Add a backup keyserver in case the main one is down#470
Conversation
remicalixte
force-pushed
the
remicalixte/backup-keyserver
branch
from
985abb5 to
77e247b
Compare
There was a problem hiding this comment.
Looks almost ready, I'd just handle the params on the main manifest a little different. Let me know what you think. Also, it would be nice to cover the keyserver stuff with some spec tests (https://github.com/DataDog/puppet-datadog-agent/blob/master/spec/classes/datadog_agent_ubuntu_spec.rb).
Thank you for this 🙏
| $agent6_repo_uri = $datadog_agent::params::agent6_default_repo, | ||
| $use_apt_backup_keyserver = $datadog_agent::params::use_apt_backup_keyserver, | ||
| $apt_backup_keyserver = 'hkp://pool.sks-keyservers.net:80', | ||
| $apt_keyserver = 'hkp://keyserver.ubuntu.com:80', |
There was a problem hiding this comment.
hkp://keyserver.ubuntu.com:80 should probably be in $datadog_agent::params.
Also, we should be adding new params using abstract data types:
Optional[String] and Optional[Boolean] or Variant[Enum['true', 'false'], Boolean] (see: https://puppet.com/docs/puppet/5.3/lang_data_abstract.html)
There was a problem hiding this comment.
Yes, use_apt_backup_keyserver should be optional. What is the difference between putting a variable in init.pp and in params.pp ? The keyserver url is not meant to be user facing and is not optional because we need one to fetch the pgp key
remicalixte
force-pushed
the
remicalixte/backup-keyserver
branch
from
77e247b to
dc1beb3
Compare
remicalixte
force-pushed
the
remicalixte/backup-keyserver
branch
4 times, most recently
from
05cdf75 to
eb92a2a
Compare
remicalixte
force-pushed
the
remicalixte/backup-keyserver
branch
from
eb92a2a to
be4ec4e
Compare
Add a backup keyserver in case the main one is down
2 participants
Motivation
We should make sure our APT repo's public GPG key is available from another keyserver (pool) than just keyserver.ubuntu.com so that, when the latter is down.