Skip to content
Snippets Groups Projects

install_arch: verify bootstrap image signature

Merged install_arch: verify bootstrap image signature
matt-1-2-3/infrastructure:fix_for_issue_458 into master
All threads resolved!
Merged Matt Nelson requested to merge matt-1-2-3/infrastructure:fix_for_issue_458 into master
All threads resolved!
Compare
and
Show latest version
1 file
+ 1
4
Compare changes
  • Side-by-side
  • Inline
roles/install_arch/tasks/main.yml
+ 1
4
@@ -51,12 +51,10 @@
- name: Get pierre's key
ansible.builtin.command: gpg --locate-keys pierre@archlinux.de
register: valid_key
changed_when: false
- name: Get signature verification output
command: gpg --keyserver-options auto-key-retrieve --verify archlinux-bootstrap-x86_64.tar.gz.sig
register: gpg_info
command: gpg --verify archlinux-bootstrap-x86_64.tar.gz.sig
changed_when: false
- name: Extract boostrap image # noqa risky-file-permissions
@@ -65,7 +63,6 @@
dest: /tmp
remote_src: true
creates: /tmp/root.x86_64
when: valid_key.stdout_lines[1] | trim == gpg_info.stderr_lines[2].split()[-1] | trim
- name: Copy resolv.conf to bootstrap chroot
copy: remote_src=true src=/etc/resolv.conf dest=/tmp/root.x86_64/etc/resolv.conf owner=root group=root mode=0644