From 1eb8be83092d98f76d7e5c292b285c5c755bf095 Mon Sep 17 00:00:00 2001 From: Marc Bihlmaier Date: Tue, 7 Nov 2023 04:00:59 +0100 Subject: [PATCH 1/4] update apt sources, add apt keyring gpg --- defaults/main.yml | 8 +++++--- tasks/setup-Debian.yml | 26 ++++++++++++++++++-------- 2 files changed, 23 insertions(+), 11 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9827631..9b57ee4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -51,10 +51,12 @@ kubernetes_apiserver_advertise_address: '' kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' -kubernetes_apt_release_channel: main -# Note that xenial repo is used for all Debian derivatives at this time. -kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" +kubernetes_apt_release_channel: "stable" +kubernetes_apt_keyring_file: "/etc/apt/keyrings/kubernetes-apt-keyring.gpg" +kubernetes_apt_repository_pkgs_k8s_io: "deb [signed-by={{ kubernetes_apt_keyring_file }}] https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/ /" kubernetes_apt_ignore_key_error: false +# this one is deprecated and will be deleted with this role +kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" kubernetes_yum_arch: '$basearch' kubernetes_yum_base_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}" diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 4a83a58..5628ba3 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -6,16 +6,26 @@ - ca-certificates state: present -- name: Add Kubernetes apt key. - apt_key: - url: https://packages.cloud.google.com/apt/doc/apt-key.gpg - state: present - register: add_repository_key - ignore_errors: "{{ kubernetes_apt_ignore_key_error }}" +- name: Prepare apt keyring directory. + ansible.builtin.file: + path: "{{ kubernetes_apt_keyring_file | dirname }}" + state: directory + mode: 0755 + +- name: Get Kubernetes apt key. + shell: "curl -fsSL https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/Release.key | gpg --dearmor -o {{ kubernetes_apt_keyring_file }}" + args: + creates: "{{ kubernetes_apt_keyring_file }}" + +- name: Be sure deprecated Kubernetes repository is absent. + file: + path: "/etc/apt/sources.list.d/apt_kubernetes_io.list" + state: absent - name: Add Kubernetes repository. - apt_repository: - repo: "{{ kubernetes_apt_repository }}" + ansible.builtin.apt_repository: + repo: "{{ kubernetes_apt_repository_pkgs_k8s_io }}" + filename: pkgs_k8s_io state: present update_cache: true From 0b73d150af3a1ea60bda5d014da4f52ae48347e1 Mon Sep 17 00:00:00 2001 From: Marc Bihlmaier Date: Tue, 7 Nov 2023 15:11:01 +0100 Subject: [PATCH 2/4] simplify --- defaults/main.yml | 7 ++----- tasks/setup-Debian.yml | 10 ++++++---- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 9b57ee4..8be101a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -52,11 +52,8 @@ kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' kubernetes_apt_release_channel: "stable" -kubernetes_apt_keyring_file: "/etc/apt/keyrings/kubernetes-apt-keyring.gpg" -kubernetes_apt_repository_pkgs_k8s_io: "deb [signed-by={{ kubernetes_apt_keyring_file }}] https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/ /" -kubernetes_apt_ignore_key_error: false -# this one is deprecated and will be deleted with this role -kubernetes_apt_repository: "deb http://apt.kubernetes.io/ kubernetes-xenial {{ kubernetes_apt_release_channel }}" +kubernetes_apt_keyring_file: "/etc/apt/keyrings/kubernetes-apt-keyring.asc" +kubernetes_apt_repository: "deb [signed-by={{ kubernetes_apt_keyring_file }}] https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/ /" kubernetes_yum_arch: '$basearch' kubernetes_yum_base_url: "https://packages.cloud.google.com/yum/repos/kubernetes-el7-{{ kubernetes_yum_arch }}" diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 5628ba3..ee73486 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -13,9 +13,11 @@ mode: 0755 - name: Get Kubernetes apt key. - shell: "curl -fsSL https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/Release.key | gpg --dearmor -o {{ kubernetes_apt_keyring_file }}" - args: - creates: "{{ kubernetes_apt_keyring_file }}" + ansible.builtin.get_url: + url: "https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/Release.key" + dest: "{{ kubernetes_apt_keyring_file }}" + mode: '0644' + force: true - name: Be sure deprecated Kubernetes repository is absent. file: @@ -24,7 +26,7 @@ - name: Add Kubernetes repository. ansible.builtin.apt_repository: - repo: "{{ kubernetes_apt_repository_pkgs_k8s_io }}" + repo: "{{ kubernetes_apt_repository }}" filename: pkgs_k8s_io state: present update_cache: true From 78169d1895dc67220618feabce7aba7698cb495b Mon Sep 17 00:00:00 2001 From: Marc Bihlmaier Date: Tue, 7 Nov 2023 15:18:40 +0100 Subject: [PATCH 3/4] remove trailing spaces --- tasks/setup-Debian.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index ee73486..7c77ae5 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -13,14 +13,14 @@ mode: 0755 - name: Get Kubernetes apt key. - ansible.builtin.get_url: + ansible.builtin.get_url: url: "https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/Release.key" dest: "{{ kubernetes_apt_keyring_file }}" mode: '0644' force: true - name: Be sure deprecated Kubernetes repository is absent. - file: + file: path: "/etc/apt/sources.list.d/apt_kubernetes_io.list" state: absent From 8a50ed564199590f80ea1701bd0a5fd7ba22fcb4 Mon Sep 17 00:00:00 2001 From: Marc Bihlmaier Date: Tue, 7 Nov 2023 15:22:11 +0100 Subject: [PATCH 4/4] remove trailing spaces --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index 8be101a..32c7648 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -52,7 +52,7 @@ kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}' kubernetes_ignore_preflight_errors: 'all' kubernetes_apt_release_channel: "stable" -kubernetes_apt_keyring_file: "/etc/apt/keyrings/kubernetes-apt-keyring.asc" +kubernetes_apt_keyring_file: "/etc/apt/keyrings/kubernetes-apt-keyring.asc" kubernetes_apt_repository: "deb [signed-by={{ kubernetes_apt_keyring_file }}] https://pkgs.k8s.io/core:/{{ kubernetes_apt_release_channel }}:/v{{ kubernetes_version }}/deb/ /" kubernetes_yum_arch: '$basearch'