Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[BUG] pkgrepo.managed does not update keys #66982

New issue
New issue
Open
Open
[BUG] pkgrepo.managed does not update keys#66982
Labels
Bugbroken, incorrect, or confusing behaviorneeds-triage
@OrangeDog

Description

@OrangeDog
OrangeDog
opened on Oct 18, 2024

Description
The pkgrepo.managed state (with aptkey: false) only ever manages the keyring if there are also changes being made to the sources file.

Setup
e.g.

zabbix repo:
  pkgrepo.managed:
    - name: >
        deb [arch=amd64 signed-by=/etc/apt/keyrings/zabbix-archive-keyring.gpg]
        http://repo.zabbix.com/zabbix/6.4/{{ grains['os']|lower }}
        {{ grains['oscodename'] }} main
    - file: /etc/apt/sources.list.d/zabbix.list
    - key_url: https://repo.zabbix.com/zabbix-official-repo.key
    - aptkey: false

or

zabbix repo:
  pkgrepo.managed:
    - name: >
        deb [arch=amd64 signed-by=/etc/apt/keyrings/zabbix-archive-keyring.gpg]
        http://repo.zabbix.com/zabbix/6.4/{{ grains['os']|lower }}
        {{ grains['oscodename'] }} main
    - file: /etc/apt/sources.list.d/zabbix.list
    - keyid: 4C3D6F2CC75F5146754FC374D913219AB5333005
    - keyserver: keyserver.ubuntu.com
    - aptkey: false

Steps to Reproduce the behavior
Do any of these, and re-run the state:

  1. Delete /etc/apt/keyrings/zabbix-archive-keyring.gpg
  2. Change the key_url
  3. Update the content at the key_url
  4. Change the keyid

In every case, the state does nothing and reports no changes.
The only way to update the keyring is to make a change that requires it to change the .list file.

Expected behavior
The state should ensure that the keyring is configured with the latest data as described by its parameters.

Versions Report

salt-call --versions 
Salt Version:
          Salt: 3006.9

Python Version:
        Python: 3.10.14 (main, Jun 26 2024, 11:44:37) [GCC 11.2.0]

Dependency Versions:
          cffi: 1.14.6
      cherrypy: 18.6.1
  cryptography: 42.0.5
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.4
       libgit2: Not Installed
  looseversion: 1.0.2
      M2Crypto: 0.38.0
          Mako: Not Installed
       msgpack: 1.0.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     packaging: 22.0
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.19.1
        pygit2: Not Installed
  python-gnupg: 0.4.8
        PyYAML: 6.0.1
         PyZMQ: 23.2.0
        relenv: 0.17.0
         smmap: Not Installed
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.4

System Versions:
          dist: ubuntu 24.04.1 noble
        locale: utf-8
       machine: x86_64
       release: 6.8.0-47-generic
        system: Linux
       version: Ubuntu 24.04.1 noble

Metadata

Metadata

Assignees

No one assigned

    Labels

    Bugbroken, incorrect, or confusing behaviorneeds-triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions