majic-ansible-roles Changeset

Changeset - eb172883f16d

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 5 years ago 2018-12-24 12:34:13
branko@majic.rs

Noticket: Fix the invocation of GnuPG to use the --no-tty option:

- At least in some cases GnuPG would otherwise fail to run.

3 files changed with 15 insertions and 4 deletions:

docs/releasenotes.rst

roles/backup_client/handlers/main.yml

roles/backup_client/tasks/main.yml

0 comments (0 inline, 0 general)

docs/releasenotes.rst

➞

Show inline comments

@@ @@ -2,6 +2,17 @@ Release notes @@
 =============
 NEXT RELEASE
 ------------
 Bug fixes:
 * ``backup_client`` role
   * Avoid errors related to lack of ``tty`` when invoking the GnuPG
     utility by using the ``--no-tty`` option.
 .1.0
 -----

roles/backup_client/handlers/main.yml

➞

Show inline comments

@@ @@ -6,7 +6,7 @@ @@
   import_tasks: cleanup_gnupg.yml
 - name: Import private keys
   command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
+  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
   tags:
     # [ANSIBLE0012] Commands should not change things if nothing needs doing
     #   This task is invoked only if user is very specific about requiring to
@@ @@ -15,5 +15,5 @@ @@
     - skip_ansible_lint
 - name: Import public keys
   command: "{{ gnupg_binary }} --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
+  command: "{{ gnupg_binary }} --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
   when: backup_additional_encryption_keys

roles/backup_client/tasks/main.yml

➞

Show inline comments

@@ @@ -53,14 +53,14 @@ @@
     - Import public keys
 - name: Extract encryption key identifier (Duplicty requires key ID in hexadecimal format)
   shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/private_keys.asc | grep keyid: |
+  shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/private_keys.asc | grep keyid: |
     head -n1 | sed -e 's/.*: //' | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//'"
   register: backup_encryption_key_id
   changed_when: false
   failed_when: backup_encryption_key_id.stdout == ""
 - name: Extract additional encryption keys identifiers (Duplicty requires key ID in hexadecimal format)
   shell: "{{ gnupg_binary }} --list-packets /etc/duply/main/public_keys.asc | grep keyid: |
+  shell: "{{ gnupg_binary }} --no-tty --list-packets /etc/duply/main/public_keys.asc | grep keyid: |
     sed -e 's/.*: //' | sort -u | sed -re 's/^.{{ '{' + gnupg_key_cutoff + '}' }}//' | tr '\n' ',' | sed -e 's/,$//'"
   when: backup_additional_encryption_keys
   register: backup_additional_encryption_keys_ids

0 comments (0 inline, 0 general)