1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_epel.git synced 2024-08-16 14:49:49 +02:00

change all variable names

change variables, add fingerprint check and add fallback if local keys do not exist
This commit is contained in:
L3D 2020-02-26 14:37:22 +01:00 committed by L3D
parent 12536bd788
commit 225bd0dc68
No known key found for this signature in database
GPG key ID: 5215C3441797AB2B
4 changed files with 36 additions and 8 deletions

View file

@ -10,6 +10,7 @@ missing:
- os detection (RHEL)
- github-actions
- docs
- vars
working:
- epel install on centos 7

View file

@ -1,5 +1,11 @@
---
submodules_versioncheck: true
submodules_versioncheck: false
# epel repo
epel_repo_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
epel_repo_gpg_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
epel_repo:
url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
gpg_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
gpg_key_path: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
fingerprint:
'6': "8C3B E96A F230 9184 DA5C 0DAE 3B49 DF2A 0608 B895"
'7': "91E9 7D7C 4A5E 96F1 7F3E 888F 6A2F AEA2 352C 64E5"
'8': "94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1"

View file

@ -1,18 +1,30 @@
---
- name: combine epel_repo config
set_fact:
epel_repo: "{{ _epel_repo|combine(epel_repo, recursive=True) }}"
- include_tasks: versioncheck.yml
when: submodules_versioncheck|bool
- name: import EPEL Repo GPG Key
become: true
block:
- name: import epel gpg from file
rpm_key:
key: "{{ epel_repo_gpg_key_url }}"
key: "{{ epel_repo.gpg_key_path }}"
state: present
validate_certs: true
fingerprint: "{{ epel_repo.fingerprint[ansible_distribution_major_version] }}"
rescue:
- name: import epel gpgp from url
rpm_key:
key: "{{ epel_repo.gpg_key_url }}"
state: present
fingerprint: "{{ epel_repo['fingerprint'][ ansible_distribution_major_version ] }}"
become: true
- name: Install EPEL repo
become: true
yum:
name: "{{ epel_repo_url }}"
name: "{{ epel_repo.url }}"
state: present
register: result
until: result is succeeded

View file

@ -1,3 +1,12 @@
---
playbook_version_number: 1025 # should be over ninethousand
playbook_version_path: 'role-epel_roles-ansible_github.com.version'
# epel repo
_epel_repo:
url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"
gpg_key_url: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
gpg_key_path: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-{{ ansible_distribution_major_version }}"
fingerprint:
'6': "8C3B E96A F230 9184 DA5C 0DAE 3B49 DF2A 0608 B895"
'7': "91E9 7D7C 4A5E 96F1 7F3E 888F 6A2F AEA2 352C 64E5"
'8': "94E2 79EB 8D8F 25B2 1810 ADF1 21EA 45AB 2F86 D6A1"