Adding a validation to ensure that path /etc/apt/keyrings path exists…

… before getting the gpg key Fixes: https://ibm.monday.com/boards/5591222586/pulses/8269716052 Signed-off-by: Fernando <[email protected]>
ceph · Jan 22, 2025 · d533aaa · d533aaa
1 parent 1ffa66d
commit d533aaa
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/roles/grafana_agent/tasks/main.yml b/roles/grafana_agent/tasks/main.yml
@@ -18,14 +18,23 @@
   loop: "{{ tcp_listen_violations }}"
   failed_when: true
 
+- name: "Ensure keyrings path exists"
+  become: true
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: '0755'
+    force: true
+  register: keyrings_exist
+
 - name: "Import Grafana GPG key"
   become: true
   ansible.builtin.get_url:
     url: "{{ grafana_apt_repo_key_url }}"
     dest: /etc/apt/keyrings/grafana.gpg
     mode: '0644'
     force: true
-  when: ansible_pkg_mgr == "apt"
+  when: ansible_pkg_mgr == "apt" and keyrings_exist is defined
 
 - name: Ensure downloaded file for key is a binary keyring
   shell: "cat /etc/apt/keyrings/grafana.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null"

diff --git a/roles/users/defaults/main.yml b/roles/users/defaults/main.yml
@@ -34,4 +34,4 @@ keys_repo_path: "~/.cache/src/keys"
 # Update users and pubkeys by default (this is changed to False during the play if keys_repo_head.stdout == sentinel_sha1.stdout)
 perform_users_role: True
 # Set this to True if you want to run the users tasks anyway
-force_users_update: False
+force_users_update: True