Skip to content

Commit 94cdb6b

Browse files
jdelicjdelic
committed
work around saltstack/salt#61052 and the fact that build.opensuse.org will not return data when there is no Accept header. And unfortunately salt.utils.http.query does not set an Accept header. So file.managed can't download the albert key file.
1 parent ee585c8 commit 94cdb6b

File tree

2 files changed

+21
-11
lines changed

2 files changed

+21
-11
lines changed

srv/salt/_states/aptrepo.py

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,8 @@ def _propagate_changes(myret, theirret):
2929
myret["pchanges"][theirret["name"]] = theirret["pchanges"]
3030

3131

32-
def managed(name, listfile_name, signing_key_url, signed_by, dearmor=True, arch=None, require=None):
32+
def managed(name, listfile_name, signing_key_url, signed_by, dearmor=True, arch=None, require=None,
33+
download_method=None):
3334
ret = {
3435
"name": name,
3536
"changes": {},
@@ -97,15 +98,20 @@ def managed(name, listfile_name, signing_key_url, signed_by, dearmor=True, arch=
9798
if not __salt__["file.file_exists"](signed_by):
9899
tmp = salt.utils.files.mkstemp()
99100
log.debug("downloading signed-by keyfile to %s from %s", tmp, signing_key_url)
100-
keyfile_ret = __states__['file.managed'](name=tmp,
101-
source=signing_key_url,
102-
require=require,
103-
skip_verify=skip_verify)
101+
if download_method is not None and download_method == "curl":
102+
keyfile_ret = __states__['cmd.run'](name=f"/usr/bin/curl --no-progress-meter -f -S -o '{tmp}' '{signing_key_url}'")
103+
req_cmd = require.append({"file": f"/usr/bin/curl --no-progress-meter -f -S -o '{tmp}' '{signing_key_url}'"}) if require \
104+
else [{"file": tmp}]
105+
else:
106+
keyfile_ret = __states__['file.managed'](name=tmp,
107+
source=signing_key_url,
108+
require=require,
109+
skip_verify=skip_verify)
110+
req_cmd = require.append({"file": tmp}) if require else [{"file": tmp}]
111+
104112
log.debug(keyfile_ret)
105113
_propagate_changes(ret, keyfile_ret)
106-
107114
log.debug("dearmoring %s to %s", tmp, signed_by)
108-
req_cmd = require.append({"file": tmp}) if require else [{"file": tmp}]
109115
dearmor_ret = __states__['cmd.run'](name="/usr/bin/gpg --dearmor -o '%s' '%s'" % (signed_by, tmp),
110116
creates=signed_by,
111117
require=req_cmd)
@@ -115,9 +121,12 @@ def managed(name, listfile_name, signing_key_url, signed_by, dearmor=True, arch=
115121
else:
116122
if not __salt__["file.file_exists"](signed_by):
117123
log.debug("storing dearmored key %s in %s", signing_key_url, signed_by)
118-
keyfile_ret = __states__['file.managed'](name=signed_by,
119-
source=signing_key_url,
120-
skip_verify=skip_verify)
124+
if download_method is not None and download_method == "curl":
125+
keyfile_ret = __states__['cmd.run'](name=f"/usr/bin/curl --no-progress-meter -f -S -o '{tmp}' '{signing_key_url}'")
126+
else:
127+
keyfile_ret = __states__['file.managed'](name=signed_by,
128+
source=signing_key_url,
129+
skip_verify=skip_verify)
121130
log.debug(keyfile_ret)
122131
_propagate_changes(ret, keyfile_ret)
123132

srv/salt/albert/init.sls

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,8 @@ albert-repo:
33
- name: {{pillar['repos']['albert']}}
44
- listfile_name: albert.list
55
- signed_by: /etc/apt/keyrings/albert-archive-keyring.gpg
6-
- signing_key_url: https://download.opensuse.org/repositories/home:manuelschneid3r/Debian_12/Release.key
6+
- signing_key_url: 'https://build.opensuse.org/projects/home:manuelschneid3r/signing_keys/download?kind=gpg'
7+
- download_method: curl
78
- dearmor: True
89
- require:
910
- pkg: desktop-packages

0 commit comments

Comments
 (0)