Merge pull request #11 from Oefenweb/make-use-of-other-keyring

Make use of other keyring
Oefenweb · Nov 27, 2024 · 45810d9 · 45810d9
2 parents 4db7d8f + fa3790d
commit 45810d9
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 17 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -45,6 +45,7 @@ jobs:
       matrix:
         include:
           - distro: debian10
+            ansible-version: '>=9, <10'
           - distro: debian11
           - distro: debian12
           - distro: ubuntu1804

diff --git a/README.md b/README.md
@@ -9,6 +9,8 @@ Set up [VirtualBox](https://www.virtualbox.org/) in Debian-like systems.
 
 * `software-properties-common` (will be installed)
 * `dirmngr` (will be installed)
+* `apt-transport-https` (will be installed)
+* `wget` (will be installed)
 
 #### Variables
 

diff --git a/tasks/repository.yml b/tasks/repository.yml
@@ -1,28 +1,36 @@
 # tasks file
 ---
-- name: repository | install | dependencies (pre)  # noqa args[module]
+- name: repository | install dependencies (pre)
   ansible.builtin.apt:
     name: "{{ virtualbox_dependencies_pre }}"
     state: "{{ apt_install_state | default('latest') }}"
     update_cache: true
     cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
   tags:
-    - virtualbox-repository-install
     - virtualbox-repository-install-dependencies
 
-- name: repository | add public key
-  ansible.builtin.apt_key:
-    id: "{{ item.id }}"
-    url: "{{ item.url }}"
-    state: present
-  with_items: "{{ virtualbox_public_keys }}"
+- name: repository | (keyrings) directory | create
+  ansible.builtin.file:
+    path: "{{ virtualbox_keyring_dst | dirname }}"
+    state: directory
+    owner: root
+    group: root
+    mode: 0755
   tags:
-    - virtualbox-repository-public-key
+    - virtualbox-repository-keyrings-directory-create
 
-- name: repository | add repository
+- name: repository | (keyring) file | download  # noqa command-instead-of-module risky-shell-pipe
+  ansible.builtin.shell: >
+    wget -O- {{ virtualbox_keyring_src }} | gpg --dearmor --yes --output {{ virtualbox_keyring_dst }}
+  args:
+    creates: "{{ virtualbox_keyring_dst }}"
+  tags:
+    - virtualbox-repository-keyring-file-download
+
+- name: repository | add
   ansible.builtin.apt_repository:
     repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
-    state: present
+    state: "{{ item.state | default('present') }}"
     update_cache: true
     mode: 0644
   with_items: "{{ virtualbox_repositories }}"

diff --git a/vars/main.yml b/vars/main.yml
@@ -1,19 +1,26 @@
 # vars file
 ---
+virtualbox_keyring_src: https://www.virtualbox.org/download/oracle_vbox_2016.asc
+virtualbox_keyring_dst: /usr/share/keyrings/oracle-virtualbox-2016.gpg
 virtualbox_repositories:
+  - type: 'deb [arch=amd64 signed-by={{ virtualbox_keyring_dst }}]'
+    url: "https://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
+    component: contrib
+  - type: 'deb [arch=amd64]'
+    url: "https://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
+    component: contrib
+    state: absent
   - type: 'deb [arch=amd64]'
     url: "http://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
     component: contrib
-virtualbox_public_keys:
-  - id: 54422A4B98AB5139
-    url: https://www.virtualbox.org/download/oracle_vbox.asc
-  - id: A2F683C52980AECF
-    url: https://www.virtualbox.org/download/oracle_vbox_2016.asc
+    state: absent
 
 virtualbox_dependencies_pre:
   - software-properties-common
   - dirmngr
-  - gpg-agent
+  - apt-transport-https
+  - wget
+  - coreutils
 
 virtualbox_dependencies:
   - "virtualbox-{{ virtualbox_version }}"