commit 6f5e69e2bf142d13ff040e690fed9f0df4f99e9f
author azvyagintsev <azvyagintsev@mirantis.com> Wed Jun 06 16:16:47 2018 +0300
committer azvyagintsev <azvyagintsev@mirantis.com> Fri Jun 08 14:18:12 2018 +0300
tree c839d0b1588f1c797f85deec0d9d144de980110b
parent 64113f1216ea97f83b2abecd98a3764256f7f8cc

Fix system:repo

  * Currently, 'key' was processed only for default repos
  * Remove double-definition
  * Re-use idempotent fix

Co-Authored-By: Dennis Dmitriev <ddmitriev@mirantis.com>

Change-Id: Ic733f671b39e7b4a8d8e0a83515b6b0632c3a41b

linux/system/repo.sls

diff --git a/linux/system/repo.sls b/linux/system/repo.sls
index b734498..e227026 100644
--- a/linux/system/repo.sls
+++ b/linux/system/repo.sls
@@ -33,7 +33,7 @@
 
 purge_sources_list_d_repos:
    file.directory:
-   - name: /etc/apt/sources.list.d/           
+   - name: /etc/apt/sources.list.d/
    - clean: True
 
 {%- endif %}
@@ -77,29 +77,32 @@
 
 {%- endif %}
 
-{%- if repo.get('default', False) %}
-
-{%- do default_repos.update({name: repo}) %}
-
-{%- if repo.get('key') %}
+{%- if repo.get('key') %} {# 2 #}
 
 linux_repo_{{ name }}_key:
-  cmd.wait:
-    - name: "echo -e '{{ repo.key|replace('\n', '\\n') }}' | apt-key add -"
-    - watch:
-      - file: default_repo_list
+  cmd.run:
+    - name: |
+            echo "{{ repo.key | indent(12) }}" | apt-key add -
+    - unless: |
+            apt-key finger --with-colons | grep -qF $(echo "{{ repo.key| indent(12) }}" | gpg --with-fingerprint --with-colons | grep -E '^fpr')
+    - require_in:
+      - pkgrepo: linux_repo_{{ name }}
 
 {%- elif repo.key_url|default(False) %}
 
 linux_repo_{{ name }}_key:
-  cmd.wait:
+  cmd.run:
     - name: "curl -sL {{ repo.key_url }} | apt-key add -"
-    - watch:
-      - file: default_repo_list
+    - unless: "apt-key finger --with-colons | grep -qF $(curl -sL {{ repo.key_url }} | gpg --with-fingerprint --with-colons | grep -E '^fpr')"
+    - require_in:
+      - pkgrepo: linux_repo_{{ name }}
 
-{%- endif %}
+{%- endif %} {# 2 #}
 
-{%- else %}
+{%- if repo.get('default', False) %}   {# 1 #}
+  {%- do default_repos.update({name: repo}) %}  {# for 'default' repos #}
+
+{%- else %} {# for all others repos #}
 
 {%- if repo.get('enabled', True) %}
 
@@ -137,26 +140,6 @@
   {%- endif %}
   {%- endif %}
 
-{%- if repo.get('key') %}
-
-linux_repo_{{ name }}_key:
-  cmd.run:
-    - name: "echo -e '{{ repo.key|replace('\n', '\\n') }}' | apt-key add -"
-    - unless: "apt-key finger --with-colons | grep -qF $(echo -e '{{ repo.key|replace('\n', '\\n') }}' | gpg --with-fingerprint --with-colons | grep -E '^fpr')"
-    - require_in:
-      - pkgrepo: linux_repo_{{ name }}
-
-{%- elif repo.key_url|default(False) %}
-
-linux_repo_{{ name }}_key:
-  cmd.run:
-    - name: "curl -sL {{ repo.key_url }} | apt-key add -"
-    - unless: "apt-key finger --with-colons | grep -qF $(curl -sL {{ repo.key_url }} | gpg --with-fingerprint --with-colons | grep -E '^fpr')"
-    - require_in:
-      - pkgrepo: linux_repo_{{ name }}
-
-{%- endif %}
-
 {%- else %}
 
 linux_repo_{{ name }}_absent:
@@ -177,7 +160,7 @@
 
 {%- endif %}
 
-{%- endif %}
+{%- endif %} {# 1 #}
 
 {#- os_family Debian #}
 {%- endif %}