x-yuri
x-yuri

Reputation: 18863

How to install yum repository key with ansible?

I tried it two ways:

- name: Add repository
  yum_repository:
    # from https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
    name: passenger
    description: Passenger repository
    baseurl: https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch
    repo_gpgcheck: 1
    gpgcheck: 0
    enabled: 1
    gpgkey: https://packagecloud.io/gpg.key
    sslverify: 1
    sslcacert: /etc/pki/tls/certs/ca-bundle.crt

- name: Add repository key (option 1)
  rpm_key:
    key: https://packagecloud.io/gpg.key

- name: Add repository key (option 2)
  command: rpm --import https://packagecloud.io/gpg.key

- name: Install nginx with passenger
  yum: name={{ item }}
  with_items: [nginx, passenger]

But for it to work, I need to ssh to the machine, confirm importing the key (by running any yum command, e.g. yum list installed), and then continue provisioning. Is there a way to do it automatically?

UPD here's what ansible says:

TASK [nginx : Add repository key] **********************************************
changed: [default]

TASK [nginx : Install nginx with passenger] ************************************
failed: [default] (item=[u'nginx', u'passenger']) => {"failed": true, "item": ["nginx", "passenger"], "msg": "Failure talking
 to yum: failure: repodata/repomd.xml from passenger: [Errno 256] No more mirrors to try.\nhttps://oss-binaries.phusionpassen
ger.com/yum/passenger/el/7/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml signature could not be verified for passenger"}

So, the key is indeed imported in both cases, but to be used it must be confirmed.

Upvotes: 1

Views: 11870

Answers (2)

Davor Cubranic
Davor Cubranic

Reputation: 1120

After adding the repository and the repository key, just update that repo's metadata with:

- name: update repo cache for the new repo
  command: yum -q makecache -y --disablerepo=* --enablerepo=passenger

Then proceed with yum: name=... as before.

Upvotes: 1

x-yuri
x-yuri

Reputation: 18863

Fixed it by running yum directly with -y switch (and using rpm_key module, if anything):

- name: Install nginx with passenger
  command: yum -y install {{ item }}
  with_items: [nginx, passenger]

Upvotes: 0

Related Questions