Binary GnuPG keys downloaded via URLs by the 'ansible.builtin.apt_key' module were corrupted so 'gpg' could not import them (https://github.com/ansible/ansible/issues/74424) (#74474)
This commit is contained in:
parent
9e61952cdc
commit
3bc2e7783c
5 changed files with 23 additions and 1 deletions
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
bugfixes:
|
||||
- Binary GnuPG keys downloaded via URLs by the 'ansible.builtin.apt_key' module were corrupted so 'gpg' could not import them (https://github.com/ansible/ansible/issues/74424).
|
|
@ -283,12 +283,15 @@ def download_key(module, url):
|
|||
|
||||
def get_key_id_from_file(module, filename, data=None):
|
||||
|
||||
native_data = to_native(data)
|
||||
is_armored = native_data.find("-----BEGIN PGP PUBLIC KEY BLOCK-----") >= 0
|
||||
|
||||
global lang_env
|
||||
key = None
|
||||
|
||||
cmd = [gpg_bin, '--with-colons', filename]
|
||||
|
||||
(rc, out, err) = module.run_command(cmd, environ_update=lang_env, data=to_native(data))
|
||||
(rc, out, err) = module.run_command(cmd, environ_update=lang_env, data=(native_data if is_armored else data), binary_data=not is_armored)
|
||||
if rc != 0:
|
||||
module.fail_json(msg="Unable to extract key from '%s'" % ('inline data' if data is None else filename), stdout=out, stderr=err)
|
||||
|
||||
|
|
Binary file not shown.
13
test/integration/targets/apt_key/tasks/apt_key_binary.yml
Normal file
13
test/integration/targets/apt_key/tasks/apt_key_binary.yml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
|
||||
- name: Ensure import of binary key downloaded using URLs works
|
||||
apt_key: url=https://packages.cloud.google.com/apt/doc/apt-key.gpg
|
||||
# replace the above URL to the following, after the pull request is accepted
|
||||
# apt_key: url=https://github.com/ansible/ansible/tree/devel/test/integration/targets/apt_key/samples/apt-key-example-binary.gpg
|
||||
register: apt_key_binary_test
|
||||
|
||||
- name: Validate the results
|
||||
assert:
|
||||
that:
|
||||
- 'apt_key_binary_test.changed is defined'
|
||||
- 'apt_key_binary_test.changed'
|
|
@ -29,3 +29,6 @@
|
|||
|
||||
- import_tasks: 'file.yml'
|
||||
when: ansible_distribution in ('Ubuntu', 'Debian')
|
||||
|
||||
- import_tasks: 'apt_key_binary.yml'
|
||||
when: ansible_distribution in ('Ubuntu', 'Debian')
|
||||
|
|
Loading…
Reference in a new issue