From 5d1a651c000d393445fa73364159d28b4af5887c Mon Sep 17 00:00:00 2001
From: Tim Smith <tsmith@chef.io>
Date: Mon, 5 Mar 2018 15:06:49 -0800
Subject: Avoid compile time error in apt_repository

My previous PR to apt_repository introduced a bug where gpg keys couldn't validate. This converts a raise to an execute so it all happens during converge.

Signed-off-by: Tim Smith <tsmith@chef.io>
---
 lib/chef/provider/apt_repository.rb | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

(limited to 'lib/chef/provider')

diff --git a/lib/chef/provider/apt_repository.rb b/lib/chef/provider/apt_repository.rb
index 1909ed8034..3792ffe9e4 100644
--- a/lib/chef/provider/apt_repository.rb
+++ b/lib/chef/provider/apt_repository.rb
@@ -119,15 +119,6 @@ class Chef
         end.compact
       end
 
-      # see if the keyfile is invalid such as a text file that is not actually a gpg key
-      # @param [String] keyfile the path to the keyfile
-      #
-      # @return [Boolean] is the key file invalid
-      def keyfile_is_invalid?(keyfile)
-        so = shell_out("gpg #{keyfile}")
-        so.error?
-      end
-
       # validate the key against the apt keystore to see if that version is expired
       # @param [String] key
       #
@@ -210,9 +201,13 @@ class Chef
           mode "0644"
           sensitive new_resource.sensitive
           action :create
+          notifies :run, "execute[validate keyfile]", :immediately
         end
 
-        raise "The key #{cached_keyfile} is invalid and cannot be used to verify an apt repository." if keyfile_is_invalid?(cached_keyfile)
+        declare_resource(:execute, "validate keyfile") do
+          action :nothing
+          command "gpg #{cached_keyfile}"
+        end
 
         declare_resource(:execute, "apt-key add #{cached_keyfile}") do
           sensitive new_resource.sensitive
-- 
cgit v1.2.1