Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[rpm_key] Pass GPG key as string value #81929

Open
wants to merge 4 commits into
base: devel
Choose a base branch
from
Open

[rpm_key] Pass GPG key as string value #81929

wants to merge 4 commits into from
+32 −7

Conversation

infame-io
Copy link

SUMMARY

It would be great if the GPG key could be passed as a string value into the ansible.builtin.rpm_key module. This would allow passing the GPG key as an env. variable

export GPG_KEY="-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBGUhLi4BDACrXw5kkEdclg7edHjzs3dCs4GIn7ct/tkyhi0Sw5cmH8txujPi
...
6cy9+l5zdaTzJ+biexvyK7dhXXhyueXWaDF9
=NXmg
-----END PGP PUBLIC KEY BLOCK-----"
---
- name: Import GPG key
  hosts: sandwich

  tasks:
    - name: Import key (env. var)
      become: true
      ansible.builtin.rpm_key:
        key: '{{ lookup("env", "GPG_KEY" )}}'
        state: present

and it could enable passing the GPG key from services like AWS Systems Manager Parameter Store

---
- name: Import GPG key
  hosts: sandwich

  tasks:
    - name: Import key (AWS SSM)
      become: true
      ansible.builtin.rpm_key:
        key: '{{ lookup("aws_ssm", "/test/ansible/rpm.key.gpg", region="us-east-1" )}}'
        state: present
ISSUE TYPE
  • Feature Pull Request
ADDITIONAL INFORMATION

@infame-io infame-io changed the title Infame io/rpm key [rpm_key] Pass GPG key as string value Oct 7, 2023
@ansibot ansibot added feature This issue/PR relates to a feature request. needs_triage Needs a first human triage before being processed. module This issue/PR relates to a module. labels Oct 7, 2023
bcoca
bcoca requested changes Oct 17, 2023
View reviewed changes
Copy link
Member

@bcoca bcoca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also missing a changelog

lib/ansible/modules/rpm_key.py Outdated Show resolved Hide resolved
lib/ansible/modules/rpm_key.py Outdated Show resolved Hide resolved
@bcoca bcoca removed the needs_triage Needs a first human triage before being processed. label Oct 17, 2023
@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. stale_review Updates were made after the last review and the last review is more than 7 days old. and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. labels Oct 17, 2023
@infame-io
Copy link
Author

Thank you @bcoca. Changelog included

@infame-io infame-io requested a review from bcoca October 19, 2023 01:31
@ansibot ansibot added needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. and removed stale_review Updates were made after the last review and the last review is more than 7 days old. labels Oct 19, 2023
bcoca
bcoca requested changes Oct 19, 2023
View reviewed changes
Copy link
Member

@bcoca bcoca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one thing I missed, the key: option is missing an update, add 'since version 2.17 you can also pass the key as a string'

@ansibot ansibot added stale_review Updates were made after the last review and the last review is more than 7 days old. and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Oct 19, 2023
@infame-io infame-io requested a review from bcoca October 20, 2023 00:24
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Nov 2, 2023
@ansibot ansibot removed the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Apr 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcoca bcoca Awaiting requested review from bcoca

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
feature This issue/PR relates to a feature request. module This issue/PR relates to a module. stale_review Updates were made after the last review and the last review is more than 7 days old.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@infame-io @bcoca @ansibot