Merge pull request #470 from DataDog/remicalixte/backup-keyserver

remicalixte · web-flow · commit 346913461078 · 2018-11-15T10:13:46.000-05:00
Add a backup keyserver in case the main one is down
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -284,6 +284,9 @@
   Hash[String[1], Data] $agent6_extra_options = {},
   $agent5_repo_uri = $datadog_agent::params::agent5_default_repo,
   $agent6_repo_uri = $datadog_agent::params::agent6_default_repo,
+  Optional[Boolean] $use_apt_backup_keyserver = $datadog_agent::params::use_apt_backup_keyserver,
+  $apt_backup_keyserver = $datadog_agent::params::apt_backup_keyserver,
+  $apt_keyserver = $datadog_agent::params::apt_keyserver,
   $apt_release = $datadog_agent::params::apt_default_release,
   Optional[String] $service_provider = undef,
   Optional[String] $agent_version = $datadog_agent::params::agent_version,
@@ -395,6 +398,12 @@
     default:    { $_loglevel = 'INFO' }
   }
 
+  if $use_apt_backup_keyserver {
+    $_apt_keyserver = $apt_backup_keyserver
+  } else {
+    $_apt_keyserver = $apt_keyserver
+  }
+
   case $::operatingsystem {
     'Ubuntu','Debian' : {
       if $agent5_enable {
@@ -406,6 +415,7 @@
           location              => $agent5_repo_uri,
           release               => $apt_release,
           skip_apt_key_trusting => $skip_apt_key_trusting,
+          apt_keyserver         => $_apt_keyserver,
         }
       } else {
         class { 'datadog_agent::ubuntu::agent6':
@@ -416,6 +426,7 @@
           location              => $agent6_repo_uri,
           release               => $apt_release,
           skip_apt_key_trusting => $skip_apt_key_trusting,
+          apt_keyserver         => $_apt_keyserver,
         }
       }
     }
diff --git a/manifests/params.pp b/manifests/params.pp
@@ -33,6 +33,9 @@
   $process_default_custom_words   = []
   $logs_enabled                   = false
   $container_collect_all          = false
+  $use_apt_backup_keyserver       = false
+  $apt_backup_keyserver           = 'hkp://pool.sks-keyservers.net:80'
+  $apt_keyserver                  = 'hkp://keyserver.ubuntu.com:80'
 
   case $::operatingsystem {
     'Ubuntu','Debian' : {
diff --git a/manifests/ubuntu/agent5.pp b/manifests/ubuntu/agent5.pp
@@ -22,13 +22,15 @@
   String $service_ensure = 'running',
   Boolean $service_enable = true,
   Optional[String] $service_provider = undef,
+  Optional[String] $apt_keyserver = undef,
 ) inherits datadog_agent::params{
 
   ensure_packages(['apt-transport-https'])
 
   if !$skip_apt_key_trusting {
     ::datadog_agent::ubuntu::install_key { [$apt_key]:
-      before  => Apt::Source['datadog'],
+      server => $apt_keyserver,
+      before => Apt::Source['datadog'],
     }
   }
 
diff --git a/manifests/ubuntu/agent6.pp b/manifests/ubuntu/agent6.pp
@@ -13,12 +13,14 @@
   String $service_ensure = 'running',
   Boolean $service_enable = true,
   Optional[String] $service_provider = undef,
+  Optional[String] $apt_keyserver = undef,
 ) inherits datadog_agent::params {
 
   ensure_packages(['apt-transport-https'])
   if !$skip_apt_key_trusting {
     ::datadog_agent::ubuntu::install_key { [$apt_key]:
-      before  => Apt::Source['datadog6'],
+      server => $apt_keyserver,
+      before => Apt::Source['datadog6'],
     }
   }
 
diff --git a/manifests/ubuntu/install_key.pp b/manifests/ubuntu/install_key.pp
@@ -12,9 +12,9 @@
 #
 #
 #
-define datadog_agent::ubuntu::install_key() {
+define datadog_agent::ubuntu::install_key($server) {
   apt::key { $name:
     id     => $name,
-    server => 'hkp://keyserver.ubuntu.com:80',
+    server => $server,
   }
 }
diff --git a/spec/classes/datadog_agent_spec.rb b/spec/classes/datadog_agent_spec.rb
@@ -833,7 +833,20 @@
         end
 
