Project

puppet-lint-yumrepo_gpgcheck_enabled-check

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
puppet-lint-yumrepo_gpgcheck_enabled-checkdeanwilson/puppet-lint-yumrepo_gpgcheck_enabled-checkHomepageDocumentationSource CodeBug TrackerWiki
A puppet-lint extension that ensures yumrepo resources have the gpgcheck attribute and that it is enabled.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
102,282
Stars
0
Forks
0
Watchers
0
 Releases
Current version
0.0.2
Total releases
2
First release
2016-01-30
Latest release
2016-08-21
 Issues
Open Issues
0
Closed Issues
1
Total Issues
1
Issue Closure Rate
100%
 Pull Requests
Open Pull Requests
1
Closed Pull Requests
0
Merged Pull Requests
51
Pull Request Acceptance Rate
98%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2020-10-28
Reverse Dependencies
0

 Dependencies

Development

rake
>= 0
rspec
~> 3.0
rspec-collection_matchers
~> 1.0
rspec-its
~> 1.0
rubocop
~> 0.36.0

Runtime

puppet-lint
< 3.0, >= 1.1
 Project Readme

puppet-lint yumrepo_gpgcheck_enabled check

A puppet-lint extension that ensures yumrepo resources have the gpgcheck attribute and that it is enabled.

Actions Status

The gpgcheck attribute indicates if yum should perform a GPG signature check on packages. Having this disabled means you'll accept any packages from your configured repo, not just those signed by the packagers. While it's often more work to sign your own packages you should at the very least enable it for all upstream yum repositories.

Installation

To use this plugin add the following line to your Gemfile

gem 'puppet-lint-yumrepo_gpgcheck_enabled-check'

and then run bundle install

Usage

This plugin provides a new check to puppet-lint that warns if it finds a yumrepo resource that either does not contain the gpgcheck attribute or does not set the value to enable it.

yumrepo { 'company_app_repo':
  enabled  => 1,
  descr    => 'Local repo holding company application packages',
  baseurl  => 'http://repos.example.org/apps',
}

This example is missing gpgcheck and will return

yumrepo should have the gpgcheck attribute

The second example does not enable gpgcheck

yumrepo { 'company_app_repo':
  enabled  => 1,
  descr    => 'Local repo holding company application packages',
  baseurl  => 'http://repos.example.org/apps',
  gpgcheck => 0,
}

and will return

yumrepo should enable the gpgcheck attribute

Other puppet-lint plugins

You can find a list of my puppet-lint plugins in the unixdaemon puppet-lint-plugins repo

Author

Dean Wilson