ansible.builtin.rpm_key module – Adds or removes a gpg key from the rpm db
Note
This module is part of ansible-core
and included in all Ansible
installations. In most cases, you can use the short
module name
rpm_key
even without specifying the collections keyword.
However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.rpm_key
for easy linking to the
module documentation and to avoid conflicting with other collections that may have
the same module name.
Synopsis
Adds or removes (rpm –import) a gpg key to your rpm database.
Parameters
Parameter |
Comments |
---|---|
The long-form fingerprint of the key being imported. This will be used to verify the specified key. |
|
Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database. |
|
If the key will be imported or removed from the rpm db. Choices:
|
|
If This should only be used on personally controlled sites using self-signed certificates. Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped. |
|
Support: none |
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
|
Platform: rhel |
Target OS/families that can be operated against |
Examples
- name: Import a key from a url
ansible.builtin.rpm_key:
state: present
key: http://apt.sw.be/RPM-GPG-KEY.dag.txt
- name: Import a key from a file
ansible.builtin.rpm_key:
state: present
key: /path/to/key.gpg
- name: Ensure a key is not present in the db
ansible.builtin.rpm_key:
state: absent
key: DEADB33F
- name: Verify the key, using a fingerprint, before import
ansible.builtin.rpm_key:
key: /path/to/RPM-GPG-KEY.dag.txt
fingerprint: EBC6 E12C 62B1 C734 026B 2122 A20E 5214 6B8D 79E6