From 5ccc1072ea8f3a247e76c722c507abcedb19bcf4 Mon Sep 17 00:00:00 2001 From: Lukas Bednar Date: Tue, 10 Oct 2017 13:31:20 +0200 Subject: [PATCH] [rpm_key] Fix to import first key on the system (#31514) * [rpm_key] Fix to import first key on the system Fixes: #31483 * [rpm_key] removed unsafe_shell and "throwaway" underscore * [rpm_key] adding test to add the first key on system --- lib/ansible/modules/packaging/os/rpm_key.py | 8 ++++++-- test/integration/targets/rpm_key/tasks/rpm_key.yaml | 8 ++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/lib/ansible/modules/packaging/os/rpm_key.py b/lib/ansible/modules/packaging/os/rpm_key.py index fce57f8634..ccdd20884c 100644 --- a/lib/ansible/modules/packaging/os/rpm_key.py +++ b/lib/ansible/modules/packaging/os/rpm_key.py @@ -170,11 +170,15 @@ class RpmKey(object): return stdout, stderr def is_key_imported(self, keyid): - cmd=self.rpm + ' -q gpg-pubkey --qf "%{description}" | ' + self.gpg + ' --no-tty --batch --with-colons --fixed-list-mode -' + cmd = self.rpm + ' -q gpg-pubkey' + rc, stdout, stderr = self.module.run_command(cmd) + if rc != 0: # No key is installed on system + return False + cmd += ' --qf "%{description}" | ' + self.gpg + ' --no-tty --batch --with-colons --fixed-list-mode -' stdout, stderr = self.execute_command(cmd) for line in stdout.splitlines(): if keyid in line.split(':')[4]: - return True + return True return False def import_key(self, keyfile): diff --git a/test/integration/targets/rpm_key/tasks/rpm_key.yaml b/test/integration/targets/rpm_key/tasks/rpm_key.yaml index eda698611d..fa9d7e1079 100644 --- a/test/integration/targets/rpm_key/tasks/rpm_key.yaml +++ b/test/integration/targets/rpm_key/tasks/rpm_key.yaml @@ -101,3 +101,11 @@ - name: confirm that signature check succeeded assert: that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout" + +- name: remove all keys from key ring + shell: "rpm -q gpg-pubkey | xargs rpm -e" + +- name: add very first key on system + rpm_key: + state: present + key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7