Merge pull request #1007 from maturnbull/proxy_per_host

(MODULES-11173) Add per-host overrides for apt::proxy

Author: daianamezdrea

REFERENCE.md

@@ -41,6 +41,7 @@ be manipulated through the `apt-key` command.
 
 * [`Apt::Auth_conf_entry`](#aptauth_conf_entry): Login configuration settings that are recorded in the file `/etc/apt/auth.conf`.
 * [`Apt::Proxy`](#aptproxy): Configures Apt to connect to a proxy server.
+* [`Apt::Proxy_Per_Host`](#aptproxy_per_host): Adds per-host overrides to the system default APT proxy configuration
 
 ### Tasks
 
@@ -1099,6 +1100,7 @@ Struct[{
     https      => Optional[Boolean],
     https_acng => Optional[Boolean],
     direct     => Optional[Boolean],
+    perhost    => Optional[Array[Apt::Proxy_Per_Host]],
   }]
 ```
 
@@ -1132,6 +1134,52 @@ Specifies whether to enable https proxies.
 
 Specifies whether or not to use a `DIRECT` https proxy if http proxy is used but https is not.
 
+### <a name="aptproxy_per_host"></a>`Apt::Proxy_Per_Host`
+
+Adds per-host overrides to the system default APT proxy configuration
+
+Alias of
+
+```puppet
+Struct[{
+    scope      => String,
+    host       => Optional[String],
+    port       => Optional[Integer[1, 65535]],
+    https      => Optional[Boolean],
+    direct     => Optional[Boolean],
+  }]
+```
+
+#### Parameters
+
+The following parameters are available in the `Apt::Proxy_Per_Host` data type:
+
+* [`scope`](#scope)
+* [`host`](#host)
+* [`port`](#port)
+* [`https`](#https)
+* [`direct`](#direct)
+
+##### <a name="scope"></a>`scope`
+
+Specifies the scope of the override.  Valid options: a string containing a hostname.
+
+##### <a name="host"></a>`host`
+
+Specifies a proxy host to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: a string containing a hostname.
+
+##### <a name="port"></a>`port`
+
+Specifies a proxy port to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: an integer containing a port number.
+
+##### <a name="https"></a>`https`
+
+Specifies whether to enable https for this override.
+
+##### <a name="direct"></a>`direct`
+
+Specifies whether or not to use a `DIRECT` target to bypass the system default proxy.
+
 ## Tasks
 
 ### <a name="init"></a>`init`

manifests/init.pp

@@ -204,7 +204,29 @@
   }
 
   $_purge = merge($::apt::purge_defaults, $purge)
-  $_proxy = merge($apt::proxy_defaults, $proxy)
+
+  if $proxy['perhost'] {
+    $_perhost = $proxy['perhost'].map |$item| {
+      $_item = merge($apt::proxy_defaults, $item)
+      $_scheme = $_item['https'] ? {
+        true    => 'https',
+        default => 'http' }
+      $_port = $_item['port'] ? {
+        Integer => ":${_item['port']}",
+        default => ''
+      }
+      $_target = $_item['direct'] ? {
+        true    => 'DIRECT',
+        default => "${_scheme}://${_item['host']}${_port}/" }
+      merge($item, {
+        'scheme' => $_scheme,
+        'target' => $_target })
+    }
+  } else {
+    $_perhost = {}
+  }
+
+  $_proxy = merge($apt::proxy_defaults, $proxy, { 'perhost' => $_perhost } )
 
   $confheadertmp = epp('apt/_conf_header.epp')
   $proxytmp = epp('apt/proxy.epp', {'proxies' => $_proxy})

spec/classes/apt_spec.rb

@@ -101,7 +101,69 @@
         is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
           %r{Acquire::http::proxy "http://localhost:8080/";},
         ).without_content(
-          %r{Acquire::https::proxy},
+          %r{Acquire::https::proxy },
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=proxyhost' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost' }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::http::proxy::proxyscope "http://proxyhost:8080/";},
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=proxyhost:8081' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost', 'port' => 8081 }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::http::proxy::proxyscope "http://proxyhost:8081/";},
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=[https]proxyhost' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost', 'https' => true }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::https::proxy::proxyscope "https://proxyhost:8080/";},
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=[direct]' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'direct' => true }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::http::proxy::proxyscope "DIRECT";},
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=[https][direct]' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'https' => true, 'direct' => true }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::https::proxy::proxyscope "DIRECT";},
+        )
+      }
+    end
+
+    context 'when host=localhost and per-host[proxyscope]=proxyhost and per-host[proxyscope2]=proxyhost2' do
+      let(:params) { { proxy: { 'host' => 'localhost', 'perhost' => [{ 'scope' => 'proxyscope', 'host' => 'proxyhost' }, { 'scope' => 'proxyscope2', 'host' => 'proxyhost2' }] } } }
+
+      it {
+        is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
+          %r{Acquire::http::proxy::proxyscope "http://proxyhost:8080/";},
+        ).with_content(
+          %r{Acquire::http::proxy::proxyscope2 "http://proxyhost2:8080/";},
         )
       }
     end
@@ -113,7 +175,7 @@
         is_expected.to contain_apt__setting('conf-proxy').with(priority: '01').with_content(
           %r{Acquire::http::proxy "http://localhost:8180/";},
         ).without_content(
-          %r{Acquire::https::proxy},
+          %r{Acquire::https::proxy },
         )
       }
     end

templates/proxy.epp

@@ -1,4 +1,7 @@
 <%- | Hash $proxies | -%>
+<% $proxies['perhost'].each |$proxy| { -%>
+Acquire::<%= $proxy['scheme'] %>::proxy::<%= $proxy['scope'] %> "<%= $proxy['target'] %>";
+<% } -%>
 Acquire::http::proxy "http://<%= $proxies['host'] %>:<%= $proxies['port'] %>/";
 <%- if $proxies['https'] { %>
 Acquire::https::proxy "https://<%= $proxies['host'] %>:<%= $proxies['port'] %>/";

types/proxy.pp

@@ -23,5 +23,6 @@
     https      => Optional[Boolean],
     https_acng => Optional[Boolean],
     direct     => Optional[Boolean],
+    perhost    => Optional[Array[Apt::Proxy_Per_Host]],
   }
 ]

types/proxy_per_host.pp

@@ -0,0 +1,26 @@
+# @summary Adds per-host overrides to the system default APT proxy configuration
+#
+# @param scope
+#   Specifies the scope of the override.  Valid options: a string containing a hostname.
+#
+# @param host
+#   Specifies a proxy host to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: a string containing a hostname.
+#
+# @param port
+#   Specifies a proxy port to be stored in `/etc/apt/apt.conf.d/01proxy`. Valid options: an integer containing a port number.
+#
+# @param https
+#   Specifies whether to enable https for this override.
+#
+# @param direct
+#   Specifies whether or not to use a `DIRECT` target to bypass the system default proxy.
+#
+type Apt::Proxy_Per_Host = Struct[
+  {
+    scope      => String,
+    host       => Optional[String],
+    port       => Optional[Integer[1, 65535]],
+    https      => Optional[Boolean],
+    direct     => Optional[Boolean],
+  }
+]