Import GPG key for NGINX via Ansible

The GPG key for NGINX was added manually therefore YUM would try to pull it down and fail because the repository cache would not allow any requests that tried to pull down a GPG key. This patch adds it via Ansible beforehand that way it doesn't go through the proxy. Change-Id: I96ad7f049ab72ce338596ae34362e3a4ca026bb6
2018-07-31 15:54:35 -04:00 · 2018-07-31 15:54:35 -04:00 · 9b0ebb456a
parent 57d0caf087
commit 9b0ebb456a
1 changed files with 12 additions and 1 deletions
--- a/tasks/keystone_install.yml
+++ b/tasks/keystone_install.yml
@ -51,12 +51,23 @@
    - ansible_pkg_mgr in ['yum', 'dnf']
    - keystone_sp != {}

+- name: Add NGINX repository keys
+  rpm_key:
+    key: "{{ keystone_nginx_gpg_key }}"
+    state: present
+  when:
+    - ansible_pkg_mgr in ['yum', 'dnf']
+    - keystone_web_server == 'nginx'
+  register: add_nginx_key
+  until: add_nginx_key is success
+  retries: 5
+  delay: 2
+
 - name: Add NGINX repository
  yum_repository:
    name: nginx
    description: 'nginx repo'
    baseurl: "{{ keystone_nginx_repo }}"
-    gpgkey: "{{ keystone_nginx_gpg_key }}"
  when:
    - ansible_pkg_mgr in ['yum', 'dnf']
    - keystone_web_server == 'nginx'