summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThom May <thom@may.lt>2017-04-28 09:39:54 +0100
committerGitHub <noreply@github.com>2017-04-28 09:39:54 +0100
commit592046241c24ac4a94b8e2d21ce91a7d918fdc21 (patch)
tree3cc01f9737ce0198fd728b43139721b9316068a9
parent2dfe178a1b01a55cc9e2269a94f1af72b61a3153 (diff)
parentc90401fa936353550b7658a2a9f4908cf6d27a40 (diff)
downloadchef-592046241c24ac4a94b8e2d21ce91a7d918fdc21.tar.gz
Merge pull request #6094 from whiteley/apt-finger
apt-key finger no longer matches extract fingerprints regex
-rw-r--r--lib/chef/provider/apt_repository.rb11
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/chef/provider/apt_repository.rb b/lib/chef/provider/apt_repository.rb
index 541f733e7b..05172c9f98 100644
--- a/lib/chef/provider/apt_repository.rb
+++ b/lib/chef/provider/apt_repository.rb
@@ -33,6 +33,9 @@ class Chef
which("apt-get")
end
+ LIST_APT_KEYS = "apt-key list".freeze
+ LIST_APT_KEY_FINGERPRINTS = "apt-key adv --list-public-keys --with-fingerprint --with-colons".freeze
+
def load_current_resource
end
@@ -143,7 +146,7 @@ class Chef
def no_new_keys?(file)
# Now we are using the option --with-colons that works across old os versions
# as well as the latest (16.10). This for both `apt-key` and `gpg` commands
- installed_keys = extract_fingerprints_from_cmd("apt-key adv --list-public-keys --with-fingerprint --with-colons")
+ installed_keys = extract_fingerprints_from_cmd(LIST_APT_KEY_FINGERPRINTS)
proposed_keys = extract_fingerprints_from_cmd("gpg --with-fingerprint --with-colons #{file}")
(installed_keys & proposed_keys).sort == proposed_keys.sort
end
@@ -194,15 +197,15 @@ class Chef
command cmd
sensitive new_resource.sensitive
not_if do
- present = extract_fingerprints_from_cmd("apt-key finger").any? do |fp|
+ present = extract_fingerprints_from_cmd(LIST_APT_KEY_FINGERPRINTS).any? do |fp|
fp.end_with? key.upcase
end
- present && key_is_valid?("apt-key list", key.upcase)
+ present && key_is_valid?(LIST_APT_KEYS, key.upcase)
end
notifies :run, "execute[apt-cache gencaches]", :immediately
end
- raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?("apt-key list", key.upcase)
+ raise "The key #{key} is invalid and cannot be used to verify an apt repository." unless key_is_valid?(LIST_APT_KEYS, key.upcase)
end
def install_ppa_key(owner, repo)