use apt keyring to manage gpg key

Author: techsk8

README.md

@@ -77,7 +77,6 @@ class { 'docker':
   docker_ee                 => true,
   docker_ee_source_location => 'https://<docker_ee_repo_url>',
   docker_ee_key_source      => 'https://<docker_ee_key_source_url>',
-  docker_ee_key_id          => '<key id>',
 }
 ```
 

REFERENCE.md

@@ -177,12 +177,12 @@ The following parameters are available in the `docker` class:
 * [`docker_ce_cli_package_name`](#-docker--docker_ce_cli_package_name)
 * [`docker_ce_source_location`](#-docker--docker_ce_source_location)
 * [`docker_ce_key_source`](#-docker--docker_ce_key_source)
-* [`docker_ce_key_id`](#-docker--docker_ce_key_id)
 * [`docker_ce_release`](#-docker--docker_ce_release)
 * [`docker_package_location`](#-docker--docker_package_location)
 * [`docker_package_key_source`](#-docker--docker_package_key_source)
+* [`docker_package_key_name`](#-docker--docker_package_key_name)
+* [`docker_package_key_path`](#-docker--docker_package_key_path)
 * [`docker_package_key_check_source`](#-docker--docker_package_key_check_source)
-* [`docker_package_key_id`](#-docker--docker_package_key_id)
 * [`docker_package_release`](#-docker--docker_package_release)
 * [`docker_engine_start_command`](#-docker--docker_engine_start_command)
 * [`docker_engine_package_name`](#-docker--docker_engine_package_name)
@@ -191,7 +191,6 @@ The following parameters are available in the `docker` class:
 * [`docker_ee_package_name`](#-docker--docker_ee_package_name)
 * [`docker_ee_source_location`](#-docker--docker_ee_source_location)
 * [`docker_ee_key_source`](#-docker--docker_ee_key_source)
-* [`docker_ee_key_id`](#-docker--docker_ee_key_id)
 * [`docker_ee_repos`](#-docker--docker_ee_repos)
 * [`docker_ee_release`](#-docker--docker_ee_release)
 * [`package_release`](#-docker--package_release)
@@ -955,14 +954,6 @@ Data type: `Optional[String]`
 
 Default value: `$docker::params::package_ce_key_source`
 
-##### <a name="-docker--docker_ce_key_id"></a>`docker_ce_key_id`
-
-Data type: `Optional[String]`
-
-
-
-Default value: `$docker::params::package_ce_key_id`
-
 ##### <a name="-docker--docker_ce_release"></a>`docker_ce_release`
 
 Data type: `Optional[String]`
@@ -987,21 +978,29 @@ Data type: `Optional[String]`
 
 Default value: `$docker::params::package_key_source`
 
-##### <a name="-docker--docker_package_key_check_source"></a>`docker_package_key_check_source`
+##### <a name="-docker--docker_package_key_name"></a>`docker_package_key_name`
 
-Data type: `Optional[Boolean]`
+Data type: `Optional[String]`
 
 
 
-Default value: `$docker::params::package_key_check_source`
+Default value: `$docker::params::package_key_name`
 
-##### <a name="-docker--docker_package_key_id"></a>`docker_package_key_id`
+##### <a name="-docker--docker_package_key_path"></a>`docker_package_key_path`
+
+Data type: `Optional[Stdlib::Absolutepath]`
 
-Data type: `Optional[String]`
 
 
+Default value: `$docker::params::package_key_path`
 
-Default value: `$docker::params::package_key_id`
+##### <a name="-docker--docker_package_key_check_source"></a>`docker_package_key_check_source`
+
+Data type: `Optional[Boolean]`
+
+
+
+Default value: `$docker::params::package_key_check_source`
 
 ##### <a name="-docker--docker_package_release"></a>`docker_package_release`
 
@@ -1067,14 +1066,6 @@ Data type: `Optional[String]`
 
 Default value: `$docker::params::package_ee_key_source`
 
-##### <a name="-docker--docker_ee_key_id"></a>`docker_ee_key_id`
-
-Data type: `Optional[String]`
-
-
-
-Default value: `$docker::params::package_ee_key_id`
-
 ##### <a name="-docker--docker_ee_repos"></a>`docker_ee_repos`
 
 Data type: `Optional[String]`

manifests/init.pp

@@ -312,12 +312,12 @@
 # @param docker_ce_cli_package_name
 # @param docker_ce_source_location
 # @param docker_ce_key_source
-# @param docker_ce_key_id
 # @param docker_ce_release
 # @param docker_package_location
 # @param docker_package_key_source
+# @param docker_package_key_name
+# @param docker_package_key_path
 # @param docker_package_key_check_source
-# @param docker_package_key_id
 # @param docker_package_release
 # @param docker_engine_start_command
 # @param docker_engine_package_name
@@ -326,7 +326,6 @@
 # @param docker_ee_package_name
 # @param docker_ee_source_location
 # @param docker_ee_key_source
-# @param docker_ee_key_id
 # @param docker_ee_repos
 # @param docker_ee_release
 # @param package_release
@@ -359,12 +358,12 @@
