ansible.builtin.rpm_key – Adds or removes a gpg key from the rpm db
Note
This module is part of ansible-core and included in all Ansible installations. In most cases, you can use the short module name rpm_key even without specifying the collections: keyword. However, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
New in version 1.3: of ansible.builtin
Synopsis
- Adds or removes (rpm –import) a gpg key to your rpm database.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| fingerprint string added in 2.9 of ansible.builtin | The long-form fingerprint of the key being imported. This will be used to verify the specified key. | |
| key string / required | Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database. | |
| state string |
| If the key will be imported or removed from the rpm db. |
| validate_certs boolean |
| If no and the key is a url starting with https, SSL certificates will not be validated.This should only be used on personally controlled sites using self-signed certificates. |
Notes
Note
- Supports
check_mode.
Examples
- name: Import a key from a url
ansible.builtin.rpm_key:
state: present
key: http://apt.sw.be/RPM-GPG-KEY.dag.txt
- name: Import a key from a file
ansible.builtin.rpm_key:
state: present
key: /path/to/key.gpg
- name: Ensure a key is not present in the db
ansible.builtin.rpm_key:
state: absent
key: DEADB33F
- name: Verify the key, using a fingerprint, before import
ansible.builtin.rpm_key:
key: /path/to/RPM-GPG-KEY.dag.txt
fingerprint: EBC6 E12C 62B1 C734 026B 2122 A20E 5214 6B8D 79E6
Authors
- Hector Acosta (@hacosta) <hector.acosta@gazzang.com>
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/rpm_key_module.html