rpm_key – Adds or removes a gpg key from the rpm db

Synopsis

  • Adds or removes (rpm –import) a gpg key to your rpm database.

Parameters

Parameter Choices/Defaults Comments
fingerprint
string
added in 2.9
The long-form fingerprint of the key being imported.
This will be used to verify the specified key.
key
- / required
Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database.
state
-
    Choices:
  • absent
  • present ←
If the key will be imported or removed from the rpm db.
validate_certs
boolean
    Choices:
  • no
  • yes ←
If no and the key is a url starting with https, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.

Examples

# Example action to import a key from a url
- rpm_key:
    state: present
    key: http://apt.sw.be/RPM-GPG-KEY.dag.txt

# Example action to import a key from a file
- rpm_key:
    state: present
    key: /path/to/key.gpg

# Example action to ensure a key is not present in the db
- rpm_key:
    state: absent
    key: DEADB33F

# Verify the key, using a fingerprint, before import
- rpm_key:
    key: /path/to/RPM-GPG-KEY.dag.txt
    fingerprint: EBC6 E12C 62B1 C734 026B  2122 A20E 5214 6B8D 79E6

Status

Red Hat Support

More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.

Authors

Hint

If you notice any issues in this documentation, you can edit this document to improve it.