From f59187c13bbcf017a0e1533ae0f0f1ce97bb2e68 Mon Sep 17 00:00:00 2001
From: Mischa ter Smitten <mischa@tersmitten.nl>
Date: Wed, 27 Nov 2024 16:53:56 +0100
Subject: [PATCH 1/2] Make use of other keyring

---
 .github/workflows/ci.yml |  1 +
 README.md                |  2 ++
 tasks/repository.yml     | 28 ++++++++++++++++++----------
 vars/main.yml            | 17 +++++++++++------
 4 files changed, 32 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 70e6297..d204d7b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -45,6 +45,7 @@ jobs:
       matrix:
         include:
           - distro: debian10
+            ansible-version: '>=9, <10'
           - distro: debian11
           - distro: debian12
           - distro: ubuntu1804
diff --git a/README.md b/README.md
index 92dd076..3751631 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,8 @@ Set up [VirtualBox](https://www.virtualbox.org/) in Debian-like systems.
 
 * `software-properties-common` (will be installed)
 * `dirmngr` (will be installed)
+* `apt-transport-https` (will be installed)
+* `wget` (will be installed)
 
 #### Variables
 
diff --git a/tasks/repository.yml b/tasks/repository.yml
index fdd581d..7724076 100644
--- a/tasks/repository.yml
+++ b/tasks/repository.yml
@@ -1,25 +1,33 @@
 # tasks file
 ---
-- name: repository | install | dependencies (pre)  # noqa args[module]
+- name: repository | install dependencies (pre)
   ansible.builtin.apt:
     name: "{{ virtualbox_dependencies_pre }}"
     state: "{{ apt_install_state | default('latest') }}"
     update_cache: true
     cache_valid_time: "{{ apt_update_cache_valid_time | default(3600) }}"
   tags:
-    - virtualbox-repository-install
     - virtualbox-repository-install-dependencies
 
-- name: repository | add public key
-  ansible.builtin.apt_key:
-    id: "{{ item.id }}"
-    url: "{{ item.url }}"
-    state: present
-  with_items: "{{ virtualbox_public_keys }}"
+- name: repository | (keyrings) directory | create
+  ansible.builtin.file:
+    path: "{{ virtualbox_keyring_dst | dirname }}"
+    state: directory
+    owner: root
+    group: root
+    mode: 0755
+  tags:
+    - virtualbox-repository-keyrings-directory-create
+
+- name: repository | (keyring) file | download  # noqa command-instead-of-module risky-shell-pipe
+  ansible.builtin.shell: >
+    wget -O- {{ virtualbox_keyring_src }} | gpg --dearmor --yes --output {{ virtualbox_keyring_dst }}
+  args:
+    creates: "{{ virtualbox_keyring_dst }}"
   tags:
-    - virtualbox-repository-public-key
+    - virtualbox-repository-keyring-file-download
 
-- name: repository | add repository
+- name: repository | add
   ansible.builtin.apt_repository:
     repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
     state: present
diff --git a/vars/main.yml b/vars/main.yml
index bc6855a..678db19 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,19 +1,24 @@
 # vars file
 ---
+virtualbox_keyring_src: https://www.virtualbox.org/download/oracle_vbox_2016.asc
+virtualbox_keyring_dst: /usr/share/keyrings/oracle-virtualbox-2016.gpg
 virtualbox_repositories:
+  - type: 'deb [arch=amd64 signed-by={{ virtualbox_keyring_dst }}]'
+    url: "https://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
+    component: contrib
+  - type: 'deb [arch=amd64]'
+    url: "https://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
+    component: contrib
   - type: 'deb [arch=amd64]'
     url: "http://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
     component: contrib
-virtualbox_public_keys:
-  - id: 54422A4B98AB5139
-    url: https://www.virtualbox.org/download/oracle_vbox.asc
-  - id: A2F683C52980AECF
-    url: https://www.virtualbox.org/download/oracle_vbox_2016.asc
 
 virtualbox_dependencies_pre:
   - software-properties-common
   - dirmngr
-  - gpg-agent
+  - apt-transport-https
+  - wget
+  - coreutils
 
 virtualbox_dependencies:
   - "virtualbox-{{ virtualbox_version }}"

From fa3790d88f7eda11d4960064f1b5334ddb1d1cf1 Mon Sep 17 00:00:00 2001
From: Mischa ter Smitten <mischa@tersmitten.nl>
Date: Wed, 27 Nov 2024 17:08:04 +0100
Subject: [PATCH 2/2] Add forgotten state

---
 tasks/repository.yml | 2 +-
 vars/main.yml        | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/tasks/repository.yml b/tasks/repository.yml
index 7724076..764f416 100644
--- a/tasks/repository.yml
+++ b/tasks/repository.yml
@@ -30,7 +30,7 @@
 - name: repository | add
   ansible.builtin.apt_repository:
     repo: "{{ item.type }} {{ item.url }} {{ item.component }}"
-    state: present
+    state: "{{ item.state | default('present') }}"
     update_cache: true
     mode: 0644
   with_items: "{{ virtualbox_repositories }}"
diff --git a/vars/main.yml b/vars/main.yml
index 678db19..4501fe4 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -9,9 +9,11 @@ virtualbox_repositories:
   - type: 'deb [arch=amd64]'
     url: "https://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
     component: contrib
+    state: absent
   - type: 'deb [arch=amd64]'
     url: "http://download.virtualbox.org/virtualbox/debian {{ ansible_distribution_release }}"
     component: contrib
+    state: absent
 
 virtualbox_dependencies_pre:
   - software-properties-common