Implement 'repo' install method

voxpupuli · Dec 8, 2024 · b469b2f · b469b2f
1 parent 4681bcb
commit b469b2f
Show file tree

Hide file tree

Showing 10 changed files with 322 additions and 29 deletions.
diff --git a/.fixtures.yml b/.fixtures.yml
@@ -3,3 +3,6 @@ fixtures:
     archive: https://github.com/voxpupuli/puppet-archive.git
     stdlib: https://github.com/puppetlabs/puppetlabs-stdlib.git
     systemd: https://github.com/voxpupuli/puppet-systemd.git
+    apt: https://github.com/puppetlabs/puppetlabs-apt.git
+    yum: https://github.com/voxpupuli/puppet-yum.git
+    augeas_core: https://github.com/puppetlabs/puppetlabs-augeas_core.git # required by puppet-yum
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -14,6 +14,7 @@
 
 * `caddy::config`: This class handles the Caddy config.
 * `caddy::install`: This class handles the Caddy archive.
+* `caddy::install::repo`: This class handles Caddy installation from a package repository
 * `caddy::service`: This class handles the Caddy service.
 
 ### Defined types
@@ -82,6 +83,10 @@ The following parameters are available in the `caddy` class:
 * [`service_name`](#-caddy--service_name)
 * [`service_ensure`](#-caddy--service_ensure)
 * [`service_enable`](#-caddy--service_enable)
+* [`manage_repo`](#-caddy--manage_repo)
+* [`repo_settings`](#-caddy--repo_settings)
+* [`package_name`](#-caddy--package_name)
+* [`package_ensure`](#-caddy--package_ensure)
 
 ##### <a name="-caddy--version"></a>`version`
 
@@ -93,17 +98,20 @@ Default value: `'2.0.0'`
 
 ##### <a name="-caddy--install_method"></a>`install_method`
 
-Data type: `Optional[Enum['github']]`
+Data type: `Optional[Enum['github','repo']]`
 
-Which source is used.
+Which source to use for the Caddy installation. See https://caddyserver.com/docs/install.
+* `undef` (default) - download from the official Caddy site
+* `github` - download from Github releases
+* `repo` - install from an OS repository
 
 Default value: `undef`
 
 ##### <a name="-caddy--install_path"></a>`install_path`
 
 Data type: `Stdlib::Absolutepath`
 
-Directory where the Caddy binary is stored.
+Directory where the Caddy binary is stored. Not used when $install_method is 'repo'.
 
 Default value: `'/opt/caddy'`
 
@@ -279,26 +287,58 @@ Default value: `true`
 
 Data type: `String[1]`
 
-Customise the name of the system service
+Customise the name of the system service.
 
 Default value: `'caddy'`
 
 ##### <a name="-caddy--service_ensure"></a>`service_ensure`
 
 Data type: `Stdlib::Ensure::Service`
 
-Whether the service should be running or stopped
+Whether the service should be running or stopped.
 
 Default value: `'running'`
 
 ##### <a name="-caddy--service_enable"></a>`service_enable`
 
 Data type: `Boolean`
 
-Whether the service should be enabled or disabled
+Whether the service should be enabled or disabled.
 
 Default value: `true`
 
+##### <a name="-caddy--manage_repo"></a>`manage_repo`
+
+Data type: `Boolean`
+
+Whether the APT/YUM(COPR) repository should be installed. Only relevant when $install_method is 'repo'.
+
+Default value: `true`
+
+##### <a name="-caddy--repo_settings"></a>`repo_settings`
+
+Data type: `Hash[String[1],Any]`
+
+Distro-specific repository settings.
+
+Default value: `{}`
+
+##### <a name="-caddy--package_name"></a>`package_name`
+
+Data type: `String[1]`
+
+Name of the caddy package to use. Only relevant when $install_method is 'repo'.
+
+Default value: `'caddy'`
+
+##### <a name="-caddy--package_ensure"></a>`package_ensure`
+
+Data type: `String[1]`
+
+Whether to install or remove the caddy package. Only relevant when $install_method is 'repo'.
+
+Default value: `$version`
+
 ## Defined types
 
