apt

The apt resource manages packages using apt-get. It is declarative and idempotent.

Input

Output

Behavior

Check phase

1. Asserts the target host uses apt (via ctx.facts.pkgManager). Allows null/unknown but fails on an explicit non-apt package manager.
2. Queries dpkg-query for each package's install status and version.
3. For state: "present" — in desired state if all packages are installed.
4. For state: "absent" — in desired state if all packages are not installed.
5. For state: "latest" — queries apt-cache policy to compare installed version against candidate version.

Apply phase

• present / latest: runs sudo DEBIAN_FRONTEND=noninteractive apt-get install -y -qq <packages>
• absent: runs sudo DEBIAN_FRONTEND=noninteractive apt-get remove -y -qq <packages>
• If update: true, runs sudo apt-get update -qq before the package action

Annotations

Examples

Install a single package

await apt({ name: "nginx", state: "present" })

Install multiple packages

await apt({ name: ["git", "curl", "htop"], state: "present" })

Install with update

await apt({ name: "nginx", state: "present", update: true })

This runs apt-get update before the package action. It's most useful before installs or upgrades when the package index may be stale.

Remove a package

await apt({ name: "apache2", state: "absent" })

Ensure latest version

await apt({ name: "nginx", state: "latest" })

Upgrades the package if a newer version is available in the apt cache.

Gotchas

• The apt resource requires sudo on the remote host for install/remove operations.
• When using name as an array, all packages are installed/removed in a single apt-get call.
• state: "latest" compares against the candidate version from apt-cache policy. Run with update: true if you need the latest from the repository.
• Only works on hosts with apt-get (Debian, Ubuntu, and derivatives).