use the apt_repository module instead of lineinfile module #16
Conversation
| apt: | ||
| update_cache: yes | ||
| - name: Add PLUMgrid openstack to repo | ||
| apt_repository: |
There was a problem hiding this comment.
Ansible has dedicated module for adding the repo. is there any specific reason to use the manual method aka lineinfile module?
There was a problem hiding this comment.
No, no specific reason. You are right, dedicated module should be used.
|
|
||
| - name: Running apt-update | ||
| apt: | ||
| update_cache: yes |
There was a problem hiding this comment.
no reason to use it as apt_repository module has default update_cache
| repo: "{{ item }}" | ||
| filename: plumgrid | ||
| state: present | ||
| with_items: |
There was a problem hiding this comment.
Instead of adding one by one, use the with_items with the apt_repository module to add all the repos.
| state: present | ||
| create: yes | ||
|
|
||
| - name: Copy PLUMgrid GPG-key file |
There was a problem hiding this comment.
@JaveriaK instead of copying the GPG key to the server and then add it using can simply upload the public part of your GPG key to the public GPG key server like keyserver.ubuntu.com and then directly get it from there like this:
- name: Add Plumgrid PPA apt key
apt_key:
id: "AA798760"
keyserver: "keyserver.ubuntu.com"
state: presentThere was a problem hiding this comment.
Hi Arbab, thanks for your comments.
Every release of our software has a different GPG key. Making it static would mean we have to manually change it every time for a new release. Also, once we make it static, we wont be able to install previous version of our software with these playbooks.
There was a problem hiding this comment.
@syedalijabir is there any reason that you are using different GPG for each release?
There was a problem hiding this comment.
@arbabnazar Oh yes, you are right. @JaveriaK its +1 from my side.
| state: present | ||
| create: yes | ||
|
|
||
| - name: Copy PLUMgrid GPG-key file |
There was a problem hiding this comment.
Hi Arbab, thanks for your comments.
Every release of our software has a different GPG key. Making it static would mean we have to manually change it every time for a new release. Also, once we make it static, we wont be able to install previous version of our software with these playbooks.
|
|
||
| - name: Running apt-update | ||
| apt: | ||
| update_cache: yes |
| apt: | ||
| update_cache: yes | ||
| - name: Add PLUMgrid openstack to repo | ||
| apt_repository: |
There was a problem hiding this comment.
No, no specific reason. You are right, dedicated module should be used.
| repo: "{{ item }}" | ||
| filename: plumgrid | ||
| state: present | ||
| with_items: |
|
@JaveriaK pinging on this, if you need any modification from my side. Thanks |
|
@arbabnazar thank you for your contribution. @syedalijabir is going through it and will get back to you with any feedback |
|
Hey @arbabnazar, regarding your GPG key query, we sign our debian packages with an internal key that is relevant only to the local deployments so the key changes with our different builds/releases. |
|
@JaveriaK @syedalijabir I'll tell you better way to manage the GPG key for signing the debian packages and also share the way that how I am managing my debain PPA with sign package in next PR. Can you please merge it, if you think that it's good enough to get place in your |
|
@arbabnazar, we really appreciate your commit :) and as I said, its good to go into master minus the GPG key. We are all ears on your suggestion regarding a better way to manage GPG key signing. |
|
@syedalijabir I didn't change anything regarding |
| state: present | ||
| create: yes | ||
|
|
||
| - name: Copy PLUMgrid GPG-key file |
There was a problem hiding this comment.
@arbabnazar Oh yes, you are right. @JaveriaK its +1 from my side.
|
@syedalijabir please confirm after a testing run if this is good to merge. |
|
Hi @arbabnazar , I was verifying your commit on our master branch and I hit this issue. Kindly address this issue. |
|
@syedalijabir I think, you are using the old version of |
|
@arbabnazar , PLUMgrid's ONS plugin gets integrated into OpenStack Ansible (OSA). So we have to go with the same version (1.9.4) as them to avoid conflicts. |
|
@syedalijabir is it a public or private plugin? if public, please share it with me so I can make it compatible with |
|
No, it is proprietary. |
3 participants
@JaveriaK this time I am sending small PR because it's easy for you people to test it and merge in your master branch, last time big PR with a lot of changes got delayed and a lot of conflicts occur between my PR and master so that I have closed that and now created this. Please review the PR and let me know, if you want any modification but it's really straight forward. Thanks