 ### <a name="caddy--vhost"></a>`caddy::vhost`

diff --git a/data/family/Debian.yaml b/data/family/Debian.yaml
@@ -1,2 +1,11 @@
 ---
 caddy::caddy_shell: '/usr/sbin/nologin'
+
+caddy::repo_settings:
+  location: https://dl.cloudsmith.io/public/caddy/stable/deb/debian
+  release: any-version
+  repos: main
+  key:
+    name: caddy-archive-keyring.asc
+    source: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
+    checksum_value: 5791c2fb6b6e82feb5a69834dd2131f4bcc30af0faec37783b2dc1c5c224a82a
diff --git a/data/family/RedHat.yaml b/data/family/RedHat.yaml
@@ -0,0 +1,3 @@
+---
+caddy::repo_settings:
+  copr_repo: '@caddy/caddy'
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -19,10 +19,13 @@
 #   Which version is used.
 #
 # @param install_method
-#   Which source is used.
+#   Which source to use for the Caddy installation. See https://caddyserver.com/docs/install.
+#   * `undef` (default) - download from the official Caddy site
+#   * `github` - download from Github releases
+#   * `repo` - install from an OS repository
 #
 # @param install_path
-#   Directory where the Caddy binary is stored.
+#   Directory where the Caddy binary is stored. Not used when $install_method is 'repo'.
 #
 # @param manage_user
 #   Whether or not the module should create the user.
@@ -88,17 +91,29 @@
 #   Whether or not the module should manage the service.
 #
 # @param service_name
-#   Customise the name of the system service
+#   Customise the name of the system service.
 #
 # @param service_ensure
-#   Whether the service should be running or stopped
+#   Whether the service should be running or stopped.
 #
 # @param service_enable
-#   Whether the service should be enabled or disabled
+#   Whether the service should be enabled or disabled.
+#
+# @param manage_repo
+#   Whether the APT/YUM(COPR) repository should be installed. Only relevant when $install_method is 'repo'.
+#
+# @param repo_settings
+#   Distro-specific repository settings.
+#
+# @param package_name
+#   Name of the caddy package to use. Only relevant when $install_method is 'repo'.
+#
+# @param package_ensure
+#   Whether to install or remove the caddy package. Only relevant when $install_method is 'repo'.
 #
 class caddy (
   String[1]                      $version                         = '2.0.0',
-  Optional[Enum['github']]       $install_method                  = undef,
+  Optional[Enum['github','repo']] $install_method                 = undef,
   Stdlib::Absolutepath           $install_path                    = '/opt/caddy',
   Boolean                        $manage_user                     = true,
   String[1]                      $caddy_user                      = 'caddy',
@@ -124,6 +139,10 @@
   String[1]                      $service_name                    = 'caddy',
   Stdlib::Ensure::Service        $service_ensure                  = 'running',
   Boolean                        $service_enable                  = true,
+  Boolean                        $manage_repo                     = true,
+  Hash[String[1],Any]            $repo_settings                   = {},
+  String[1]                      $package_name                    = 'caddy',
+  String[1]                      $package_ensure                  = $version,
 ) {
   case $caddy_architecture {
     'x86_64', 'amd64': { $arch = 'amd64' }

diff --git a/manifests/install.pp b/manifests/install.pp
@@ -9,6 +9,7 @@
   $bin_file = "${caddy::install_path}/caddy"
 
   case $caddy::install_method {
+    'repo': { contain caddy::install::repo }
     'github': {
       $caddy_url    = 'https://github.com/caddyserver/caddy/releases/download'
       $caddy_dl_url = "${caddy_url}/v${caddy::version}/caddy_${caddy::version}_linux_${caddy::arch}.tar.gz"
@@ -38,6 +39,21 @@
       }
 
       $caddy_source = "/var/cache/caddy-${caddy::version}/caddy"
+
+      file { $caddy::install_path:
+        ensure => directory,
+        owner  => $caddy::caddy_user,
+        group  => $caddy::caddy_group,
+        mode   => '0755',
+      }
+
+      file { $bin_file:
+        ensure => file,
+        owner  => 'root',
+        group  => 'root',
+        mode   => '0755',
+        source => $caddy_source,
+      }
     }
     default: {
       $caddy_url    = 'https://caddyserver.com/api/download'
@@ -61,21 +77,21 @@
         source  => $caddy_dl_url,
         replace => false, # Don't download the file on every run
       }
-    }
-  }
 
-  file { $caddy::install_path:
-    ensure => directory,
-    owner  => $caddy::caddy_user,
-    group  => $caddy::caddy_group,
-    mode   => '0755',
-  }
+      file { $caddy::install_path:
+        ensure => directory,
+        owner  => $caddy::caddy_user,
+        group  => $caddy::caddy_group,
+        mode   => '0755',
+      }
 
-  file { $bin_file:
-    ensure => file,
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0755',
-    source => $caddy_source,
+      file { $bin_file:
+        ensure => file,
+        owner  => 'root',
+        group  => 'root',
+        mode   => '0755',
+        source => $caddy_source,
+      }
+    }
   }
 }
diff --git a/manifests/install/repo.pp b/manifests/install/repo.pp
@@ -0,0 +1,76 @@
+# @summary
+#   This class handles Caddy installation from a package repository
+#
+# @api private
+#
+class caddy::install::repo {
+  assert_private()
+
+  if $caddy::manage_repo and $caddy::repo_settings.length == 0 {
+    fail("'repo_settings' parameter should be set when 'manage_repo' is true")
+  }
+
+  # Inject `before` into the repository settings
+  $repo = $caddy::repo_settings + {
+    before => Package[$caddy::package_name],
+  }
+
+  case $facts['os']['family'] {
+    'Debian': {
+      include apt
+
+      if $caddy::manage_repo {
+        # Use this when issues below are resolved
+        # apt::source { 'caddy':
+        #   * => $repo,
+        # }
+
+        # Below is a temporary workaround until
+        # https://github.com/puppetlabs/puppetlabs-apt/issues/1196 is resolved.
+        # dl.cloudsmith.io returns no headers Puppet can use to check if file
+        # is changed.
+        # Etag header is not supported, but discussed here:
+        # https://github.com/puppetlabs/puppet/issues/9319
+        # Checksum is not supported by apt::source's key nor by apt::keyring
+        # resource. See https://github.com/puppetlabs/puppetlabs-apt/pull/1199
+
+        if $repo.get('key.source') {
+          $keyring_path = "/etc/apt/keyrings/${$repo.get('key.name')}"
+
+          file { '/etc/apt/keyrings': ensure => 'directory' }
+
+          file { $keyring_path:
+            ensure         => 'file',
+            source         => $repo.get('key.source'),
+            checksum       => $repo.get('key.checksum', 'sha256'),
+            checksum_value => $repo.get('key.checksum_value'),
+            before         => Apt::Source['caddy'],
+          }
+        } else {
+          $keyring_path = undef
+        }
+
+        # Drop 'key' from repo settings for now. Also, add `keyring`
+        apt::source { 'caddy':
+          * => $repo - 'key' + { 'keyring' => $keyring_path },
+        }
+      }
+    }
+    'RedHat': {
+      include yum
+
+      if $caddy::manage_repo {
+        yum::copr { 'caddy':
+          * => $repo,
+        }
+      }
+    }
+    default: {
+      fail("OS family ${facts['os']['family']} has no support for 'repo' install method")
+    }
+  }
+
+  package { $caddy::package_name:
+    ensure => $caddy::package_ensure.lest || { 'installed' },
+  }
+}
diff --git a/spec/acceptance/init_spec.rb b/spec/acceptance/init_spec.rb
@@ -56,6 +56,35 @@ class { 'caddy':
     end
   end
 
+  context 'when installing from repo' do
+    # Debian repo has multiple versions
+    # RedHat repo has just the latest version at the moment
+    let(:use_version) do
+      case shell('/opt/puppetlabs/bin/facter os.family').stdout
+      when 'Debian'
+        '2.8.3'
+      else
+        latest_release[1..]
+      end
+    end
+
+    it_behaves_like 'an idempotent resource' do
+      let(:manifest) do
+        <<~PUPPET
+          class { 'caddy':
+            install_method => 'repo',
+            version        => '#{use_version}',
+          }
+        PUPPET
+      end
+    end
+
+    describe command('caddy version') do
+      its(:exit_status) { is_expected.to eq 0 }
+      its(:stdout) { is_expected.to start_with "v#{use_version}" }
+    end
+  end
+
   context 'with vhosts' do
     it_behaves_like 'an idempotent resource' do
       let(:manifest) do