Move all trusted GPG keys to file repository
continuous-integration/drone/push Build is passing Details

This commit is contained in:
Jérémy Lecour 2021-05-03 14:23:13 +02:00 committed by Jérémy Lecour
parent a7971abb04
commit 9cdddd50a8
26 changed files with 429 additions and 296 deletions

View File

@ -1,6 +1,12 @@
---
# https://wiki.debian.org/DebianRepository/UseThirdParty
- name: Evolix GPG embedded key is absent
apt_key:
id: "B8612B5D"
state: absent
tags:
- apt
- name: Add Evolix GPG key
copy:
src: reg.asc

View File

@ -28,9 +28,11 @@
when: ansible_distribution_release == 'jessie'
- name: Add Docker's official GPG key
apt_key:
#url: https://download.docker.com/linux/debian/gpg
data: "{{ lookup('file', 'docker-debian.gpg') }}"
copy:
src: docker-debian.asc
dest: /etc/apt/trusted.gpg.d/docker-debian.asc
force: yes
mode: "0644"
- name: Install docker and python-docker
apt:

View File

@ -8,11 +8,20 @@
- elasticsearch
- packages
- name: Elastic GPG key is installed
- name: Elastic GPG embedded key is absent
apt_key:
# url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
data: "{{ lookup('file', 'elasticsearch.key') }}"
state: present
id: "D88E42B4"
state: absent
tags:
- elasticsearch
- packages
- name: Elastic GPG key is installed
copy:
src: elastic.asc
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
tags:
- elasticsearch
- packages

View File

@ -37,10 +37,17 @@
- name: HPE Smart Storage Administrator (ssacli) is present
block:
- name: Add HPE GPG key
- name: HPE GPG is absent in embedded database
apt_key:
#url: https://downloads.linux.hpe.com/SDR/hpePublicKey2048_key1.pub
data: "{{ lookup('file', 'hpePublicKey2048_key1.pub') }}"
id: "26C2B797"
state: absent
- name: HPE GPG key is installed
copy:
src: hpePublicKey2048_key1.asc
dest: /etc/apt/trusted.gpg.d/hpePublicKey2048_key1.asc
force: yes
mode: "0644"
- name: Add HPE repository
apt_repository:
@ -93,10 +100,18 @@
- name: MegaRAID SAS package is present
block:
- name: Add HW tool GPG key
- name: HWRaid GPG embedded key is absent
apt_key:
# url: https://hwraid.le-vert.net/debian/hwraid.le-vert.net.gpg.key
data: "{{ lookup('file', 'hwraid.le-vert.net.gpg.key') }}"
id: "23B3D3B4"
state: absent
when: ansible_distribution_major_version is version('9', '>=')
- name: HWRaid GPG key is installed
copy:
src: hwraid.le-vert.net.asc
dest: /etc/apt/trusted.gpg.d/hwraid.le-vert.net.asc
force: yes
mode: "0644"
when: ansible_distribution_major_version is version('9', '>=')
- name: Add HW tool repository

View File

@ -8,11 +8,20 @@
- filebeat
- packages
- name: Elastic GPG key is installed
- name: Elastic GPG embedded key is absent
apt_key:
# url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
data: "{{ lookup('file', 'elasticsearch.key') }}"
state: present
id: "D88E42B4"
state: absent
tags:
- filebeat
- packages
- name: Elastic GPG key is installed
copy:
src: elastic.asc
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
tags:
- filebeat
- packages

View File

@ -1,9 +1,19 @@
---
- name: Fluentd GPG key is installed
- name: Fluentd GPG embedded key is absent
apt_key:
# url: https://packages.treasuredata.com/GPG-KEY-td-agent
data: "{{ lookup('file', 'fluentd.gpg') }}"
id: "AB97ACBE"
state: absent
tags:
- packages
- fluentd
- name: Add Fluentd GPG key
copy:
src: fluentd.asc
dest: /etc/apt/trusted.gpg.d/fluentd.asc
force: yes
mode: "0644"
tags:
- packages
- fluentd

View File

@ -5,10 +5,17 @@
# http://mirrors.jenkins.io/.*
# http://jenkins.mirror.isppower.de/.*
- name: Add jenkins GPG key
- name: Jenkins GPG embedded key is absent
apt_key:
# url: https://jenkins-ci.org/debian/jenkins-ci.org.key
data: "{{ lookup('file', 'jenkins.key') }}"
id: "D50582E6"
state: absent
- name: Add Jenkins GPG key
copy:
src: jenkins.asc
dest: /etc/apt/trusted.gpg.d/jenkins.asc
force: yes
mode: "0644"
- name: Add jenkins APT repository
apt_repository:

