# Class: profiles::apt::global
#
# This class manages global APT configurations and optionally includes the
# base and Puppet7 apt repository profiles. The profiles included are based on
# the content of the $managed_repos parameter, which is an array of repository names.
#
# Parameters:
# -----------
# $managed_repos: An array of repository names that should be managed by Puppet agent.
# This parameter is mandatory and the class will fail if it is not provided via hieradata.
# Example: ['base', 'security', 'updates', 'backports']
#
# Actions:
# --------
# Configures global APT settings, including setting up the 'src' and 'deb' options for all
# repositories managed by Puppet.
# Establishes default parameters for any APT repositories managed by Puppet.
# These parameters include the repository description, the inclusion of 'src' and 'deb',
# and the pinning.
# Depending on the content of the $managed_repos parameter, it includes the
# profiles::apt::base and/or profiles::apt::puppet7 classes.
# Manages all .list files under /etc/apt/sources.list.d. All the repositories listed
# in $managed_repos will have their corresponding .list files preserved. Any
# .list file that is not listed in $managed_repos will be removed.
# Creates and maintains a /etc/apt/sources.list.d/.managed file that lists all the
# .list files that should be managed by Puppet.
# Manages /etc/apt/sources.list file to include the .list files in /etc/apt/sources.list.d.
#
# Example usage:
# --------------
# To use this class, include it and configure hieradata:
#   include profiles::apt::global
#
# profiles::apt::managed_repos:
#   - 'base'
#   - 'security'
#   - 'updates'
#   - 'backports'
class profiles::apt::global (
  Array[String] $managed_repos = lookup('profiles::apt::managed_repos'),
  Array[String] $components    = lookup('profiles::apt::components'),
){
  class { 'apt':
    update => {
      frequency => 'daily',
      loglevel  => 'debug',
    },
  }

  Apt::Source {
    include => {
      'src' => true,
      'deb' => true,
    },
  }

  # Generate the content for the .managed file
  $managed_file_content = $managed_repos.map |$repo_name| { "${repo_name}.repo" }.join("\n")

  # Create the .managed file
  file { '/etc/apt/sources.list.d/.managed':
    ensure  => file,
    content => $managed_file_content,
  }

  # Define exec resource to remove .list files not listed in .managed
  exec { 'cleanup_apt_repos':
    command => '/bin/bash -c "comm -23 <(ls /etc/apt/sources.list.d | sort)
                <(sort /etc/apt/sources.list.d/.managed) | 
                xargs -n1 rm -f /etc/apt/sources.list.d/{}"',
    path    => ['/bin', '/usr/bin'],
    onlyif  => '/bin/bash -c "comm -23 <(ls /etc/apt/sources.list.d | sort)
                <(sort /etc/apt/sources.list.d/.managed) | grep .list"',
  }

  file { '/etc/apt/sources.list':
    ensure  => 'file',
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => @(END)
      ## Apt is managed by Puppet, do not edit this file
      END
  }

  # Setup base repos
  class { 'profiles::apt::base':
    managed_repos => $managed_repos,
    components    => $components,
  }

  # Setup puppet7 if included in managed_repos
  class { 'profiles::apt::puppet7':
    managed_repos => $managed_repos,
    components    => $components,
  }
}