试图在Ansible Playbook中替换APT_KEY
我有一本工作的剧本来创建一个Ubuntu 20.04 VP,然后安装包括Docker在内的软件。
我正在尝试将其用于Ubuntu 22.04 vps。
它确实有效,但是当使用APT时,我会警告说“密钥存储在Legacy trusted.gpg键环中”,因为我正在使用不弃用的apt-key。
我的旧剧本包含:
- name: Add docker signing key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add docker repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable
state: present
经过一番研究,我认为我可以用以下内容替换以下内容:
- name: Add docker signing key (new GPG method)
get_url:
url: https://download.docker.com/linux/ubuntu/gpg
dest: /etc/apt/keyrings/docker.gpg
mode: '0644'
force: true
- name: Add docker repository
apt_repository:
repo: deb [signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable
state: present
一个键存储在/etc/apt/keyrings/docker.gpg中,但是,我会收到以下错误:
TASK [Add docker repository] *********
fatal: [node1]: FAILED! => changed=false
msg: 'Failed to update apt cache: W:GPG error: https://download.docker.com/linux/ubuntu jammy InRelease: The following signatures couldn''t be verified because the public key is not available: NO_PUBKEY 7EA0A9C3F273FCD8, E:The repository ''https://download.docker.com/linux/ubuntu jammy InRelease'' is not signed.
我不知道什么我做错了。
I have a working playbook to create a Ubuntu 20.04 VPS and then install a load of software including Docker.
I am trying to use it for a Ubuntu 22.04 VPS.
It does work, but when using APT, I get warnings that "Key is stored in legacy trusted.gpg keyring" because I am using the deprecated apt-key.
My old playbook contains :
- name: Add docker signing key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add docker repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable
state: present
After some research, I thought I could replace the above with the following :
- name: Add docker signing key (new GPG method)
get_url:
url: https://download.docker.com/linux/ubuntu/gpg
dest: /etc/apt/keyrings/docker.gpg
mode: '0644'
force: true
- name: Add docker repository
apt_repository:
repo: deb [signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu jammy stable
state: present
A key is being stored in /etc/apt/keyrings/docker.gpg, however, I get the following error :
TASK [Add docker repository] *********
fatal: [node1]: FAILED! => changed=false
msg: 'Failed to update apt cache: W:GPG error: https://download.docker.com/linux/ubuntu jammy InRelease: The following signatures couldn''t be verified because the public key is not available: NO_PUBKEY 7EA0A9C3F273FCD8, E:The repository ''https://download.docker.com/linux/ubuntu jammy InRelease'' is not signed.
I do not know what I am doing wrong.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
解决了。
我只需要将密钥文件的扩展名从 .gpg 更改为 .ASC ,然后效果很好。
Solved it.
I just had to change the extension of the key file from .gpg to .asc and then it worked fine.