majic-ansible-roles Changeset

Changeset - 31d727247bef

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 7 years ago 2018-12-24 12:04:18
branko@majic.rs

Noticket: Fix the invocation of GnuPG to use the --no-tty option:

- At least in some cases GnuPG would otherwise fail to run.

3 files changed with 11 insertions and 4 deletions:

docs/releasenotes.rst

roles/backup_client/handlers/main.yml

roles/backup_client/tasks/main.yml

0 comments (0 inline, 0 general)

docs/releasenotes.rst

➞

Show inline comments

@@ @@ -2,12 +2,19 @@ Release notes @@
 =============
 NEXT RELEASE
 ------------
 Bug fixes:
 * ``backup_client`` role
   * Avoid errors related to lack of ``tty`` when invoking the GnuPG
     utility by using the ``--no-tty`` option.
 .1.0
 -----
 Minor improvements and fixes.

roles/backup_client/handlers/main.yml

➞

Show inline comments

@@ @@ -3,17 +3,17 @@ @@
 # Preferably we would use block here, but blocks cannot be used as
 # handlers unfortunately.
 - name: Clean-up GnuPG keyring for import of new keys
   import_tasks: cleanup_gnupg.yml
 - name: Import private keys
   command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
+  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
   tags:
     # [ANSIBLE0012] Commands should not change things if nothing needs doing
     #   This task is invoked only if user is very specific about requiring to
     #   run the handlers manually as a way to bring the system to consistency
     #   after interrupted runs.
     - skip_ansible_lint
 - name: Import public keys
   command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
+  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
   when: backup_additional_encryption_keys

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -50,20 +50,20 @@ @@
   notify:
     - Clean-up GnuPG keyring for import of new keys
     - Import private keys
     - Import public keys
 - name: Extract encryption key identifier (Duplicty requires key ID in hexadecimal format)
   shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/private_keys.asc | grep keyid: |
+  shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/private_keys.asc | grep keyid: |
     head -n1 | sed -e 's/.*: //' | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//'"
   register: backup_encryption_key_id
   changed_when: false
   failed_when: backup_encryption_key_id.stdout == ""
 - name: Extract additional encryption keys identifiers (Duplicty requires key ID in hexadecimal format)
   shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: |
+  shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/public_keys.asc | grep keyid: |
     sed -e 's/.*: //' | sort -u | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//' | tr '\n' ',' | sed -e 's/,$//'"
   when: backup_additional_encryption_keys
   register: backup_additional_encryption_keys_ids
   changed_when: false
   failed_when: backup_additional_encryption_keys_ids.stdout == ""

0 comments (0 inline, 0 general)