Fix conflict with apt installation #264
Conversation
|
|
When vscode is updated via apt upgrade, it automatically creates a new apt source file in /etc/apt/sources.list.d/vscode.sources using the new apt format. This file then used the dearmor key in /usr/share/keyrings which conflict with the armored key specified in the /etc/apt/sources.list.d/vscode.list file that was created by ansible. To avoid this conflict, I used the new apt format like mentioned in the vscode installation documentation: https://code.visualstudio.com/docs/setup/linux#_install-vs-code-on-linux Also removed conflicting files.
ltshb
force-pushed
the
bug-apt-install-gpg
branch
from
8612197 to
8278310
Compare
|
Hi @freemanjp I think I can solve the issue #263 could you have a look at this PR ? Thanks |
|
It would be great to have this merged. |
|
As an alternative, an implementation via https://docs.ansible.com/ansible/latest/collections/ansible/builtin/deb822_repository_module.html might also help and could reduce boilerplate |
| mode: 'u=rw,go=r' | ||
| when: not visual_studio_code_skip_add_repo | ||
|
|
||
| - name: Install VS Code (apt) |
There was a problem hiding this comment.
We also need update cache to have access to code
| - name: Install VS Code (apt) | |
| - name: Install VS Code (apt) | |
| become: true | |
| ansible.builtin.apt: | |
| name: "{{ visual_studio_code_package }}{{ (visual_studio_code_version | length > 0) | ternary('=' + visual_studio_code_version, '') }}" | |
| state: present | |
| update_cache: true |
ltshb
force-pushed
the
bug-apt-install-gpg
branch
from
f8e2919 to
c6f8a95
Compare
tasks/install-apt.yml
Outdated
| - name: Remove old key (apt) | ||
| become: true | ||
| ansible.builtin.file: | ||
| path: '/etc/apt/keyrings' | ||
| state: directory | ||
| mode: 'u=rwx,go=rx' | ||
| path: '/etc/apt/keyrings/microsoft.asc' | ||
| state: absent | ||
|
|
||
| - name: Install key (apt) | ||
| - name: Remove old repo (apt) | ||
| become: true | ||
| ansible.builtin.get_url: | ||
| url: '{{ visual_studio_code_mirror }}/keys/microsoft.asc' | ||
| dest: '/etc/apt/keyrings/' | ||
| mode: 'u=rw,go=r' | ||
| force: true | ||
| ansible.builtin.file: | ||
| path: '/etc/apt/sources.list.d/vscode.list' | ||
| state: absent | ||
| when: not visual_studio_code_skip_add_repo |
There was a problem hiding this comment.
I am still not 100% sure if this should be executed before ansible.builtin.apt task above. Since if this is causing an issue, the apt module above might fail.
Further, I don't know how deb822_repository is working behind, but it seems they utilize the /etc/apt/keyrings/microsoft.asc path. While it is causing issues with the old method, the deb822 format seems to handle it in a way it does not.
So if Remove old key (apt) will remove the key and Install VS Code repo (apt) installs it again, those tasks cause non-Idempotent execution.
There was a problem hiding this comment.
@MaKaNu You are right the key will always be removed and re-installed, I changed it to have a migration task on top before the install dependencies and this tasks only remove the key when the old apt list file is present to avoid this non-idempotent execution.
MaKaNu
left a comment
MaKaNu
left a comment
There was a problem hiding this comment.
LGFM. @freemanjp as the only contributor from gantsign I found on this repo, could you take a look at this PR or inform somebody else?
4 participants
When vscode is updated via apt upgrade, it automatically creates a new apt source file in /etc/apt/sources.list.d/vscode.sources using the new apt format. This file then used the dearmor key in /usr/share/keyrings which conflict with the armored key specified in the /etc/apt/sources.list.d/vscode.list file that was created by ansible.
To avoid this conflict, I used the new apt format like mentioned in the vscode installation documentation: https://code.visualstudio.com/docs/setup/linux#_install-vs-code-on-linux
Also removed conflicting files.
This should solve #263