Hi Douglas, thanks for identifying the issue! Please submit a PR to the apt repo <https://github.com/puppetlabs/puppetlabs-apt>, someone from the Modules Team will pick it up.
Regards, David On Mon, Apr 1, 2019 at 8:44 PM Douglas K. Rand <[email protected]> wrote: > On 3/31/19 10:37 AM, Martin Alfke wrote:>> On 29. Mar 2019, at 19:42, > Douglas > Rand <[email protected]> wrote: > >> I have a provider that hosts their APT repository behind a basic auth > >> protected website, and I cannot work out how to get apt::key to add > their > >> key. > > > Have you tried using apt_auth.conf file? > > https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html > > No, I hadn't. And thanks for that, it solved another problem I was having. > Thanks Martin! > > But not the problem with apt::key. I rand it down to the source_to_file > method in the apt_key.rb provider from Puppet's APT library. The > source_to_file method fetches the remote key and drops it in a temporary > file > and then uses apt-key to install the key. So the fetching of the key > bypasses > all of the nice apt features with apt/auth.conf. So no joy there. > > But I did find a fix. The problem is that the username I need to provide > in > basic auth is my email address, and includes an '@' sign. And since the > '@' > sign is already part of the url coding for usernames, you can't have it in > the > username. I had been using '%40' to replace the '@' sign in my username, > but > the Ruby provider doesn't know that the usernames might be URI encoded. > > This simple patch adds that: > > --- > /local-project/tmp/r10k/production/modules/apt/lib/puppet/provider/apt_key/apt_key.rb > > 2017-10-24 08:45:17.316572536 -0500 > +++ modules/apt/lib/puppet/provider/apt_key/apt_key.rb 2019-04-01 > 13:38:02.026555102 -0500 > @@ -129,6 +129,10 @@ > begin > user_pass = parsedValue.userinfo.nil? ? nil : > parsedValue.userinfo.split(':') > parsedValue.userinfo = '' > + unless user_pass.nil? > + user_pass[0] = URI.unescape(user_pass[0]) > + user_pass[1] = URI.unescape(user_pass[1]) > + end > key = open(parsedValue, :http_basic_authentication => > user_pass).read > rescue OpenURI::HTTPError, Net::FTPPermError => e > fail("#{e.message} for #{resource[:source]}") > > Does anybody have any idea how to get this directed toward the right > people? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/3446ba74-f3f5-a512-f36c-e9f789b82d7a%40iteris.com > . > For more options, visit https://groups.google.com/d/optout. > -- Cheers, David https://twitter.com/dev_el_ops -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CALF7fHYrH03KkCw1ztRkVBJ1p1jx7S2Q4pFcNMMLHuHvpsbkTA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
