From a6202f901b0ff3cc9fb6eb5da6da1508190e12e9 Mon Sep 17 00:00:00 2001
From: Jeremy Stanley <fungi@yuggoth.org>
Date: Thu, 12 Sep 2013 17:12:18 +0000
Subject: [PATCH] Add saltstack APT repository to automatic upgrades
* modules/openstack_project/manifests/automatic_upgrades.pp: Pass
the additional allowed origins list through to the unattended
upgrades module.
* modules/openstack_project/manifests/slave.pp: Add the
"LP-PPA-saltstack-salt precise" repository origin to the list of
allowed origins for automatic upgrades.
* modules/unattended_upgrades/manifests/init.pp: Add a list of
additional allowed origins for package repository upgrades and
convert the apt-preferences stub for 50unattended-upgrades to a
template so the list can be applied to it.
* modules/unattended_upgrades/templates/50unattended-upgrades.erb:
Renamed from ../../files/50unattended-upgrades and enhanced with a
loop over the origins list to append to the default set of allowed
upgrade origins.
Change-Id: I821d199ae1a00ed78c2a52bf80ddba8a4eaa7d8b
---
modules/openstack_project/manifests/automatic_upgrades.pp | 5 ++++-
modules/openstack_project/manifests/slave.pp | 4 +++-
modules/unattended_upgrades/manifests/init.pp | 7 +++++--
.../50unattended-upgrades.erb} | 3 +++
4 files changed, 15 insertions(+), 4 deletions(-)
rename modules/unattended_upgrades/{files/50unattended-upgrades => templates/50unattended-upgrades.erb} (94%)
diff --git a/modules/openstack_project/manifests/automatic_upgrades.pp b/modules/openstack_project/manifests/automatic_upgrades.pp
index 329bedef7e..20fb82af24 100644
--- a/modules/openstack_project/manifests/automatic_upgrades.pp
+++ b/modules/openstack_project/manifests/automatic_upgrades.pp
@@ -1,10 +1,13 @@
# == Class: openstack_project::automatic_upgrades
#
class openstack_project::automatic_upgrades (
+ $origins = []
) {
if $::osfamily == 'Debian' {
- include unattended_upgrades
+ class { 'unattended_upgrades':
+ origins => [],
+ }
}
if $::osfamily == 'RedHat' {
include packagekit::cron
diff --git a/modules/openstack_project/manifests/slave.pp b/modules/openstack_project/manifests/slave.pp
index 6cf964f3a0..b77fed8b41 100644
--- a/modules/openstack_project/manifests/slave.pp
+++ b/modules/openstack_project/manifests/slave.pp
@@ -10,7 +10,9 @@ class openstack_project::slave (
) {
include openstack_project
include openstack_project::tmpcleanup
- include openstack_project::automatic_upgrades
+ class { 'openstack_project::automatic_upgrades':
+ origins => ['LP-PPA-saltstack-salt precise'],
+ }
class { 'openstack_project::server':
iptables_public_tcp_ports => [],
certname => $certname,
diff --git a/modules/unattended_upgrades/manifests/init.pp b/modules/unattended_upgrades/manifests/init.pp
index d04ffc008d..c4a755574a 100644
--- a/modules/unattended_upgrades/manifests/init.pp
+++ b/modules/unattended_upgrades/manifests/init.pp
@@ -1,6 +1,9 @@
# == Class: unattended_upgrades
#
-class unattended_upgrades($ensure = present) {
+class unattended_upgrades(
+ $ensure = present,
+ $origins = []
+) {
package { 'unattended-upgrades':
ensure => $ensure,
}
@@ -23,7 +26,7 @@ class unattended_upgrades($ensure = present) {
owner => 'root',
group => 'root',
mode => '0444',
- source => 'puppet:///modules/unattended_upgrades/50unattended-upgrades',
+ content => template('unattended_upgrades/50unattended-upgrades.erb'),
replace => true,
}
}
diff --git a/modules/unattended_upgrades/files/50unattended-upgrades b/modules/unattended_upgrades/templates/50unattended-upgrades.erb
similarity index 94%
rename from modules/unattended_upgrades/files/50unattended-upgrades
rename to modules/unattended_upgrades/templates/50unattended-upgrades.erb
index 5faa45e60d..2815768e78 100644
--- a/modules/unattended_upgrades/files/50unattended-upgrades
+++ b/modules/unattended_upgrades/templates/50unattended-upgrades.erb
@@ -5,6 +5,9 @@ Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
"${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed-updates";
+<% origins.each do |origin| -%>
+ "<%= origin %>";
+<% end -%>
};
// List of packages to not update