explicit permissions for APT GPG keys
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
2c47871fa7
commit
454d4c6d30
|
|
@ -14,6 +14,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/reg.asc
|
dest: /etc/apt/trusted.gpg.d/reg.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- apt
|
- apt
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/docker-debian.asc
|
dest: /etc/apt/trusted.gpg.d/docker-debian.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Install docker and python-docker
|
- name: Install docker and python-docker
|
||||||
apt:
|
apt:
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- elasticsearch
|
- elasticsearch
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -49,6 +49,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/hpePublicKey2048_key1.asc
|
dest: /etc/apt/trusted.gpg.d/hpePublicKey2048_key1.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Add HPE repository
|
- name: Add HPE repository
|
||||||
apt_repository:
|
apt_repository:
|
||||||
|
|
@ -114,6 +116,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/hwraid.le-vert.net.asc
|
dest: /etc/apt/trusted.gpg.d/hwraid.le-vert.net.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- name: Add HW tool repository
|
- name: Add HW tool repository
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- filebeat
|
- filebeat
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/fluentd.asc
|
dest: /etc/apt/trusted.gpg.d/fluentd.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- packages
|
- packages
|
||||||
- fluentd
|
- fluentd
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/jenkins.asc
|
dest: /etc/apt/trusted.gpg.d/jenkins.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Add jenkins APT repository
|
- name: Add jenkins APT repository
|
||||||
apt_repository:
|
apt_repository:
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- kibana
|
- kibana
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- logstash
|
- logstash
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -21,12 +21,16 @@
|
||||||
src: reg.asc
|
src: reg.asc
|
||||||
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/reg.asc
|
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/reg.asc
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: copy packages.sury.org GPG Key
|
- name: copy packages.sury.org GPG Key
|
||||||
copy:
|
copy:
|
||||||
src: sury.gpg
|
src: sury.gpg
|
||||||
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/sury.gpg
|
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/trusted.gpg.d/sury.gpg
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: "{{ lxc_php_version }} - Update APT cache"
|
- name: "{{ lxc_php_version }} - Update APT cache"
|
||||||
lxc_container:
|
lxc_container:
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
dest: /etc/apt/trusted.gpg.d/elastic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- metricbeat
|
- metricbeat
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/mongodb-server-4.2.asc
|
dest: /etc/apt/trusted.gpg.d/mongodb-server-4.2.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: enable APT sources list
|
- name: enable APT sources list
|
||||||
apt_repository:
|
apt_repository:
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/newrelic.asc
|
dest: /etc/apt/trusted.gpg.d/newrelic.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Install NewRelic repository
|
- name: Install NewRelic repository
|
||||||
apt_repository:
|
apt_repository:
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,9 @@
|
||||||
copy:
|
copy:
|
||||||
src: nodesource.asc
|
src: nodesource.asc
|
||||||
dest: /etc/apt/trusted.gpg.d/nodesource.asc
|
dest: /etc/apt/trusted.gpg.d/nodesource.asc
|
||||||
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- system
|
- system
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,9 @@
|
||||||
copy:
|
copy:
|
||||||
src: yarnpkg.asc
|
src: yarnpkg.asc
|
||||||
dest: /etc/apt/trusted.gpg.d/yarnpkg.asc
|
dest: /etc/apt/trusted.gpg.d/yarnpkg.asc
|
||||||
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
tags:
|
tags:
|
||||||
- system
|
- system
|
||||||
- packages
|
- packages
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/percona.asc
|
dest: /etc/apt/trusted.gpg.d/percona.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Check if percona-release is installed
|
- name: Check if percona-release is installed
|
||||||
shell: "set -o pipefail && dpkg -l percona-release 2> /dev/null | grep -q -E '^(i|h)i'"
|
shell: "set -o pipefail && dpkg -l percona-release 2> /dev/null | grep -q -E '^(i|h)i'"
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,8 @@
|
||||||
url: https://packages.sury.org/php/apt.gpg
|
url: https://packages.sury.org/php/apt.gpg
|
||||||
dest: /etc/apt/trusted.gpg.d/sury.gpg
|
dest: /etc/apt/trusted.gpg.d/sury.gpg
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Setup deb.sury.org repository - Install apt-transport-https
|
- name: Setup deb.sury.org repository - Install apt-transport-https
|
||||||
apt:
|
apt:
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,8 @@
|
||||||
dest: /etc/apt/trusted.gpg.d/pgdg.asc
|
dest: /etc/apt/trusted.gpg.d/pgdg.asc
|
||||||
force: yes
|
force: yes
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
|
||||||
- name: Update and upgrade apt packages for PGDG repository
|
- name: Update and upgrade apt packages for PGDG repository
|
||||||
apt:
|
apt:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue