> Hi there, thanks for the MP.
>
> 1. Is this not handled today with existing functionality? Have a look at
> https://curtin.readthedocs.io/en/latest/topics/apt_source.html and search for
> localrepokey
> 2. If not, what are the differences to what is supported today?
> 3. All config changes must supply documentation updates as well.
> 4. Why is there a random unrelated commit in this stream?
Hi Dan,
I appreciate the review. I'll do my best to answer your questions
1. We had a customer report that they were unable to configure curtin to
properly import keys for apt with two primary issues: i) the resultant
ubuntu.sources properly contained the uri, suites, and pockets, but not the GPG
key (it defaulted to /usr/share/keyrings/ubuntu-archive-keyring.gpg from the
template), and ii) when supplying the sources declaration block as per the
guide, a "NO PUBKEY <key-id>" failure would occur. This seemed to be the result
of (at least in cloud-init) a method called add_mirror_keys, which only adds
the keys from the primary and security blocks. A few support engineers and SEG
members were able to replicate this behaviour in LXD.
2. The functionality that this MP adds is the ability to define your key within
the primary and security declaration blocks. For example:
primary:
uri: http://localmirror.local
key: ---raw gpg key--- # or alternatively use keyid and (optionally
keyserver) to resolve the key
which will enable apt to import the key, and add it to the template.
3. Yes, I should add documentation to support these changes
4. I was equally confused when I opened the MP and saw the unrelated commit
show up in the diff. It appears as though I cloned from the wrong branch
although I cloned from master since I copy and pasted the commands from the
curtin hacking guide
https://curtin.readthedocs.io/en/latest/topics/hacking.html - Unfortunately, I
can't quite explain that.
Before fixing these issues, I will talk with the other engineers that worked on
the case and customer and see if maybe we missed something
Thank you
--
https://code.launchpad.net/~bryanfraschetti/curtin/+git/curtin/+merge/476864
Your team curtin developers is requested to review the proposed merge of
~bryanfraschetti/curtin:custom-apt-keys into curtin:master.
--
Mailing list: https://launchpad.net/~curtin-dev
Post to : curtin-dev@lists.launchpad.net
Unsubscribe : https://launchpad.net/~curtin-dev
More help : https://help.launchpad.net/ListHelp
