From 3834d4b7c6d9fc087fe42dd1a58edc339f32c5dc Mon Sep 17 00:00:00 2001 From: Kazuhiro MUSASHI Date: Sat, 6 Apr 2024 17:12:49 +0900 Subject: [PATCH 1/2] Install necessary packages. --- cookbooks/base/packages.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cookbooks/base/packages.rb b/cookbooks/base/packages.rb index c2e6df7..621c6fe 100644 --- a/cookbooks/base/packages.rb +++ b/cookbooks/base/packages.rb @@ -2,7 +2,7 @@ execute 'apt update' # Install the necessary packages: -%w[build-essential zsh vim-nox debian-keyring curl direnv jq avahi-daemon].each do |pkg| +%w[build-essential zsh vim-nox debian-keyring curl direnv jq avahi-daemon wget gpg coreutils].each do |pkg| package pkg end -- 2.40.1 From cca3bc93d3c17b49262a9190f959531a1848845d Mon Sep 17 00:00:00 2001 From: Kazuhiro MUSASHI Date: Sat, 6 Apr 2024 17:24:01 +0900 Subject: [PATCH 2/2] Update Hashicorp apt sources. --- cookbooks/consul/install.rb | 10 +++++----- .../templates/etc/apt/sources.list.d/hashicorp.list | 2 +- cookbooks/nomad/install.rb | 10 +++++----- .../templates/etc/apt/sources.list.d/hashicorp.list | 2 +- cookbooks/vault/install.rb | 10 +++++----- .../templates/etc/apt/sources.list.d/hashicorp.list | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/cookbooks/consul/install.rb b/cookbooks/consul/install.rb index 7f0abd1..244dcf2 100644 --- a/cookbooks/consul/install.rb +++ b/cookbooks/consul/install.rb @@ -1,9 +1,9 @@ -# Install `Consul`: -KEYSRV = "https://apt.releases.hashicorp.com/gpg" -ID = "AA16FCBCA621E701" +# apt source: +SRC = 'https://apt.releases.hashicorp.com/gpg' +DEST = '/usr/share/keyrings/hashicorp-archive-keyring.gpg' -execute "apt-key adv --keyserver #{KEYSRV} --recv-keys #{ID}" do - not_if 'apt-key list | grep HashiCorp' +execute "wget -O- #{SRC} | gpg --dearmor -o #{DEST}" do + not_if "test -e #{DEST}" end # Retrieve the Ubuntu code: diff --git a/cookbooks/consul/templates/etc/apt/sources.list.d/hashicorp.list b/cookbooks/consul/templates/etc/apt/sources.list.d/hashicorp.list index 16f9f11..3ed7565 100644 --- a/cookbooks/consul/templates/etc/apt/sources.list.d/hashicorp.list +++ b/cookbooks/consul/templates/etc/apt/sources.list.d/hashicorp.list @@ -1 +1 @@ -deb [arch=amd64] https://apt.releases.hashicorp.com <%= @distribution %> main +deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com <%= @distribution %> main diff --git a/cookbooks/nomad/install.rb b/cookbooks/nomad/install.rb index fbe61ab..86657b1 100644 --- a/cookbooks/nomad/install.rb +++ b/cookbooks/nomad/install.rb @@ -1,9 +1,9 @@ -# Install `Consul`: -KEYSRV = "https://apt.releases.hashicorp.com/gpg" -ID = "AA16FCBCA621E701" +# apt source: +SRC = 'https://apt.releases.hashicorp.com/gpg' +DEST = '/usr/share/keyrings/hashicorp-archive-keyring.gpg' -execute "apt-key adv --keyserver #{KEYSRV} --recv-keys #{ID}" do - not_if 'apt-key list | grep HashiCorp' +execute "wget -O- #{SRC} | gpg --dearmor -o #{DEST}" do + not_if "test -e #{DEST}" end # Retrieve the Ubuntu code: diff --git a/cookbooks/nomad/templates/etc/apt/sources.list.d/hashicorp.list b/cookbooks/nomad/templates/etc/apt/sources.list.d/hashicorp.list index 16f9f11..3ed7565 100644 --- a/cookbooks/nomad/templates/etc/apt/sources.list.d/hashicorp.list +++ b/cookbooks/nomad/templates/etc/apt/sources.list.d/hashicorp.list @@ -1 +1 @@ -deb [arch=amd64] https://apt.releases.hashicorp.com <%= @distribution %> main +deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com <%= @distribution %> main diff --git a/cookbooks/vault/install.rb b/cookbooks/vault/install.rb index b75704e..ec1e3f7 100644 --- a/cookbooks/vault/install.rb +++ b/cookbooks/vault/install.rb @@ -1,9 +1,9 @@ -# Install `Consul`: -KEYSRV = "https://apt.releases.hashicorp.com/gpg" -ID = "AA16FCBCA621E701" +# apt source: +SRC = 'https://apt.releases.hashicorp.com/gpg' +DEST = '/usr/share/keyrings/hashicorp-archive-keyring.gpg' -execute "apt-key adv --keyserver #{KEYSRV} --recv-keys #{ID}" do - not_if 'apt-key list | grep HashiCorp' +execute "wget -O- #{SRC} | gpg --dearmor -o #{DEST}" do + not_if "test -e #{DEST}" end # Retrieve the Ubuntu code: diff --git a/cookbooks/vault/templates/etc/apt/sources.list.d/hashicorp.list b/cookbooks/vault/templates/etc/apt/sources.list.d/hashicorp.list index 16f9f11..3ed7565 100644 --- a/cookbooks/vault/templates/etc/apt/sources.list.d/hashicorp.list +++ b/cookbooks/vault/templates/etc/apt/sources.list.d/hashicorp.list @@ -1 +1 @@ -deb [arch=amd64] https://apt.releases.hashicorp.com <%= @distribution %> main +deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com <%= @distribution %> main -- 2.40.1