Bug: Directly deploy leap-archive keyrings
authorVarac <varac@leap.se>
Tue, 20 Mar 2018 19:39:08 +0000 (20:39 +0100)
committerVarac <varac@leap.se>
Tue, 20 Mar 2018 20:58:35 +0000 (21:58 +0100)
The leap-archive keyring expired March 8th 2018.
We updated it, and published updated installation
docs at https://bitmask.net/en/install/linux.

For jessie, we dont install the leap-archive-keyring
package anymore but directly deploy the keys to
apt's trusted keystore.

- Fixes: https://0xacab.org/leap/bitmask-dev/issues/9279

puppet/modules/site_apt/files/keys/leap-archive.gpg
puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg
puppet/modules/site_apt/manifests/leap_repo.pp

index dd7f3be..dc19f62 100644 (file)
Binary files a/puppet/modules/site_apt/files/keys/leap-archive.gpg and b/puppet/modules/site_apt/files/keys/leap-archive.gpg differ
index 5cc9064..19e6ba1 100644 (file)
Binary files a/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg and b/puppet/modules/site_apt/files/keys/leap-experimental-archive.gpg differ
index 1e18b44..d3ab463 100644 (file)
@@ -21,13 +21,19 @@ class site_apt::leap_repo {
     }
   }
 
+  file {
+    '/etc/apt/trusted.gpg.d/leap-archive.gpg':
+      ensure => present,
+      source => 'puppet:///modules/site_apt/keys/leap-archive.gpg';
+    '/etc/apt/trusted.gpg.d/leap-experimental-archive.gpg':
+      ensure => present,
+      source => 'puppet:///modules/site_apt/keys/leap-experimental-archive.gpg'
+  }
+
+
   apt::sources_list { 'leap.list':
     content => "deb [signed-by=${archive_key}] ${::site_apt::apt_url_platform_basic} ${::site_apt::apt_platform_component} ${::site_apt::apt_platform_codename}\n",
     before  => Exec[refresh_apt]
   }
 
-  package { 'leap-archive-keyring':
-    ensure => latest
-  }
-
 }