View File

@ -8,11 +8,20 @@
- kibana
- packages
- name: Elastic GPG key is installed
- name: Elastic GPG embedded key is absent
apt_key:
# url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
data: "{{ lookup('file', 'elasticsearch.key') }}"
state: present
id: "D88E42B4"
state: absent
tags:
- kibana
- packages
- name: Elastic GPG key is installed
copy:
src: elastic.asc
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
tags:
- kibana
- packages

View File

@ -8,11 +8,20 @@
- logstash
- packages
- name: Elastic GPG key is installed
- name: Elastic GPG embedded key is absent
apt_key:
# url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
data: "{{ lookup('file', 'elasticsearch.key') }}"
state: present
id: "D88E42B4"
state: absent
tags:
- logstash
- packages
- name: Elastic GPG key is installed
copy:
src: elastic.asc
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
tags:
- logstash
- packages

View File

@ -8,11 +8,20 @@
- metricbeat
- packages
- name: Elastic GPG key is installed
- name: Elastic GPG embedded key is absent
apt_key:
# url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
data: "{{ lookup('file', 'elasticsearch.key') }}"
state: present
id: "D88E42B4"
state: absent
tags:
- metricbeat
- packages
- name: Elastic GPG key is installed
copy:
src: elastic.asc
dest: /etc/apt/trusted.gpg.d/elastic.asc
force: yes
mode: "0644"
tags:
- metricbeat
- packages

View File

@ -1,9 +1,16 @@
---
- name: MongoDB public GPG Key
- name: MongoDB GPG embedded key is absent
apt_key:
# url: https://www.mongodb.org/static/pgp/server-4.2.asc
data: "{{ lookup('file', 'server-4.2.asc') }}"
id: "B8612B5D"
state: absent
- name: Add MongoDB GPG key
copy:
src: server-4.2.asc
dest: /etc/apt/trusted.gpg.d/mongodb-server-4.2.asc
force: yes
mode: "0644"
- name: enable APT sources list
apt_repository:

View File

@ -1,9 +1,16 @@
---
- name: Add dotdeb GPG key
- name: NewRelic GPG embedded key is absent
apt_key:
# url: https://download.newrelic.com/548C16BF.gpg
data: "{{ lookup('file', '548C16BF.gpg') }}"
id: "548C16BF"
state: absent
- name: Add NewRelic GPG key
copy:
src: newrelic.asc
dest: /etc/apt/trusted.gpg.d/newrelic.asc
force: yes
mode: "0644"
- name: Install NewRelic repository
apt_repository:

View File

@ -8,10 +8,19 @@
- system
- packages
- name: NodeJS GPG key is installed
- name: NodeJS GPG embedded key is absent
apt_key:
# url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
data: "{{ lookup('file', 'nodesource.gpg.key') }}"
id: "68576280"
state: absent
tags:
- system
- packages
- nodejs
- name: NodeJS GPG key is installed
copy:
src: nodesource.asc
dest: /etc/apt/trusted.gpg.d/nodesource.asc
tags:
- system
- packages

View File

@ -1,9 +1,19 @@
---
- name: yarn GPG key is installed
- name: NodeJS GPG embedded key is absent
apt_key:
# url: https://dl.yarnpkg.com/debian/pubkey.gpg
data: "{{ lookup('file', 'yarnpkg.gpg.key') }}"
id: "86E50310"
state: absent
tags:
- system
- packages
- nodejs
- yarn
- name: NodeJS GPG key is installed
copy:
src: yarnpkg.asc
dest: /etc/apt/trusted.gpg.d/yarnpkg.asc
tags:
- system
- packages

View File

@ -3,9 +3,17 @@
- set_fact:
percona__apt_config_package_file: "percona-release_latest.{{ ansible_distribution_release }}_all.deb"
- name: Add Percona's official GPG key
- name: Percona GPG embedded key is absent
apt_key:
data: "{{ lookup('file', 'percona.asc') }}"
id: "8507EFA5"
state: absent
- name: Add Percona GPG key
copy:
src: percona.asc
dest: /etc/apt/trusted.gpg.d/percona.asc
force: yes
mode: "0644"
- name: Check if percona-release is installed
command: "dpkg -l percona-release"

View File

@ -13,10 +13,17 @@
repo: "deb http://apt.postgresql.org/pub/repos/apt/ {{ansible_distribution_release}}-pgdg main"
update_cache: yes
- name: Add GPG key for PGDG repository
- name: PGDG GPG embedded key is absent
apt_key:
#url: http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc
data: "{{ lookup('file', 'ACCC4CF8.asc') }}"
id: "ACCC4CF8"
state: absent
- name: Add PGDG GPG key
copy:
src: pgdg.asc
dest: /etc/apt/trusted.gpg.d/pgdg.asc
force: yes
mode: "0644"
- name: Update and upgrade apt packages for PGDG repository
apt: