File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/states/__pycache__/pkgrepo.cpython-310.pyc
o
�����N�g�m�����������������������@���sn���d�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�m Z m
Z
��d�d�l�m�Z
��d�d���Z�d�d�d ��Z�d
d���Z�d�S�)
aH���
Management of APT/DNF/YUM/Zypper package repos
==============================================
States for managing software package repositories on Linux distros. Supported
package managers are APT, DNF, YUM and Zypper. Here is some example SLS:
.. code-block:: yaml
base:
pkgrepo.managed:
- humanname: CentOS-$releasever - Base
- mirrorlist: http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
- comments:
- 'http://mirror.centos.org/centos/$releasever/os/$basearch/'
- gpgcheck: 1
- gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
.. code-block:: yaml
base:
pkgrepo.managed:
- humanname: Logstash PPA
- name: deb http://ppa.launchpad.net/wolfnet/logstash/ubuntu precise main
- dist: precise
- file: /etc/apt/sources.list.d/logstash.list
- keyid: 28B04E4A
- keyserver: keyserver.ubuntu.com
- require_in:
- pkg: logstash
pkg.latest:
- name: logstash
- refresh: True
.. code-block:: yaml
base:
pkgrepo.managed:
- humanname: deb-multimedia
- name: deb http://www.deb-multimedia.org stable main
- file: /etc/apt/sources.list.d/deb-multimedia.list
- key_url: salt://deb-multimedia/files/marillat.pub
.. code-block:: yaml
base:
pkgrepo.managed:
- humanname: Google Chrome
- name: deb http://dl.google.com/linux/chrome/deb/ stable main
- dist: stable
- file: /etc/apt/sources.list.d/chrome-browser.list
- require_in:
- pkg: google-chrome-stable
- gpgcheck: 1
- key_url: https://dl-ssl.google.com/linux/linux_signing_key.pub
.. code-block:: yaml
base:
pkgrepo.managed:
- ppa: wolfnet/logstash
pkg.latest:
- name: logstash
- refresh: True
.. note::
On Ubuntu systems, the ``python-software-properties`` package should be
installed for better support of PPA repositories. To check if this package
is installed, run ``dpkg -l python-software-properties``.
On Ubuntu & Debian systems, the ``python-apt`` package is required to be
installed. To check if this package is installed, run ``dpkg -l python-apt``.
``python-apt`` will need to be manually installed if it is not present.
.. code-block:: yaml
hello-copr:
pkgrepo.managed:
- copr: mymindstorm/hello
pkg.installed:
- name: hello
apt-key deprecated
------------------
``apt-key`` is deprecated and will be last available in Debian 11 and
Ubuntu 22.04. The recommended way to manage repo keys going forward
is to download the keys into /etc/apt/keyrings and use ``signed-by``
in your repo file pointing to the key. This module was updated
in version 3005 to implement the recommended approach. You need to add
``- aptkey: False`` to your state and set ``signed-by`` in your repo
name, to use this recommended approach. If the cli command ``apt-key``
is not available it will automatically set ``aptkey`` to False.
Using ``aptkey: False`` with ``key_url`` example:
.. code-block:: yaml
deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://packages.broadcom.com/artifactory/saltproject-deb/ bionic main:
pkgrepo.managed:
- file: /etc/apt/sources.list.d/salt.list
- key_url: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public
- aptkey: False
Using ``aptkey: False`` with ``keyserver`` and ``keyid``:
.. code-block:: yaml
deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://packages.broadcom.com/artifactory/saltproject-deb/ bionic main:
pkgrepo.managed:
- file: /etc/apt/sources.list.d/salt.list
- keyserver: keyserver.ubuntu.com
- keyid: 0E08A149DE57BFBE
- aptkey: False
�����N)���CommandExecutionError��SaltInvocationError)���STATE_INTERNAL_KEYWORDSc��������������������C���s����d�t�v�S�)�zI
Only load if modifying repos is available for this package type
��pkg.mod_repo)���__salt__��r����r�����G/opt/saltstack/salt/lib/python3.10/site-packages/salt/states/pkgrepo.py��__virtual__����s������r ���Tc����������������
���K���s*���t�j�j���d���s d�}�|�i�d�d�d���}�d�t�v�r�d�|�d�<�d�|�d <�|�S�d
|�v�r2d�|�v�s*d�|�v�r2d�|�d�<�d
|�d <�d�|�v�rFd�|�v�s>d�|�v�rFd�|�d�<�d�|�d <�d�|�v�rVd
|�v�rVd�|�d�<�d�|�d <�d�|�v�rdd�|�d�<�d�|�d <�|�S�|���d�d���}�|���d�d���}�|�d�u�r�|�d�u�r�d�|�d�<�d�|�d <�|�S�|�d�u�r�|�d�u�r�d�}�|���d�d���}�|���d
d���������d���} | r�|�r�t�j�j �
d�d�����n
d�|�d�<�d�|�d <�|�S�|�}
t�d���d�v�r�|�d�u�r�z d���d�|�f���}
W�n���t
y�������d���d�t�|���f���}
Y�n�w�|�d�u�r�t�j�j���|�����n�t�j�j���|���|�d�<�ngt�d ��d!v���r<t�d ��d"v���r�|�d�u���r�d���d#|�f���}
|�|�d$<�d%|�v���r�|���d%��|�d$<�d$|�v���r%|
|�d$<�|�d�u���r2t�j�j���|�����n�t�j�j���|���|�d�<�n�t�d ��d&v���rY|�d�u���rPt�j�j���|�����n�t�j�j���|���|�d�<�t�D�] }�|���|�d�������q[z
t�d���dHd�|
i�|�����}�W�n#��t���y���}
��z�d�|�d�<�d'|���d(|
����|�d <�|�W���Y�d�}
~
S�d�}
~
w�w�t���d ��d)k���r�d*d+l�m�}���t�d���}�t�d,��}�|�dH|�|�|
d-��|�����}�n�|�}�|���r�|���d.d�����|���d.d�����|�D���]!}�|�|�v���r�|�d�k���r�t�d ��d"k���r�t�j�j���|�|�������s�����n���q�����n�����n�|�d/v���r
t�|�|�����t�|�|�����k���r���n��q�|�d0k���rkt�d ��d)k���rk|�d�����si|�|�������}�t�|�d1d�������|�d1d���<�d2d3��|�|�����d4��D���\�}�}�}�|�����}�t�|�d1d�������|�d1d���<�|�|�k���rS��n�d5|�v���rit�j�j�j���|�d5����}�|�|�k���ri��n���q�|�d5k���r�t�d ��d"k���r�t�j�j�j���|�|�����}�t�j�j�j���|�|�����}�|�|�k���r���nj��q�|�d6k���r�|�|�����r�t�|�|�����t�|�|�����k���r���nO��q�t�d ��d!v���r�t�d7d3��|�|���|�|���f�D�������r�t�j�j���|�|�����t�j�j���|�|�����k���r���n!��q�t�|�|�����t�|�|�����k���r���n���q�d�|�d�<�d8|���d9��|�d <�|�S�t�d:����r5d;��|���|�d <�|���r-|�D�]�}�|���|���|���|���k���r)|���|���|���|���d<��|�d=��|�<���q
|�S�|�|�d=��d�<�|�S�|���d>d�����rWt�j�j �!|�d.��d?������W�d���������n 1���sRw�������Y���z!t�d ��d)k���rmt�d@��|
f�t"|�dA��|�������n
t�d@��|
f�i�|�������W�n#��t#��y���}
��z�d�|�d�<�dB|���d(|
����|�d <�|�W���Y�d�}
~
S�d�}
~
w�w�zCt�d���dHd�|
i�|�����}�|���r�|�D�]�}�|���|���|���|���k���r�|���|���|���|���d<��|�d=��|�<���q�n�d�|
i�|�d=<�d�|�d�<�dC|���dD��|�d <�W�n!��t#��y���}
��z�d�|�d�<�dE|���d(|
����|�d <�W�Y�d�}
~
n�d�}
~
w�w�|�d=����r�t$j%t�dF��j&��j'��dGd�����|�S�)Ia}���
This state manages software package repositories. Currently, :mod:`yum
<salt.modules.yumpkg>`, :mod:`apt <salt.modules.aptpkg>`, and :mod:`zypper
<salt.modules.zypperpkg>` repositories are supported.
**YUM/DNF/ZYPPER-BASED SYSTEMS**
.. note::
One of ``baseurl`` or ``mirrorlist`` below is required. Additionally,
note that this state is not presently capable of managing more than one
repo in a single repo file, so each instance of this state will manage
a single repo file containing the configuration for a single repo.
name
This value will be used in two ways: Firstly, it will be the repo ID,
as seen in the entry in square brackets (e.g. ``[foo]``) for a given
repo. Secondly, it will be the name of the file as stored in
/etc/yum.repos.d (e.g. ``/etc/yum.repos.d/foo.conf``).
enabled : True
Whether the repo is enabled or not. Can be specified as ``True``/``False`` or
``1``/``0``.
disabled : False
Included to reduce confusion due to APT's use of the ``disabled``
argument. If this is passed for a YUM/DNF/Zypper-based distro, then the
reverse will be passed as ``enabled``. For example passing
``disabled=True`` will assume ``enabled=False``.
copr
Fedora and RedHat based distributions only. Use community packages
outside of the main package repository.
