diff --git a/README.md b/README.md index 12c78321..bed96047 100644 --- a/README.md +++ b/README.md @@ -107,7 +107,7 @@ class { 'nodejs': ### Forcing the installation of NodeSource packages over native packages When the native package version and NodeSource version are the same, you may -need to use `repo_pin` or `repo_priority` (depending on your operating system). +need to use `repo_priority` (depending on your operating system). This ensures that the version in the NodeSource repository takes precedence when Puppet invokes Apt/Yum. diff --git a/manifests/init.pp b/manifests/init.pp index 33575279..2fbb6a5d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -16,7 +16,6 @@ Optional[Hash] $npmrc_config = $nodejs::params::npmrc_config, $repo_class = $nodejs::params::repo_class, $repo_ensure = $nodejs::params::repo_ensure, - $repo_pin = $nodejs::params::repo_pin, $repo_priority = $nodejs::params::repo_priority, $repo_proxy = $nodejs::params::repo_proxy, $repo_proxy_password = $nodejs::params::repo_proxy_password, diff --git a/manifests/install.pp b/manifests/install.pp index 993bb817..4ac5d09b 100644 --- a/manifests/install.pp +++ b/manifests/install.pp @@ -20,7 +20,7 @@ Package { provider => $nodejs::package_provider } # nodejs - if $nodejs::manage_nodejs_package { + if $nodejs::manage_nodejs_package and $nodejs::nodejs_package_name { package { $nodejs::nodejs_package_name: ensure => $nodejs::nodejs_package_ensure, tag => 'nodesource_repo', @@ -36,7 +36,7 @@ } # nodejs-debug - if $nodejs::nodejs_debug_package_name { + if $nodejs::manage_nodejs_package and $nodejs::nodejs_debug_package_name { package { $nodejs::nodejs_debug_package_name: ensure => $nodejs::nodejs_debug_package_ensure, tag => 'nodesource_repo', diff --git a/manifests/params.pp b/manifests/params.pp index 971cdbaa..b8f21389 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -4,8 +4,7 @@ $nodejs_debug_package_ensure = 'absent' $nodejs_package_ensure = 'installed' $repo_ensure = 'present' - $repo_pin = undef - $repo_priority = 'absent' + $repo_priority = ($facts['os']['family'] == 'Debian') ? { true => '990', default => 'absent' } $repo_proxy = 'absent' $repo_proxy_password = 'absent' $repo_proxy_username = 'absent' diff --git a/manifests/repo/nodesource.pp b/manifests/repo/nodesource.pp index 3bf7c306..b62d41d4 100644 --- a/manifests/repo/nodesource.pp +++ b/manifests/repo/nodesource.pp @@ -1,7 +1,6 @@ # PRIVATE CLASS: Do not use directly class nodejs::repo::nodesource { $ensure = $nodejs::repo_ensure - $pin = $nodejs::repo_pin $priority = $nodejs::repo_priority $proxy = $nodejs::repo_proxy $proxy_password = $nodejs::repo_proxy_password diff --git a/manifests/repo/nodesource/apt.pp b/manifests/repo/nodesource/apt.pp index e3ba5358..c8c44eec 100644 --- a/manifests/repo/nodesource/apt.pp +++ b/manifests/repo/nodesource/apt.pp @@ -1,21 +1,31 @@ # PRIVATE CLASS: Do not use directly. class nodejs::repo::nodesource::apt { $ensure = $nodejs::repo::nodesource::ensure - $pin = $nodejs::repo::nodesource::pin + $priority = $nodejs::repo::nodesource::priority $url_suffix = $nodejs::repo::nodesource::url_suffix include apt if ($ensure != 'absent') { + apt::keyring { 'nodesource': + source => 'https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key', + dir => '/usr/share/keyrings', + filename => 'nodesource-repo.gpg.key.asc', + } + apt::source { 'nodesource': - key => { - 'name' => 'nodesource-repo.gpg.key.asc', - 'source' => 'https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key', - }, - location => "https://deb.nodesource.com/node_${url_suffix}", - pin => $pin, - release => 'nodistro', - repos => 'main', + source_format => 'sources', + location => ["https://deb.nodesource.com/node_${url_suffix}",], + keyring => '/usr/share/keyrings/nodesource-repo.gpg.key.asc', + release => ['nodistro',], + repos => ['main',], + types => ['deb',], + require => Apt::Keyring['nodesource'], + } + + apt::pin { 'nodesource': + origin => 'deb.nodesource.com', + priority => $priority, } Apt::Source['nodesource'] -> Package<| tag == 'nodesource_repo' |> @@ -26,5 +36,17 @@ apt::source { 'nodesource': ensure => 'absent', } + apt::pin { 'nodesource': + ensure => 'absent', + } + apt::keyring { 'nodesource': + ensure => 'absent', + dir => '/usr/share/keyrings', + filename => 'nodesource-repo.gpg.key.asc', + } + file { '/etc/apt/sources.list.d/nodesource.sources': + ensure => 'absent', + notify => Class['Apt::Update'], + } } } diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 818f15c5..96f4878e 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -42,11 +42,11 @@ def nodesource_unsupported(nodejs_version) # Debian 12 contains NodeJS 18, when we test 16 and 18, we need to force the nodesource version # as Debians versions *can* be newer - repo_pin = - if %w[16 18].include?(nodejs_version) && fact('os.family') == 'Debian' && %w[12 13].include?(fact('os.release.major')) - '1000' + repo_priority = + if fact('os.family') == 'Debian' + '990' else - 'undef' + 'absent' end it_behaves_like 'an idempotent resource' do @@ -54,7 +54,7 @@ def nodesource_unsupported(nodejs_version) <<-PUPPET class { 'nodejs': repo_version => '#{nodejs_version}', - repo_pin => #{repo_pin}, + repo_priority => '#{repo_priority}', } PUPPET end @@ -173,6 +173,7 @@ class { 'nodejs': %w[ libnode-dev + nodejs npm ].each do |pkg| describe package(pkg) do @@ -201,7 +202,7 @@ class { 'nodejs': } describe 'npm config' do it 'contains the global_config_entry secret' do - npm_output = shell('cat $(/usr/bin/npm config get globalconfig)') + npm_output = shell('cat $(/usr/bin/npm config get globalconfig || echo /dev/null)') expect(npm_output.stdout).to match '//path.to.registry/:_authToken="cGFzc3dvcmQ="' end end @@ -227,7 +228,7 @@ class { 'nodejs': } describe 'npm config' do it 'contains the global_config_entry secret' do - npm_output = shell('cat $(/usr/bin/npm config get globalconfig)') + npm_output = shell('cat $(/usr/bin/npm config get globalconfig || echo /dev/null)') expect(npm_output.stdout).to match '//path.to.registry/:_authToken=cGFzc3dvcmQ' end end diff --git a/spec/classes/nodejs_spec.rb b/spec/classes/nodejs_spec.rb index f63b30db..700f98f0 100644 --- a/spec/classes/nodejs_spec.rb +++ b/spec/classes/nodejs_spec.rb @@ -84,23 +84,23 @@ end end - context 'and repo_pin set to 10' do + context 'and repo_priority set to 10' do let :params do - default_params.merge!(repo_pin: '10') + default_params.merge!(repo_priority: '10') end it 'the repo apt::source resource should contain pin = 10' do - is_expected.to contain_apt__source('nodesource').with('pin' => '10') + is_expected.to contain_apt__pin('nodesource').with('priority' => '10') end end - context 'and repo_pin not set' do + context 'and repo_priority not set' do let :params do - default_params.merge!(repo_pin: :undef) + default_params.merge!(repo_priority: :undef) end - it 'the repo apt::source resource should contain pin = undef' do - is_expected.to contain_apt__source('nodesource').with('pin' => nil) + it 'the repo apt::source resource should contain priority = 990' do + is_expected.to contain_apt__pin('nodesource').with('priority' => 990) end end @@ -109,8 +109,8 @@ default_params.merge!(repo_version: '9') end - it 'the repo apt::source resource should contain location = https://deb.nodesource.com/node_9.x' do - is_expected.to contain_apt__source('nodesource').with('location' => 'https://deb.nodesource.com/node_9.x') + it 'the repo apt::source resource should contain location = [https://deb.nodesource.com/node_9.x]' do + is_expected.to contain_apt__source('nodesource').with('location' => ['https://deb.nodesource.com/node_9.x']) end end