canonical
[enhancement]: Apt Keyring Location Should Be Configurable
Enhancement
Cloud-init is very nice for bootstrapping a machine before running desired state utilities against it, in particular, repositories to ensure tooling is available before a script/program runs. For ongoing management of those repositories I'd like to standardize the location of the apt keys with ones I'll add outside of the purview of cloud-init. Right now, the apt module hard codes CLOUD_INIT_GPG_DIR to a special folder. For semi-trusted keyrings, there seems to be some consensus around placing them in /etc/apt/keyrings or /usr/share/keyrings.
https://github.com/canonical/cloud-init/blob/9bac08a99b32835a32d4a83c41ac741dbf0c9b12/cloudinit/config/cc_apt_configure.py#L34
I thought I might be able to specify the path to the key but looking at the source but it doesn't seem like it parses the source for signed-by. Just a binary choice between the special folder and trusted folder.
https://github.com/canonical/cloud-init/blob/9bac08a99b32835a32d4a83c41ac741dbf0c9b12/cloudinit/config/cc_apt_configure.py#L1103-L1105
Is there a technical reason for placing them in their own directory? It would be really nice if there were an apt::keyring_dir property to override the default value. :)
