[rpm_key] Fix to import first key on the system (#31514)

* [rpm_key] Fix to import first key on the system Fixes: #31483 * [rpm_key] removed unsafe_shell and "throwaway" underscore * [rpm_key] adding test to add the first key on system (cherry picked from commit 5ccc1072ea)
2017-10-10 13:31:20 +02:00 · 2017-10-10 13:31:20 +02:00 · ead2fc5a64
commit ead2fc5a64
parent 3a0aa4ddff
2 changed files with 14 additions and 2 deletions
--- a/lib/ansible/modules/packaging/os/rpm_key.py
+++ b/lib/ansible/modules/packaging/os/rpm_key.py
@ -170,11 +170,15 @@ class RpmKey(object):
        return stdout, stderr

    def is_key_imported(self, keyid):
-        cmd=self.rpm + ' -q  gpg-pubkey --qf "%{description}" | ' + self.gpg + ' --no-tty --batch --with-colons --fixed-list-mode -'
+        cmd = self.rpm + ' -q  gpg-pubkey'
+        rc, stdout, stderr = self.module.run_command(cmd)
+        if rc != 0:  # No key is installed on system
+            return False
+        cmd += ' --qf "%{description}" | ' + self.gpg + ' --no-tty --batch --with-colons --fixed-list-mode -'
        stdout, stderr = self.execute_command(cmd)
        for line in stdout.splitlines():
            if keyid in line.split(':')[4]:
-                    return True
+                return True
        return False

    def import_key(self, keyfile):
--- a/test/integration/targets/rpm_key/tasks/rpm_key.yaml
+++ b/test/integration/targets/rpm_key/tasks/rpm_key.yaml
@ -101,3 +101,11 @@
 - name: confirm that signature check succeeded
  assert:
    that: "'rsa sha1 (md5) pgp md5 OK' in sl_check.stdout"
+
+- name: remove all keys from key ring
+  shell: "rpm -q  gpg-pubkey | xargs rpm -e"
+
+- name: add very first key on system
+  rpm_key:
+    state: present
+    key: https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7