class Chef::Provider::ZypperRepository
Public Instance Methods
zypper repos are allowed to have spaces in the names @return [String] escaped repo string
# File lib/chef/provider/zypper_repository.rb, line 70 def escaped_repo_name @escaped_repo_name ||= Shellwords.escape(new_resource.repo_name) end
the version of gpg installed on the system
@return [Gem::Version] the version of GPG
# File lib/chef/provider/zypper_repository.rb, line 112 def gpg_version so = shell_out!("gpg --version") # matches 2.0 and 2.2 versions from SLES 12 and 15: https://rubular.com/r/e6D0WfGK6SXvUp version = /gpg \(GnuPG\)\s*(.*)/.match(so.stdout)[1] logger.trace("GPG package version is #{version}") Gem::Version.new(version) end
determine if a cookbook file is available in the run @param [String] fn the path to the template file
@return [Boolean] cookbook file exists or doesn’t
# File lib/chef/provider/zypper_repository.rb, line 86 def has_cookbook_file?(fn) run_context.has_cookbook_file_in_cookbook?(new_resource.cookbook, fn) end
install the provided gpg keys @param [String] uris the uri of the local or remote gpg key
# File lib/chef/provider/zypper_repository.rb, line 155 def install_gpg_keys(uris) if uris.empty? logger.debug("'gpgkey' property not provided or set. Skipping gpg key import.") return end # fetch each key to the cache dir either from the cookbook or by downloading it # and then import the key uris.each do |uri| cached_keyfile = ::File.join(Chef::Config[:file_cache_path], uri.split("/")[-1]) declare_resource(key_type(uri), cached_keyfile) do source uri mode "0644" sensitive new_resource.sensitive action :create end execute "import gpg key from #{uri}" do command "/bin/rpm --import #{cached_keyfile}" not_if { key_installed?(cached_keyfile) } action :run end end end
is the provided key already installed @param [String] key_path the path to the key on the local filesystem
@return [boolean] is the key already known by rpm
# File lib/chef/provider/zypper_repository.rb, line 124 def key_installed?(key_path) so = shell_out("/bin/rpm -qa gpg-pubkey*") # expected output & match: http://rubular.com/r/RdF7EcXEtb status = /gpg-pubkey-#{short_key_id(key_path)}/.match(so.stdout) logger.trace("GPG key at #{key_path} is known by rpm? #{status ? "true" : "false"}") status end
Given the provided key URI determine what kind of chef resource we need to fetch the key @param [String] uri the uri of the gpg key (local path or http URL)
@raise [Chef::Exceptions::FileNotFound] Key
isn’t remote or found in the current run
@return [Symbol] :remote_file or :cookbook_file
# File lib/chef/provider/zypper_repository.rb, line 97 def key_type(uri) if uri.start_with?("http") logger.trace("Will use :remote_file resource to cache the gpg key locally") :remote_file elsif has_cookbook_file?(uri) logger.trace("Will use :cookbook_file resource to cache the gpg key locally") :cookbook_file else raise Chef::Exceptions::FileNotFound, "Cannot determine location of gpgkey. Must start with 'http' or be a file managed by #{ChefUtils::Dist::Infra::PRODUCT}." end end
# File lib/chef/provider/zypper_repository.rb, line 30 def load_current_resource; end
extract the gpg key’s short key id from a local file. Learning moment: This 8 hex value ID is sometimes incorrectly called the fingerprint. The fingerprint is the full length value and googling for that will just result in sad times.
@param [String] key_path the path to the key on the local filesystem
@return [String] the short key id of the key
# File lib/chef/provider/zypper_repository.rb, line 139 def short_key_id(key_path) if gpg_version >= Gem::Version.new("2.2") # SLES 15+ so = shell_out!("gpg --import-options import-show --dry-run --import --with-colons #{key_path}") # expected output and match: https://rubular.com/r/uXWJo3yfkli1qA short_key_id = /fpr:*\h*(\h{8}):/.match(so.stdout)[1].downcase else # SLES 12 and earlier so = shell_out!("gpg --with-fingerprint #{key_path}") # expected output and match: http://rubular.com/r/BpfMjxySQM short_key_id = %r{pub\s*\S*/(\S*)}.match(so.stdout)[1].downcase end logger.trace("GPG short key ID of key at #{key_path} is #{short_key_id}") short_key_id end
determine if a template file is available in the current run @param [String] path the path to the template file
@return [Boolean] template file exists or doesn’t
# File lib/chef/provider/zypper_repository.rb, line 78 def template_available?(path) !path.nil? && run_context.has_template_in_cookbook?(new_resource.cookbook, path) end