Primary/security apt mirrors don't support key parameters

Bug #1925395 reported by Paul Goins
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Fix Released
Wishlist
Unassigned

Bug Description

I'm trying to add a Landscape-based repository mirror. We're mirroring the official Ubuntu repositories locally via Landscape along with other packages so as to have a single mirror for all deb packages in this particular environment.

However, cloud-init doesn't seem to support supplying key-related parameters in the primary/security mirror clauses, but rather only in the sources clauses. The landscape-based mirror requires its own key, and without being able to provide the key to be added via apt-key, things break.

This can be worked around by adding a duplicate entry as one of the "sources", however this is less than ideal because it generates a bunch of warnings due to the duplicate apt entries.

Revision history for this message
Paride Legovini (paride) wrote :

Hi Paul and thanks for this bug report. I agree that's currently a cloud-init limitation.

I have a different and possibly better (but untested!) workaround to suggest: use write_files to dump the gpg key to trust to /etc/apt/trusted.gpg.d/. This should prevent the "duplicate entry" warning, and adding keys to trust in this way is better than using apt-key (what "sources" does, see the deprecation warning in apt-key(8)), but I agree it should be better integrated in the repositories config.

[1] https://cloudinit.readthedocs.io/en/latest/topics/modules.html#write-files

Changed in cloud-init:
status: New → Triaged
importance: Undecided → Wishlist
Revision history for this message
Paul Goins (vultaire) wrote :

I submitted this MR, which has since been merged into the mainline: https://github.com/canonical/cloud-init/pull/882

A new version hasn't been released yet, so I'll mark as fix committed.

Changed in cloud-init:
status: Triaged → Fix Committed
Revision history for this message
James Falcon (falcojr) wrote : Fixed in cloud-init version 21.3.

This bug is believed to be fixed in cloud-init in version 21.3. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers