How do we add “[trusted=yes]” to package repository for internally hosted package repo? My company has an apt repo they provide, however, they do not provide the need for a gpg key for the repo. They use [trusted=yes] for the sources.list. My team doesn’t have control over the apt repo. So, I’m hoping there’s a way to “inject” the trusted argument into the package repo settings.
I tried altering the curtin_userdata with an early_command to edit the /etc/apt/sources.list file prior to boot. That didn’t work.
OK, so I’ve been reading the curtin docs (here: https://buildmedia.readthedocs.org/media/pdf/curtin/latest/curtin.pdf) specifically around page 24. We’re using a custom image. I am thinking that maybe we could tell curtin/cloud-init not to update the /etc/apt/sources.list and we could just hard code the sources.list in our image, though my concern here is that I’ve observed that maas/curtin does apt updates fairly early on in the boot process and I am not sure if there would be a problem with timing. At any rate, I tested editing /etc/maas/preseeds/curtin_userdata adding in the apt line at the top for preserve_sources_list; this didn’t work either:
#cloud-config
apt:
preserve_sources_list: true
debconf_selections:
maas: |
{{for line in str(curtin_preseed).splitlines()}}
{{line}}
{{endfor}}
early_commands:
{{if third_party_drivers and driver}}
{{py: key_string = ''.join(['\\x%x' % x for x in driver['key_binary']])}}
{{if driver['key_binary'] and driver['repository'] and driver['package']}}
driver_00_get_key: /bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg
driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"]
{{endif}}
{{if driver['repository']}}
driver_02_add: ["add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"]
{{endif}}
{{if driver['package']}}
driver_03_update_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install {{driver['package']}}"]
{{endif}}
{{if driver['module']}}
driver_04_load: ["sh", "-c", "depmod && modprobe {{driver['module']}} || echo 'Warning: Failed to load module: {{driver['module']}}'"]
{{endif}}
{{else}}
driver_00: ["sh", "-c", "echo third party drivers not installed or necessary."]
{{endif}}
late_commands:
maas: [wget, '--no-proxy', {{node_disable_pxe_url|escape.json}}, '--post-data', {{node_disable_pxe_data|escape.json}}, '-O', '/dev/null']
{{if third_party_drivers and driver}}
{{if driver['key_binary'] and driver['repository'] and driver['package']}}
driver_00_key_get: curtin in-target -- sh -c "/bin/echo -en '{{key_string}}' > /tmp/maas-{{driver['package']}}.gpg"
driver_02_key_add: ["curtin", "in-target", "--", "apt-key", "add", "/tmp/maas-{{driver['package']}}.gpg"]
{{endif}}
{{if driver['repository']}}
driver_03_add: ["curtin", "in-target", "--", "add-apt-repository", "-y", "deb {{driver['repository']}} {{node.get_distro_series()}} main"]
{{endif}}
driver_04_update_install: ["curtin", "in-target", "--", "apt-get", "update", "--quiet"]
{{if driver['package']}}
driver_05_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{driver['package']}}"]
{{endif}}
driver_06_depmod: ["curtin", "in-target", "--", "depmod"]
driver_07_update_initramfs: ["curtin", "in-target", "--", "update-initramfs", "-u"]
{{endif}}
Any suggestions?