Jonathan Rosser e64184a3da Simplify inserting apt keys into LXC image
Bionic requires a functioning gpg-agent to run apt-key add. This means
that gpg-agent must be working properly in the chroot when the lxc image
preparation script runs.

Previous changes [1] have enabled apt-key to communicate with gpg-agent
during the lxc_hosts role checks, however the cache prep fails almost
every time when lxc_hosts is used within other role checks.

This is not a new issue, debian-installer is affected too [2].

This change adopts the same route as d-i, and simply copies the host
/etc/apt/trusted.gpg.d directory to the LXC image, removing the
need for apt-key and in turn gpg-agent.

[1] https://review.openstack.org/#/c/588629/
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851774

Change-Id: Ia511881f675cd88ecc58360b18531f0dac486b70
2018-08-06 08:52:41 +00:00

57 lines
1.5 KiB
YAML

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
_lxc_hosts_container_image_url: "http://cdimage.ubuntu.com/ubuntu-base/releases/18.04/release/ubuntu-base-18.04.1-base-{{ lxc_cache_map.arch }}.tar.gz"
_lxc_cache_map:
distro: ubuntu
arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}"
release: bionic
copy_from_host:
- /etc/apt/sources.list
- /etc/apt/apt.conf.d/
- /etc/apt/trusted.gpg.d
- /etc/apt/preferences.d/
- /etc/environment
- /etc/localtime
- /etc/protocols
_lxc_cache_prep_template: "prep-scripts/ubuntu_18_prep.sh.j2"
_lxc_cache_distro_packages:
- apt-transport-https
- ca-certificates
- cron # bionic doesn't have cronie
- dbus
- debianutils # for 'which' executable
- gcc
- iproute2
- iputils-ping
- libffi-dev
- libssl-dev
- locales
- netbase
- openssh-server
- openssl
- python2.7
- python-dev
- python3-dev
- rsync
- sudo
- systemd
- systemd-sysv
- tar
- wget