From 4ac5ea699a2846049eed500511de6858f37c5e54 Mon Sep 17 00:00:00 2001 From: Gabriel Nagy Date: Mon, 11 Jan 2021 16:04:17 +0200 Subject: [PATCH] (MODULES-10897) Add new GPG signing key and remove the old one --- files/GPG-KEY-puppet-20250406 | 52 +++++++++++++ files/GPG-KEY-puppetlabs | 77 ------------------- manifests/osfamily/debian.pp | 8 +- manifests/osfamily/redhat.pp | 4 +- manifests/osfamily/suse.pp | 4 +- .../puppet_agent_osfamily_debian_spec.rb | 28 +++---- .../puppet_agent_osfamily_redhat_spec.rb | 24 +++--- .../puppet_agent_osfamily_suse_spec.rb | 12 +-- tasks/install_shell.sh | 4 +- 9 files changed, 94 insertions(+), 119 deletions(-) create mode 100644 files/GPG-KEY-puppet-20250406 delete mode 100644 files/GPG-KEY-puppetlabs diff --git a/files/GPG-KEY-puppet-20250406 b/files/GPG-KEY-puppet-20250406 new file mode 100644 index 000000000..30dda2666 --- /dev/null +++ b/files/GPG-KEY-puppet-20250406 @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFyrv4oBEADhL8iyDPZ+GWN7L+A8dpEpggglxTtL7qYNyN5Uga2j0cusDdOD +ftPHsurLjfxtc2EFGdFK/N8y4LSpq+nOeazhkHcPeDiWC2AuN7+NGjH9LtvMUqKy +NWPhPYP2r/xPL547oDMdvLXDH5n+FsLFW8QgATHk4AvlIhGng0gWu80OqTCiL0HC +W7TftkF8ofP8k90SnLYbI9HDVOj6VYYtqG5NeoCHGAqrb79G/jq64Z/gLktD3IrB +CxYhKFfJtZ/BSDB8Aa4ht+jIyeFCNSbGyfFfWlHKvF3JngS/76Y7gxX1sbR3gHJQ +hO25AQdsPYKxgtIgNeB9/oBp1+V3K1W/nta4gbDVwJWCqDRbEFlHIdV7fvV/sqiI +W7rQ60aAY7J6Gjt/aUmNArvT8ty3szmhR0wEEU5/hhIVV6VjS+AQsI8pFv6VB8bJ +TLfOBPDW7dw2PgyWhVTEN8KW/ckyBvGmSdzSgAhw+rAe7li50/9e2H8eiJgBbGid +8EQidZgkokh331CMDkIA6F3ygiB+u2ZZ7ywxhxIRO70JElIuIOiofhVfRnh/ODlH +X7eD+cA2rlLQd2yWf4diiA7C9R8r8vPrAdp3aPZ4xLxvYYZV8E1JBdMus5GRy4rB +Avetp0Wx/1r9zVDKD/J1bNIlt0SR9FTmynZj4kLWhoCqmbrLS35325sS6wARAQAB +tEhQdXBwZXQsIEluYy4gUmVsZWFzZSBLZXkgKFB1cHBldCwgSW5jLiBSZWxlYXNl +IEtleSkgPHJlbGVhc2VAcHVwcGV0LmNvbT6JAlQEEwEKAD4WIQTWgR7Tre64RBr1 +qo9FKLbNnmHvJgUCXKu/igIbAwUJC0c1AAULCQgHAwUVCgkICwUWAgMBAAIeAQIX +gAAKCRBFKLbNnmHvJg/vD/0eOl/pBb6ooGnzg2qoD+XwgOK3HkTdvGNZKGsIrhUG +q6O0zoyPW8v9b/i7QEDre8QahARmMAEQ+T3nbNVzw4kpE+YIrEkKjoJsrF8/K/1L +zBHJCc3S9oF9KubG5BuQ4bAmcvnI+qpEYbSTLHztYGUfXAGu+MnaDf4C60G7zM6m +ec4bX8lVnt+gcsGGGCdN89XsZLBNdv21z9xMeaAPiRYJpbqwrb8cYbKQeqFSQt2M +UylN5oVeN77Q8iyXSyVwpc6uKzXdQ8bVPbKUTWSXQ4SSp0HJjtAMiDH2pjty4PG6 +EgZ6/njJLOzQ29ZgFrS19XLONlptHwKzLYB8nJhJvGHfzzInmNttDtNwTA6IxpsR +4aCnrPWFJRCbmMBNXvBR9B/O+e/T5ngL21ipMEwzEOiQlRSacnO2pICwZ5pARMRI +dxq/5BQYry9HNlJDGR7YIfn7i0oCGk5BxwotSlAPw8jFpNU/zTOvpQAdPvZje2JP +6GS+hYxSdHsigREXI2gxTvpcLk8LOe9PsqJv631e6Kvn9P9OHiihIp8G9fRQ8T7y +elHcNanV192mfbWxJhDAcQ+JEy9883lOanaCoaf/7z4kdmCQLz5/oNg2K0qjSgZH +JY/gxCOwuAuUJlLcAXQG6txJshfMxyQUO46DXg0/gjwkKgT/9PbTJEN/WN/G6n1h +lbkCDQRcq7+KARAAxX5WS3Qx0eHFkpxSecR2bVMh5NId/v5Ch0sXWTWp44I38L9V +o+nfbI+o8wN5IdFtvhmQUXCUPfacegFVVyerxSuLb0YibhNL1/3xwD5aDMYSN5ud +x1wJTN1Ymi1zWwDN0PMx3asJ2z31fK4LOHOP4gRvWfrJjYlkMD5ufmxK7bYWh80z +IEHJkNJKGbGcBB8MxJFP1dX85vwATY7N7jbpBQ0z6rLazfFyqmo8E3u5PvPQvJ06 +qMWF1g+tTqqJSIT6kdqbznuWNGFpI0iO+k4eYAGcOS2L8v5/Au163BldDGHxTnnl +h42MWTyx7v0UBHKvI+WSC2rQq0x7a2WyswQ9lpqGbvShUSyR8/z6c0XEasDhhB3X +AQcsIH5ndKzS7GnQMVNjgFCyzr/7+TMBXJdJS3XyC3oi5yTX5qwt3RkZN1DXozkk +eHxzow5eE7cSHFFYboxFCcWmZNeHL/wQJms0pW2UL2crmXhVtj5RsG9fxh0nQnxm +zrMbn+PxQaW8Xh+Z5HWQ65PSt7dg8k4Y+pGD115/kG1U2PltlcoOLUwHLp24ptaa +Chj1tNg/VSWpMCaXeDmrk5xiZIRHe/P1p18+iTOQ2GXP4MBmfDwX9lHfQxTht/qB ++ikBy4bVqJmMDew4QAmHgPhRXzRwTH4lIMoYGPX3+TAGovdy5IZjaQtvahcAEQEA +AYkCPAQYAQoAJhYhBNaBHtOt7rhEGvWqj0Uots2eYe8mBQJcq7+KAhsMBQkLRzUA +AAoJEEUots2eYe8m/ggQAMWoPyvNCEs1HTVpOOyLsEbQhLvCcjRjJxHKGg9z8nIW +pFSPXjlThnRR3UwIQHVgf+5OYMvIvaQ5yLWLMP1QdN/wZLKHLaKv6QxgXdLmr3F5 +9qhoV3NbBvgkFlzvJrHYH75sJglX60W7QysXxYinlsPhQeTWjca5/VjUTOgGhLDM +Q/UCClcPA0Q12Q7U/eomYnmFDJdxPH6U9ZA6UQTdLWVCvK1chL3Fj1eq/11d/0S/ +7CQvZObYRKX1kkaJAwSt7C6iq8nvrCWVVuxaXRqI/6Qi4Z6CSNB+2tk2W66J52Wm +PaodvnLlu+im3qtTWLLa3R+ZFRwNK9xPIR+XbA/HggOkG/JeAZYgB8shIVhuPdQc +zZi2hHIVUTPvhnxNgeioia2Zu++2WKpf6LEGNlwADFOVedfea0am23ImV2YOhEHz +hSvhdhiM3W8XtK3ZQbyUiumAXQrMhamoaHytdQUMEU/nmaLygKPHjUNixsliknU6 +jxFIQStHSuF3b2hdM3W+Cw8ziUInpz5Dgw9uV0G3h/FGv0tjjgmbyTdUIjbQNUxk +pzA2H6IBEMaVTdNuGEqPU+xySSoOSU3eg3Hey4hR1CZln5cky0bwZRziCQYmfpn1 +KE7aoxDPbBBJ0Y3k/i8CfnPiaBeWY+3o63Z9IeICg17nNva8OYpQnUVXXHhkJIc0 +=u0aK +-----END PGP PUBLIC KEY BLOCK----- diff --git a/files/GPG-KEY-puppetlabs b/files/GPG-KEY-puppetlabs deleted file mode 100644 index c9c43fed0..000000000 --- a/files/GPG-KEY-puppetlabs +++ /dev/null @@ -1,77 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1 - -mQINBEw3u0ABEAC1+aJQpU59fwZ4mxFjqNCgfZgDhONDSYQFMRnYC1dzBpJHzI6b -fUBQeaZ8rh6N4kZ+wq1eL86YDXkCt4sCvNTP0eF2XaOLbmxtV9bdpTIBep9bQiKg -5iZaz+brUZlFk/MyJ0Yz//VQ68N1uvXccmD6uxQsVO+gx7rnarg/BGuCNaVtGwy+ -S98g8Begwxs9JmGa8pMCcSxtC7fAfAEZ02cYyrw5KfBvFI3cHDdBqrEJQKwKeLKY -GHK3+H1TM4ZMxPsLuR/XKCbvTyl+OCPxU2OxPjufAxLlr8BWUzgJv6ztPe9imqpH -Ppp3KuLFNorjPqWY5jSgKl94W/CO2x591e++a1PhwUn7iVUwVVe+mOEWnK5+Fd0v -VMQebYCXS+3dNf6gxSvhz8etpw20T9Ytg4EdhLvCJRV/pYlqhcq+E9le1jFOHOc0 -Nc5FQweUtHGaNVyn8S1hvnvWJBMxpXq+Bezfk3X8PhPT/l9O2lLFOOO08jo0OYiI -wrjhMQQOOSZOb3vBRvBZNnnxPrcdjUUm/9cVB8VcgI5KFhG7hmMCwH70tpUWcZCN -NlI1wj/PJ7Tlxjy44f1o4CQ5FxuozkiITJvh9CTg+k3wEmiaGz65w9jRl9ny2gEl -f4CR5+ba+w2dpuDeMwiHJIs5JsGyJjmA5/0xytB7QvgMs2q25vWhygsmUQARAQAB -tEdQdXBwZXQgTGFicyBSZWxlYXNlIEtleSAoUHVwcGV0IExhYnMgUmVsZWFzZSBL -ZXkpIDxpbmZvQHB1cHBldGxhYnMuY29tPokCPgQTAQIAKAUCTDe7QAIbAwUJA8Jn -AAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQEFS3okvW7DAZaw//aLmE/eob -pXpIUVyCUWQxEvPtM/h/SAJsG3KoHN9u216ews+UHsL/7F91ceVXQQdD2e8CtYWF -eLNM0RSM9i/KM60g4CvIQlmNqdqhi1HsgGqInZ72/XLAXun0gabfC36rLww2kel+ -aMpRf58SrSuskY321NnMEJl4OsHV2hfNtAIgw2e/zm9RhoMpGKxoHZCvFhnP7u2M -2wMq7iNDDWb6dVsLpzdlVf242zCbubPCxxQXOpA56rzkUPuJ85mdVw4i19oPIFIZ -VL5owit1SxCOxBg4b8oaMS36hEl3qtZG834rtLfcqAmqjhx6aJuJLOAYN84QjDEU -3NI5IfNRMvluIeTcD4Dt5FCYahN045tW1Rc6s5GAR8RW45GYwQDzG+kkkeeGxwEh -qCW7nOHuwZIoVJufNhd28UFn83KGJHCQt4NBBr3K5TcY6bDQEIrpSplWSDBbd3p1 -IaoZY1WSDdP9OTVOSbsz0JiglWmUWGWCdd/CMSW/D7/3VUOJOYRDwptvtSYcjJc8 -1UV+1zB+rt5La/OWe4UOORD+jU1ATijQEaFYxBbqBBkFboAEXq9btRQyegqk+eVp -HhzacP5NYFTMThvHuTapNytcCso5au/cMywqCgY1DfcMJyjocu4bCtrAd6w4kGKN -MUdwNDYQulHZDI+UjJInhramyngdzZLjdeGJARwEEAECAAYFAkw3wEYACgkQIVr+ -UOQUcDKvEwgAoBuOPnPioBwYp8oHVPTo/69cJn1225kfraUYGebCcrRwuoKd8Iyh -R165nXYJmD8yrAFBk8ScUVKsQ/pSnqNrBCrlzQD6NQvuIWVFegIdjdasrWX6Szj+ -N1OllbzIJbkE5eo0WjCMEKJVI/GTY2AnTWUAm36PLQC5HnSATykqwxeZDsJ/s8Rc -kd7+QN5sBVytG3qb45Q7jLJpLcJO6KYH4rz9ZgN7LzyyGbu9DypPrulADG9OrL7e -lUnsGDG4E1M8Pkgk9Xv9MRKao1KjYLD5zxOoVtdeoKEQdnM+lWMJin1XvoqJY7FT -DJk6o+cVqqHkdKL+sgsscFVQljgCEd0EgIkCHAQQAQgABgUCTPlA6QAKCRBcE9bb -kwUuAxdYD/40FxAeNCYByxkr/XRT0gFT+NCjPuqPWCM5tf2NIhSapXtb2+32WbAf -DzVfqWjC0G0RnQBve+vcjpY4/rJu4VKIDGIT8CtnKOIyEcXTNFOehi65xO4ypaei -BPSb3ip3P0of1iZZDQrNHMW5VcyL1c+PWT/6exXSGsePtO/89tc6mupqZtC05f5Z -XG4jswMF0U6Q5s3S0tG7Y+oQhKNFJS4sH4rHe1o5CxKwNRSzqccA0hptKy3MHUZ2 -+zeHzuRdRWGjb2rUiVxnIvPPBGxF2JHhB4ERhGgbTxRZ6wZbdW06BOE8r7pGrUpU -fCw/WRT3gGXJHpGPOzFAvr3Xl7VcDUKTVmIajnpd3SoyD1t2XsvJlSQBOWbViucH -dvE4SIKQ77vBLRlZIoXXVb6Wu7Vq+eQs1ybjwGOhnnKjz8llXcMnLzzN86STpjN4 -qGTXQy/E9+dyUP1sXn3RRwb+ZkdI77m1YY95QRNgG/hqh77IuWWg1MtTSgQnP+F2 -7mfo0/522hObhdAe73VO3ttEPiriWy7tw3bS9daP2TAVbYyFqkvptkBb1OXRUSzq -UuWjBmZ35UlXjKQsGeUHlOiEh84aondF90A7gx0X/ktNIPRrfCGkHJcDu+HVnR7x -Kk+F0qb9+/pGLiT3rqeQTr8fYsb4xLHT7uEg1gVFB1g0kd+RQHzV74kCPgQTAQIA -KAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAlcG+AUFCQw10s0ACgkQEFS3 -okvW7DC8ARAArXWPj73zcPEhbkaSDNq73YxrBHyTyqVCuQ8fdJtTUlcoTMEHmC3Q -W9BhoHho41/BOZAqobA+d1T1hwA9d5z3N8wnogyYsKY2F3rhiB+wDhvoGWQy3cte -JshDdCUCF0LJTivEomk5/8iOLNi643tFG3+sGyd7l/TMLKiJLoJCa2J/XtQQtbj4 -BEmxNUo4iGweIi/Ja8ROn3csXEJ1BM53jhUPZEnHz3PzOVPQjjLkDrqHn4gBIfhU -a48X/WoNzc3nE5cJPxHaYJn0o2vgpUvgSb/N82BaK6x0X1FNUg4rnrllwB9Tk2lK -QLGSIl6YoEweF94SyVwdYiqANUxDP/W2Rj3SbEtZsFFMt7pA1ta4TqHcaI4TdV4U -93+1/QpfJSsSsNbZaEYo3y95+J48JOoRMimlEU6OIjrNdhw5QWVd84VjjTWU76qx -TJM+DgfqvERqXzvBuDG22vnzUNgLfnAFphgqGXl9yn8kbamHur7SiX+abUGYI5dx -BT5ejsSo6Kc6Jge6PZV28QEYDuj3/TUsmMJb9LDX8vPDeYkrGu0sO8ovbfbTuShR -qBmC5l14Mo7zWaxPCjIev4STlh7FtfZ6FXaIHe96voI0QJfnmeCdZyqW0j5G7nza -A/Lgf4966+f7ESa7b1ZzEyV8AokyLWpcoO10SUkPZAKs70ZcXRqG6PeJAhwEEAEC -AAYFAlHk3M4ACgkQSjMLmtZI+uP5hA//UTZfD340ukip6jPlMzxwSD/QapwtO7D4 -gsGTsXezDkO97D21d1pNaNT0RrXAMagwk1ElDxmn/YHUDfMovZa2bKagjWmV38xk -Ws+Prh1P44vUDG30CAU6KZ+mTGLUbolfOvDffCTm9Mn1i2kxFaJxbVhWR6zR28KZ -R28s1IBsrqeTCksYfdKdkuw1/j850hW8MM3hPBJ/48VLx5QEFfnlXwt1fp+LygAv -rIyJw7vJtsa9QjCIkQk2tcv77rhkiZ6ADthgVIx5j3yDWSm4nLqFpwbQTKrNRrCb -5XbL/oIMeHJuFICb2HckDS1KuKXHmqvDuLoRr0/wFEZMps5XQevomUa7JkMeS5j9 -AubCG4g1zKEtPPaGDsfDKBljCHBKwUysQj5oGU5w8VvlOPnS62DBfsgU2y5ipmmI -TYkjSOL6LXwO6xG5/sxA8cyoJSmbN286imcY6AHloTiiu6/N7Us+CNrhw/V7HAun -56etWBn3bZWCRGGAPF3qJr4y2sUMY0E3Ha7OPEHIKfBb4MiJnpXntWT28nQfF3dl -TFTthAzwcnZchx2es4yrfDXn33Y4eisqxWCbTluErXUogUEKH1KohSatYMtxencv -7bUlzIr22zSUCYyVf9cyg50kBy+0J7seEpqG5K5R8z9s/63BT5Oghmi6bB2s5iK5 -fBt3Tu1IYpyJARwEEAECAAYFAlQJ4YUACgkQEzlX6hECjfMTcAf/UZBNLglfeRLd -ZcTY+Lwv6AbKV9ix/V0NtoMFfyY9/Eo7q6xlmZf18i6pDBAMgSSwat1xvqesZ5we -58kNsuYVmITvsuOOhEQWUb20TJogBVILD+/KeD3BWjwicMXuPVUe5S56Hp677K8u -NSsW6HcJU0dzHasQgXPH5fnrrRNttF8yDEulMySRvjDsNCMJSYVAPjIvNnNcDOMQ -tz9OCwUZlzeXGjtS7PBfRkSbXlaOt1jC+0xTVMaOMjbp2CTbgrcpvY55ScLJtDWY -vHqpXHRoV3bVt4pEb27dK2nwcdel8uH9rOdsJjklq85KE5eA2Crd/T9QiYuPK4W/ -bvHQdAXF9w== -=t3lA ------END PGP PUBLIC KEY BLOCK----- diff --git a/manifests/osfamily/debian.pp b/manifests/osfamily/debian.pp index ae241b520..f4b82d1a9 100644 --- a/manifests/osfamily/debian.pp +++ b/manifests/osfamily/debian.pp @@ -72,9 +72,9 @@ } else { $source = $::puppet_agent::apt_source } - $legacy_keyname = 'GPG-KEY-puppetlabs' + $legacy_keyname = 'GPG-KEY-puppet' $legacy_gpg_path = "/etc/pki/deb-gpg/${legacy_keyname}" - $keyname = 'GPG-KEY-puppet' + $keyname = 'GPG-KEY-puppet-20250406' $gpg_path = "/etc/pki/deb-gpg/${keyname}" if getvar('::puppet_agent::manage_pki_dir') == true { @@ -92,7 +92,7 @@ } apt::key { 'legacy key': - id => '47B320EB4C7C375AA9DAE1A01054B7A24BD6EC30', + id => '6F6B15509CF8E59E6E469F327F438280EF8D349F', source => $legacy_gpg_path, } @@ -108,7 +108,7 @@ location => $source, repos => $::puppet_agent::collection, key => { - 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', + 'id' => 'D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26', 'source' => $gpg_path, }, notify => Exec['pc_repo_force'], diff --git a/manifests/osfamily/redhat.pp b/manifests/osfamily/redhat.pp index 0b15f11b8..502aebdde 100644 --- a/manifests/osfamily/redhat.pp +++ b/manifests/osfamily/redhat.pp @@ -82,9 +82,9 @@ $gpg_cmd = 'gpg' } - $legacy_keyname = 'GPG-KEY-puppetlabs' + $legacy_keyname = 'GPG-KEY-puppet' $legacy_gpg_path = "/etc/pki/rpm-gpg/RPM-${legacy_keyname}" - $keyname = 'GPG-KEY-puppet' + $keyname = 'GPG-KEY-puppet-20250406' $gpg_path = "/etc/pki/rpm-gpg/RPM-${keyname}" $gpg_keys = "file://${legacy_gpg_path} file://${gpg_path}" diff --git a/manifests/osfamily/suse.pp b/manifests/osfamily/suse.pp index e1a5e9478..3f7cd45b1 100644 --- a/manifests/osfamily/suse.pp +++ b/manifests/osfamily/suse.pp @@ -35,9 +35,9 @@ case $::operatingsystemmajrelease { '11', '12', '15': { # Import