I am trying to execute below command which is part of Docker installation, but it got stuck.
The gpg
part of the command got stuck, if I remove gpg
after pipe, it works.
---
- hosts: all
become: yes
tasks:
- name: add docker GPG key
shell: "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg"
3
Answers
Example for
apt
To download files via HTTPS to your node you may use the
get_url
_module, followed by anapt_key
_module task to add a key.You could also add it by
You may need to use other modules or task for
gpg
orkeyring
.Similar Q&A
General Ansible advise: if you just feed all your command lines in
shell
tasks in Ansible, then you are doing it wrong.Ansible does have existing module, that are purposed to serve the idempotency idea that is at the root of Ansible goal and that will greatly simplify all tasks you will try to achieve.
This being said, you now have to understand what that specific line of the Docker manual is trying to achieve.
It’s actually a line that would add the GPG key of Docker to a trusted keyring on the node, so it can validate the authenticity of the package you will later use in a
package
task.So the purposed module, in this case is the
apt_key
one.Your task ends up being:
Got the same problem today, as I don’t want to use the
apt_key
module becauseapt-key
command, that the module use under the hood, is deprecated. I was following the same approach than you.As @Zeitounator mention, the issue is caused because gpg is running in the nteractive mode and waiting a confirmation, and I’m sure that is because the destination file already exist (probably because you run the task before), so it’s asking you to override that file.
So the solution in this case is to use the
creates
option in theshell
module pointing to the path where you are storing the gpg key. Whit this the task would not run again if the file exist. See https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html#parameter-creates