   String[1]                               $docker_ce_cli_package_name        = $docker::params::docker_ce_cli_package_name,
   Optional[String]                        $docker_ce_source_location         = $docker::params::package_ce_source_location,
   Optional[String]                        $docker_ce_key_source              = $docker::params::package_ce_key_source,
-  Optional[String]                        $docker_ce_key_id                  = $docker::params::package_ce_key_id,
   Optional[String]                        $docker_ce_release                 = $docker::params::package_ce_release,
   Optional[String]                        $docker_package_location           = $docker::params::package_source_location,
   Optional[String]                        $docker_package_key_source         = $docker::params::package_key_source,
+  Optional[String]                        $docker_package_key_name           = $docker::params::package_key_name,
+  Optional[Stdlib::Absolutepath]          $docker_package_key_path           = $docker::params::package_key_path,
   Optional[Boolean]                       $docker_package_key_check_source   = $docker::params::package_key_check_source,
-  Optional[String]                        $docker_package_key_id             = $docker::params::package_key_id,
   Optional[String]                        $docker_package_release            = $docker::params::package_release,
   String                                  $docker_engine_start_command       = $docker::params::docker_engine_start_command,
   String                                  $docker_engine_package_name        = $docker::params::docker_engine_package_name,
@@ -373,7 +372,6 @@
   Optional[String]                        $docker_ee_package_name            = $docker::params::package_ee_package_name,
   Optional[String]                        $docker_ee_source_location         = $docker::params::package_ee_source_location,
   Optional[String]                        $docker_ee_key_source              = $docker::params::package_ee_key_source,
-  Optional[String]                        $docker_ee_key_id                  = $docker::params::package_ee_key_id,
   Optional[String]                        $docker_ee_repos                   = $docker::params::package_ee_repos,
   Optional[String]                        $docker_ee_release                 = $docker::params::package_ee_release,
   Optional[Variant[String,Array[String]]] $tcp_bind                          = $docker::params::tcp_bind,
@@ -550,7 +548,8 @@
       $package_location         = $docker::docker_ee_source_location
       $package_key_source       = $docker::docker_ee_key_source
       $package_key_check_source = $docker_package_key_check_source
-      $package_key              = $docker::docker_ee_key_id
+      $package_key_name         = $docker_package_key_name
+      $package_key_path         = $docker_package_key_path
       $package_repos            = $docker::docker_ee_repos
       $release                  = $docker::docker_ee_release
       $docker_start_command     = $docker::docker_ee_start_command
@@ -560,7 +559,8 @@
         'Debian' : {
           $package_location   = $docker_ce_source_location
           $package_key_source = $docker_ce_key_source
-          $package_key        = $docker_ce_key_id
+          $package_key_name   = $docker_package_key_name
+          $package_key_path   = $docker_package_key_path
           $package_repos      = $docker_ce_channel
           $release            = $docker_ce_release
         }
@@ -588,7 +588,8 @@
         $package_location         = $docker_package_location
         $package_key_source       = $docker_package_key_source
         $package_key_check_source = $docker_package_key_check_source
-        $package_key              = $docker_package_key_id
+        $package_key_name         = $docker_package_key_name
+        $package_key_path         = $docker_package_key_path
         $package_repos            = 'main'
         $release                  = $docker_package_release
       }

manifests/params.pp

@@ -13,7 +13,6 @@
   $docker_ee_start_command           = 'dockerd'
   $docker_ee_source_location         = undef
   $docker_ee_key_source              = undef
-  $docker_ee_key_id                  = undef
   $docker_ee_repos                   = stable
   $tcp_bind                          = undef
   $tls_enable                        = false
@@ -163,19 +162,18 @@
 
