Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apt_key is deprecated #81

Closed
bleetube opened this issue Jul 24, 2023 · 4 comments
Closed

apt_key is deprecated #81

bleetube opened this issue Jul 24, 2023 · 4 comments
Assignees
@ishanjainn

Comments

@bleetube
Copy link

bleetube commented Jul 24, 2023
edited

I'm glad to have found this collection! I have been putting band-aids on the cloudalchemy role for some time. I need to find a better way to surface community collections like this.

The apt_key module results in a deprecation error on Ubuntu 22.04:

# apt-get update
...
Reading package lists... Done
W: https://packages.grafana.com/oss/deb/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

geerlingguy has an article for fixing this. Basically, save the armored key as an .asc file, cite it in the signature list and you're golden. I run this before I run the role:

  pre_tasks:
    - name: Add grafana apt repository key.
      ansible.builtin.get_url:
        url: "{{ grafana_apt_key_url }}"
        dest: /usr/share/keyrings/grafana.asc
        mode: '0644'
      tags: grafana
      become: yes

    - name: Ensure the repository is added with the relevant trusted GPG key
      ansible.builtin.lineinfile:
        path: /etc/apt/sources.list.d/grafana.list
        regexp: 'apt.grafana.org'
        line: "deb [arch=amd64 signed-by=/usr/share/keyrings/grafana.asc] https://apt.grafana.com stable main"
        create: true
      register: grafana_repo
      become: yes
      tags: grafana

I understand the challenge will be to apply such a change only to versions of distros where apt has deprecated apt_key and not the ones that came before.

It also looks like the role is using a different repository subdomain, so I don't know what's up with that. I see apt.grafana.org on the packages page.
@ishanjainn
Copy link
Member

Yeah this looks particularly complex right now

@den-is den-is mentioned this issue Aug 27, 2023
Closed
@michaelkebe
Copy link

michaelkebe commented Sep 8, 2023
edited

The key should be integrated as shown here (https://packages.grafana.com/oss/):

# mkdir -p /etc/apt/keyrings/
# wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor > /etc/apt/keyrings/grafana.gpg
# echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee /etc/apt/sources.list.d/grafana.list

More information about it:

https://askubuntu.com/a/1307181/2425

Looks like it's already done here: 7b07d39

@ishanjainn
Copy link
Member

Yup, Made it part of the 2.1.6 release

@ishanjainn
Copy link
Member

Closing this issue

@ishanjainn ishanjainn self-assigned this Sep 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ishanjainn ishanjainn

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@michaelkebe @ishanjainn @bleetube