rpm--import issues

Quad_Zero · May 6, 2020, 10:17am

Hi all,

Thank you for your help in my last post. I have come quite a way (small compared to many of you) but nevertheless making good progress each day.

I hit roadblocks quite a bit and thankfully google has helped me quite a bit. I have come across this problem now which I hope some of you can explain and then help me with finding a solution. This is my code so far:

jean-yves · May 6, 2020, 11:31am

Hi,

There’s a module to import key, please use it !

https://docs.ansible.com/ansible/latest/modules/rpm_key_module.html

Regards,

JYL

Neha_Pithadiya · May 6, 2020, 11:35am

I tried locally on my setup and faced same issue.

seems this rpm command uses shell , so you need to use “shell” module instead of “command” module.

eg : shell: “rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-*”

Results of execution:

changed: [localhost] => {
“changed”: true,
“cmd”: “rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-",
“delta”: “0:00:00.072035”,
“end”: “2020-05-06 16:57:24.092604”,
“invocation”: {
“module_args”: {
“_raw_params”: "rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-”,
“_uses_shell”: true,
“argv”: null,
“chdir”: null,
“creates”: null,
“executable”: null,
“removes”: null,
“stdin”: null,
“stdin_add_newline”: true,
“strip_empty_ends”: true,
“warn”: true
}
},
“rc”: 0,
“start”: “2020-05-06 16:57:24.020569”,
“stderr”: “”,
“stderr_lines”: ,
“stdout”: “”,
“stdout_lines”:

Thanks and Regards,
Neha Pithadiya.

Quad_Zero · May 6, 2020, 11:01pm

Thanks for your reply but really is not helpful bud.

This is like if i asked how i can get to a destination, you are telling me to go to a train or bus station.

Quad_Zero · May 6, 2020, 11:04pm

Neha,

This is amazing! Thank you so much for your reply and the time you took to actually run it for me.

Stay awesome as you are Neha

Michael_M1 · May 6, 2020, 11:15pm

Quad Zero,
You didn’t even indicate if you tried using the module JYL took the time to point out to you. There are examples there and everything. If you want pre-written Ansible code without doing any research or leg work you should look on galaxy.ansible.com.

And that is really weak criticizing someone that took more time to try to solve your problem than you did. People are likely going to stop responding to you after that comment.

Dick_Visser · May 7, 2020, 4:49am

Indeed.
I’ve noticed quite a few people are frantically trying to shoehorn shell commands into ansible. This works yes but lacks all the goodies that ansible brings such as idempotency etc.

The questions then tend to narrow down to why the output of a dozen twelve cat/grep/sed/awk pipes doesn’t do what they want.

In this case it’s not clear why you’d want to blindly add all rpm keys. This once again looks like a sledgehammer and should instead be done by iterating over the keys you actually want, with rpm_key.

racke · May 7, 2020, 6:01am

Thanks for your reply but really is not helpful bud.

This is like if i asked how i can get to a destination, you are telling me to go to a train or bus station.

That was a bad move from you if you ask me.

Regards
Racke

Quad_Zero · May 7, 2020, 11:40am

Hi Michael,

So I did search all the modules. My question was how to import all the keys from the /etc/pki… all i could find was individual loads, it was so that I run multiple CentOS and RedHat servers and some have different repos enabled, so bulk import would be a better solution I thought?

Sure, my bad, though I just asked myself how I would go about if someone asked me the same question. I would only reply directly to their question but that is just me. Anyways, don’t want to stir anything further so apologies to all esp to JYL for my rude comment.

Thank you to those that helped me and to everyone that replied to this thread

Quad_Zero · May 7, 2020, 11:43am

Hi Dick,

Yes, so I may have replied to your comment above in my reply back to Michael.

I guess my knowledge on Ansible is still very new, so currently just getting things done, until I get to grips with better understanding.

Could anyone please recommend any good books that covers most of the modules in depth? Just trying to learn and last night was quite frustrating for me.

Thank you once again.

Quad_Zero · May 7, 2020, 11:44am

Apologies to you also Racke. Thank you for pointing this out.

Dick_Visser · May 7, 2020, 4:22pm

Hi

No problem.
So the 'ansible way' is to use native modules wherever possible. The
shell/command task should be used only if there is no reasonable way
to achieve things using native modules.

In your case the ansible way could look something like this:

  tasks:
    - name: Find RPM GPG keys
      find:
        paths: /etc/pki/rpm-gpg
      register: gpg_found

    - name: Ensure found keys are trusted
      rpm_key:
        key: "{{ item.path }}"
        state: present
      loop: "{{ gpg_found.files }}"

You will find that once run, subsequent runs will not actually do
anything anymore as the desired state will have been reached after the
first run: idempotence.

You can optionally tune these tasks, for instance to fit the pattern
of the key names, etc.

Topic		Views
apt_key module could use some retesting Ansible Project	0	January 28, 2013
Found bug in "apt_rpm" module, fixed it. Not sure how to help. Ansible Project rhel	1	January 9, 2017
[Pull request] rpm module Ansible Project	14	September 14, 2013
rpm_key issue with jenkins setup -failed to parse error Ansible Project	1	August 16, 2014
yum module can't handle prefix Ansible Project	0	November 11, 2015

rpm--import issues

Related topics