Skip to content

Commit

Permalink
Make use of other keyring
Browse files Browse the repository at this point in the history
  • Loading branch information
@tersmitten
tersmitten committed Nov 26, 2024
1 parent 600795d commit 361a671
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 58 deletions.
69 changes: 21 additions & 48 deletions tasks/repository.yml
View file
Original file line number Diff line number Diff line change
@@ -1,65 +1,38 @@
# tasks file
---
- name: repository | dependencies
- name: repository | install dependencies (pre)
ansible.builtin.apt:
name: "{{ ' '.join(docker_dependencies_pre).split() }}"
state: "{{ apt_install_state | default('latest') }}"
update_cache: true
cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
tags:
- docker-repository-dependencies
- docker-repository-install-dependencies

# Old python (TLS issues)
- name: repository | old python
when: ansible_python_version is version('2.7.9', '<')
block:
- name: repository | create (download) directory
ansible.builtin.file:
path: "{{ docker_downloads_path }}"
state: directory
owner: root
group: root
mode: 0755
tags:
- docker-repository-directory
- docker-repository-directory-create

- name: repository | download public key # noqa command-instead-of-module
ansible.builtin.command: >
curl -sSL {{ item.url }} -o {{ docker_downloads_path }}/{{ item.id }}.key
args:
creates: "{{ docker_downloads_path }}/{{ item.id }}.key"
with_items: "{{ docker_apt_keys }}"
tags:
- docker-repository-public-key

- name: repository | add public key
ansible.builtin.apt_key:
id: "{{ item.id }}"
file: "{{ docker_downloads_path }}/{{ item.id }}.key"
state: present
with_items: "{{ docker_apt_keys }}"
tags:
- docker-repository-public-key
- name: repository | (keyrings) directory | create
ansible.builtin.file:
path: "{{ docker_keyring_dst | dirname }}"
state: directory
owner: root
group: root
mode: 0755
tags:
- docker-repository-keyrings-directory-create

# New python
- name: repository | new python
when: ansible_python_version is version('2.7.9', '>=')
block:
- name: repository | add public key
ansible.builtin.apt_key:
id: "{{ item.id }}"
url: "{{ item.url }}"
state: present
with_items: "{{ docker_apt_keys }}"
tags:
- docker-repository-public-key
- name: repository | (keyring) file | download
ansible.builtin.apt_key:
url: "{{ docker_keyring_src }}"
keyring: "{{ docker_keyring_dst }}"
state: present
tags:
- insync-repository-keyring-file-download

- name: repository | add
ansible.builtin.apt_repository:
repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
state: present
state: "{{ item.state | default('present') }}"
update_cache: true
with_items: "{{ docker_apt_repositories }}"
mode: 0644
with_items: "{{ docker_repositories }}"
tags:
- docker-repository-add
21 changes: 11 additions & 10 deletions vars/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,24 @@
# vars file
---
docker_keyring_src: https://download.docker.com/linux/ubuntu/gpg
docker_keyring_dst: /usr/share/keyrings/docker.asc
docker_apt_repositories:
- type: "deb [arch=amd64 signed-by={{ docker_keyring_dst }}]"
url: "https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }}"
component: stable
- type: 'deb [arch=amd64]'
url: "https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }}"
component: stable
state: absent

docker_dependencies_pre:
- software-properties-common
- dirmngr
- gpg-agent
- apt-transport-https
- curl
- apparmor
- "{{ (ansible_distribution == 'Ubuntu') | ternary('linux-image-extra-virtual', '') }}"
- "{{ (ansible_distribution == 'Ubuntu') | ternary('cgroup-lite', '') }}"

docker_apt_keys:
- id: 8D81803C0EBFCD88
url: https://download.docker.com/linux/ubuntu/gpg
docker_apt_repositories:
- type: 'deb [arch=amd64]'
url: "https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }}"
component: stable

docker_downloads_path: /var/lib/ansible/docker/downloads

docker_dependencies:
Expand Down

0 comments on commit 361a671

Please sign in to comment.