805) metadata.json shows support for puppet 6 #798 (tphoney)
- (MODULES-3307) - Auto update expired keys #795 (eimlav)
- (FM-7316) - Implementation of the i18n process #789 (david22swan)
- Introduce an Apt::Proxy type to validate the hash #773 (ekohl)
Fixed
- (MODULES-6408) - Fix dirmngr install failing #801 (eimlav)
- (MODULES-1630) - Expanding source list fix to cover all needed versions #788 (david22swan)
6.0.0 - 2018-08-24
Changed
- (MODULES-7668) Remove support for Puppet 4.7 #780 (jarretlavallee)
Added
- Check existence of gpg key in apt:ppa #774 (wenzhengjiang)
- Make sure PPA source file is absent when apt-add-repository fails #768 (wenzhengjiang)
5.0.1 - 2018-07-30
Fixed
5.0.0 - 2018-07-19
Changed
- [FM-6956] Removal of unsupported Debian 7 from apt #760 (david22swan)
Added
- (MODULES-7468) Update apt to support Ubuntu 18.04 #769 (david22swan)
- Support managing login configurations in /etc/apt/auth.conf #752 (antaflos)
Fixed
- (MODULES-7327) - Update README with supported OS #767 (pmcmaw)
- (bugfix) Dont run ftp tests in travis #766 (tphoney)
- (maint) make apt testing more stable, cleanup #764 (tphoney)
- Remove .length from variable $pin_release in app #754 (paladox)
- Replace UTF-8 whitespace in comment #748 (bernhardschmidt)
- Fix "E: Unable to locate package -y" #747 (aboks)
- Fix automatic coercion warning #743 (smortex)
4.5.1 - 2018-02-01
4.5.0 - 2018-01-22
Fixed
4.4.1 - 2017-11-20
Added
4.4.0 - 2017-11-15
Added
- Add a check for Puppet version to task helper #722 (willmeek)
- Add a facter fact for dist-upgrade #719 (willmeek)
- Http proxy bypass #718 (willmeek)
Fixed
- Install apt-transport-https if needed #720 (btravouillon)
- Remove tasks acceptance test for non-Debian builds #717 (willmeek)
- Do not treat debian stable-updates as security updates #716 (kbarmen)
- Install apt-transport-https in Debian 8 if needed #714 (btravouillon)
- remove legacy functions #711 (b4ldr)
- Fixed circular dependency for package dirmngr #710 (hp197)
4.3.0 - 2017-10-11
4.2.0 - 2017-09-26
Added
- apt_package_security_updates fact and test #703 (tphoney)
- Allow user to modify loglevel of apt-get update Exec resource #690 (tpdownes)
Fixed
- Switch to deb.debian.org and remove Debian 6.0 #702 (tphoney)
- MODULES-4686: gpg keyserver import fails in Debian 9 (Stretch) #698 (deric)
- Fixed typo in "Configuring Apt from hiera example" #693 (morremeyer)
- Ignore subkeys in apt-key's output #665 (tiger-jmw)
- (MODULES-4118) Set dpkg option NoLocking in apt_updates fact #640 (jocado)
4.1.0 - 2017-06-05
Added
- Ensure release allows empty strings #681 (HelenCampbell)
- (MODULES-4973) rip out data in modules #680 (eputnam)
Fixed
4.0.0 - 2017-04-27
Fixed
- Rebase of #668 #673 (hunner)
- Fix architecture fact overriding unset
architecture
source option #672 (domcleal)
3.0.0 - 2017-04-19
Added
2.4.0 - 2017-04-06
Changed
Added
- [MODULES-4224] Implement beaker-module_install_helper #652 (wilson208)
- [MODULES-3562] Implement retry for tests which require modules to pull key from keyserver #631 (wilson208)
Fixed
- [MODULES-4528] Replace Puppet.version.to_f with Puppet::Util::Package.versioncmp #658 (wilson208)
- apt::key is a defined type, not a class #656 (WhatsARanjit)
- Avoid string comparison error #635 (lkoranda)
- Undef default for $notify_update in source.pp results in problem with Puppet 3.7.2 #628 (cpavanrun)
2.3.0 - 2016-09-20
Added
- Add ability to specify a hash of apt::conf defines #616 (ghoneycutt)
- Expose notify_update to apt::source #596 (danielhoherd)
Fixed
- Fix syntax error #619 (DavidS)
- Fixed "unless" test condition for ppa repository #613 (nicobn)
- apt/params: Remove unused LSB facts #610 (daenney)
- Fix regexp for $ensure params #609 (hfm)
- Use hkps.pool.sks-keyservers.net instead of pgp.mit.edu #606 (DavidS)
- Install software-properties-common for xenial #605 (imphil)
- Fix version check on 16.04. #604 (tdb)
- apt::setting expects priority to be an integer, set defaults accordingly #602 (madddi)
- Fix STRICT_VARIABLE testing #599 (DavidS)
- Typo: missing colon #595 (danielhoherd)
- Make apt_updates facts use /usr/bin/apt-get. #581 (robinelfrink)
