Proper Way to Upgrade .deb Packages Using Puppet with Local Source Files


2 views

When dealing with .deb package management in Puppet, it's crucial to understand how Puppet handles version detection and package upgrades. Puppet's package resource doesn't automatically track version changes in local .deb files - you need to explicitly declare version requirements.

The fundamental issue with your current approach is that Puppet has no automatic way to detect that a new .deb file represents a newer version of the same package. The ensure => installed directive simply checks if any version of the package is present, not whether it matches your specific .deb file.

Here's a more robust implementation that properly handles upgrades:

class adobe-air {
  $version = '2.0.4'
  $deb_file = "adobeair-${version}.deb"
  
  file { "/opt/air-debs":
    ensure => directory
  }

  file { "/opt/air-debs/${deb_file}":
    owner   => root,
    group   => root,
    mode    => '644',
    ensure  => present,
    source  => "puppet:///modules/adobe-air/${deb_file}"
  }

  package { 'adobeair':
    ensure   => $version,
    provider => dpkg,
    source   => "/opt/air-debs/${deb_file}",
    require  => File["/opt/air-debs/${deb_file}"]
  }
}
  • Explicit version specification in the ensure parameter
  • Dynamic file naming using variables
  • Proper file dependency with require
  • Corrected Puppet file source URI format

When you need to upgrade to a new version (e.g., 2.0.5):

  1. Upload the new .deb file to your Puppet server
  2. Update the $version variable in your manifest
  3. Puppet will detect the version mismatch and perform the upgrade

After implementation, verify the package status with:

puppet resource package adobeair
dpkg -l adobeair

For more complex environments, consider setting up a local APT repository:

apt::source { 'company-local':
  location => 'http://apt.example.com',
  release  => 'stable',
  repos    => 'main',
  key      => {
    id     => 'ABCDEF1234567890',
    source => 'http://apt.example.com/key.gpg'
  }
}

package { 'adobeair':
  ensure  => '2.0.4',
  require => Apt::Source['company-local']
}

When managing Debian packages through Puppet, the fundamental approach involves using the dpkg provider for local .deb files. Your current implementation correctly handles initial installation, but version management requires additional considerations.

Puppet determines installed package versions by querying the system's package database (dpkg/apt), not by examining the .deb file itself. The key aspects of version comparison:

# Puppet compares these two values:
# 1. Currently installed version (from dpkg -l)
# 2. Version specified in 'ensure' parameter
#
# Sample version-aware package declaration:
package { 'adobeair':
  provider => dpkg,
  ensure   => '2.0.4',
  source   => '/opt/air-debs/adobeair-2.0.4.deb'
}

For proper update handling, you need to:

  1. Upload the new .deb file with versioned filename
  2. Update the manifest to reference the new version
  3. Set the ensure parameter to the target version

Here's an enhanced version that handles updates more effectively:

class adobe_air {
  $version = '2.0.4'
  $deb_file = "adobeair-${version}.deb"
  
  file { "/opt/air-debs":
    ensure => directory,
    purge  => true,  # Clean up old versions
  }
  
  file { "/opt/air-debs/${deb_file}":
    owner   => root,
    group   => root,
    mode    => '0644',
    source  => "puppet:///modules/adobe_air/${deb_file}",
    notify  => Package['adobeair'],  # Triggers reinstall if file changes
  }

  package { 'adobeair':
    ensure   => $version,  # Explicit version tracking
    provider => dpkg,
    source   => "/opt/air-debs/${deb_file}",
  }
}

For production environments, consider these additional strategies:

  • Use a dedicated local APT repository instead of direct .deb files
  • Implement package version facts for dynamic version checking
  • Combine with apt module for dependency resolution
# Example using puppetlabs-apt module
apt::source { 'local-debs':
  location => 'file:/opt/air-debs',
  release  => 'stable',
  repos    => 'main',
  key      => {
    id     => 'YOUR_KEY_ID',
    source => 'puppet:///modules/adobe_air/keyfile.key'
  }
}

package { 'adobeair':
  ensure  => '2.0.4',
  require => Apt::Source['local-debs']
}

When updates don't trigger as expected:

  1. Verify the version string in the .deb matches your ensure parameter
  2. Check for dependency conflicts with dpkg --audit
  3. Use puppet resource package adobeair to verify current state