.. versionadded:: 3002
humanname
This is used as the ``name`` value in the repo file in
``/etc/yum.repos.d/`` (or ``/etc/zypp/repos.d`` for SUSE distros).
baseurl
The URL to a yum repository
mirrorlist
A URL which points to a file containing a collection of baseurls
comments
Sometimes you want to supply additional information, but not as
enabled configuration. Anything supplied for this list will be saved
in the repo configuration with a comment marker (#) in front.
gpgautoimport
Only valid for Zypper package manager. If set to ``True``, automatically
trust and import the new repository signing key. The key should be
specified with ``gpgkey`` parameter. See details below.
Additional configuration values seen in YUM/DNF/Zypper repo files, such as
``gpgkey`` or ``gpgcheck``, will be used directly as key-value pairs.
For example:
.. code-block:: yaml
foo:
pkgrepo.managed:
- humanname: Personal repo for foo
- baseurl: https://mydomain.tld/repo/foo/$releasever/$basearch
- gpgkey: file:///etc/pki/rpm-gpg/foo-signing-key
- gpgcheck: 1
**APT-BASED SYSTEMS**
ppa
On Ubuntu, you can take advantage of Personal Package Archives on
Launchpad simply by specifying the user and archive name. The keyid
will be queried from launchpad and everything else is set
automatically. You can override any of the below settings by simply
setting them as you would normally. For example:
.. code-block:: yaml
logstash-ppa:
pkgrepo.managed:
- ppa: wolfnet/logstash
ppa_auth
For Ubuntu PPAs there can be private PPAs that require authentication
to access. For these PPAs the username/password can be passed as an
HTTP Basic style username/password combination.
.. code-block:: yaml
logstash-ppa:
pkgrepo.managed:
- ppa: wolfnet/logstash
- ppa_auth: username:password
name
On apt-based systems this must be the complete entry as it would be
seen in the ``sources.list`` file. This can have a limited subset of
components (e.g. ``main``) which can be added/modified with the
``comps`` option.
.. code-block:: yaml
precise-repo:
pkgrepo.managed:
- name: deb http://us.archive.ubuntu.com/ubuntu precise main
.. note::
The above example is intended as a more readable way of configuring
the SLS, it is equivalent to the following:
.. code-block:: yaml
'deb http://us.archive.ubuntu.com/ubuntu precise main':
pkgrepo.managed
disabled : False
Toggles whether or not the repo is used for resolving dependencies
and/or installing packages.
enabled : True
Included to reduce confusion due to YUM/DNF/Zypper's use of the
``enabled`` argument. If this is passed for an APT-based distro, then
the reverse will be passed as ``disabled``. For example, passing
``enabled=False`` will assume ``disabled=False``.
architectures
On apt-based systems, ``architectures`` can restrict the available
architectures that the repository provides (e.g. only ``amd64``).
``architectures`` should be a comma-separated list.
comps
On apt-based systems, comps dictate the types of packages to be
installed from the repository (e.g. ``main``, ``nonfree``, ...). For
purposes of this, ``comps`` should be a comma-separated list.
file
The filename for the ``*.list`` that the repository is configured in.
It is important to include the full-path AND make sure it is in
a directory that APT will look in when handling packages
dist
This dictates the release of the distro the packages should be built
for. (e.g. ``unstable``). This option is rarely needed.
keyid
The KeyID or a list of KeyIDs of the GPG key to install.
This option also requires the ``keyserver`` option to be set.
keyserver
This is the name of the keyserver to retrieve GPG keys from. The
``keyid`` option must also be set for this option to work.
key_url
URL to retrieve a GPG key from. Allows the usage of
``https://`` as well as ``salt://``. If ``allow_insecure_key`` is True,
this also allows ``http://``.
.. note::
Use either ``keyid``/``keyserver`` or ``key_url``, but not both.
key_text
The string representation of the GPG key to install.
.. versionadded:: 2018.3.0
.. note::
Use either ``keyid``/``keyserver``, ``key_url``, or ``key_text`` but
not more than one method.
consolidate : False
If set to ``True``, this will consolidate all sources definitions to the
``sources.list`` file, cleanup the now unused files, consolidate components
(e.g. ``main``) for the same URI, type, and architecture to a single line,
and finally remove comments from the ``sources.list`` file. The consolidation
will run every time the state is processed. The option only needs to be
set on one repo managed by Salt to take effect.
clean_file : False
If set to ``True``, empty the file before configuring the defined repository
.. note::
Use with care. This can be dangerous if multiple sources are
configured in the same file.
.. versionadded:: 2015.8.0
refresh : True
If set to ``False`` this will skip refreshing the apt package database
on Debian based systems.
refresh_db : True
.. deprecated:: 2018.3.0
Use ``refresh`` instead.
require_in
Set this to a list of :mod:`pkg.installed <salt.states.pkg.installed>` or
:mod:`pkg.latest <salt.states.pkg.latest>` to trigger the
running of ``apt-get update`` prior to attempting to install these
packages. Setting a require in the pkg state will not work for this.
aptkey:
Use the binary apt-key. If the command ``apt-key`` is not found
in the path, aptkey will be False, regardless of what is passed into
this argument.
allow_insecure_key : True
Whether to allow an insecure (e.g. http vs. https) key_url.
.. versionadded:: 3006.0
z�apt-keyFN������name��changes��result��comment��pkg.get_repor����z0Repo management not implemented on this platformr������key_url��keyidZ keyserverz@You may not use both "keyid"/"keyserver" and "key_url" argument.Z�key_textzAYou may not use both "keyid"/"keyserver" and "key_text" argument.z7You may not use both "key_url" and "key_text" argument.��repoze'repo' is not a supported argument for this state. The 'name' argument is probably what was intended.��enabled��disabledz'Only one of enabled/disabled is allowedT��allow_insecure_keyz�http:i����z?allow_insecure_key will default to False starting in salt 3008.zFCannot have 'key_url' using http with 'allow_insecure_key' set to True��os��Z�UbuntuZ�Mint��:��ppa� os_family)���RedHatZ�Suser������coprr����Z humanname)�Z NILinuxRTZ�Pokyz�Failed to examine repo '��': ��Debianr����)���_expand_repo_defZ
oscodename)���os_name��os_codenamer������file)���compsr������line�����c��������������������s���s������|�]�}�|�����V���q�d�S���N)���strip����.0��xr����r����r����� <genexpr>����s����������
�z�managed.<locals>.<genexpr>��#Z�comments�
architecturesc��������������������s���s������|�]�}�t�|�t���V���q�d�S�r'���)��
isinstance��boolr)���r����r����r����r,�������s��������
�
�z�Package repo 'z�' already configured��testz�Package repo '{}' would be configured. This may cause pkg states to behave differently than stated if this action is repeated without test=True, due to the differences in the configured repositories.)���new��oldr
���Z
clean_file��wr����)�Z�saltenv��aptkey��Failed to configure repo 'z�Configured package repo '��'z"Failed to confirm config of repo 'z test.pingz
pkg._availr����)(��salt��utils��path��whichr������pop��getr(����
startswithZ�versionsZ
warn_until�
__grains__��join� TypeError��str��dataZ�is_true��_STATE_INTERNAL_KEYWORDSr������salt.modules.aptpkgr �����sorted��split� partition��pkg��debZ�combine_commentsZ�rpm��set��any��__opts__��format��filesZ�fopenZ�__env__� Exception��sys��modules�
__module__��__context__)�r����r����r����r5�����kwargs��retr����r����r����Z�key_is_insecurer������kwargZ�pre��excr ���r!���r"���Z�sanitizedkwargsZ�sanitizedsplitZ reposplit��_Z�pre_commentsZ
post_commentsZ�precommentsZ
kwargcommentsZ�postr����r����r������managed����s������Z����������������������������������������������������������������������������������������������������������������
�����
���
���
���������
���������������������������� ������������������������
�
�
�������������
���������
���������������
���
�
�����
���������
�����
�����������������
���������������������������
��������������������������������������������������������������������������������������� �����
���������rZ���c������������
���
�������s����|�i�d�d�d���}�d���v�r�t�d���d�v�r�����d���}�|���d���s�d�|���}�d���v�r7t�d ��d
v�r7����d���}�|���d���s7d�|���}�t���f�d�d
��d�D�����}�|�rRd�t�v�rRd�|�d�<�d�|�d�<�|�S�t�d ��d�k�rat�j�j�j�� |���}�n�|�}�z�t�d���|�f�i�������}�W�n"��t
y���}���z�d�|�d�<�d�|���d�|�����|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�|�r�t�d ������d�k�s�t��
d�i����
d���d�k�r�d�d�l�m�}���t�|�|���d�����t�|�d�����k�r�i�}�|�s�d�|���d ��|�d�<�d!|�d�<�|�S�t�d"��r�d#��|���|�d�<�|�S�z
t�d$��d-d%|�i���������W�n ��t
t�f���y���}���z�d�|�d�<�|�j�|�d�<�|�W���Y�d�}�~�S�d�}�~�w�w�t�d&����}�|�|�v���rq|�|�d'��d%<�d(|�����|�d�<�|���s(d!|�d�<�|�S�z�t�d���|�f�i�������} W�n%��t
t�f���yY��}���z�d�|�d�<�|�d�����d)|�����7���<�W�Y�d�}�~�|�S�d�}�~�w�w�d!|�d�<�| |�d'��d*<�|�d�����d+| ����7���<�|�S�d�|�d�<�d,|�����|�d�<�|�S�).a[���
This function deletes the specified repo on the system, if it exists. It
is essentially a wrapper around :mod:`pkg.del_repo <salt.modules.pkg.del_repo>`.
name
The name of the package repo, as it would be referred to when running
the regular package manager commands.
.. note::
On apt-based systems this must be the complete source entry. For
example, if you include ``[arch=amd64]``, and a repo matching the
specified URI, dist, etc. exists _without_ an architecture, then no
changes will be made and the state will report a ``True`` result.
**FEDORA/REDHAT-SPECIFIC OPTIONS**
copr
Use community packages outside of the main package repository.
.. versionadded:: 3002
.. code-block:: yaml
hello-copr:
pkgrepo.absent:
- copr: mymindstorm/hello
**UBUNTU-SPECIFIC OPTIONS**
ppa
On Ubuntu, you can take advantage of Personal Package Archives on
Launchpad simply by specifying the user and archive name.
.. code-block:: yaml
logstash-ppa:
pkgrepo.absent:
- ppa: wolfnet/logstash
ppa_auth
For Ubuntu PPAs there can be private PPAs that require authentication
to access. For these PPAs the username/password can be specified. This
is required for matching if the name format uses the ``ppa:`` specifier
and is private (requires username/password to access, which is encoded
in the URI).
.. code-block:: yaml
logstash-ppa:
pkgrepo.absent:
- ppa: wolfnet/logstash
- ppa_auth: username:password
keyid
If passed, then the GPG key corresponding to the passed KeyID will also
be removed.
keyid_ppa : False
If set to ``True``, the GPG key's ID will be looked up from
ppa.launchpad.net and removed, and the ``keyid`` argument will be
ignored.
.. note::
This option will be disregarded unless the ``ppa`` argument is
present.
Nr
���r����r����r����r����z�ppa:r����r����r����z�copr:c��������������������3���s������|�]
}�����|���d�u�V���q�d�S�r'���)�r=���r)�����rU���r����r����r,�������s��������z�absent.<locals>.<genexpr>)�r����Z keyid_ppaz�pkg.del_repo_keyFr����z8Repo key management is not implemented for this platformr����r����r����r6���r����Z�debianZ providersrI���Z�aptpkgr����)���_split_repo_strr.���z
Package repo z
is absentTr1���z�Package repo '{}' will be removed. This may cause pkg states to behave differently than stated if this action is repeated without test=True, due to the differences in the configured repositories.z�pkg.del_repor����z�pkg.list_reposr
���z
Removed repo z�, but failed to remove key: r����z�, and keyid z�Failed to remove repo r����)�r?���r<���r>���rL���r����r8���r9���rI���rJ���Z strip_urir������lowerrM���r=���rE���r\���rK���rN���r������strerror)
r����rU���rV���Z
remove_keyZ stripnamer����rX���r\���Z�reposZ
removed_keyidr����r[���r������absente���s�����C��
�
�����
�
�����������������������������������������������������������������������������
�������
�
������������������� �� ������������������r_���)�NNT)���__doc__rQ���Z�salt.utils.datar8���Z�salt.utils.filesZ�salt.utils.pkg.debZ�salt.utils.pkg.rpmZ�salt.utils.versionsZ�salt.exceptionsr����r����Z
salt.stater����rD���r ���rZ���r_���r����r����r����r������<module>����s�������w����������������
�����^