Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

how to deal with percona keyserver with ansible

Tags:

ansible

apt

percona

I have been trying to create a percona role in ansible and failing at it. I won't really say failing but it doesn't work as planned. Below is a snippet of the role

- name: Setting up percona server apt-key
  apt_key: 
    id=1C4CBDCDCD2EFD2A
    keyserver=keys.gnupg.net
    state=present

Upon running this I ended up with the following error:

failed: [192.168.56.107] => {"cmd": "apt-key adv --keyserver keys.gnupg.net --recv 1C4CBDCDCD2EFD2A", "failed": true, "rc": 2}
stderr: gpg: requesting key CD2EFD2A from hkp server keys.gnupg.net
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

As you can see ansible executes the following command: apt-key adv --keyserver keys.gnupg.net --recv 1C4CBDCDCD2EFD2A, meanwhile the command that actually works, tested and recommended from percona repository page is apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A. There is a difference in the commands the former is just --recv and the latter is --recv-keys. I have no idea how to make ansible run this commands either can using the ansible command module itself.

There is also this url found on percona download page to the repo key which can be used in the apt_key module instead of keyserver.

What I am interested in knowing is whether it's possible to make ansible run the actual apt_key commands with --recv-keys

like image 964
black sensei Avatar asked May 10 '15 13:05

black sensei

2 Answers

The following command should work for you:

- apt_key: url=http://www.percona.com/redir/downloads/RPM-GPG-KEY-percona
           state=present
like image 177
Mxx Avatar answered Sep 23 '22 18:09

Mxx

The source code for the apt_key module shows it building a command line using --recv but no mention of --recv-keys, so it doesn't look like you can use this module the way you want. I would suggest filing a feature request with the Ansible team to ask that they support this flag.

In the meantime you should be able to call apt-key manually via the command module. The command would be virtually identical to what the debug output showed:

 - name: call apt_key manually
   command: apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
like image 43
Bruce P Avatar answered Sep 22 '22 18:09

Bruce P
Sign in to Comment

Related questions

Automating *just* exim4 configuration with debconf-set-selections with Ansible
How to loop through a list of dictionary, and print out every key and value pair in Ansible
Use Hashicorp Vault with Ansible - plugin setup
using {{item}} inside a regexp in a lineinfile task of Ansible
How do you force Jenkins Ansible Plugin to set log level
Set variable if empty or not defined with ansible
where to create ansible hosts file in virtualenv?
Filter line from Ansible stdout_lines result
How to Sort Items from an Ansible with_subelements list
"msg": "winrm or requests is not installed: No module named xmltodict"
Ansible parse stdout_lines to verify values of a particular item
ansible: create a list from comma separated string
Kubernetes Ansible Operators - Patch an Existing Kubernetes Resource
Ansible - check variable type
How do I write Ansible task for 'systemctl set-default graphical.target' without shell/command modules
How to wait for ssh to become available on a host before installing a role?
using if condition to assign True or False to gather_facts in Ansible doesnt work
Why doesn't the Ansible copy module copy this dir?
Automatically setting up encrypted partitions with Ansible [closed]
Ansible EC2 Python Error: ValueError: No JSON object could be decoded

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!