Transform GPG/Repo installed to be a list

While we keep current behaviour without any major changes, having repos as a list may allow us extending the list by adding third-party repositories for some distros if needed (like for EL10). Change-Id: I49f56a72ac3e5e5d039240011440390d488c6abb
2025-06-02 18:46:22 +02:00
parent b71992a1a9
commit 058003873f
4 changed files with 59 additions and 18 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -226,6 +226,9 @@ lxc_centos_epel_key: >-
  {{ centos_epel_key | default('http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-' ~ ansible_facts['distribution_major_version']) }}
 lxc_hosts_epel_packages: "{{ _lxc_hosts_epel_packages | default([]) }}"

+lxc_centos_repo_keys: "{{ _lxc_centos_repo_keys }}"
+lxc_centos_repos: "{{ _lxc_centos_repos }}"
+
 # DEB repository options
 lxc_ubuntu_mirror: "{{ (ansible_facts['architecture'] == 'x86_64') | ternary('http://archive.ubuntu.com/ubuntu', 'http://ports.ubuntu.com/ubuntu-ports') }}"
 lxc_apt_mirror: "{{ (ansible_facts['distribution'] == 'Ubuntu') | ternary(lxc_ubuntu_mirror, 'http://deb.debian.org/debian') }}"
--- a/releasenotes/notes/lxc_centos_repo_list-34276eedd0a06560.yaml
+++ b/releasenotes/notes/lxc_centos_repo_list-34276eedd0a06560.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Added variables ``lxc_centos_repo_keys`` and ``lxc_centos_repos``, which
+    allows to supply a list of repositories, which will be added to lxc_host.
+    By default, role keeps installing EPEL repository with it's GPG key.
--- a/tasks/lxc_install_dnf.yml
+++ b/tasks/lxc_install_dnf.yml
@@ -30,37 +30,54 @@
  when:
    - repo_removed is changed

- name: Download EPEL gpg keys
+- name: If a keyfile is provided, copy gpg keyfiles to the key location
+  ansible.builtin.copy:
+    src: "{{ item.keyfile }}"
+    dest: "{{ item.key }}"
+    mode: "0644"
+  loop: "{{ lxc_centos_repo_keys | selectattr('keyfile', 'defined') }}"
+  loop_control:
+    label: "{{ item.key }}"
+
+- name: If key url is provideds, download gpg keyfiles to the key location
  ansible.builtin.get_url:
-    url: "{{ lxc_centos_epel_key }}"
-    dest: /etc/pki/rpm-gpg
+    url: "{{ item.url }}"
+    dest: "{{ item.key }}"
    mode: "0640"
+  loop: "{{ lxc_centos_repo_keys | selectattr('url', 'defined') }}"
+  loop_control:
+    label: "{{ item.key }}"
  register: _get_yum_keys
  until: _get_yum_keys is success
  retries: 5
  delay: 2

- name: Install EPEL gpg keys
+- name: Install gpg keys
  ansible.builtin.rpm_key:
-    key: "/etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}"
-    state: present
+    key: "{{ item.key }}"
+    validate_certs: "{{ item.validate_certs | default(omit) }}"
+    state: "{{ item.state | default('present') }}"
+  loop: "{{ lxc_centos_repo_keys }}"
+  loop_control:
+    label: "{{ item.key }}"

 - name: Install the EPEL repository
  ansible.builtin.yum_repository:
-    name: epel-lxc_hosts
-    baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}"
-    description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch"
-    gpgcheck: true
-    gpgkey: "file:///etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}"
-    enabled: true
-    state: present
-    includepkgs: "{{ lxc_hosts_epel_packages | join(' ') }}"
-  register: install_epel_repo
-  until: install_epel_repo is success
+    name: "{{ item.name }}"
+    baseurl: "{{ item.baseurl }}"
+    description: "{{ item.description | default(omit) }}"
+    gpgcheck: "{{ item.gpgcheck | default(omit) }}"
+    gpgkey: "{{ item.gpgkey }}"
+    enabled: "{{ item.enabled | default(true) }}"
+    state: "{{ item.state | default('present') }}"
+    includepkgs: "{{ item.includepkgs | default(omit) }}"
+  register: install_repo
+  until: install_repo is success
  retries: 5
  delay: 2
-  when:
-    - lxc_hosts_epel_packages | length > 0
+  loop: "{{ lxc_centos_repos }}"
+  loop_control:
+    label: "{{ item.name }}"

 - name: Install distro packages
  ansible.builtin.package:
--- a/vars/redhat-host.yml
+++ b/vars/redhat-host.yml
@@ -20,6 +20,21 @@ _lxc_hosts_epel_packages:
  - lxc*
  - python3-lxc

+lxc_centos_repo_keys:
+  - key: "/etc/pki/rpm-gpg/{{ lxc_centos_epel_key | basename }}"
+    url: "{{ lxc_centos_epel_key }}"
+    state: present
+
+lxc_centos_repos:
+  - name: epel-lxc_hosts
+    baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}"
+    description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch"
+    gpgcheck: true
+    gpgkey: "file:///etc/pki/rpm-gpg/{{ lxc_centos_epel_key | basename }}"
+    enabled: true
+    state: present
+    includepkgs: "{{ lxc_hosts_epel_packages | join(' ') }}"
+
 # Required rpm packages.
 _lxc_hosts_distro_packages:
  - dbus