expired DEB rep keys

[qs5779]

I attempted to use your tool to install the puppet agent on a new ubuntu cloud server. It fails with error installing keys. As you can see at the bottom of my output the keys installed, but it seems 3 of the 4 keys are expired which I suspect is the reason for the failure.

$ ansible-playbook -i ~/ansible/inventory.yml ~/ansible/wtf-playbooks/install-puppet-agent.yml

PLAY [] **

TASK [Gathering Facts] ***** ok: []

TASK [diodonfrost.puppet_agent : Include OS specific variables.] *** ok: []

TASK [diodonfrost.puppet_agent : Install Puppetlabs repository] **** included: /home/jim/.ansible/roles/diodonfrost.puppet_agent/tasks/repository/install-repository.yml for

TASK [diodonfrost.puppet_agent : set_fact] ***** skipping: []

TASK [diodonfrost.puppet_agent : Amazonlinux | Add Puppetlabs rpm key] ***** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : Amazonlinux | Add Puppetlabs repository] ** skipping: []

TASK [diodonfrost.puppet_agent : Amazonlinux | Add Puppetlabs source repository] *** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs rpm key] ** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs repository] *** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs source repository] **** skipping: []

TASK [diodonfrost.puppet_agent : Debian | Add Puppetlabs apt key] ** skipping: [] => (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppet) skipping: [] => (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppet-20250406) skipping: [] => (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppetlabs) skipping: [] => (item=https://apt.puppetlabs.com/DEB-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : Debian | Add Puppetlabs repository] *** skipping: []

TASK [diodonfrost.puppet_agent : Debian | Add Puppetlabs source repository] **** skipping: []

TASK [diodonfrost.puppet_agent : Debian | Update apt cache] **** skipping: []

TASK [diodonfrost.puppet_agent : Fedora | Add Puppetlabs rpm key] ** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : Fedora | Add Puppetlabs repository] *** skipping: []

TASK [diodonfrost.puppet_agent : Fedora | Add Puppetlabs source repository] **** skipping: []

TASK [diodonfrost.puppet_agent : Suse | Add Puppetlabs rpm key] **** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : Suse | Add Puppetlabs repository] ***** skipping: []

TASK [diodonfrost.puppet_agent : Suse | Add Puppetlabs rpm key] **** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : Suse | Add Puppetlabs repository] ***** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs rpm key] ** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs repository] *** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs source repository] **** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs rpm key] ** skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppet-20250406) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs) skipping: [] => (item=http://yum.puppetlabs.com/RPM-GPG-KEY-reductive)

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs repository] *** skipping: []

TASK [diodonfrost.puppet_agent : CentOS | Add Puppetlabs source repository] **** skipping: []

TASK [diodonfrost.puppet_agent : Ubuntu | Add Puppetlabs apt key] ** failed: [] (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppet) => {"after": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "ansible_loop_var": "item", "before": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "changed": true, "fp": "7F438280EF8D349F", "id": "7F438280EF8D349F", "item": "https://apt.puppetlabs.com/DEB-GPG-KEY-puppet", "key_id": "7F438280EF8D349F", "msg": "apt-key did not return an error, but failed to add the key (check that the id is correct and not a subkey)", "short_id": "EF8D349F"} ok: [] => (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppet-20250406) failed: [] (item=https://apt.puppetlabs.com/DEB-GPG-KEY-puppetlabs) => {"after": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "ansible_loop_var": "item", "before": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "changed": true, "fp": "1054B7A24BD6EC30", "id": "1054B7A24BD6EC30", "item": "https://apt.puppetlabs.com/DEB-GPG-KEY-puppetlabs", "key_id": "1054B7A24BD6EC30", "msg": "apt-key did not return an error, but failed to add the key (check that the id is correct and not a subkey)", "short_id": "4BD6EC30"} failed: [] (item=https://apt.puppetlabs.com/DEB-GPG-KEY-reductive) => {"after": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "ansible_loop_var": "item", "before": ["4528B6CD9E61EF26", "D94AA3F0EFE21092", "871920D1991BC93C"], "changed": true, "fp": "FFAC86588347A27F", "id": "FFAC86588347A27F", "item": "https://apt.puppetlabs.com/DEB-GPG-KEY-reductive", "key_id": "FFAC86588347A27F", "msg": "apt-key did not return an error, but failed to add the key (check that the id is correct and not a subkey)", "short_id": "8347A27F"}

PLAY RECAP *****

: ok=3 changed=0 unreachable=0 failed=1 skipped=24 rescued=0 ignored=0 The keys actually installed, but it seems 3 of the 4 keys are expired, which is probably causeing the error. $ sudo apt-key list Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). /etc/apt/trusted.gpg -------------------- pub rsa4096 2016-08-18 [SC] [expired: 2021-08-17] 6F6B 1550 9CF8 E59E 6E46 9F32 7F43 8280 EF8D 349F uid [ expired] Puppet, Inc. Release Key (Puppet, Inc. Release Key) pub rsa4096 2019-04-08 [SC] [expires: 2025-04-06] D681 1ED3 ADEE B844 1AF5 AA8F 4528 B6CD 9E61 EF26 uid [ unknown] Puppet, Inc. Release Key (Puppet, Inc. Release Key) pub rsa4096 2010-07-10 [SC] [expired: 2017-01-05] 47B3 20EB 4C7C 375A A9DA E1A0 1054 B7A2 4BD6 EC30 uid [ expired] Puppet Labs Release Key (Puppet Labs Release Key) pub rsa4096 2009-11-14 [SC] [expired: 2011-11-14] 9C6C 5452 4691 2EE7 00FB 5682 FFAC 8658 8347 A27F uid [ expired] Reductive Labs Release Key /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg ------------------------------------------------------ pub rsa4096 2012-05-11 [SC] 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092 uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg ------------------------------------------------------ pub rsa4096 2018-09-17 [SC] F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C uid [ unknown] Ubuntu Archive Automatic Signing Key (2018)

[vmpr]

I have the same problem :(

[vmpr]

seems like that got fixed with this PullRequest: https://github.com/diodonfrost/ansible-role-puppet-agent/pull/11