puppetlabs-docker icon indicating copy to clipboard operation
puppetlabs-docker copied to clipboard

Published 20 hours ago verified publisher icon puppetlabs

Use modern APT keyrings on Debian family

Open kenyon opened this issue 1 year ago • 17 comments

This makes use of https://github.com/puppetlabs/puppetlabs-apt/pull/1128 to store the public key in /etc/apt/keyrings and add a signed-by option to the sources.list.d entry.

This replaces #885 by using puppetlabs-apt rather than implementing keyring handling here in the docker module.

Fixes #884.

kenyon avatar Jan 03 '24 06:01 kenyon

Acceptance tests are failing in setup of the machines under test, not related to this PR.

kenyon avatar Jan 07 '24 23:01 kenyon

@kenyon What about adding the key to the module, just as it has been suggested in https://github.com/puppetlabs/puppetlabs-postgresql/pull/1563#pullrequestreview-1827072156 for the same change?

saz avatar Mar 06 '24 17:03 saz

@saz yes, that could be done. It means potentially more maintenance work for this module when the key needs to be updated. I'll leave it up to this module's @puppetlabs maintainers whether to do this.

kenyon avatar Mar 07 '24 00:03 kenyon

Looking at this module again, it's possible to set a custom URL for the key source. As puppet:///... will be a valid URL, it's easy to use a custom key.

saz avatar Mar 11 '24 15:03 saz

I think we should do a minor release before we merge this: https://github.com/puppetlabs/puppetlabs-docker/pull/978/files (and there are some other non-breaking changes that should be merged first)

bastelfreak avatar May 02 '24 08:05 bastelfreak

Is there any update on when that PR will be merged?

psaintemarie avatar Jul 24 '24 14:07 psaintemarie