cdist/cdist/conf/type/__apt_key_uri
evilham c00c8c2012 [__apt_key*] Deprecate __apt_key_uri and improve __apt_key
Previously this type was falling back to using the deprecated apt-key(8) by
checking for existence of files/directories on the controller host in
gencode-remote.

Adding `--use-deprecated-apt-key` as an explicit boolean serves two purposes:
1. It prevents fallbacks that might end up doing the wrong thing
   (as was the case)
2. It allows for a simple way to remove keys from the keyring that were
   previously added with apt-key(8) to /etc/apt/trusted.gpg

This parameter is added marked as deprecated as is only intended use is to
migrate to directory-based keyrings as recommended by Debian for a few releases.
It will be removed when Debian 11 stops being supported.

During the review process of this merge request, it was noted that the state of
PGP Key Servers is somewhat suboptimal, that the examples encouraged bad
practise (it is trivial to produce collisions for short key IDs), and that
this use does not require the Web of Trust, but instead only the public key
that is signing the repository.

That is why this also adds `--source` as an argument allowing for in-type or
in-manifest provision of such public keys by the type/manifest maintainer and
the use of Key Servers is still supported, but discouraged.
2021-05-10 12:08:22 +02:00
..
explorer Explorer pipes output of apt-key list, which always generates: 2017-08-25 14:31:32 +02:00
parameter import __apt_* types from private repo 2014-02-04 12:24:10 +01:00
deprecated [__apt_key*] Deprecate __apt_key_uri and improve __apt_key 2021-05-10 12:08:22 +02:00
gencode-remote Change shebang to #!/bin/sh -e 2017-06-28 13:19:32 +02:00
man.rst GPLv3+ relicensing. 2016-08-10 18:15:54 +02:00
manifest Change shebang to #!/bin/sh -e 2017-06-28 13:19:32 +02:00