Add support for parameter trusted MODULES-1658

README.md

@@ -287,6 +287,24 @@ apt::sources:
 * `autoclean`: How often, in days, to run `apt-get autoclean`.
 * `randomsleep`: How long, in seconds, to randomly wait before applying upgrades.
 
+####apt::source
+
+* `comment`: Add a comment to the apt source file.
+* `ensure`: Allows you to remove the apt source file. Can be 'present' or 'absent'.
+* `location`: The URL of the apt repository.
+* `release`: The distribution of the apt repository. Defaults to fact 'lsbdistcodename'.
+* `repos`: The component of the apt repository. This defaults to 'main'.
+* `include_deb`: References a Debian distribution's binary package.
+* `include_src`: Enable the deb-src type, references a Debian distribution's source code in the same form as the include_deb type. A deb-src line is required to fetch source indexes.
+* `required_packages`: todo
+* `key`: See apt::key
+* `key_server`: See apt::key
+* `key_content`: See apt::key
+* `key_source`: See apt::key
+* `pin`: See apt::pin
+* `architecture`: can be used to specify for which architectures information should be downloaded. If this option is not set all architectures defined by the APT::Architectures option will be downloaded. Defaults to 'undef' which means all. Example values can be 'i386' or 'i386,alpha,powerpc'
+* `trusted` can be set to indicate that packages from this source are always authenticated even if the Release file is not signed or the signature can't be checked. Defaults to false. Can be 'true' or 'false'.
+
 ### Testing
 
 The apt module is mostly a collection of defined resource types, which provide reusable logic for managing Apt. It provides smoke tests for testing functionality on a target system, as well as spec tests for checking a compiled catalog against an expected set of resources.

manifests/source.pp

@@ -15,12 +15,16 @@
   $key_content       = undef,
   $key_source        = undef,
   $pin               = false,
-  $architecture      = undef
+  $architecture      = undef,
+  $trusted           = false,
 ) {
 
   include apt::params
   include apt::update
 
+  validate_string($architecture)
+  validate_bool($trusted)
+
   $sources_list_d = $apt::params::sources_list_d
   $provider       = $apt::params::provider
 

spec/defines/source_spec.rb

@@ -55,6 +55,7 @@
         'key_source'        => 'http://apt.puppetlabs.com/pubkey.gpg',
         'pin'               => '10',
         'architecture'      => 'x86_64',
+        'trusted'           => true,
       }
     end
 
@@ -64,7 +65,7 @@
       'owner'  => 'root',
       'group'  => 'root',
       'mode'   => '0644',
-    }).with_content(/#file generated by puppet\n# foo\ndeb \[arch=x86_64\] http:\/\/debian\.mirror\.iweb\.ca\/debian\/ sid testing\n/).without_content(/deb-src/)
+    }).with_content(/#file generated by puppet\n# foo\ndeb \[arch=x86_64 trusted=yes\] http:\/\/debian\.mirror\.iweb\.ca\/debian\/ sid testing\n/).without_content(/deb-src/)
     }
 
     it { is_expected.to contain_apt__pin('my_source').that_comes_before('File[my_source.list]').with({
@@ -93,6 +94,56 @@
     }
   end
 
+  context 'trusted true' do
+    let :facts do
+      {
+        :lsbdistid       => 'Debian',
+        :lsbdistcodename => 'wheezy',
+        :osfamily        => 'Debian'
+      }
+    end
+    let :params do
+      {
+        'include_src' => false,
+        'trusted'     => true,
+      }
+    end
+
+    it { is_expected.to contain_file('my_source.list').that_notifies('Exec[apt_update]').with({
+      'ensure' => 'present',
+      'path'   => '/etc/apt/sources.list.d/my_source.list',
+      'owner'  => 'root',
+      'group'  => 'root',
+      'mode'   => '0644',
+    }).with_content(/#file generated by puppet\n# my_source\ndeb \[trusted=yes\]  wheezy main\n/)
+    }
+  end
+
+  context 'architecture equals x86_64' do
+    let :facts do
+      {
+        :lsbdistid       => 'Debian',
+        :lsbdistcodename => 'wheezy',
+        :osfamily        => 'Debian'
+      }
+    end
+    let :params do
+      {
+        'include_deb'  => false,
+        'architecture' => 'x86_64',
+      }
+    end
+
+    it { is_expected.to contain_file('my_source.list').that_notifies('Exec[apt_update]').with({
+      'ensure' => 'present',
+      'path'   => '/etc/apt/sources.list.d/my_source.list',
+      'owner'  => 'root',
+      'group'  => 'root',
+      'mode'   => '0644',
+    }).with_content(/#file generated by puppet\n# my_source\ndeb-src \[arch=x86_64 \]  wheezy main\n/)
+    }
+  end
+
   context 'ensure => absent' do
     let :facts do
       {

templates/source.list.erb

@@ -1,8 +1,12 @@
 #file generated by puppet
 # <%= @comment %>
 <%- if @include_deb then -%>
-deb <% if @architecture %>[arch=<%= @architecture %>] <% end %><%= @location %> <%= @release_real %> <%= @repos %>
+deb <%- if @architecture or @trusted -%>
+[<%- if @architecture %>arch=<%= @architecture %> <% end %><% if @trusted %>trusted=yes<% end -%>
+] <%- end %><%= @location %> <%= @release_real %> <%= @repos %>
 <%- end -%>
 <%- if @include_src then -%>
-deb-src <% if @architecture %>[arch=<%= @architecture %>] <% end %><%= @location %> <%= @release_real %> <%= @repos %>
+deb-src <%- if @architecture or @trusted -%>
+[<%- if @architecture %>arch=<%= @architecture %> <% end %><% if @trusted %>trusted=yes<% end -%>
+] <%- end %><%= @location %> <%= @release_real %> <%= @repos %>
 <%- end -%>