Switch to the puppetlabs/apt module

The shared apt module is deprecated and the shared Puppet modules group decided to switch to https://github.com/puppetlabs/puppetlabs-apt.

See https://gitlab.com/shared-puppet-modules-group/apt/blob/master/UPGRADING.md for migration info. Lots of features we use are missing so this is going to take time. Let’s try to make it happen by the end of 2019Q1.

This migration can be split into steps:

migrate away from functionality provided by the shared apt module but that’s not supported by puppetlabs/apt: either switch to already supported alternatives, or to “plugins”, or submit PRs to puppetlabs/apt
1. ~~listchanges~~ done
2. ~~apt::apticron → APT::Periodic + monitoring check~~ done
3. ~~apt::reboot_required_notify → install reboot-notifier ourselves~~ done
4. ~~apt::dpkg_statoverride → import it in puppet-tails~~
~~reach the point where the only functionality we use from the shared apt module is also supported either by puppetlabs/apt directly or by modules that depend on it~~
switch to puppetlabs/apt; changes that must happen in lockstep when doing so:
1. ~~apt::apt_conf → apt::conf~~
2. apt::custom_key_dir → apt class’ keys parameter but implementation looks scary (do the red flags apply to us?); worst case, follow https://wiki.debian.org/DebianRepository/UseThirdParty and drop the non-ascii-armorded key in /usr/share/keyrings/example-archive-keyring.gpg + point to it from sources.list
3. ~~apt::cron → https://github.com/voxpupuli/puppet-unattended_upgrades~~
4. ~~apt::package → package + apt::pin~~
5. ~~apt::preferences_snippet → apt::pin~~
6. ~~apt::proxy* → apt class’ proxy parameter~~
7. ~~apt::sources_list, apt::repos, apt::use_next_release, apt::use_volatile, tails::apt::repository::* → puppetlabs/apt provides several was to manage sources.list~~

To list the apt:: things we use:

git grep -h --only-matching --color=never \
  --recurse-submodules -E '\bapt::[^ ]+\b' -- \
  hieradata/ manifests/ modules/reprepro/ modules/tails* \
  2>/dev/null \
  | sort -u

Feature Branch: puppet-lizard-manifests:feature15510, puppet-tails:feature15510

Parent Task: #15500 (closed)

Related issues

Blocks #13284

Original created by @intrigeri on 15510 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information