apt: converge upload + apt_key tasks

This patch uses a feature of apt_key that allows us to send a payload containing the key data directly without having to upload it beforehand. Change-Id: I4d0ce755461ae27018015dd63581ba9b64cf5122
2019-06-11 17:15:25 -04:00 · 2019-06-11 17:15:25 -04:00 · c41b570bc8
parent b12b7545c4
commit c41b570bc8
2 changed files with 6 additions and 22 deletions
--- a/tasks/install_apt.yml
+++ b/tasks/install_apt.yml
@ -26,24 +26,10 @@
        version: "{{ rabbitmq_erlang_version_spec }}"
        priority: 1000

- name: If a keyfile is provided, copy the gpg keyfile to the key location
-  copy:
-    src: "gpg/{{ item.id }}"
-    dest: "{{ item.file }}"
-    mode: '0644'
-  with_items: "{{ rabbitmq_gpg_keys | selectattr('file','defined') | list }}"
-  tags:
-    - rabbitmq-apt-keys
-
- name: Install gpg keys
-  apt_key: "{{ key }}"
-  with_items: "{{ rabbitmq_gpg_keys }}"
-  loop_control:
-    loop_var: key
-  register: _add_apt_keys
-  until: _add_apt_keys is success
-  retries: 5
-  delay: 2
+- name: Install GPG keys
+  apt_key:
+    data: "{{ lookup('file', item.file) }}"
+  with_items: "{{ rabbitmq_gpg_keys | selectattr('file', 'defined') | list }}"
  tags:
    - rabbitmq-apt-keys

--- a/vars/debian.yml
+++ b/vars/debian.yml
@ -21,10 +21,8 @@ _rabbitmq_package_sha256: "11f70dd68e098e4dc32e3eda49ab68c795e599f3ac0b8b858014c
 _rabbitmq_package_path: "/opt/rabbitmq-server.deb"

 _rabbitmq_gpg_keys:
-  - id: 4D206F89
-    file: /etc/ssl/packagecloud-key
-  - id: A14F4FCA
-    file: /etc/ssl/erlang-key
+  - file: gpg/4D206F89
+  - file: gpg/A14F4FCA

 _rabbitmq_repo_url: "https://packagecloud.io/rabbitmq/rabbitmq-server/{{ ansible_distribution | lower }}"
 _rabbitmq_repo: