Date: Sunday, November 18, 2018 @ 19:40:18 Author: shibumi Revision: 408735
upgpkg: puppet 6.0.4-2 reworked puppet modules. Before the modules have been retrieved via insecure sideloading from repositories without TLS. Now we have every dependency in our source array and retrieve them via HTTPS with pinned commits instead of unsigned tags. Modified: puppet/trunk/PKGBUILD ----------+ PKGBUILD | 58 ++++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 36 insertions(+), 22 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-11-18 19:29:17 UTC (rev 408734) +++ PKGBUILD 2018-11-18 19:40:18 UTC (rev 408735) @@ -11,7 +11,7 @@ pkgname=puppet pkgver=6.0.4 -pkgrel=1 +pkgrel=2 pkgdesc="Server automation framework and application" arch=('any') url="https://puppet.com/products/open-source-projects" @@ -22,35 +22,49 @@ backup=('etc/puppetlabs/puppet/auth.conf' 'etc/puppetlabs/puppet/puppet.conf' 'etc/puppetlabs/puppet/hiera.yaml') -install=$pkgname.install +install="$pkgname.install" +_augeas_commit=9e459bf2dab04218d54d8d582a44ab81b757336d +_cron_commit=5902877cd435f6616510826d0bc5e949f7bc5857 +_host_commit=6f5af66b913782fd0ce01f4b18b70f7ccf370e7c +_mount_commit=c583c11fe5cdfded5d460fdad14e432755981638 +_scheduled_commit=2e5f7cecf65c40f342f420146cda5e4b0aca75eb +_selinux_commit=4b183e1c3758b0db6235a8766f1c2434b650e17c +_sshkeys_commit=0609e86911bf7adc3caffb8d0659ed6af03409d3 +_yumrepo_commit=a13cb4691718bf969a436941192593a0bd5318bb +_zfs_commit=5580f8daba1460cd11fb2204b8d9b422e9a2e21b +_zone_commit=11db22ae85cf870a1d71c820ddf2f3d97de102ba + source=("https://downloads.puppetlabs.com/${pkgname}/${pkgname}-${pkgver}.tar.gz"{,.asc} - "https://github.com/puppetlabs/puppet-agent/archive/${pkgver}.tar.gz") + "git+https://github.com/puppetlabs/puppetlabs-augeas_core#commit=${_augeas_commit}" + "git+https://github.com/puppetlabs/puppetlabs-cron_core#commit=${_cron_commit}" + "git+https://github.com/puppetlabs/puppetlabs-host_core#commit=${_host_commit}" + "git+https://github.com/puppetlabs/puppetlabs-mount_core#commit=${_mount_commit}" + "git+https://github.com/puppetlabs/puppetlabs-scheduled_task#commit=${_scheduled_commit}" + "git+https://github.com/puppetlabs/puppetlabs-selinux_core#commit=${_selinux_commit}" + "git+https://github.com/puppetlabs/puppetlabs-sshkeys_core#commit=${_sshkeys_commit}" + "git+https://github.com/puppetlabs/puppetlabs-yumrepo_core#commit=${_yumrepo_commit}" + "git+https://github.com/puppetlabs/puppetlabs-zfs_core#commit=${_zfs_commit}" + "git+https://github.com/puppetlabs/puppetlabs-zone_core#commit=${_zone_commit}" + ) sha512sums=('fcfc0a9e1a707945c89e3080c1795511fd28143576886552d8e3635d62f526d0b3f9ed2a400ecc0084b63906246cb86e176b288ac049d01d0f9cf47fc65fe332' - '1e34f642a29618a732dd91017cb72ac935a46a1dd51d2d945038f4141cd7c5f5b7dc04fc61fc3d3eaf7c88be9af6fc007a4e7bd058a3e8a2585ef0acc464b713' - '5daf8c18226ebe832141703dc80c8e894b8bad24b01fd37d49da5a172d4f0bcd1ac8e4542ba6af796726d75fd2431387aff5d8b116cd07771dd252f4dfb4dc45') + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP' + 'SKIP') conflicts=('puppet5') provides=('puppet') validpgpkeys=('6F6B15509CF8E59E6E469F327F438280EF8D349F') prepare() { - cd "puppet-agent-${pkgver}" - for file in configs/components/module-puppetlabs-*_core.json; do - regex="git:\/\/github.com\/puppetlabs\/puppetlabs-([a-z]+_core)\.git" # Regex to determine the correct directory name of a git repo - repo="$(jq --raw-output .url ${file})" # get the puppet module git url from the json file - if [[ "${repo}" =~ $regex ]]; then - tag="$(jq --raw-output .ref ${file} | cut -d/ -f3)" # get the puppet module git tag from the json file - directory="${BASH_REMATCH[1]}" # get the name of the repo without 'puppetlabs-' - echo "preparing ${directory} with tag ${tag} for vendoring" - git -c advice.detachedHead=false clone --quiet "$repo" "--branch=${tag}" "../${directory}" # clone it so we can later `mv` it into vendor_modules - rm -rf "../${directory}/"{.git,spec} # delete useless directories that we don't want to vendor - else - echo "something failed with our regex" - exit 1 - fi - done + cd "${pkgname}-${pkgver}" - cd "../${pkgname}-${pkgver}" - # FS#45044: fix file location sed -i 's_/opt/puppetlabs/puppet_/usr_' ext/systemd/puppet.service }