feat: firstrun optimisations

- download gpg keys if gpgkey is defined
- ensure the profiles::defaults is called first
This commit is contained in:
2024-05-19 22:52:52 +10:00
parent 65bd2ae8d5
commit 598a8c0f52
3 changed files with 26 additions and 1 deletions
+16
View File
@@ -11,10 +11,26 @@ class profiles::yum::global (
},
}
# purge all yum repos not defined by puppet
resources { 'yumrepo':
purge => $purge,
}
# download all gpg keys if a repo defines it
$repos.each |$name, $repo| {
if $repo['gpgkey'] {
$key_url = $repo['gpgkey']
$key_file = "/etc/pki/rpm-gpg/${name}-gpg-key"
exec { "download_gpg_key_${name}":
command => "curl -s -o ${key_file} ${key_url} && rpm --import ${key_file}",
path => ['/bin', 'usr/bin'],
creates => $key_file,
before => Yumrepo[$name],
}
}
}
# create repos
create_resources('yumrepo', $repos)