add apt::key resource to deploy arbitrary keys

the rationale of this is that isn't useful for third party modules, because they cannot inject keys in there without some serious apt class hijacking
author: Antoine Beaupré <anarcat@koumbit.org> 2015-06-11 10:07:47 -0400
committer: Antoine Beaupré <anarcat@koumbit.org> 2015-06-11 10:07:49 -0400
commit: 33acc00e5c6d8ab18f2992cccc8ee036b4d7771d (patch)
tree: d4191c6abfae9ec0c6c6b7cdd4f971c91671afaa /README
parent: d87876a16fdf6cb710210b1a11572d553dec755a (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/README b/README
index 8333be2..835db79 100644
--- a/README
+++ b/README
@@ -478,6 +478,23 @@ Example:
                 'puppet:///modules/site_apt/company_internals.list' ],
   }
 
+apt::key
+--------
+
+Deploys a secure apt OpenPGP key. This usually accompanies the
+sources.list snippets above for third party repositories. For example,
+you would do:
+
+  apt::key { 'neurodebian.key':
+    source => 'puppet:///modules/site_apt/neurodebian.key',
+  }
+
+This deploys the key in the `${apt_base_dir}/keys` directory (as
+opposed to `$custom_key_dir` which deploys it in `keys.d`). The reason
+this exists on top of `$custom_key_dir` is to allow a more
+decentralised distribution of those keys, without having all modules
+throw their keys in the same directory in the manifests.
+
 apt::upgrade_package
 --------------------
author	Antoine Beaupré <anarcat@koumbit.org>	2015-06-11 10:07:47 -0400
committer	Antoine Beaupré <anarcat@koumbit.org>	2015-06-11 10:07:49 -0400
commit	33acc00e5c6d8ab18f2992cccc8ee036b4d7771d (patch)
tree	d4191c6abfae9ec0c6c6b7cdd4f971c91671afaa /README
parent	d87876a16fdf6cb710210b1a11572d553dec755a (diff)