       $package_ce_source_location    = "https://download.docker.com/linux/${os_lc}"
       $package_ce_key_source         = "https://download.docker.com/linux/${os_lc}/gpg"
-      $package_ce_key_id             = '9DC858229FC7DD38854AE2D88D81803C0EBFCD88'
       if (versioncmp($facts['facterversion'], '2.4.6') <= 0) {
         $package_ce_release            = $facts['os']['lsb']['distcodename']
       } else {
         $package_ce_release            = $facts['os']['distro']['codename']
       }
       $package_source_location       = 'http://apt.dockerproject.org/repo'
       $package_key_source            = 'https://apt.dockerproject.org/gpg'
+      $package_key_name              = 'docker.asc'
+      $package_key_path              = '/usr/share/keyrings'
       $package_key_check_source      = undef
-      $package_key_id                = '58118E89F3A912897C070ADBF76221572C52609D'
       $package_ee_source_location    = $docker_ee_source_location
       $package_ee_key_source         = $docker_ee_key_source
-      $package_ee_key_id             = $docker_ee_key_id
       if (versioncmp($facts['facterversion'], '2.4.6') <= 0) {
         $package_ee_release            = $facts['os']['lsb']['distcodename']
       } else {
@@ -206,19 +204,18 @@
 
       $apt_source_pin_level        = undef
       $detach_service_in_init      = false
-      $package_ce_key_id           = undef
       $package_ce_key_source       = 'https://download.docker.com/linux/rhel/gpg'
       $package_ce_release          = undef
       $package_ce_source_location  = "https://download.docker.com/linux/rhel/${facts['os']['release']['major']}/${facts['os']['architecture']}/${docker_ce_channel}"
-      $package_ee_key_id           = $docker_ee_key_id
       $package_ee_key_source       = $docker_ee_key_source
       $package_ee_package_name     = $docker_ee_package_name
       $package_ee_release          = undef
       $package_ee_repos            = $docker_ee_repos
       $package_ee_source_location  = $docker_ee_source_location
       $package_key_check_source    = true
-      $package_key_id              = undef
       $package_key_source          = 'https://yum.dockerproject.org/gpg'
+      $package_key_name            = undef
+      $package_key_path            = undef
       $package_release             = undef
       $package_source_location     = "https://yum.dockerproject.org/repo/main/centos/${facts['os']['release']['major']}"
       $pin_upstream_package_source = undef
@@ -242,18 +239,17 @@
       $docker_group                        = 'docker'
       $package_ce_source_location          = undef
       $package_ce_key_source               = undef
-      $package_ce_key_id                   = undef
       $package_ce_repos                    = undef
       $package_ce_release                  = undef
-      $package_key_id                      = undef
       $package_release                     = undef
       $package_source_location             = undef
       $package_key_source                  = undef
       $package_key_check_source            = undef
+      $package_key_name                    = undef
+      $package_key_path                    = undef
       $package_ee_source_location          = undef
       $package_ee_package_name             = $docker_ee_package_name
       $package_ee_key_source               = undef
-      $package_ee_key_id                   = undef
       $package_ee_repos                    = undef
       $package_ee_release                  = undef
       $use_upstream_package_source         = undef
@@ -278,18 +274,17 @@
       $socket_group                        = $socket_group_default
       $package_key_source                  = undef
       $package_key_check_source            = undef
+      $package_key_name                    = undef
+      $package_key_path                    = undef
       $package_source_location             = undef
-      $package_key_id                      = undef
       $package_repos                       = undef
       $package_release                     = undef
       $package_ce_key_source               = undef
       $package_ce_source_location          = undef
-      $package_ce_key_id                   = undef
       $package_ce_repos                    = undef
       $package_ce_release                  = undef
       $package_ee_source_location          = undef
       $package_ee_key_source               = undef