the GPG key - $legacy_keyname = 'GPG-KEY-puppetlabs' + $legacy_keyname = 'GPG-KEY-puppet' $legacy_gpg_path = "/etc/pki/rpm-gpg/RPM-${legacy_keyname}" - $keyname = 'GPG-KEY-puppet' + $keyname = 'GPG-KEY-puppet-20250406' $gpg_path = "/etc/pki/rpm-gpg/RPM-${keyname}" $gpg_homedir = '/root/.gnupg' diff --git a/spec/classes/puppet_agent_osfamily_debian_spec.rb b/spec/classes/puppet_agent_osfamily_debian_spec.rb index 2cc506684..474d8bae1 100644 --- a/spec/classes/puppet_agent_osfamily_debian_spec.rb +++ b/spec/classes/puppet_agent_osfamily_debian_spec.rb @@ -157,12 +157,12 @@ 'content' => apt_settings.join(''), }) } - it { is_expected.to contain_file('/etc/pki/deb-gpg/GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_file('/etc/pki/deb-gpg/GPG-KEY-puppet-20250406').with({ 'ensure' => 'present', 'owner' => '0', 'group' => '0', 'mode' => '0644', - 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppetlabs', + 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppet-20250406', }) } it { is_expected.to contain_file('/etc/pki/deb-gpg/GPG-KEY-puppet').with({ @@ -174,16 +174,16 @@ }) } it { is_expected.to contain_apt__key('legacy key').with({ - 'id' => '47B320EB4C7C375AA9DAE1A01054B7A24BD6EC30', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppetlabs', + 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', }) } it { is_expected.to contain_apt__source('pc_repo').with({ 'location' => 'https://master.example.vm:8140/packages/2000.0.0/debian-7-x86_64', 'repos' => 'PC1', 'key' => { - 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', + 'id' => 'D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet-20250406', }, }) } end @@ -201,8 +201,8 @@ 'location' => 'https://fake-apt-mirror.com/packages/2000.0.0/debian-7-x86_64', 'repos' => 'PC1', 'key' => { - 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', + 'id' => 'D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet-20250406', }, }) } end @@ -239,16 +239,16 @@ } it { is_expected.to contain_apt__key('legacy key').with({ - 'id' => '47B320EB4C7C375AA9DAE1A01054B7A24BD6EC30', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppetlabs', + 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', }) } it { is_expected.to contain_apt__source('pc_repo').with({ 'location' => 'https://apt.puppet.com', 'repos' => 'puppet5', 'key' => { - 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', + 'id' => 'D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet-20250406', }, }) } end @@ -267,8 +267,8 @@ 'location' => 'https://fake-apt-mirror.com/', 'repos' => 'puppet5', 'key' => { - 'id' => '6F6B15509CF8E59E6E469F327F438280EF8D349F', - 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet', + 'id' => 