         if DEBIAN_OS.include?(operatingsystem)
-          it { should contain_class('datadog_agent::ubuntu::agent5') }
+          it do
+            should contain_class('datadog_agent::ubuntu::agent5')\
+                .with_apt_keyserver('hkp://keyserver.ubuntu.com:80')
+          end
+          context 'use backup keyserver' do
+            let(:params) {{
+                :use_apt_backup_keyserver => true,
+                :agent5_enable => true,
+            }}
+            it do
+                should contain_class('datadog_agent::ubuntu::agent5')\
+                    .with_apt_keyserver('hkp://pool.sks-keyservers.net:80')
+            end
+          end
         elsif REDHAT_OS.include?(operatingsystem)
           it { should contain_class('datadog_agent::redhat::agent5') }
         end
diff --git a/spec/classes/datadog_agent_ubuntu_spec.rb b/spec/classes/datadog_agent_ubuntu_spec.rb
@@ -17,7 +17,19 @@
 
   # it should install the mirror
   it { should_not contain_datadog_agent__ubuntu__install_key('935F5A436A5A6E8788F0765B226AE980C7A7DA52') }
-  it { should contain_datadog_agent__ubuntu__install_key('A2923DFF56EDA6E76E55E492D3A80E30382E94DE') }
+  it do
+    should contain_datadog_agent__ubuntu__install_key('A2923DFF56EDA6E76E55E492D3A80E30382E94DE')\
+  end
+  context 'overriding keyserver' do
+    let(:params) {{
+      apt_keyserver: 'hkp://pool.sks-keyservers.net:80',
+    }}
+    it do
+      should contain_datadog_agent__ubuntu__install_key('A2923DFF56EDA6E76E55E492D3A80E30382E94DE')\
+        .with_server('hkp://pool.sks-keyservers.net:80')
+    end
+  end
+  
   it do
     should contain_file('/etc/apt/sources.list.d/datadog.list')\
       .that_notifies('exec[apt_update]')

Original file line number	Diff line number	Diff line change
`@@ -22,13 +22,15 @@`
`22`	`22`	`String $service_ensure = 'running',`
`23`	`23`	`Boolean $service_enable = true,`
`24`	`24`	`Optional[String] $service_provider = undef,`
	`25`	`+ Optional[String] $apt_keyserver = undef,`
`25`	`26`	`) inherits datadog_agent::params{`
`26`	`27`
`27`	`28`	`ensure_packages(['apt-transport-https'])`
`28`	`29`
`29`	`30`	`if !$skip_apt_key_trusting {`
`30`	`31`	`::datadog_agent::ubuntu::install_key { [$apt_key]:`
`31`		`- before => Apt::Source['datadog'],`
	`32`	`+ server => $apt_keyserver,`
	`33`	`+ before => Apt::Source['datadog'],`
`32`	`34`	`}`
`33`	`35`	`}`
`34`	`36`
Original file line number	Diff line number	Diff line change
`@@ -13,12 +13,14 @@`
`13`	`13`	`String $service_ensure = 'running',`
`14`	`14`	`Boolean $service_enable = true,`
`15`	`15`	`Optional[String] $service_provider = undef,`
	`16`	`+ Optional[String] $apt_keyserver = undef,`
`16`	`17`	`) inherits datadog_agent::params {`
`17`	`18`
`18`	`19`	`ensure_packages(['apt-transport-https'])`
`19`	`20`	`if !$skip_apt_key_trusting {`
`20`	`21`	`::datadog_agent::ubuntu::install_key { [$apt_key]:`
`21`		`- before => Apt::Source['datadog6'],`
	`22`	`+ server => $apt_keyserver,`
	`23`	`+ before => Apt::Source['datadog6'],`
`22`	`24`	`}`
`23`	`25`	`}`
`24`	`26`
Original file line number	Diff line number	Diff line change
`@@ -12,9 +12,9 @@`
`12`	`12`	`#`
`13`	`13`	`#`
`14`	`14`	`#`
`15`		`-define datadog_agent::ubuntu::install_key() {`
	`15`	`+define datadog_agent::ubuntu::install_key($server) {`
`16`	`16`	`apt::key { $name:`
`17`	`17`	`id => $name,`
`18`		`- server => 'hkp://keyserver.ubuntu.com:80',`
	`18`	`+ server => $server,`
`19`	`19`	`}`
`20`	`20`	`}`