Vhm$ddlmZdZdZdZddlZddlZddlZddl m Z ddl m Z ddl mZd ZGd d eZd Zed k(reyy)) annotationsa/ --- module: rpm_key author: - Hector Acosta (@hacosta) short_description: Adds or removes a gpg key from the rpm db description: - Adds or removes C(rpm --import) a gpg key to your rpm database. version_added: "1.3" options: key: description: - Key that will be modified. Can be a url, a file on the managed node, or a keyid if the key already exists in the database. type: str required: true state: description: - If the key will be imported or removed from the rpm db. type: str default: present choices: [ absent, present ] validate_certs: description: - If V(false) and the O(key) is a url starting with V(https), SSL certificates will not be validated. - This should only be used on personally controlled sites using self-signed certificates. type: bool default: 'yes' fingerprint: description: - The long-form fingerprint of the key being imported. - This will be used to verify the specified key. type: list elements: str version_added: 2.9 extends_documentation_fragment: - action_common_attributes attributes: check_mode: support: full diff_mode: support: none platform: platforms: rhel a! - name: Import a key from a url ansible.builtin.rpm_key: state: present key: http://apt.sw.be/RPM-GPG-KEY.dag.txt - name: Import a key from a file ansible.builtin.rpm_key: state: present key: /path/to/key.gpg - name: Ensure a key is not present in the db ansible.builtin.rpm_key: state: absent key: DEADB33F - name: Verify the key, using a fingerprint, before import ansible.builtin.rpm_key: key: /path/to/RPM-GPG-KEY.dag.txt fingerprint: EBC6 E12C 62B1 C734 026B 2122 A20E 5214 6B8D 79E6 - name: Verify the key, using multiple fingerprints, before import ansible.builtin.rpm_key: key: /path/to/RPM-GPG-KEY.dag.txt fingerprint: - EBC6 E12C 62B1 C734 026B 2122 A20E 5214 6B8D 79E6 - 19B7 913E 6284 8E3F 4D78 D6B4 ECD9 1AB2 2EB6 8D86 #N) AnsibleModule) fetch_url) to_nativec xd}ttj|t|dtjS)zVerifies if string is a pubkeyzP.*?(-----BEGIN PGP PUBLIC KEY BLOCK-----.*?-----END PGP PUBLIC KEY BLOCK-----).*surrogate_or_strict)errors)boolrematchrDOTALL)string pgp_regexs G/home/dcms/DCMS/lib/python3.12/site-packages/ansible/modules/rpm_key.py is_pubkeyrbs.bI If=R$SUWU^U^_ ``cHeZdZdZdZdZdZdZdZdZ dZ d Z d Z y ) RpmKeyc d}d}||_|jjdd|_|jd}|jd}|jd}t }|r%t |t s|g}t d|D}|jjd|_|js"|jjd d |_d |vr%|j|}|j|}d}nf|j|r|}nRtjj|r|}|j|}n|jjd |z |j}|dk(r|j!|r|j#dy|s|jjd |rE|j%|} |j'| s#|jjd|d| d |j)||r|jj+||j#dy|j!|r$|j-||j#dy|j#dy)NFrpmTstatekey fingerprintc3\K|]$}|jddj&yw) N)replaceupper).0fs r z"RpmKey.__init__..ys$Oaqyyb1779Os*,gpggpg2)requiredz://zNot a valid key %smsgpresent)changedz0When importing a key, a valid file must be givenzThe specified fingerprint, 'z+', does not match any key fingerprints in '')module get_bin_pathrparamsset isinstancelistr# fetch_keygetkeyidis_keyidospathisfile fail_jsonnormalize_keyidis_key_imported exit_jsongetfingerprintsissubset import_keycleanupdrop_key) selfr+keyfileshould_cleanup_keyfilerrr fingerprintskeyidkeyfile_fingerprintss r__init__zRpmKey.__init__js9!& ;;++E48 g&mmE"mmM2 u k40*m O;OOL;;++E2xx{{///FDH C<nnS)GMM'*E%) " ]]3 E WW^^C GMM'*E KK ! !&:S&@ ! A$$U+ I ##E*   /KK)).`)a+/+?+?+H('001EF --S_au!w.()KK''0   .##E* e$   .   /rct|j|\}}|ddk7r%|jjd|d|d|j}t |s|jjd|zt j \}}|jj|tj|d}|j||j|S) z;Downloads a key from url, returns a valid path to a gpg keystatuszfailed to fetch key at z , error was: r'r&zNot a public key: %szw+b) rr+r7readrtempfilemkstempadd_cleanup_filer4fdopenwriteclose)r@urlrspinfortmpfdtmpnametmpfiles rr1zRpmKey.fetch_keysdkk3/ T >S KK ! !UXZ^_dZe&f ! ghhj~ KK ! !&>$ qr7N ^^D !qr7NJrc|j|jdddd|g\}}|jD]9}|j}|j ds%|j ddcS|j jd y) N--no-tty--batch --with-colons--fixed-list-modezpub::Unexpected gpg outputr&)execute_commandr# splitlinesr[r\splitr+r7)r@rAstdoutstderrlines rr2zRpmKey.getkeyids--txxYP_atv}.~%%' *D::ST%$u=&59VT:  !F 6Nr__main__) __future__r DOCUMENTATIONEXAMPLESRETURNr os.pathr4rKansible.module_utils.basicransible.module_utils.urlsr+ansible.module_utils.common.text.convertersrrobjectrrr~rrrrsd#, \ :  5/Aa VnVVnr  zFr