Install RDO release RPM without GPG checks
The RDO release RPM isn't signed, but all of the repositories it
configures have GPG signing enabled. Although CentOS normally doesn't
check GPG signatures for packages that are installed locally, the
security role enables those checks for all local packages.
Change-Id: I7823f386a510e2e35d79f9a1046ad48f7e58db7c
(cherry picked from commit 08c4f96e0a
)
This commit is contained in:
parent
82afd12ccb
commit
1facd991c5
|
@ -34,10 +34,15 @@
|
|||
when:
|
||||
- ansible_os_family == 'Debian'
|
||||
|
||||
# NOTE(mhayden): GPG checking for local package installs is normally disabled
|
||||
# by default in CentOS, but the openstack-ansible-security role enables GPG
|
||||
# checking for local packages. The RDO repository package isn't signed, but the
|
||||
# repos it installs have GPG checking enabled.
|
||||
- name: Install the RDO release package
|
||||
yum:
|
||||
name: "https://repos.fedorapeople.org/repos/openstack/openstack-ocata/rdo-release-ocata.rpm"
|
||||
state: "present"
|
||||
disable_gpg_check: yes
|
||||
when:
|
||||
- ansible_pkg_mgr == 'yum'
|
||||
|
||||
|
|
Loading…
Reference in New Issue