From d9a1edcad619b5a87c6f2e9857c8200e540e2410 Mon Sep 17 00:00:00 2001 From: Raoul Bhatia Date: Fri, 31 Jul 2015 17:35:01 +0200 Subject: [PATCH 1/3] Update origins by merging Debian defaults, puppetlabs-apt and own research Default configuration was taken from the following archives file ./etc/apt/apt.conf.d/50unattended-upgrades Debian: * 6 Squeeze: unattended-upgrades_0.62.2+squeeze1_all.deb * 7 Wheezy: unattended-upgrades_0.79.5+wheezy2_all.deb * 8 Jessie: unattended-upgrades_0.83.3.2+deb8u1_all.deb Ubuntu: * 12.04LTS Precise Pangolin: unattended-upgrades_0.76ubuntu1.1_all.deb * 14.04LTS Trusty Tahr: unattended-upgrades_0.82.1ubuntu2.3_all.deb * 15.04 Vivid Vervet: unattended-upgrades_0.83.6ubuntu1_all.deb * 15.10 Wily Werewolf: unattended-upgrades_0.86.2ubuntu1_all.deb --- manifests/params.pp | 46 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 9 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 04ba3ec6..4e1b9dec 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,3 +1,4 @@ +# class unattended_upgrades::params { if $::osfamily != 'Debian' { @@ -35,21 +36,48 @@ 'debian', 'raspbian': { case $xfacts['lsbdistcodename'] { 'squeeze': { - $legacy_origin = true - $origins = ['${distro_id} oldstable', #lint:ignore:single_quote_string_with_variables - '${distro_id} ${distro_codename}-security', #lint:ignore:single_quote_string_with_variables - '${distro_id} ${distro_codename}-lts',] #lint:ignore:single_quote_string_with_variables + $legacy_origin = true + $origins = ['${distro_id} oldoldstable', #lint:ignore:single_quote_string_with_variables + '${distro_id} ${distro_codename}-security', #lint:ignore:single_quote_string_with_variables + '${distro_id} ${distro_codename}-lts',] #lint:ignore:single_quote_string_with_variables + } + 'wheezy': { + $legacy_origin = false + $origins = ['origin=Debian,archive=stable,label=Debian-Security', + 'origin=Debian,archive=oldstable,label=Debian-Security',] } default: { - $legacy_origin = false - $origins = ['origin=Debian,archive=stable,label=Debian-Security'] + $legacy_origin = false + $origins = ['origin=Debian,codename=${distro_codename},label=Debian-Security',] #lint:ignore:single_quote_string_with_variables } } } 'ubuntu': { - $legacy_origin = true - $origins = ['${distro_id} ${distro_codename}-security', #lint:ignore:single_quote_string_with_variables - '${distro_id} ${distro_codename}-updates',] #lint:ignore:single_quote_string_with_variables + # TODO do we really want to pull in ${distro_codename}-updates by default? + case $distcodename { + 'precise': { + $legacy_origin = true + $origins = [ + '${distro_id}:${distro_codename}-security', #lint:ignore:single_quote_string_with_variables + #'${distro_id}:${distro_codename}-updates', #lint:ignore:single_quote_string_with_variables + ] + + } + 'trusty', 'utopic', 'vivid', 'wily': { + $legacy_origin = true + $origins = [ + '${distro_id}:${distro_codename}-security', #lint:ignore:single_quote_string_with_variables + #'${distro_id}:${distro_codename}-updates', #lint:ignore:single_quote_string_with_variables + ] + } + default: { + $legacy_origin = true + $origins = [ + '${distro_id}:${distro_codename}-security', #lint:ignore:single_quote_string_with_variables + #'${distro_id}:${distro_codename}-updates', #lint:ignore:single_quote_string_with_variables + ] + } + } } default: { fail('Please explicitly specify unattended_upgrades::legacy_origin and unattended_upgrades::origins') From 84a7d6cdea460cb3da3c95adc8d8b9f2d421eeff Mon Sep 17 00:00:00 2001 From: Raoul Bhatia Date: Wed, 9 Sep 2015 22:31:53 +0200 Subject: [PATCH 2/3] Enhance and bugfix tests for Debian & Ubuntu LTS --- spec/classes/unattended_upgrades_spec.rb | 94 ++++++++++++++++++++++-- 1 file changed, 88 insertions(+), 6 deletions(-) diff --git a/spec/classes/unattended_upgrades_spec.rb b/spec/classes/unattended_upgrades_spec.rb index 1333434c..d47ad061 100644 --- a/spec/classes/unattended_upgrades_spec.rb +++ b/spec/classes/unattended_upgrades_spec.rb @@ -6,7 +6,7 @@ let(:facts) { { :osfamily => 'Debian', :lsbdistid => 'Debian', - :lsbistcodename => 'wheezy', + :lsbdistcodename => 'wheezy', :lsbrelease => '7.0.3', } } let(:pre_condition) { @@ -92,11 +92,94 @@ } end - context 'with defaults on ubuntu' do + context 'with defaults on Debian 6 Squeeze' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Debian', + :lsbdistcodename => 'squeeze', + :lsbdistrelease => '6.0.10', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This section varies for different releases + /\Unattended-Upgrade::Allowed-Origins\ {\n + \t"\${distro_id}\ oldoldstable";\n + \t"\${distro_id}\ \${distro_codename}-security";\n + \t"\${distro_id}\ \${distro_codename}-lts";\n + };/x + )} + end + + context 'with defaults on Debian 7 Wheezy' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Debian', + :lsbdistcodename => 'wheezy', + :lsbdistrelease => '7.1', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This section varies for different releases + /\Unattended-Upgrade::Origins-Pattern\ {\n + \t"origin=Debian,archive=stable,label=Debian-Security";\n + \t"origin=Debian,archive=oldstable,label=Debian-Security";\n + };/x + )} + end + + context 'with defaults on Debian 8 Jessie' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Debian', + :lsbdistcodename => 'jessie', + :lsbdistrelease => '8.2', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This section varies for different releases + /\Unattended-Upgrade::Origins-Pattern\ {\n + \t"origin=Debian,codename=\${distro_codename},label=Debian-Security";\n + };/x + )} + end + + context 'with defaults on Ubuntu 12.04LTS Precise Pangolin' do let(:facts) { { :osfamily => 'Debian', :lsbdistid => 'Ubuntu', - :lsbistcodename => 'trusty', + :lsbdistcodename => 'precise', + :lsbrelease => '12.04', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This is the only section that's different for Ubuntu compared to Debian + /\Unattended-Upgrade::Allowed-Origins\ {\n + \t"\${distro_id}\:\${distro_codename}-security";\n + };/x + )} + end + + context 'with defaults on Ubuntu 14.04LTS Trusty Tahr' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Ubuntu', + :lsbdistcodename => 'trusty', :lsbrelease => '14.04', } } it { @@ -107,8 +190,7 @@ }).with_content( # This is the only section that's different for Ubuntu compared to Debian /\Unattended-Upgrade::Allowed-Origins\ {\n - \t"\${distro_id}\ \${distro_codename}-security";\n - \t"\${distro_id}\ \${distro_codename}-updates";\n + \t"\${distro_id}\:\${distro_codename}-security";\n };/x )} end @@ -117,7 +199,7 @@ let(:facts) { { :osfamily => 'Debian', :lsbdistid => 'Raspbian', - :lsbistcodename => 'jessie', + :lsbdistcodename => 'jessie', :lsbrelease => '8.0', } } it { From 0d2b73da1a528daed34b9bff1f120145da5799fd Mon Sep 17 00:00:00 2001 From: Raoul Bhatia Date: Wed, 9 Sep 2015 22:52:04 +0200 Subject: [PATCH 3/3] Enhance and bugfix tests for Ubuntu Vivid & Wily --- spec/classes/unattended_upgrades_spec.rb | 40 ++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/spec/classes/unattended_upgrades_spec.rb b/spec/classes/unattended_upgrades_spec.rb index d47ad061..72291d5d 100644 --- a/spec/classes/unattended_upgrades_spec.rb +++ b/spec/classes/unattended_upgrades_spec.rb @@ -195,6 +195,46 @@ )} end + context 'with defaults on Ubuntu 15.04 Vivid Vervet' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Ubuntu', + :lsbdistcodename => 'vivid', + :lsbrelease => '15.04', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This is the only section that's different for Ubuntu compared to Debian + /\Unattended-Upgrade::Allowed-Origins\ {\n + \t"\${distro_id}\:\${distro_codename}-security";\n + };/x + )} + end + + context 'with defaults on Ubuntu 15.10 Wily Werewolf' do + let(:facts) { { + :osfamily => 'Debian', + :lsbdistid => 'Ubuntu', + :lsbdistcodename => 'wily', + :lsbrelease => '15.10', + } } + it { + should create_file(file_unattended).with({ + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + }).with_content( + # This is the only section that's different for Ubuntu compared to Debian + /\Unattended-Upgrade::Allowed-Origins\ {\n + \t"\${distro_id}\:\${distro_codename}-security";\n + };/x + )} + end + context 'with defaults on Raspbian' do let(:facts) { { :osfamily => 'Debian',