From dcdcd21aa59c38a401cd7bcdb1adfbf24de1ffbe Mon Sep 17 00:00:00 2001 From: Federico Capoano Date: Fri, 5 Jul 2024 10:25:59 -0400 Subject: [PATCH] [chores] Perform checksum check when installing GPG keys --- tasks/freeradius.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/tasks/freeradius.yml b/tasks/freeradius.yml index 7984f2b3..5f47d3da 100644 --- a/tasks/freeradius.yml +++ b/tasks/freeradius.yml @@ -81,14 +81,15 @@ - molecule-idempotence-notest - name: Add Network RADIUS PGP public key - become: true - shell: | - curl -s 'https://packages.networkradius.com/pgp/packages%40networkradius.com' | \ - sudo tee /etc/apt/trusted.gpg.d/packages.networkradius.com.asc > /dev/null - when: - - ansible_distribution|string == 'Ubuntu' or ansible_distribution|string == 'Debian' - tags: - - molecule-idempotence-notest + get_url: + url: https://packages.networkradius.com/pgp/packages%40networkradius.com + dest: /etc/apt/trusted.gpg.d/packages.networkradius.com.asc + checksum: sha256:652bc3a84297eb133f40af2e51bed897b0c5c22ec6a3ef76a2a14f97f90c9b7d + ignore_errors: true + retries: 5 + delay: 10 + register: result + until: result is success - name: Update and upgrade apt packages apt: