Skip to content

A robust way to handle repo+gpg keys #905

Closed
trane opened this Issue Mar 14, 2012 · 5 comments

6 participants

@trane
trane commented Mar 14, 2012

It would be helpful if there were a "better" way to do the following:

Add a custom repo
Import the gpg key
Ensure that this repo is present before installing packages X,Y,Z
Packages X,Y,Z are dependent on this repo

http://repo.domain.com:
  repo:
    - type: deb
    - gpg_key: 123456567898
    - src: yes

packageX:
   pkg:
     - installed
     - require:
       - repo: http://repo.domain.com

Right now, this is how you set that up for debian:

  • Create a state file that ensures a line/file is present in /etc/apt/sources.list{.d/}
  • Issue a cmd.run for the gpg key receive
  • Issue a cmd.run for the gpg key import
  • Issue a cmd.run to update repo db
  • Install the packages
@SEJeff
Salt Stack member
SEJeff commented Mar 14, 2012

With an example of: https://gist.github.com/2037472

@thatch45
Salt Stack member

Yes, this has come up a number of times, and it will be a great feature to have

@bclermont

until a clean implementation is done, here is one for ubuntu and debian:

saltstack/salt-contrib@f9cdf3d

support pgp key and even a shortcut for ppa

@tweenk
tweenk commented Feb 2, 2014

According to the docs, this functionality is already present in Salt 0.17.5, and I can attest that it's possible to use the "ppa" shortcut on an Ubuntu server - shouldn't this issue be closed?

@basepi
basepi commented Feb 5, 2014

Thanks for finding this, @tweenk, sounds like it can indeed be closed!

@basepi basepi closed this Feb 5, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.