-
-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace gpgkey handling for suse #397
Comments
Doesn't work, maybe voxpupuli/puppet-zypprepo#10. So we haven't a chance to offer an alternative method as the module uses now. For SuSE use manage_repo => false and manage the repository on your own, i.e. with gpgcheck => false.... |
How about something like this: # Workaround until zypprepo allows the adding of the keys
# https://github.com/deadpoint/puppet-zypprepo/issues/4
exec { 'logstash_suse_import_gpg':
command => "wget -q -O /tmp/RPM-GPG-KEY-elasticsearch ${gpg_key_url}; \
rpm --import /tmp/RPM-GPG-KEY-elasticsearch; \
rm /tmp/RPM-GPG-KEY-elasticsearch",
unless => "test $(rpm -qa gpg-pubkey | grep -i \"${gpg_key_id}\" | wc -l) -eq 1 ",
} This works perfectly fine for the logstash module and removes the need of /etc/pki/ |
Looks ok, but please don't use /tmp since anyone can create a symlink to anywhere. |
May someone wanna test branch 'bug/Replace-gpgkey-handling-for-suse-397' (note requires puppet 4.10 and higher). Adding the following to hiera icinga2::repo: will use the proxy to download the gpg key and add it to a new line to the repo file. |
The gpgkey is managed by a file resource to download the key. After that we use an exec to import the key. So it's impossible to download the key thru a proxy because the proxy config of zypper is bypassed.
The puppet/zypper (version 2.0.0 and higher) module has a property gpgkey... use it.
The text was updated successfully, but these errors were encountered: