Ubuntu: add support for Apt configuration

This change adds support for configuration of Apt package manager in
/etc/apt/apt.conf.d/. This allows adding arbitrary global configuration
options for Apt. Options can be added in different files, allowing for
different filename-based priorities.

CI tests and documentation are provided.

Story: 2009655
Task: 43987

Change-Id: I9d7d18851359e97cd01b4c2287bf79110796b25a
This commit is contained in:
Mark Goddard 2021-11-16 11:27:37 +00:00 committed by Maksim Malchuk
parent c603be2536
commit 5c661b888e
10 changed files with 82 additions and 0 deletions

View File

@ -11,6 +11,14 @@ apt_proxy_http:
# Apt proxy URL for HTTPS. Default is {{ apt_proxy_http }}.
apt_proxy_https: "{{ apt_proxy_http }}"
# List of Apt configuration options. Each item is a dict with the following
# keys:
# * content: free-form configuration file content
# * filename: name of a file in /etc/apt/apt.conf.d/ in which to write the
# configuration
# Default is an empty list.
apt_config: []
# List of apt keys. Each item is a dict containing the following keys:
# * url: URL of key
# * filename: Name of a file in which to store the downloaded key. The

View File

@ -11,6 +11,14 @@ apt_proxy_http:
# Apt proxy URL for HTTPS. Default is {{ apt_proxy_http }}.
apt_proxy_https: "{{ apt_proxy_http }}"
# List of Apt configuration options. Each item is a dict with the following
# keys:
# * content: free-form configuration file content
# * filename: name of a file in /etc/apt/apt.conf.d/ in which to write the
# configuration
# Default is an empty list.
apt_config: []
# Directory containing GPG keyrings for apt repos.
apt_keys_path: "/usr/local/share/keyrings"

View File

@ -0,0 +1,14 @@
---
- name: Ensure Apt is configured
copy:
content: "{{ item.content }}"
dest: "/etc/apt/apt.conf.d/{{ item.filename }}"
owner: root
group: root
mode: 0664
loop: "{{ apt_config }}"
loop_control:
label: "{{ item.filename }}"
become: true
notify:
- Update apt cache

View File

@ -1,6 +1,8 @@
---
- import_tasks: proxy.yml
- import_tasks: config.yml
- import_tasks: keys.yml
- import_tasks: repos.yml

View File

@ -14,6 +14,7 @@
- name: Disable repositories in /etc/apt/sources.list
replace:
# Make a backup, in case we end up with a broken configuration.
backup: true
path: /etc/apt/sources.list
regexp: '^(deb.*)'

View File

@ -331,6 +331,30 @@ Apt can be configured to use a proxy via ``apt_proxy_http`` and
``apt_proxy_https`` in ``etc/kayobe/apt.yml``. These should be set to the full
URL of the relevant proxy (e.g. ``http://squid.example.com:3128``).
Apt configuration
-----------------
Arbitrary global configuration options for Apt may be defined via the
``apt_config`` variable in ``etc/kayobe/apt.yml`` since the Yoga release. The
format is a list, with each item mapping to a dict/map with the following
items:
* ``content``: free-form configuration file content
* ``filename``: name of a file in ``/etc/apt/apt.conf.d/`` in which to write
the configuration
The default of ``apt_config`` is an empty list.
For example, the following configuration tells Apt to use 2 attempts when
downloading packages:
.. code-block:: yaml
apt_config:
- content: |
Acquire::Retries 1;
filename: 99retries
Apt repositories
----------------

View File

@ -11,6 +11,14 @@
# Apt proxy URL for HTTPS. Default is {{ apt_proxy_http }}.
#apt_proxy_https:
# List of Apt configuration options. Each item is a dict with the following
# keys:
# * content: free-form configuration file content
# * filename: name of a file in /etc/apt/apt.conf.d/ in which to write the
# configuration
# Default is an empty list.
#apt_config:
# List of apt keys. Each item is a dict containing the following keys:
# * url: URL of key
# * filename: Name of a file in which to store the downloaded key. The

View File

@ -115,6 +115,10 @@ docker_storage_driver: devicemapper
timezone: Pacific/Honolulu
{% if ansible_os_family == "Debian" %}
apt_config:
- content: |
Acquire::Retries 1;
filename: 99retries
apt_keys:
- url: https://packages.treasuredata.com/GPG-KEY-td-agent
filename: td-agent.asc

View File

@ -192,6 +192,13 @@ def test_ntp_clock_synchronized(host):
assert "synchronized: yes" in status_output
@pytest.mark.skipif(not _is_apt(), reason="Apt only supported on Ubuntu")
def test_apt_config(host):
apt_config = host.file("/etc/apt/apt.conf.d/99retries")
assert apt_config.exists
assert apt_config.content_string == "Acquire::Retries 1;\n"
@pytest.mark.skipif(not _is_apt(), reason="Apt only supported on Ubuntu")
def test_apt_custom_package_repository_is_available(host):
with host.sudo():

View File

@ -0,0 +1,6 @@
---
features:
- |
Adds support for global configuration options for Apt in files in
``/etc/apt/apt.conf.d/`` on Ubuntu systems. See `story 2009655
<https://storyboard.openstack.org/#!/story/2009655>`__ for details.