Closed zerwes closed 5 months ago
Hi,
Thanks so much for your contribution!
The checks fail due to idempotency tests. Could it be that there's a newer apt_key
module that will put it in the right place on Ubuntu? It looks like one task is removing it and the other is putting it back again.
I manually tested the changes on a Debian 12 box. Looks good to me!
Hello @widhalmt
Oh, sorry, I have to admit: my mistake.
Usually, while managing all hosts mainly via ansible, the apt warning is hidden. I just stumbled over it while testing some things manually. And I just applied an older fix I had developed for other repositories and took the short way, yolo, and just opened the PR.
But things develop and meanwhile it seems the apt_key
task is reading keys from /etc/apt/trusted.gpg.d/
too and removing them if requested ... so for surely the idempotency check will fail, as the key is removed and re-added.
Well meanwhile, the apt_key
command ist deprecated in ansible too, so, while thinking about a clean solution, I stumbled over the next issue: storing keys in /etc/apt/trusted.gpg.d/
removes the apt warning, but the keys are still trusted in a global scope. The new an best way to do it is to restict the key trust just for the repo in question. The deb822_repository
is available for ansible >= 2.15
, so not yet ready for collections in a wider use.
SO I will close this PR and reopen another one (considering the idempotency check)
Sorry for the trouble, thank you for your hint and until the next PR targeting this issue.
Greetings
Klaus
avoid warning on debian 12