Backport/2.6/48580: Do not require TTY for 'apt-key' operations (#48888)

* Do not require TTY for 'apt-key' operations (#48580) The 'gpg' command supports the '--no-tty' option, which disables any use of a TTY during its execution. This parameter is sometimes required for non-interactive operation to avoid any questions for the user. The 'apt-key adv' command can pass additional parameters to the underlying 'gpg' command. This patch adds the '--no-tty' option to avoid issues with APT key imports when Ansible pipelining active, which disables the use of a dedicated TTY. (cherry picked from commit c7e2226035) * Add changelog fragment about 'apt_key' no TTY fix (cherry picked from commit 7033e1dfc022fc09c006ac48c306810350308ce4)
2018-11-27 21:06:24 +01:00 · 2018-11-27 21:06:24 +01:00 · 687df97b7b
commit 687df97b7b
parent f936309d93
2 changed files with 5 additions and 2 deletions
--- a/changelogs/fragments/48580-apt_key-no-tty.yaml
+++ b/changelogs/fragments/48580-apt_key-no-tty.yaml
@ -0,0 +1,3 @@
+bugfixes:
+  - apt_key - Disable TTY requirement in GnuPG for the module to work correctly
+    when SSH pipelining is enabled (https://github.com/ansible/ansible/pull/48580)
--- a/lib/ansible/modules/packaging/os/apt_key.py
+++ b/lib/ansible/modules/packaging/os/apt_key.py
@ -213,9 +213,9 @@ def download_key(module, url):

 def import_key(module, keyring, keyserver, key_id):
    if keyring:
-        cmd = "%s --keyring %s adv --keyserver %s --recv %s" % (apt_key_bin, keyring, keyserver, key_id)
+        cmd = "%s --keyring %s adv --no-tty --keyserver %s --recv %s" % (apt_key_bin, keyring, keyserver, key_id)
    else:
-        cmd = "%s adv --keyserver %s --recv %s" % (apt_key_bin, keyserver, key_id)
+        cmd = "%s adv --no-tty --keyserver %s --recv %s" % (apt_key_bin, keyserver, key_id)
    for retry in range(5):
        lang_env = dict(LANG='C', LC_ALL='C', LC_MESSAGES='C')
        (rc, out, err) = module.run_command(cmd, environ_update=lang_env)