Deprecated tool apt-key is still used for repo gpg keys
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Confirmed
|
Medium
|
Unassigned |
Bug Description
When adding external package repos on Ubuntu / Debian the apt-key tool or rather the Ansible apt_key module [1] is used by various Openstack-Ansible roles. Examples are [3], [4], [5], [6] and there are likely more.
Debian / Ubuntu deprecated the apt-key tool for a while now - see [2]. While the tool is still there it will go away eventually. Also running `apt update` does show an warning every time:
```
# apt update
[...]
Hit:1 https:/
[...]
Hit:10 https:/
Hit:11 https:/
Fetched 229 kB in 2s (140 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
W: http://
W: https:/
W: https:/
```
Ansible does document an easy fix at [7] which simply is about downloading the key to `/etc/apt/
[1] https:/
[2] https:/
[3] https:/
[4] https:/
[5] https:/
[6] https:/
[7] https:/
Changed in openstack-ansible: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
Full list of repos that still use apt-key can be found here: https:/ /t.ly/EJZ4j