Primary/security apt mirrors don't support key parameters

Bug #1925395 reported by Paul Goins
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released

Bug Description

I'm trying to add a Landscape-based repository mirror. We're mirroring the official Ubuntu repositories locally via Landscape along with other packages so as to have a single mirror for all deb packages in this particular environment.

However, cloud-init doesn't seem to support supplying key-related parameters in the primary/security mirror clauses, but rather only in the sources clauses. The landscape-based mirror requires its own key, and without being able to provide the key to be added via apt-key, things break.

This can be worked around by adding a duplicate entry as one of the "sources", however this is less than ideal because it generates a bunch of warnings due to the duplicate apt entries.

Revision history for this message
Paride Legovini (paride) wrote :

Hi Paul and thanks for this bug report. I agree that's currently a cloud-init limitation.

I have a different and possibly better (but untested!) workaround to suggest: use write_files to dump the gpg key to trust to /etc/apt/trusted.gpg.d/. This should prevent the "duplicate entry" warning, and adding keys to trust in this way is better than using apt-key (what "sources" does, see the deprecation warning in apt-key(8)), but I agree it should be better integrated in the repositories config.


Changed in cloud-init:
status: New → Triaged
importance: Undecided → Wishlist
Revision history for this message
Paul Goins (vultaire) wrote :

I submitted this MR, which has since been merged into the mainline:

A new version hasn't been released yet, so I'll mark as fix committed.

Changed in cloud-init:
status: Triaged → Fix Committed
Revision history for this message
James Falcon (falcojr) wrote : Fixed in cloud-init version 21.3.

This bug is believed to be fixed in cloud-init in version 21.3. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.