Page History


Mark George edited this page on 1 May 2023

Clone this wiki locally

Adding third-party repo

  1. Get the key ID for the repo. Usually there will be a key file, or something equivalent listed in the download instructions. The key ID can be extracted using:

     wget -qO - | gpg --show-keys --dry-run
  2. Add the puppet resource to a puppet manifest. The following is an example of the puppet code that will add the repo and install the package (using mongodb as the example):

    include apt
    # add the official mongodb repo
    apt::source { 'mongodb-org' :
        comment => 'Official MongoDB repo.',
        location => '',
        release => 'bionic/mongodb-org/4.0',
        repos => 'multiverse',
        key      => {
            id     => '9DA31620334BD75D9DCB49F368818C72E52529D4',
            server => '',
    # instal mongodb
    package {'mongodb-org' : ensure => 'installed' }

    This assumes that the key is registered on the Ubuntu key server. If not, the key will need to be installed locally as a GPG file in /etc/apt/trusted.gpg.d/ — this can usually be extracted from the deb file.

    The other information can be found on the package's "how to use our repos" page.


You can forward declare dependencies:

# forward declare dependencies
File['/usr/local/some_directory'] -> File['/usr/local/some_directory/some_file'] ~> Exec['/usr/bin/do_something  /usr/local/some_directory/some_file']

# declare actual resources

file { '/usr/local/some_directory' :
    ensure => 'directory'

file { '/usr/local/some_directory/some_file' :
    ensure => present,

exec {'/usr/bin/do_something  /usr/local/some_directory/some_file' :
    refreshonly => true,

The -> means 'do the thing on the left before the thing on the right'.

The ~> means 'do the thing on the left before the thing on the right, and notify the thing on the right'. With refreshonly set to false (which is the default), the exec will always run. When set to true, the exec will only run if the thing on the left has changed.