Mirrors/geerlingguy.ansible-role-docker
1
0
Fork 0
mirror of https://github.com/geerlingguy/ansible-role-docker.git synced 2024-11-18 19:10:43 +01:00
Code Issues Projects Releases Wiki Activity

434 Add GPG keys to keyrings instead of trusted.gpg.d

Browse Source
This commit is contained in:
Omkar Kawade 2023-11-16 18:59:51 -08:00
parent 8ff4a24147
commit 1dca07177f
2 changed files with 14 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
defaults/main.yml
View File

@ -38,7 +38,7 @@ docker_apt_release_channel: stable
# and is only necessary until Docker officially supports them.
docker_apt_ansible_distribution: "{{ 'ubuntu' if ansible_distribution in ['Pop!_OS', 'Linux Mint'] else ansible_distribution }}"
docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_repository: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/keyrings/docker.gpg] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
docker_apt_ignore_key_error: true
docker_apt_gpg_key: "{{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }}/gpg"
docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807cdce11975eb98170b3a570"

28
tasks/setup-Debian.yml
View File

@ -27,25 +27,23 @@
state: present
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '>=')
- name: Add Docker apt key.
ansible.builtin.get_url:
url: "{{ docker_apt_gpg_key }}"
dest: /etc/apt/trusted.gpg.d/docker.asc
mode: '0644'
force: false
checksum: "{{ docker_apt_gpg_key_checksum | default(omit) }}"
register: add_repository_key
ignore_errors: "{{ docker_apt_ignore_key_error }}"
when: docker_add_repo | bool
- name: Ensure directory exists for /etc/apt/keyrings
file:
path: /etc/apt/keyrings
state: directory
mode: '0755'
- name: Ensure curl is present (on older systems without SNI).
- name: Ensure curl is present
package: name=curl state=present
when: add_repository_key is failed and docker_add_repo | bool
- name: Add Docker apt key (alternative for older systems without SNI).
- name: Add Docker apt key
shell: >
curl -sSL {{ docker_apt_gpg_key }} | apt-key add -
when: add_repository_key is failed and docker_add_repo | bool
curl -sSL {{ docker_apt_gpg_key }} | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg --yes
- name: Change permissions for /etc/apt/keyrings/docker.gpg
file:
path: /etc/apt/keyrings/docker.gpg
mode: 'a+r'
- name: Add Docker repository.
apt_repository: