(CPR-570) Import the gpg signing key on sles 11 #45
Conversation
| if variant == 'sles' && version == '11' | ||
| on host, "wget -O /tmp/puppet-gpg-key http://yum.puppetlabs.com/RPM-GPG-KEY-puppet" | ||
| on host, "rpm --import /tmp/puppet-gpg-key" | ||
| end |
There was a problem hiding this comment.
It looks like this is going to import the gpg key after installing the release package? Might be good to do this before installing the release package, since the release package installation throws up warnings if the key isn't already there, and I found inconsistencies between rpm and zypper for how they worked depending on when you imported the key.
There was a problem hiding this comment.
It doesn't look like it matters? But I'm happy to move this logic
without this change, I get
An error occurred in a `before(:suite)` hook.
Failure/Error: run_puppet_install_helper
Beaker::Host::CommandFailure:
Host 'ajj517057lay7b3.delivery.puppetlabs.net' exited with 4 running:
zypper --non-interactive --gpg-auto-import-keys in puppet-agent-5.5.1
Last 10 lines of output were:
Abort, retry, ignore? [a/r/i] (a): a
Installation of puppet-agent-5.5.1-1.sles11 failed:
(with --nodeps --force) Error: Subprocess failed. Error: RPM failed: error: /var/cache/zypp/packages/puppet/puppet-agent-5.5.1-1.sles11.x86_64.rpm: Header V3 RSA/SHA1 signature: BAD, key ID ef8d349f
error: /var/cache/zypp/packages/puppet/puppet-agent-5.5.1-1.sles11.x86_64.rpm cannot be installed
Problem occured during or after installation or removal of packages:
Installation aborted by user
Please see the above error message for a hint.
With this change, the tests pass as expected
There was a problem hiding this comment.
Ok, cool. I may have otherwise confused something in my poking around earlier :)
There was a problem hiding this comment.
How do we get around this in PE?
There was a problem hiding this comment.
I assume something about the pe module we use to set things up, but I can't say for sure
melissa
force-pushed
the
ticket/master/sles11-gpg-key-import
branch
from
e90d7d9
to
4713b88
Compare
|
@underscorgan I moved where the key import is happening |
Please see https://tickets.puppetlabs.com/browse/CPR-570 for additional details. Sles 11 has some old and wonky behavior. We can't automatically import our gpg keys provided with the release package like we do for every other rpm-based platform. Once we install the release packages, we need to manually import the keys. This will allow us to install signed packages from our public repos on sles11.
melissa
force-pushed
the
ticket/master/sles11-gpg-key-import
branch
from
4713b88
to
8cd5a52
Compare
Please see https://tickets.puppetlabs.com/browse/CPR-570 for additional
details.
Sles 11 has some old and wonky behavior. We can't automatically import
our gpg keys provided with the release package like we do for every
other rpm-based platform. Once we install the release packages, we need
to manually import the keys. This will allow us to install signed
packages from our public repos.