diff options
author | Tim Smith <tsmith@chef.io> | 2018-03-05 15:06:49 -0800 |
---|---|---|
committer | Tim Smith <tsmith@chef.io> | 2018-03-05 15:13:16 -0800 |
commit | 5d1a651c000d393445fa73364159d28b4af5887c (patch) | |
tree | 28b6b36967540ebaa15c216c1ce4f08e7fe0ca7f /lib/chef/provider | |
parent | 4994aa6b92c20fa59a872365755b54dad6054e33 (diff) | |
download | chef-5d1a651c000d393445fa73364159d28b4af5887c.tar.gz |
Avoid compile time error in apt_repository
My previous PR to apt_repository introduced a bug where gpg keys couldn't validate. This converts a raise to an execute so it all happens during converge.
Signed-off-by: Tim Smith <tsmith@chef.io>
Diffstat (limited to 'lib/chef/provider')
-rw-r--r-- | lib/chef/provider/apt_repository.rb | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/lib/chef/provider/apt_repository.rb b/lib/chef/provider/apt_repository.rb index 1909ed8034..3792ffe9e4 100644 --- a/lib/chef/provider/apt_repository.rb +++ b/lib/chef/provider/apt_repository.rb @@ -119,15 +119,6 @@ class Chef end.compact end - # see if the keyfile is invalid such as a text file that is not actually a gpg key - # @param [String] keyfile the path to the keyfile - # - # @return [Boolean] is the key file invalid - def keyfile_is_invalid?(keyfile) - so = shell_out("gpg #{keyfile}") - so.error? - end - # validate the key against the apt keystore to see if that version is expired # @param [String] key # @@ -210,9 +201,13 @@ class Chef mode "0644" sensitive new_resource.sensitive action :create + notifies :run, "execute[validate keyfile]", :immediately end - raise "The key #{cached_keyfile} is invalid and cannot be used to verify an apt repository." if keyfile_is_invalid?(cached_keyfile) + declare_resource(:execute, "validate keyfile") do + action :nothing + command "gpg #{cached_keyfile}" + end declare_resource(:execute, "apt-key add #{cached_keyfile}") do sensitive new_resource.sensitive |