Yum Repo Metadata Keyring Failure
peasead opened this issue · comments
Yum fails when doing the installation as it can't verify the Yum repo GPG keyring.
I have worked around this by
Steps:
- Removed
[rocknsm_2_5]
and[rocknsm_2_5-source]
from/etc/yum.repos.d/rocknsm.repo
- Readded from https://packagecloud.io/rocknsm/2_5/install#manual-rpm
[rocknsm_2_5]
name=rocknsm_2_5
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/rocknsm/2_5/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[rocknsm_2_5-source]
name=rocknsm_2_5-source
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/rocknsm/2_5/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
- Ran
sudo yum install pygpgme yum-utils -y
- Ran
sudo yum -q makecache -y --disablerepo='*' --enablerepo='rocknsm_2_5'
- Ran
rock setup
and used the Online install, worked (normally the Yum repo metadata keyring complains immediately)
I request that we have the ISO creation script checked. @dcode
rocknsm.repo
needs to be changed to this as the one in the 2.5
iso is wrong
[rocknsm_2_5]
name=rocknsm_2_5
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/rocknsm/2_5/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[rocknsm_2_5-source]
name=rocknsm_2_5-source
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/rocknsm/2_5/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
In the ISO:
[rocknsm_2_5]
name=rocknsm_2_5
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RockNSM-pkgcloud-2_5
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RockNSM-2
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
[rocknsm_2_5-source]
name=rocknsm_2_5-source
baseurl=https://packagecloud.io/rocknsm/2_5/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RockNSM-pkgcloud-2_5
file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RockNSM-2
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
I'm not sure who runs the make ISO scripts (@dcode @bndabbs @spartan782)
New error
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
failed: [rock-2-5] (item=RPM-GPG-KEY-RockNSM-pkgcloud-2_5) => {"ansible_loop_var": "item", "changed": false, "item": "RPM-GPG-KEY-RockNSM-pkgcloud-2_5", "msg": "Could not find or access 'RPM-GPG-KEY-RockNSM-pkgcloud-2_5'\nSearched in:\n\t/usr/share/rock/roles/common/files/RPM-GPG-KEY-RockNSM-pkgcloud-2_5\n\t/usr/share/rock/roles/common/RPM-GPG-KEY-RockNSM-pkgcloud-2_5\n\t/usr/share/rock/roles/common/tasks/files/RPM-GPG-KEY-RockNSM-pkgcloud-2_5\n\t/usr/share/rock/roles/common/tasks/RPM-GPG-KEY-RockNSM-pkgcloud-2_5\n\t/usr/share/rock/playbooks/files/RPM-GPG-KEY-RockNSM-pkgcloud-2_5\n\t/usr/share/rock/playbooks/RPM-GPG-KEY-RockNSM-pkgcloud-2_5 on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option"}
Online and off.
RPM-GPG-KEY-RockNSM-pkgcloud-2_5
is in /etc/pki/rpm-gpg/
and it looks right in /usr/share/rock/roles/common/tasks/configure.yml
.
This has been fixed.