'D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26', + 'source' => '/etc/pki/deb-gpg/GPG-KEY-puppet-20250406', }, }) } end diff --git a/spec/classes/puppet_agent_osfamily_redhat_spec.rb b/spec/classes/puppet_agent_osfamily_redhat_spec.rb index b45e09429..e36e32659 100644 --- a/spec/classes/puppet_agent_osfamily_redhat_spec.rb +++ b/spec/classes/puppet_agent_osfamily_redhat_spec.rb @@ -25,11 +25,11 @@ end if os == 'Fedora' then - it { is_expected.to contain_exec('import-GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_exec('import-GPG-KEY-puppet-20250406').with({ 'path' => '/bin:/usr/bin:/sbin:/usr/sbin', - 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs', - 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg2 --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", - 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs]', + 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406', + 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg2 --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", + 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406]', 'logoutput' => 'on_failure', }) } @@ -41,11 +41,11 @@ 'logoutput' => 'on_failure', }) } else - it { is_expected.to contain_exec('import-GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_exec('import-GPG-KEY-puppet-20250406').with({ 'path' => '/bin:/usr/bin:/sbin:/usr/sbin', - 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs', - 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", - 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs]', + 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406', + 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", + 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406]', 'logoutput' => 'on_failure', }) } @@ -73,12 +73,12 @@ end end - it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406').with({ 'ensure' => 'present', 'owner' => '0', 'group' => '0', 'mode' => '0644', - 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppetlabs', + 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppet-20250406', }) } it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet').with({ @@ -114,7 +114,7 @@ 'baseurl' => "http://yum.puppet.com/puppet5/#{urlbit.gsub('/f','/')}/x64", 'enabled' => 'true', 'gpgcheck' => '1', - 'gpgkey' => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs\n file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet", + 'gpgkey' => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet\n file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406", }) } end @@ -179,7 +179,7 @@ 'baseurl' => "https://master.example.vm:8140/packages/2000.0.0/#{repodir}", 'enabled' => 'true', 'gpgcheck' => '1', - 'gpgkey' => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs\n