-      $package_ee_key_id                   = undef
       $package_ee_release                  = undef
       $package_ee_repos                    = undef
       $package_ee_package_name             = undef
@@ -318,18 +313,17 @@
       $socket_group                        = $socket_group_default
       $package_key_source                  = undef
       $package_key_check_source            = undef
+      $package_key_name                    = undef
+      $package_key_path                    = undef
       $package_source_location             = undef
-      $package_key_id                      = undef
       $package_repos                       = undef
       $package_release                     = undef
       $package_ce_key_source               = undef
       $package_ce_source_location          = undef
-      $package_ce_key_id                   = undef
       $package_ce_repos                    = undef
       $package_ce_release                  = undef
       $package_ee_source_location          = undef
       $package_ee_key_source               = undef
-      $package_ee_key_id                   = undef
       $package_ee_release                  = undef
       $package_ee_repos                    = undef
       $package_ee_package_name             = undef

manifests/repos.pp

@@ -19,22 +19,28 @@
   case $facts['os']['family'] {
     'Debian': {
       $release       = $docker::release
-      $package_key   = $docker::package_key
       $package_repos = $docker::package_repos
+      $key_name      = $docker::package_key_name
+      $key_path      = $docker::package_key_path
 
       if ($docker::use_upstream_package_source) {
+        apt::keyring { $key_name:
+          ensure => present,
+          source => $key_source,
+          dir    => $key_path,
+        }
+
         apt::source { 'docker':
+          ensure       => present,
           location     => $location,
           architecture => $architecture,
           release      => $release,
           repos        => $package_repos,
-          key          => {
-            id     => $package_key,
-            source => $key_source,
-          },
           include      => {
             src => false,
           },
+          keyring      => "${key_path}/${key_name}",
+          require      => Apt::Keyring[$key_name],
         }
 
         $url_split  = split($location, '/')

metadata.json

@@ -14,7 +14,7 @@
     },
     {
       "name": "puppetlabs/apt",
-      "version_requirement": ">= 4.4.1 < 11.0.0"
+      "version_requirement": ">= 9.2.0 < 11.0.0"
     },
     {
       "name": "puppetlabs/powershell",

spec/classes/init_spec.rb

@@ -86,14 +86,12 @@
             'dns_search' => defaults['dns_search'],
             'dns' => defaults['dns'],
             'docker_ce_channel' => defaults['docker_ce_channel'],
-            'docker_ce_key_id' => defaults['package_ce_key_id'],
             'docker_ce_key_source' => defaults['package_ce_key_source'],
             'docker_ce_package_name' => defaults['docker_ce_package_name'],
             'docker_ce_cli_package_name' => defaults['docker_ce_cli_package_name'],
             'docker_ce_release' => defaults['package_ce_release'],
             'docker_ce_source_location' => defaults['package_ce_source_location'],
             'docker_ce_start_command' => defaults['docker_ce_start_command'],
-            'docker_ee_key_id' => defaults['package_ee_key_id'],
             'docker_ee_key_source' => defaults['package_ee_key_source'],
             'docker_ee_package_name' => defaults['package_ee_package_name'],
             'docker_ee_release' => defaults['package_ee_release'],
@@ -105,9 +103,10 @@
             'docker_group' => defaults['docker_group'],
             'docker_msft_provider_version' => defaults['docker_msft_provider_version'],
             'docker_package_key_check_source' => defaults['package_key_check_source'],
-            'docker_package_key_id' => defaults['package_key_id'],
             'docker_package_key_source' => defaults['package_key_source'],
             'docker_package_location' => defaults['package_source_location'],
+            'docker_package_key_name' => defaults['package_key_name'],
+            'docker_package_key_path' => defaults['package_key_path'],
             'docker_package_release' => defaults['package_release'],
             'docker_users' => [],
             'ensure' => defaults['package_ensure'],