2.2.2 - 2016-02-29
Added
Fixed
- MODULES-2873 - Avoid multiple package resource declarations #588 (werekraken)
- Handle PPA names that contain a plus character. #583 (tdb)
- Look for correct sources.list.d file for apt::ppa #582 (imphil)
- fix whitespace in source.list #577 (amauf)
- Fix apt_key tempfile race condition #572 (claytono)
2.2.1 - 2015-12-04
2.2.0 - 2015-09-29
Added
- Add support for creating pins from main class #564 (rfdrake)
- Proxy ensure parameter. #556 (mike-callahan)
- Expose notify_update to apt::conf #551 (bdellegrazie)
Fixed
- Corrected regression with preference files name #562 (Vincent--)
- MODULES-2446 - Fix pinning for backports #560 (underscorgan)
- Fix path to 'preferences' and 'preferences.d'. #557 (fbarbeira)
2.1.1 - 2015-07-27
Added
Fixed
- Fix anchor issues #547 (underscorgan)
- Iterate through multiple keys #546 (igalic)
- Use Debian's new official mirrors redirector #545 (raoulbhatia)
- Revert "Fix use of $::apt::params::backports and $::apt::params::xfac… #543 (underscorgan)
- Fix use of $::apt::params::backports and $::apt::params::xfacts. #542 (Farzy)
- hashes are not supported in selectors #539 (underscorgan)
- typo #538 (underscorgan)
- Don't add puppetlabs sources for lucid #537 (underscorgan)
2.1.0 - 2015-06-16
Changed
- API compatibility between 1.8.x and 2.x for apt::source #529 (underscorgan)
Added
Fixed
- Make apt::key compatible with 1.8.x #527 (underscorgan)
- Backwards compatibility with older versions of puppet #525 (ianmacl)
- Only use the strict variables workaround if using strict variables #524 (underscorgan)
- Don't stub puppetversion #521 (hunner)
2.0.1 - 2015-04-28
Added
- MODULES-1934: Iterate through multiple keys #501 (underscorgan)
Fixed
- Restore Puppet 3.4 and earlier compatibility #511 (underscorgan)
- Update tests to work with rspec-puppet 2.x #504 (underscorgan)
2.0.0 - 2015-04-14
Added
- Add missing examples for 'removed' functionality #483 (underscorgan)
Fixed
- Don't purge by default. That seems unnecessarily destructive. #497 (underscorgan)
- apt::conf: Don't require content
ensure=>absent
. #496 (daenney) - Remove default support for Linux Mint and Cumulus Networks #493 (underscorgan)
- (MODULES-1156, MODULES-769) Update anchors #479 (underscorgan)
- Remove
update['always'] = true
support #473 (underscorgan) - Acceptance test fixes #472 (underscorgan)
1.8.0 - 2015-03-17
Changed
- Various major behavioural changes #447 (daenney)
- V2.0.0 Prep work: Removing old code / Adding placeholders #424 (underscorgan)
Added
- Allow changing legacy_origin #463 (underscorgan)
- initial commit for apt_key checking #459 (tphoney)
- apt::source: Merge
include_*
options into hash. #451 (daenney) - apt::params: Complete $xfacts. #450 (daenney)
- apt: Add proxy support on the class. #446 (daenney)
- proxy_* params were removed from class apt #443 (underscorgan)
- Add base_name parameter to apt::setting #442 (underscorgan)
- apt::params: Make the class private. #438 (daenney)
- apt: Add apt::setting defined type. #428 (daenney)
- Add support for parameter trusted MODULES-1658 #407 (mkrakowitzer)
- Allow full length GPG key fingerprints. #404 (WolverineFan)
- Allow ports that consist of 5 decimals #400 (voidus)
- Add Ubuntu vivid (15.04) release #395 (udienz)
Fixed
- Update all the unit tests to look for full fingerprints #469 (underscorgan)
- Fix gpg key checking warings after f588f26 #466 (paroga)
- apt_key: fix parsing invalid dates when using GnuPG 2.x #465 (bootc)
- Inheritance of apt::params means it can't be private #461 (underscorgan)
- Cleaning 50unattended-upgrades.erb #456 (johanfleury)
- MODULES-1827 adding Cumulus Linux detection #454 (LeslieCarr)
- apt::source: Make location required. #453 (daenney)
- apt::source: Rename
trusted_source
. #452 (daenney) - apt: Fix all strict variable cases. #449 (daenney)
- apt::setting: Remove file_perms. #448 (daenney)
- Make apt::setting notify Exec['apt_update'] by default #445 (underscorgan)
- apt::setting: Parse type and name from title. #444 (daenney)
- Convert to use apt::setting instead of file resource #441 (underscorgan)
- Type is a reserved word in puppet 4 #435 (underscorgan)