file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet", + 'gpgkey' => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet\n file:///etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406", 'sslcacert' => '/etc/puppetlabs/puppet/ssl/certs/ca.pem', 'sslclientcert' => '/etc/puppetlabs/puppet/ssl/certs/foo.example.vm.pem', 'sslclientkey' => '/etc/puppetlabs/puppet/ssl/private_keys/foo.example.vm.pem', diff --git a/spec/classes/puppet_agent_osfamily_suse_spec.rb b/spec/classes/puppet_agent_osfamily_suse_spec.rb index b88b12f47..7f06ded40 100644 --- a/spec/classes/puppet_agent_osfamily_suse_spec.rb +++ b/spec/classes/puppet_agent_osfamily_suse_spec.rb @@ -60,11 +60,11 @@ 'logoutput' => 'on_failure', }) } - it { is_expected.to contain_exec('import-GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_exec('import-GPG-KEY-puppet-20250406').with({ 'path' => '/bin:/usr/bin:/sbin:/usr/sbin', - 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs', - 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg --homedir /root/.gnupg --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", - 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs]', + 'command' => 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406', + 'unless' => "rpm -q gpg-pubkey-$(echo $(gpg --homedir /root/.gnupg --with-colons /etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406 2>&1 | grep ^pub | awk -F ':' '{print \$5}' | cut --characters=9-16 | tr '[:upper:]' '[:lower:]'))", + 'require' => 'File[/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406]', 'logoutput' => 'on_failure', }) } @@ -85,12 +85,12 @@ it { is_expected.to contain_class("puppet_agent::osfamily::suse") } - it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppetlabs').with({ + it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet-20250406').with({ 'ensure' => 'present', 'owner' => '0', 'group' => '0', 'mode' => '0644', - 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppetlabs', + 'source' => 'puppet:///modules/puppet_agent/GPG-KEY-puppet-20250406', }) } it { is_expected.to contain_file('/etc/pki/rpm-gpg/RPM-GPG-KEY-puppet').with({ diff --git a/tasks/install_shell.sh b/tasks/install_shell.sh index 9de67d733..494f2bfad 100644 --- a/tasks/install_shell.sh +++ b/tasks/install_shell.sh @@ -513,8 +513,8 @@ info "Downloading Puppet $version for ${platform}..." case $platform in "SLES") info "SLES platform! Lets get you an RPM..." - gpg_key="${tmp_dir}/RPM-GPG-KEY-puppet" - do_download "https://yum.puppet.com/RPM-GPG-KEY-puppet" "$gpg_key" + gpg_key="${tmp_dir}/RPM-GPG-KEY-puppet-20250406" + do_download "https://yum.puppet.com/GPG-KEY-puppet-20250406" "$gpg_key" rpm --import "$gpg_key" rm -f "$gpg_key" filetype="noarch.rpm"