diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-07-20 22:34:01 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-07-20 22:34:01 +0200 |
| commit | 7ff35ec95420023d323e394162cd124029ea7161 (patch) | |
| tree | 773e57a25d74490da230c4a605a978d76d9c6c51 /roles/installer/debian/fetch/tasks/verify-ubuntu.yml | |
| parent | riot is now called element (diff) | |
make debian installer fetch more generic
Diffstat (limited to 'roles/installer/debian/fetch/tasks/verify-ubuntu.yml')
| -rw-r--r-- | roles/installer/debian/fetch/tasks/verify-ubuntu.yml | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml index e7cff3ae..6c6500ea 100644 --- a/roles/installer/debian/fetch/tasks/verify-ubuntu.yml +++ b/roles/installer/debian/fetch/tasks/verify-ubuntu.yml @@ -5,31 +5,16 @@ - SHA256SUMS.gpg get_url: url: "{{ debian_installer_base_url }}/{{ item }}" - dest: "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/{{ item }}" + dest: "{{ debian_installer_target_dir }}/{{ item }}" + force: "{{ debian_installer_force_download }}" - name: verfiy signature of SHA256SUMS.gpg file command: >- gpg --no-options --trust-model always --no-default-keyring --secret-keyring /dev/null --keyring "{{ installer_keyrings_path | default(installer_base_path+'/keyrings') }}/ubuntu-archive.gpg" - --verify "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS.gpg" - "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS" + --verify "{{ debian_installer_target_dir }}/SHA256SUMS.gpg" "{{ debian_installer_target_dir }}/SHA256SUMS" changed_when: False register: debian_installer_gpg_result - debug: var: debian_installer_gpg_result.stderr_lines - -- name: extract kernel image hash from SHA256SUMS - command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/{{ debian_installer_variant_kernal_image_name }}$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS" - changed_when: false - register: debian_installer_sha256sums_kernel - -- name: extract inital ramdisk hash from SHA256SUMS - command: grep -E "^[0-9a-z]{64}\s+(./)?{{ debian_installer_variant_path }}/initrd.gz$" "{{ installer_base_path }}/{{ debian_installer_distro }}-{{ debian_installer_codename }}/{{ debian_installer_arch }}-{{ debian_installer_variant }}/SHA256SUMS" - changed_when: false - register: debian_installer_sha256sums_initrd - -- name: set checksum variables - set_fact: - debian_installer_kernel_checksum: "sha256:{{ debian_installer_sha256sums_kernel.stdout.split(' ') | first }}" - debian_installer_initrd_checksum: "sha256:{{ debian_installer_sha256sums_initrd.stdout.split(' ') | first }}" |