From 61c2a7bca3482894b500b4d1e82be3249a18f42c Mon Sep 17 00:00:00 2001 From: Jacob Coffee Date: Mon, 2 Dec 2024 18:02:12 -0600 Subject: [PATCH] fix: ensure repo key exists with right perms (#533) --- salt/base/salt.sls | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/salt/base/salt.sls b/salt/base/salt.sls index 5327f794..02703e32 100644 --- a/salt/base/salt.sls +++ b/salt/base/salt.sls @@ -44,16 +44,21 @@ salt-pin-config: - user: root - group: root - mode: "0644" -{% endif %} + +salt-repo-key: + file.managed: + - name: /etc/apt/keyrings/salt-archive-keyring-2024.pgp + - source: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public + - mode: '0644' + - skip_verify: True salt-repo: pkgrepo.managed: - {% if grains["oscodename"] in ["focal", "jammy", "noble"] %} - name: deb [signed-by=/etc/apt/keyrings/salt-archive-keyring-2024.pgp arch={{ grains["osarch"] }}] https://packages.broadcom.com/artifactory/saltproject-deb/ stable main - - key_url: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public - aptkey: False - file: /etc/apt/sources.list.d/salt.list - {% endif %} + - require: + - file: salt-repo-key {% endif %}