Resource Type: apt_key

Defined in:
lib/puppet/type/apt_key.rb
Providers:
apt_key

Summary

This type provides Puppet with the capabilities to manage GPG keys needed by apt to perform package validation. Apt has it's own GPG keyring that can be manipulated through the `apt-key` command.

Overview

Autorequires

If Puppet is given the location of a key file which looks like an absolute path this type will autorequire that file.

Examples:

Basic usage

apt_key { '6F6B15509CF8E59E6E469F327F438280EF8D349F':
  source => 'http://apt.puppetlabs.com/pubkey.gpg'
}

Properties

  • created

    Date the key was created.

    This property is read-only.

  • ensure (defaults to: present)

    The basic property that the resource should be in.

    Supported values:
    • present
    • absent
  • expired

    Indicates if the key has expired.

    This property is read-only.

  • expiry

    The date the key will expire, or nil if it has no expiry date.

    This property is read-only.

  • fingerprint

    The 40-digit hexadecimal fingerprint of the specified GPG key.

    This property is read-only.

  • long

    The 16-digit hexadecimal id of the specified GPG key.

    This property is read-only.

  • short

    The 8-digit hexadecimal id of the specified GPG key.

    This property is read-only.

  • size

    The key size, usually a multiple of 1024.

    This property is read-only.

  • type

    The key type, one of: rsa, dsa, ecc, ecdsa

    This property is read-only.

Parameters

  • content

    The content of, or string representing, a GPG key.

  • id

    The ID of the key you want to manage.

    Supported values:
    • %r{\A(0x)?[0-9a-fA-F]{8}\Z}
    • %r{\A(0x)?[0-9a-fA-F]{16}\Z}
    • %r{\A(0x)?[0-9a-fA-F]{40}\Z}
  • options

    Additional options to pass to apt-key's –keyserver-options.

  • provider

    The specific backend to use for this ‘apt_key` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.

  • refresh (defaults to: false)

    When true, recreate an existing expired key

    Supported values:
    • true
    • false
    • yes
    • no
  • server (defaults to: keyserver.ubuntu.com)

    The key server to fetch the key from based on the ID. It can either be a domain name or url.

    Supported values:
    • %r{\A((hkp|hkps|http|https):\/\/)?([a-z\d])([a-z\d-]{0,61}\.)+[a-z\d]+(:\d{2,5})?(\/[a-zA-Z\d\-_.]+)*\/?$}
  • source

    Location of a GPG key file, /path/to/file, ftp://, http:// or https://

    Supported values:
    • %r{\Ahttps?://}
    • %r{\Aftp://}
    • %r{\A/\w+}
  • weak_ssl (defaults to: false)

    When true and source uses https, accepts download of keys without SSL verification

    Supported values:
    • true
    • false
    • yes
    • no