mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Fix 'repomd.xml signature could not be verified' (#35989)
If a repo with `repo_gpgcheck=1` is added and the repo GPG key was never accepted, quering this repo would throw an error `repomd.xml signature could not be verified` and the module would fail. If that happens now `yum -y makecache` will be run which will fetch the new repo data and accept the repo GPG key.
This commit is contained in:
parent
00068e9fcc
commit
68ff986708
1 changed files with 16 additions and 4 deletions
|
@ -529,7 +529,7 @@ def is_update(module, repoq, pkgspec, conf_file, qf=def_qf, en_repos=None, dis_r
|
|||
return set()
|
||||
|
||||
|
||||
def what_provides(module, repoq, req_spec, conf_file, qf=def_qf, en_repos=None, dis_repos=None, installroot='/'):
|
||||
def what_provides(module, repoq, yum_basecmd, req_spec, conf_file, qf=def_qf, en_repos=None, dis_repos=None, installroot='/'):
|
||||
if en_repos is None:
|
||||
en_repos = []
|
||||
if dis_repos is None:
|
||||
|
@ -545,7 +545,19 @@ def what_provides(module, repoq, req_spec, conf_file, qf=def_qf, en_repos=None,
|
|||
for rid in en_repos:
|
||||
my.repos.enableRepo(rid)
|
||||
|
||||
pkgs = my.returnPackagesByDep(req_spec) + my.returnInstalledPackagesByDep(req_spec)
|
||||
try:
|
||||
pkgs = my.returnPackagesByDep(req_spec) + my.returnInstalledPackagesByDep(req_spec)
|
||||
except Exception as e:
|
||||
# If a repo with `repo_gpgcheck=1` is added and the repo GPG
|
||||
# key was never accepted, quering this repo will throw an
|
||||
# error: 'repomd.xml signature could not be verified'. In that
|
||||
# situation we need to run `yum -y makecache` which will accept
|
||||
# the key and try again.
|
||||
if 'repomd.xml signature could not be verified' in to_native(e):
|
||||
module.run_command(yum_basecmd + ['makecache'])
|
||||
pkgs = my.returnPackagesByDep(req_spec) + my.returnInstalledPackagesByDep(req_spec)
|
||||
else:
|
||||
raise
|
||||
if not pkgs:
|
||||
e, m, _ = my.pkgSack.matchPackageNames([req_spec])
|
||||
pkgs.extend(e)
|
||||
|
@ -862,7 +874,7 @@ def install(module, items, repoq, yum_basecmd, conf_file, en_repos, dis_repos, i
|
|||
continue
|
||||
|
||||
# look up what pkgs provide this
|
||||
pkglist = what_provides(module, repoq, spec, conf_file, en_repos=en_repos, dis_repos=dis_repos, installroot=installroot)
|
||||
pkglist = what_provides(module, repoq, yum_basecmd, spec, conf_file, en_repos=en_repos, dis_repos=dis_repos, installroot=installroot)
|
||||
if not pkglist:
|
||||
res['msg'] += "No package matching '%s' found available, installed or updated" % spec
|
||||
res['results'].append("No package matching '%s' found available, installed or updated" % spec)
|
||||
|
@ -1127,7 +1139,7 @@ def latest(module, items, repoq, yum_basecmd, conf_file, en_repos, dis_repos, up
|
|||
pkgs['update'].append(spec)
|
||||
else:
|
||||
pkgs['install'].append(spec)
|
||||
pkglist = what_provides(module, repoq, spec, conf_file, en_repos=en_repos, dis_repos=dis_repos, installroot=installroot)
|
||||
pkglist = what_provides(module, repoq, yum_basecmd, spec, conf_file, en_repos=en_repos, dis_repos=dis_repos, installroot=installroot)
|
||||
# FIXME..? may not be desirable to throw an exception here if a single package is missing
|
||||
if not pkglist:
|
||||
res['msg'] += "No package matching '%s' found available, installed or updated" % spec
|
||||
|
|
Loading…
Reference in a new issue