ansible.builtin.rpm_key module – Adds or removes a gpg key from the rpm db
Note
This module is part of ansible-core and included in all Ansible
installations. In most cases, you can use the short
module name
rpm_key even without specifying the collections: keyword.
However, we recommend you use the FQCN for easy linking to the
module documentation and to avoid conflicting with other collections that may have
the same module name.
Synopsis
Adds or removes (rpm –import) a gpg key to your rpm database.
Parameters
Parameter |
Comments |
|---|---|
The long-form fingerprint of the key being imported. This will be used to verify the specified key. |
|
Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database. |
|
If the key will be imported or removed from the rpm db. Choices:
|
|
If This should only be used on personally controlled sites using self-signed certificates. Choices:
|
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: full |
Can run in check_mode and return changed status prediction without modifying target |
|
Support: none |
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
|
Platform: rhel |
Target OS/families that can be operated against |
Examples
- name: Import a key from a url
ansible.builtin.rpm_key:
state: present
key: http://apt.sw.be/RPM-GPG-KEY.dag.txt
- name: Import a key from a file
ansible.builtin.rpm_key:
state: present
key: /path/to/key.gpg
- name: Ensure a key is not present in the db
ansible.builtin.rpm_key:
state: absent
key: DEADB33F
- name: Verify the key, using a fingerprint, before import
ansible.builtin.rpm_key:
key: /path/to/RPM-GPG-KEY.dag.txt
fingerprint: EBC6 E12C 62B1 C734 026B 2122 A20E 5214 6B8D 79E6