- Stop redeclaring variables from params #431 (underscorgan)
- Remove 'include apt::update' #429 (underscorgan)
- RFC - Remove required packages #427 (underscorgan)
- apt::params: Add two missing entries, use them. #426 (daenney)
- Trusted will be a reserved word in Puppet 4 #411 (underscorgan)
- MODULES-1661 Fix to do delete with short key not long #409 (cyberious)
- MODULES-1661 Fix issue with apt_key destroy, also added mutliple deletes #408 (cyberious)
- Fix apt_has_updates fact not parsing apt-check output correctly #403 (WolverineFan)
- Separate apt::pin for apt::backports to allow pin by release instead of ... #398 (riconnon)
- (MODULES-1231) Fix apt::force locale issues #394 (juniorsysadmin)
- (MODULES-1200) Fix inconsistent header across files #389 (stdietrich)
- MODULES-1119 Fixed to now have username and passwords passed in again #384 (cyberious)
- Unattended upgrades oldstable for wheezy #376 (raoulbhatia)
1.7.0 - 2014-10-28
Added
- Add support for RandomSleep to 10periodic #374 (bschlief)
- apt::force: Added 2 parameters for automatic configuration file handling... #363 (martinseener)
- Apt update tooling #349 (wolfspyre)
Fixed
- Refactor facts to improve performance: #375 (raphink)
- add --force-yes so deb7 doesn't hang #371 (underscorgan)
- Missed one case for _kick_apt needed for strict variables #369 (underscorgan)
- Fix for future parser support #368 (underscorgan)
- We aren't truncating in the type #366 (underscorgan)
- Don't truncate to short keys in the type #365 (underscorgan)
- Fix issue with puppet_module_install, removed and using updated method f... #358 (cyberious)
- Remove stderr from stdout #348 (hunner)
- Builddep notifies apt-get update instead of requiring it #326 (dvcrn)
1.6.0 - 2014-08-13
Fixed
- Test fixes #343 (underscorgan)
- 1.5.3 backports #340 (underscorgan)
- Fix broken acceptance tests. #335 (underscorgan)
- Fix for debian/ubuntu hold and a way to add debian src only #333 (wilman0)
- Fix inconsistent $proxy_host handling in apt and apt::ppa. #330 (dantman)
- Adds check to params.pp if lab-release is not installed #329 (spuder)
1.5.2 - 2014-07-21
1.5.1 - 2014-07-10
Added
- Enable auto-update for Debian squeeze-lts #321 (raoulbhatia)
- add facts showing available updates #319 (damoxc)
- Allow for custom comment in sources.list file #311 (juniorsysadmin)
Fixed
- MODULES-780 Don't blow up on unicode characters. #327 (adik)
- MODULES-780 Don't blow up on unicode characters. #318 (daenney)
1.5.0 - 2014-06-05
Added
- adding notice on top of sourceslist files #297 (frconil)
- backports: Allow setting a custom priority. #275 (daenney)
- apt::hold: Add a mechanism to hold a package. #259 (daenney)
- Add Ubuntu Trusty #258 (sodabrew)
- Add ability to specify hash of apt sources in hiera #249 (ghoneycutt)
- Rework apt::key to use apt_key. #230 (daenney)
Fixed
- Fixed regex to follow APT requirements #298 (frconil)
- unattended_upgrades: Fix matching security archive #286 (apenney)
- Change proxy's configuration file to be consistent with other config files in apt.conf.d #283 (johanfleury)
- unattended-upgrades: Fix origins for Squeeze. #281 (daenney)
- Small patch to fix the spacing that makes lint fail. #279 (apenney)
- unattended_upgrades: Fix matching security archive #278 (daenney)
- Fix typo in ppa.pp #274 (fdrouet)
- Use File.expand_path with require. #268 (daenney)
- Fix fail message #248 (electrical)
- Make apt.conf.d/proxy world readable and add a newline #209 (pabl0)
- Added retry to update operation #193 (ianunruh)
1.4.2 - 2014-03-03
Added
- Add lsbdistid facts where appropriate. #244 (apenney)
- apt: Allow managing of preferences file. #240 (daenney)
- apt_key: Support fetching keys over FTP. #229 (daenney)
- apt::pin: Allow for packages to be an array. #223 (daenney)
- apt_key type/provider #212 (daenney)
Fixed
- Add back in missing fields to work around Puppet bug. #257 (apenney)
- Port 8080 is a bad choice and bumps into puppetdb #237 (hunner)
- Don't pass options to ppa on lucid #231 (hunner)
- Force owner and mode on ppa files #227 (daniellawrence)
- Update out of date Debian signing key for backports #226 (mark0n)
- changed proxy_host default value from true to undef. fixes #211 #215 (lotherk)
1.4.1 - 2014-02-14
Changed
Added
Fixed
- Ensure apt::ppa fails on non-Ubuntu. #208 (apenney)
- fixed include, contained dash instead of underline. #205 (braddeicide)
- Apt::ppa should exec with root #202 (tsuharesu)
- Use include instead of parameterized class when no params are given. #187 (ghoneycutt)
- add an 'ensure' parameter to apt::ppa #184 (rsrchboy)
- apt::source templates/sources.list.erb generates invalid source line when architecture is provided. #182 (stefanvanwouw)
- getparam() isn't available in all stdlib versions. #178 (apenney)
1.4.0 - 2013-10-15
Fixed
- This work flips from onlyif to unless (mistakenly looked at the #172 (apenney)
- add an updates_timeout option to apt::params (PR fix) #167 (madeddie)
1.3.0 - 2013-09-17
Added
- Class for managing unattended-upgrades #153 (philipcohoe)
- Add wheezy backports support #149 (bionix)
Fixed
- pass flags as string of single letter #148 (nagas)
- Fix: parametrize apt::ppa class for beign able to pass options to apt-add-repository command #146 (oleiade)
- ppa: fix empty environment definition in exec ressource when no proxy #145 (PierreGambarotto)
1.2.0 - 2013-07-05
Added
- Add a $key_options parameter to apt::key. #122 (strangeman)
- Add optional architecture qualifier to apt-sources #118 (jopecko)
Fixed
1.1.1 - 2013-07-01
Changed
Added
Fixed
- Revert "Merge pull request #135 from CERIT-SC/master" #137 (hunner)
- trim keys to 8 chars for matching with apt-key list (fix for #100) #133 (benben)
1.1.0 - 2012-12-02
Fixed
- Modified the PPA code for changes in Quantal #96 (jnicolson)
- Librarian bug #94 (ryanycoleman)
1.0.1 - 2012-10-29
1.0.0 - 2012-10-29
Changed
Added
- (#16070) Allow optional order parameter to apt::pin #83 (dalen)
- Add a way to specify a timeout for the apt::force define. #79 (sathlan)
Fixed
- remove check, if $release is empty #78 (saz)
- «main» repository is missing from ubuntu backports. #77 (jonhattan)
- fix scoping of $lsbdistcodename in source.pp #74 (antonlindstrom)
- Add logoutput on_failure for all exec resources. #73 (nanliu)
- Fix Modulefile for puppet-apt to puppetlabs-apt rename #72 (branan)
0.0.4 - 2012-06-05
Fixed
- Fix Modulefile for puppet-apt to puppetlabs-apt rename #72 (branan)
- (#14657) Fix filename when there is a period in the PPA #60 (branan)
- Fix style related issues in module. #57 (nanliu)
- (#11966) apt module containment for apt_update. #55 (nanliu)
0.0.3 - 2012-05-04
Added
- (#14321) apt::pin resource support release. #53 (nanliu)
- (#14308) Add ensure=>absent for define resource. #52 (nanliu)
- Sync with pl ops #42 (ody)
- Make sure we configure the proxy before doing apt-get update. #41 (tbroyer)
Fixed
- Move Package['python-software-properties'] to apt:ppa #54 (branan)
- (#11966) Only invoke apt-get update once. #49 (nanliu)
- (#14138) Fix spec test for aptitude changes. #47 (nanliu)
- (#14138) Modify apt::ppa's update-apt exec to use the ${apt::params::provider} parameter. #44 (relud)
0.0.2 - 2012-03-26
Added
Fixed
0.0.1 - 2012-03-07
Dependencies
- puppetlabs/stdlib (>= 9.0.0 < 10.0.0)
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Quality checks
We run a couple of automated scans to help you assess a module’s quality. Each module is given a score based on how well the author has formatted their code and documentation and select modules are also checked for malware using VirusTotal.
Please note, the information below is for guidance only and neither of these methods should be considered an endorsement by Puppet.
Malware scan results
The malware detection service on Puppet Forge is an automated process that identifies known malware in module releases before they’re published. It is not intended to replace your own virus scanning solution.
Learn more about malware scans- Module name:
- puppetlabs-apt
- Module version:
- 10.0.0
- Scan initiated:
- December 17th 2024, 22:22:24
- Detections:
- 0 / 61
- Scan stats:
- 60 undetected
- 0 harmless
- 1 failures
- 0 timeouts
- 0 malicious
- 0 suspicious
- 15 unsupported
- Scan report:
- View the detailed scan report