Add parameter to manage package

voxpupuli · Jan 22, 2025 · 53eb889 · 53eb889
1 parent 43baccd
commit 53eb889
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 49 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -57,6 +57,7 @@
 # @param os Operating system for the Vault binary (automatically determined)
 # @param manage_download_dir Whether to manage the download directory
 # @param download_dir Directory where the Vault archive will be downloaded
+# @param manage_package Whether to manage the Vault package
 # @param package_ensure The state the package should be in (installed, absent, latest)
 # @param package_name Name of the Vault package
 # @param install_method Installation method: 'archive' or 'repo'
@@ -124,6 +125,7 @@
   $num_procs                             = $facts['processors']['count'],
   $install_method                        = $vault::params::install_method,
   $config_dir                            = if $install_method == 'repo' and $manage_repo { '/etc/vault.d' } else { '/etc/vault' },
+  Boolean $manage_package                = true,
   $package_name                          = 'vault',
   $package_ensure                        = 'installed',
   $download_dir                          = '/tmp',

diff --git a/manifests/install.pp b/manifests/install.pp
@@ -5,66 +5,68 @@
   assert_private()
   $vault_bin = "${vault::bin_dir}/vault"
 
-  case $vault::install_method {
-    'archive': {
-      if $vault::manage_download_dir {
-        file { $vault::download_dir:
-          ensure => directory,
+  if $vault::manage_package {
+    case $vault::install_method {
+      'archive': {
+        if $vault::manage_download_dir {
+          file { $vault::download_dir:
+            ensure => directory,
+          }
         }
-      }
 
-      archive { "${vault::download_dir}/${vault::download_filename}":
-        ensure       => present,
-        extract      => true,
-        extract_path => $vault::bin_dir,
-        source       => $vault::real_download_url,
-        cleanup      => true,
-        creates      => $facts['vault_version'] ? { # lint:ignore:selector_inside_resource
-          undef   => $vault_bin,
-          default => versioncmp($vault::version, $facts['vault_version']) > 0 ? {
-            true    => undef,
-            default => $vault_bin
-          }
-        },
-        before       => File['vault_binary'],
-      }
+        archive { "${vault::download_dir}/${vault::download_filename}":
+          ensure       => present,
+          extract      => true,
+          extract_path => $vault::bin_dir,
+          source       => $vault::real_download_url,
+          cleanup      => true,
+          creates      => $facts['vault_version'] ? { # lint:ignore:selector_inside_resource
+            undef   => $vault_bin,
+            default => versioncmp($vault::version, $facts['vault_version']) > 0 ? {
+              true    => undef,
+              default => $vault_bin
+            }
+          },
+          before       => File['vault_binary'],
+        }
 
-      $_manage_file_capabilities = true
-    }
+        $_manage_file_capabilities = true
+      }
 
-    'repo': {
-      if $vault::manage_repo {
-        include hashi_stack::repo
-        Class['hashi_stack::repo'] -> Package[$vault::package_name]
+      'repo': {
+        if $vault::manage_repo {
+          include hashi_stack::repo
+          Class['hashi_stack::repo'] -> Package[$vault::package_name]
+        }
+        package { $vault::package_name:
+          ensure  => $vault::package_ensure,
+        }
+        $_manage_file_capabilities = false
       }
-      package { $vault::package_name:
-        ensure  => $vault::package_ensure,
+
+      default: {
+        fail("Installation method ${vault::install_method} not supported")
       }
-      $_manage_file_capabilities = false
     }
 
-    default: {
-      fail("Installation method ${vault::install_method} not supported")
+    file { 'vault_binary':
+      path  => $vault_bin,
+      owner => 'root',
+      group => 'root',
+      mode  => '0755',
     }
-  }
-
-  file { 'vault_binary':
-    path  => $vault_bin,
-    owner => 'root',
-    group => 'root',
-    mode  => '0755',
-  }
 
-  if !$vault::disable_mlock and pick($vault::manage_file_capabilities, $_manage_file_capabilities) {
-    file_capability { 'vault_binary_capability':
-      ensure     => present,
-      file       => $vault_bin,
-      capability => 'cap_ipc_lock=ep',
-      subscribe  => File['vault_binary'],
-    }
+    if !$vault::disable_mlock and pick($vault::manage_file_capabilities, $_manage_file_capabilities) {
+      file_capability { 'vault_binary_capability':
+        ensure     => present,
+        file       => $vault_bin,
+        capability => 'cap_ipc_lock=ep',
+        subscribe  => File['vault_binary'],
+      }
 
-    if $vault::install_method == 'repo' {
-      Package[$vault::package_name] ~> File_capability['vault_binary_capability']
+      if $vault::install_method == 'repo' {
+        Package[$vault::package_name] ~> File_capability['vault_binary_capability']
+      }
     }
   }