puppetlabs-docker icon indicating copy to clipboard operation
puppetlabs-docker copied to clipboard
verified publisher icon puppetlabs

[Bug] debian 11/ubuntu 22.04 need to handle apt-source differently

Open vegaaz opened this issue 2 years ago • 5 comments

Since Ubuntu 22.04 / Debian 11 apt-key is deprecated. Storing gpg-keys in /etc/apt/trusted.gpg (default behavior) is now producing warnings.
Also it is not longer recommended to get the gpg-keys via keyserver for security purposes.
The recommended way is to provide the gpg-key in /etc/apt/keyrings/KEY.gpg and add '[ signed-by = PATH ]' to the docker.list-file.

The puppetlabs/apt-Module has already implemented the new way of key handling via #991. In my opinion the docker::repos class has to handle releases above Ubuntu 22.04 and Debian 11 different.

vegaaz avatar Jan 02 '23 11:01 vegaaz

Would like to have this merged, please.

maxdwit avatar Feb 28 '23 08:02 maxdwit

Is this going to be merged anytime soon?

xRoyalz avatar Jul 03 '23 09:07 xRoyalz

The code by itself is done but testing/ linting is failing at the moment. Since I am no longer working with Puppet, I‘m missing the linting/testing tools.

@xRoyalz please feel free to contribute :)

vegaaz avatar Jul 04 '23 03:07 vegaaz

I have exactly zero time and interest on opening a proper pull request but I like to help people sooo...

I fixed this bug by commenting out the section below: https://github.com/puppetlabs/puppetlabs-docker/blob/main/manifests/repos.pp#L26-L34

Replacing it by

        apt::source { 'docker':
          comment  => 'Docker',
          location => 'https://download.docker.com/linux/ubuntu',
          repos    => 'stable',
          notify   => Exec['apt_update'],
          key      => {
            'name'   => 'docker-archive-keyring.asc',
            'source' => 'https://download.docker.com/linux/ubuntu/gpg',
          },
        }

YMMV tho! xD

waldman avatar Jul 05 '24 17:07 waldman

#965 fixes this.

kenyon avatar Jul 05 '24 22:07 kenyon