Ben Vincent
98b866fce7
- change from puppet-agent to openvox-agent - upgrade version from 7.34 to 7.36 - ensure workflow of: Yumrepo -> dnf-makecache -> Package Reviewed-on: #408
62 lines
1.6 KiB
Puppet
62 lines
1.6 KiB
Puppet
# Class: profiles::yum::global
|
|
class profiles::yum::global (
|
|
Hash $repos = {},
|
|
Boolean $purge = true,
|
|
){
|
|
class { 'yum':
|
|
keep_kernel_devel => true,
|
|
clean_old_kernels => true,
|
|
config_options => {
|
|
gpgcheck => true,
|
|
},
|
|
}
|
|
|
|
# purge all yum repos not defined by puppet
|
|
resources { 'yumrepo':
|
|
purge => $purge,
|
|
}
|
|
|
|
# el9 needs to rpmdb rebuild after crypto-policies
|
|
if $facts['os']['release']['major'] == '9' {
|
|
exec { 'rebuild_rpmdb':
|
|
command => '/usr/bin/rpmdb --rebuilddb && /usr/bin/touch /root/almalinux9_upgrade_rebuilddb_flag',
|
|
unless => '/usr/bin/test -f /root/almalinux9_upgrade_rebuilddb_flag',
|
|
timeout => 180,
|
|
require => Class['crypto_policies'],
|
|
}
|
|
}
|
|
|
|
# download all gpg keys if a repo defines it
|
|
$repos.each |$name, $repo| {
|
|
if $repo['gpgkey'] {
|
|
$key_url = $repo['gpgkey']
|
|
$key_file = "/etc/pki/rpm-gpg/${name}-gpg-key"
|
|
|
|
exec { "download_gpg_key_${name}":
|
|
command => "curl -s -o ${key_file} ${key_url} && rpm --import ${key_file}",
|
|
path => ['/bin', 'usr/bin'],
|
|
creates => $key_file,
|
|
before => Yumrepo[$name],
|
|
}
|
|
}
|
|
# create the repo
|
|
yumrepo { $name:
|
|
* => $repo,
|
|
}
|
|
}
|
|
|
|
# makecache if changes made to repos
|
|
exec {'dnf_makecache':
|
|
command => 'dnf makecache -q',
|
|
path => ['/usr/bin', '/bin'],
|
|
refreshonly => true,
|
|
}
|
|
|
|
# setup dnf-autoupdate
|
|
include profiles::yum::autoupdater
|
|
|
|
# ensure dnf makecache runs before packages
|
|
Yumrepo <| |> -> Exec['dnf_makecache'] -> Package <| |>
|
|
|
|
}
|