purpleraft/semaphore
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: update condition for removing legacy Docker APT source and add checks for GPG key

Browse Source
This commit is contained in:
Ryan Hamilton
2025-06-29 23:07:29 -05:00
parent 02693ef4a4
commit ac0f0d358b
1 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
playbooks/install-standard-docker.yml
View File

@@ -16,11 +16,12 @@
ignore_errors: true ignore_errors: true
changed_when: false changed_when: false
- name: Remove legacy docker APT source if present - name: Remove legacy docker APT source if missing signed-by
file: file:
path: "{{ docker_repo_file }}" path: "{{ docker_repo_file }}"
state: absent state: absent
when: docker_installed.rc != 0 or "signed-by=" not in (lookup("file", docker_repo_file, errors="ignore") or "") when: docker_installed.rc != 0 or
"signed-by=" not in (lookup("file", docker_repo_file, errors="ignore") or "")
- name: Ensure keyring directory exists - name: Ensure keyring directory exists
file: file:
@@ -34,6 +35,16 @@
dest: "{{ docker_key_path }}" dest: "{{ docker_key_path }}"
mode: "0644" mode: "0644"
- name: Stat Docker GPG key file
stat:
path: "{{ docker_key_path }}"
register: docker_key_stat
- name: Fail early if key file is missing or unreadable
fail:
msg: "Docker GPG key is missing or unreadable"
when: not docker_key_stat.stat.exists or docker_key_stat.stat.size == 0
- name: Add Docker APT repository (signed-by style) - name: Add Docker APT repository (signed-by style)
apt_repository: apt_repository:
repo: "deb [arch=amd64 signed-by={{ docker_key_path }}] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable" repo: "deb [arch=amd64 signed-by={{ docker_key_path }}] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable"