Skip to content

update GPG key #1566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 9, 2024
Merged

update GPG key #1566

merged 3 commits into from
Jan 9, 2024

Conversation

vaol
Copy link
Contributor

@vaol vaol commented Jan 4, 2024
edited
Loading

Summary

Provide a detailed description of all the changes present in this pull request.

Additional Context

Add any additional context about the problem here.

  • Root cause and the steps to reproduce. (If applicable)
  • Thought process behind the implementation.

Related Issues (if any)

Mention any related issues or pull requests.

Checklist

  • 🟢 Spec tests.
  • 🟢 Acceptance tests.
  • Manually verified. (For example puppet apply)

@CLAassistant
Copy link

CLAassistant commented Jan 4, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@vaol vaol mentioned this pull request Jan 4, 2024
Closed
donoghuc
donoghuc previously approved these changes Jan 4, 2024
View reviewed changes
@jonathannewman
Copy link

I'm seeing issues locally when trying to install:

[root@stunning-snort tmp]# puppet apply --execute "class { 'postgresql::globals': manage_package_repo => true, version=> '14' } class { 'postgresql::server':}"
Notice: Compiled catalog for stunning-snort.delivery.puppetlabs.net in environment production in 0.36 seconds
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14]/ensure: defined content as '{sha256}39b300676137bd3b801fa4cae9c7d2daf35d5cc61fcef26580eda69b1ac45d20'
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common]/ensure: defined content as '{sha256}a18e7cea1aa78189e36f28ca9ebf293826a407a923a75ab4a6ecbc9ad5217f49'
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/Yumrepo[yum.postgresql.org]/ensure: created
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/Yumrepo[pgdg-common]/ensure: created
Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install postgresql14-server' returned 1: warning: /var/cache/yum/x86_64/7/yum.postgresql.org/packages/postgresql14-libs-14.10-1PGDG.rhel7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 73e3b907: NOKEY
Public key for postgresql14-libs-14.10-1PGDG.rhel7.x86_64.rpm is not installed
Importing GPG key 0x08B40D20:
 Userid     : "PostgreSQL RPM Repository <[email protected]>"
 Fingerprint: d4bf 08ae 67a0 b4c7 a1db ccd2 40bc a2b4 08b4 0d20
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14


Public key for postgresql14-server-14.10-1PGDG.rhel7.x86_64.rpm is not installed


 Failing package is: postgresql14-server-14.10-1PGDG.rhel7.x86_64
 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14
Error: /Stage[main]/Postgresql::Server::Install/Package[postgresql-server]/ensure: change from 'purged' to 'present' failed: Execution of '/usr/bin/yum -d 0 -e 0 -y install postgresql14-server' returned 1: warning: /var/cache/yum/x86_64/7/yum.postgresql.org/packages/postgresql14-libs-14.10-1PGDG.rhel7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 73e3b907: NOKEY
Public key for postgresql14-libs-14.10-1PGDG.rhel7.x86_64.rpm is not installed
Importing GPG key 0x08B40D20:
 Userid     : "PostgreSQL RPM Repository <[email protected]>"
 Fingerprint: d4bf 08ae 67a0 b4c7 a1db ccd2 40bc a2b4 08b4 0d20
 From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14


Public key for postgresql14-server-14.10-1PGDG.rhel7.x86_64.rpm is not installed


 Failing package is: postgresql14-server-14.10-1PGDG.rhel7.x86_64
 GPG Keys are configured as: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14
Notice: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/File[/var/lib/pgsql/14/data]: Dependency Package[postgresql-server] has failures: true
Warning: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/File[/var/lib/pgsql/14/data]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/Exec[postgresql_initdb_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/File[/var/lib/pgsql/14/data/postgresql.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/Concat_file[/var/lib/pgsql/14/data/pg_hba.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/File[/var/lib/pgsql/14/data/pg_hba.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/Concat_fragment[/var/lib/pgsql/14/data/pg_hba.conf_header]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[port_for_instance_main]/Postgresql_conf[port_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[password_encryption_for_instance_main]/Postgresql_conf[password_encryption_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[data_directory_for_instance_main]/Postgresql_conf[data_directory_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/Concat_file[/var/lib/pgsql/14/data/pg_ident.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/File[/var/lib/pgsql/14/data/pg_ident.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/Concat_fragment[/var/lib/pgsql/14/data/pg_ident.conf_header]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[local access as postgres user for instance main]/Concat::Fragment[pg_hba_rule_local access as postgres user for instance main]/Concat_fragment[pg_hba_rule_local access as postgres user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[local access to database with same name for instance main]/Concat::Fragment[pg_hba_rule_local access to database with same name for instance main]/Concat_fragment[pg_hba_rule_local access to database with same name for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow localhost TCP access to postgresql user for instance main]/Concat::Fragment[pg_hba_rule_allow localhost TCP access to postgresql user for instance main]/Concat_fragment[pg_hba_rule_allow localhost TCP access to postgresql user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[deny access to postgresql user for instance main]/Concat::Fragment[pg_hba_rule_deny access to postgresql user for instance main]/Concat_fragment[pg_hba_rule_deny access to postgresql user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow access to all users for instance main]/Concat::Fragment[pg_hba_rule_allow access to all users for instance main]/Concat_fragment[pg_hba_rule_allow access to all users for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow access to ipv6 localhost for instance main]/Concat::Fragment[pg_hba_rule_allow access to ipv6 localhost for instance main]/Concat_fragment[pg_hba_rule_allow access to ipv6 localhost for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/File[/etc/systemd/system/postgresql-14.service.d]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/File[/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/Systemd::Daemon_reload[postgresql-14.service]/Exec[systemd-postgresql-14.service-systemctl-daemon-reload]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Anchor[postgresql::server::service::begin::main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Service[postgresqld_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Postgresql_conn_validator[validate_service_is_running_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Anchor[postgresql::server::service::end::main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Reload/Postgresql::Server::Instance::Reload[main]/Exec[postgresql_reload_main]: Skipping because of failed dependencies
Notice: Applied catalog in 6.57 seconds

[root@stunning-snort tmp]# cat  /etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBGWBr8EBDAC+atC3Hl2yKkFg0F4tDg4ABCTvvhgMn7g7oZ0vJqpaUAwUgijU
+jLXH8qVSkyhk2eruSXlbj4dIMHhsbRQ1wUnd+tb8pZPdRaBFR9MzFMjvDzobAlZ
RH6cUbgm2EdAHrrZFVQJuIb6SRzQzkk4QEWTkWP6CHzvxnlVpkI7T1yjsJnmLefN
TT/J+r0gxC1DRXOKwSMmWUCzYcRXiv/RZcp+IwM04e5BXOj6xoLIpAwhSGZ0LR6b
dwliBpMSFuVyXFIu+7AS2M8tEO1cGK+ywDhg7TriMc/rgjZjeu11WusXFwbvEUeM
FIYM9oXQlAlWDIob85YcGtNXV4EVGovQ2nFd4Ivl9OYq+HixAhWBLulkEAUREKq8
uXV8HDjxOfYa8VhczphvkCLr5UEMzXmC2eDc6nCH2hveAqSVLnFNkhtExvVOPRBB
gRsviaGWvdOA3eNeEofHX9YWtSzM43tWABKUzI/oTMcdFJlkJ465bvh4p7KyHDth
5I46iBUZmfP4RckAEQEAAbQ+UG9zdGdyZVNRTCBSUE0gUmVwb3NpdG9yeSA8cGdz
cWwtcGtnLXl1bUBsaXN0cy5wb3N0Z3Jlc3FsLm9yZz6JAdIEEwEIADwWIQTUvwiu
Z6C0x6HbzNJAvKK0CLQNIAUCZYGvwQIbAwULCQgHAgMiAgEGFQoJCAsCBBYCAwEC
HgcCF4AACgkQQLyitAi0DSBwkwwAvE1vGNMiP8Qvqvpk5otuJOvz5meELUwmhT60
IOWNr9RMroKfb27mnc5RHlOmMk/0SPyboFX9qtOdwFUq3cYbjsP+bqI9vuQuQ4Gz
siLIvSZPtQrdtUP8wdndndeKNpDIvRdYwvaPfIrBxxCSslB8iuCtjbyCl2rzlika
sCOWi7oTwuNB4eKHCRt9oh7NHFas92bF2JiaR7hvmXlCU058/lnR+jXCp/NWiGfE
QV37xAu/ssRH5MykGweEzQ3mX2EKppdKmmoOaJsTfS7UNujeZQqo1uqZg9yRHgwf
PaquIwgdXBY6JkMUM4Zhn7QkP5ssD6g+GzWe2UAMN+K8Xe3QwEMfp9AF7sEEM/Zp
+p5m7D1GlOho/m9juxcRa5r7VfvCFL05uyXdDoefOCFal/pDmwvZofK+pqtDZfKt
+AnF/Y6Z3ewvJ0ZRNBX/0Iw30uJusDIgkXaHwxEeDOnlKi8jVyBCMr1In2QKrb1+
N9PR5P5ZKKq40WNvbiPfoUeKwKKSuQGNBGWBr8EBDAD1nXgbf+Qki5Z0H2k0xLbI
GYhxnousjVlrWcxOTYqVilSvBig7RKuVFGt0D3yuBWrAS7+MCUvpuCshHcc+w97G
iWmRskIHqZoD26kkU8PhgYayyArqepZp50ALIdOhedOp9b/NUkSPEL4BJow9H8Lp
a28WEXpHZcam43RDMzLMUvJBWem474APx5674EZYX+994lT2cNSAFrnJK956lKmc
ZdzzKuMTcIVGyRF6+KXCmScLAyQks8lHuTJb+AA4eseZnbOsnwnA1xuVfYIfMF/F
bLlR7vl5Autmgnz1SdCaUqIp4MO54GZOgh4MjVadsxIWj8H0cN3uTfukuW4A0+dP
d0YrOKb52Mnejh7x39qWIsMtT8DgcufGcVsuVhC/5LCiHB3pB73J9SMxBafcyGyK
XfLFL5FoDkKTU5KkBfqMQ4k//27mLbJ4kWxHHtNsvnn/6a5m7rRYxFD4dxBWn1CU
BpMjf3m9B3xLc7lKlQZiLLNC7p15gHS51yMvCGxCaHcAEQEAAYkBtgQYAQgAIBYh
BNS/CK5noLTHodvM0kC8orQItA0gBQJlga/BAhsMAAoJEEC8orQItA0guy0L/1ze
AHxV8pxPawOIlgDWoALLb/tqvmG+yz8SN5IWDfvMkMW5kbVoY8zi9SnJtOHVULBC
sdiYN4Dn/Ox1eLlW50F4Z76RI2r/O9rBlHzUk/jAQOcDDCRWjj4a+pYX9I4atU6e
+qOOzxMBsFD0vK84NYJ6caC0LHR64xWnyvXStkDEPSzgHhAlhdn9oTqbIoXuDhSx
zBVSXyowi+cBL8tNsAH4Zlj0li1Gii6bM4DFseQGhKIiTFbx1HD47DT6Pu0X2PSA
pIuZ47n8rP2uTLCYjtnfpXbMwmVOXWxIojhUqIceF+KRr4vRsspSbMxMKg0yeGka
RfQX29x8baM4mdKVBmU9KQxRgno6lcks14STnawqf6o9nHxKp80VQrcNTsYHlq2B
PGAanK8G4WeYojQWCQHBi73qCoTERMpBG73gpTIr836TBinGZaSZ8I1deUS89Hnw
A62QO1TS57zxMTrstzaawLoCIHTqyJ2VeZrVC1INV4ENnyVsud3NaZtfWuIk7Q==
=Elfg
-----END PGP PUBLIC KEY BLOCK-----

I think that command should work?

@jonathannewman
Copy link

FWIW, issuing rpm -Uvh https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm seems to fix things, which implies to me the keys aren't correct or incomplete?

@vaol
Copy link
Contributor Author

vaol commented Jan 4, 2024 via email

@jonathannewman
Copy link

jonathannewman commented Jan 4, 2024
edited
Loading

Yes, well centos7
Running that command seems to install PGDG-RPM-GPG-KEY-RHEL7 in /etc/pki/rpm-gpg which has this content:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.22 (GNU/Linux)

mQGNBGWBsHEBDACzg9nBu9GXrquREAEVTObf6k3YIWagkv1qlX61dqQpyx8XT36A
+wx9qc7vk1mJoyzjq0gBH/C0ebaJntoCG/rv3j8DP4tQO+CApWN5XqrZJI+vYjRt
bJhrkxUt4fm8dozRykR9GdB05x35XVkzLsPVMqP6EqmBu9i2WgE30LlkPShzHyuf
P4W42zY4JVpKRK4CqLnWX3+PXY2tENYqkARK37j8r4klxIVku9UpE3W7XXIud9Nh
dVOtj0P8/t3mAHLgRjLqaGLVGz4k2b3phzDcG7sDvfwVXMPKDAVY5IymK4yTjeZU
6x3E63pNpQV4KfccHAKFJ++wOQmhfF5H+ViWTytIgyRMKn9eR+715nEZG8suRPSG
GnulJj9sUw6dONmPxCd6gCFQ0BAm/h7Bn8cODdPzJn6h/yMNs7SeH9yv8zlZvJdf
Sb5rTQLaFBaNP5yQ3rHb+gpDno7dwLxcx10qghPSz6TY96nCJNtrlj04P699UR4a
KIK2X6miJMwENE0AEQEAAbQ+UG9zdGdyZVNRTCBSUE0gUmVwb3NpdG9yeSA8cGdz
cWwtcGtnLXl1bUBsaXN0cy5wb3N0Z3Jlc3FsLm9yZz6JAbkEEwECACMFAmWBsHEC
GwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRBk+s4Rc+O5B3MPC/4r2mTL
Oy7kuT48faVqDMovPsezJm//G/ur2dXMGYdr2QyzX1V6YXprtrY90bLt+mt/b/9C
pY0r5vDgI1uDkp5mX0tcCJJlAV8sDMC/r1a1rlh6KFxqRIOq5/hkPSkxHL4XVtdi
GvxgFcOj5vGWuBpmKaL+CeglBFzWFyPQV6+e+eJ4RG7MOOPHUUAODy58uDztSoyP
C8WLZR2vShTA5OZoyWdzwRkHeFMXWdcTw6wwff+sl942cwzkw5XotmkxS3Mpg4PI
IkGWeDvh2AoqjSIiLyAAB6vRhRjGwT+JLzQp0Yn9kfUQwMeCEOESO0mdnxd37WXq
+HvMY1I40J+OCl7XKE0kleWfsuv5/Hk+pHW4KxCHVtMKMpTzOT1Koq0dkx9H51p+
pubZZa5umPnhm9+0SkqotXaaBnxs+MBnQpu98TrJ0eOkpVRWqpkybXbrZKgx+oJN
xNctGxbgFRq3K7QMLGjor8vF5Mg6qTzxM5RwZ7QaT/Msjh8VyUZ6ch7kNcu5AY0E
ZYGwcQEMANOcY0IKEf4sMl3s2FHoZrxnjrX4cDdcS9NNYcYvDG1Y2BXiqEh6A5i1
ZpZQpUZitqXbFsU2GSEjC9IBKMklp0xTNt9lBC/WmlOFrwDgm0ufxMqiE77QlIyr
yVj+6XOMN8EotXF2a8ZxmqbYaG5L7eAqGsDda2ZYCqgwKQUkdXJ7QNq9ikQ31Toj
Qd0zzh1czDwDyj9bZCoPjZiCDZVmK5We87ZYWekDTIq9Wdh0teXzZrLb6UsFCMLO
zZDKlH4+5+zlYHyFvEjTxrrQs2YOkLLMcouRQKe/pR4DwKJvA9mLmofQWAHCH0uv
9SY08RXm+bqoNWwrCmCjdN775wUU9IsDaKXbdtybl6PprAQhwLceXysbr3HmorjV
nvJYujuwQMN6JUavKKLC3zJSDOnBlZBGfoR00QWG5mHSgRxXLNVtaAWAqxrNcofc
wOu0Rr9O89AAePHzvZKXCu6aeWeBfhgKAz+wIjh9VjNFjAFLLVP3nWOIPbjN+Blv
Wy/OXDWFXwARAQABiQGfBBgBAgAJBQJlgbBxAhsMAAoJEGT6zhFz47kHJHcL/A0m
Jme0ERyl2d9z9wfmH4/mJ3lEsSmYRk1y8cQLJ3yXSdD0iYFRDaiLdhuV6CZQQHee
ong6TpGTe1REmmKBSOD6zdCfCcAMsk+SKQHADJD9es0ZleQOpdcVRgnLKGcze2qx
JzS4+0OoNkPg0Wf5pdDlKi0nJIr/t1qLU7TVOWTcUaYhjnrHy8iCWVNvrmm9tPLJ
4dS3OCxdzuTApUQAC26Lo6T0SOIc7COyshuhZe90IK/cRMuDuvf+8TqWBOE2sMJ0
2WNS8In5xWItAfoepmFLSOeWbCHo/yzuVFFI7Oo4DJ5cvKJ+Vo3iAWl8RPsN6iKE
Ocmphnc2clno8y4lSc4NckEbL+teZZyww12kHph5NUDReITO4H/4XGEpq4PATT6P
9aMDQQVK4GpmIZ6pLn+yYOV/ZLkHIcJUBVPjLtds5FOsVEpX4JaMowzk4jT6lp/F
7inS2V/87DcrYMl+NcBm09BZ6M4X1OYEumq7qXKtScmHAfp2yG2A1lJ5RtXrSQ==
=fPP0
-----END PGP PUBLIC KEY BLOCK-----

which seems to have nearly the identical content to the common key in this PR.

Additionally the yum.repos.d has this which implies the common key:

[pgdg-common]
name=PostgreSQL common RPMs $releasever - $basearch
baseurl=https://download.postgresql.org/pub/repos/yum/common/redhat/rhel-$releasever-$basearch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common
repo_gpgcheck=1

@vaol
Copy link
Contributor Author

vaol commented Jan 4, 2024 via email

@jonathannewman
Copy link

Additionally tested on AlmaLinux 8 and redhat 8 and they have issues finding the packages:

[root@swell-ambiguity ~]# puppet apply --execute "class { 'postgresql::globals': manage_package_repo => true, version=> '14' } class { 'postgresql::server':}"
Notice: Compiled catalog for swell-ambiguity.delivery.puppetlabs.net in environment production in 0.35 seconds
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-14]/ensure: defined content as '{sha256}39b300676137bd3b801fa4cae9c7d2daf35d5cc61fcef26580eda69b1ac45d20'
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/File[/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-common]/ensure: defined content as '{sha256}a18e7cea1aa78189e36f28ca9ebf293826a407a923a75ab4a6ecbc9ad5217f49'
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/Yumrepo[yum.postgresql.org]/ensure: created
Notice: /Stage[main]/Postgresql::Repo::Yum_postgresql_org/Yumrepo[pgdg-common]/ensure: created
Error: Execution of '/usr/bin/dnf -d 0 -e 1 -y install postgresql14-server' returned 1: Error: Unable to find a match
Error: /Stage[main]/Postgresql::Server::Install/Package[postgresql-server]/ensure: change from 'purged' to 'present' failed: Execution of '/usr/bin/dnf -d 0 -e 1 -y install postgresql14-server' returned 1: Error: Unable to find a match
Notice: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/File[/var/lib/pgsql/14/data]: Dependency Package[postgresql-server] has failures: true
Warning: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/File[/var/lib/pgsql/14/data]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Initdb/Postgresql::Server::Instance::Initdb[main]/Exec[postgresql_initdb_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/File[/var/lib/pgsql/14/data/postgresql.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/Concat_file[/var/lib/pgsql/14/data/pg_hba.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/File[/var/lib/pgsql/14/data/pg_hba.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_hba.conf]/Concat_fragment[/var/lib/pgsql/14/data/pg_hba.conf_header]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[port_for_instance_main]/Postgresql_conf[port_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[password_encryption_for_instance_main]/Postgresql_conf[password_encryption_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Config_entry[data_directory_for_instance_main]/Postgresql_conf[data_directory_for_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/Concat_file[/var/lib/pgsql/14/data/pg_ident.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/File[/var/lib/pgsql/14/data/pg_ident.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Concat[/var/lib/pgsql/14/data/pg_ident.conf]/Concat_fragment[/var/lib/pgsql/14/data/pg_ident.conf_header]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[local access as postgres user for instance main]/Concat::Fragment[pg_hba_rule_local access as postgres user for instance main]/Concat_fragment[pg_hba_rule_local access as postgres user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[local access to database with same name for instance main]/Concat::Fragment[pg_hba_rule_local access to database with same name for instance main]/Concat_fragment[pg_hba_rule_local access to database with same name for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow localhost TCP access to postgresql user for instance main]/Concat::Fragment[pg_hba_rule_allow localhost TCP access to postgresql user for instance main]/Concat_fragment[pg_hba_rule_allow localhost TCP access to postgresql user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[deny access to postgresql user for instance main]/Concat::Fragment[pg_hba_rule_deny access to postgresql user for instance main]/Concat_fragment[pg_hba_rule_deny access to postgresql user for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow access to all users for instance main]/Concat::Fragment[pg_hba_rule_allow access to all users for instance main]/Concat_fragment[pg_hba_rule_allow access to all users for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Pg_hba_rule[allow access to ipv6 localhost for instance main]/Concat::Fragment[pg_hba_rule_allow access to ipv6 localhost for instance main]/Concat_fragment[pg_hba_rule_allow access to ipv6 localhost for instance main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/File[/etc/systemd/system/postgresql-14.service.d]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/File[/etc/systemd/system/postgresql-14.service.d/postgresql-14.conf]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Config/Postgresql::Server::Instance::Config[main]/Postgresql::Server::Instance::Systemd[main]/Systemd::Dropin_file[postgresql-14.conf]/Systemd::Daemon_reload[postgresql-14.service]/Exec[systemd-postgresql-14.service-systemctl-daemon-reload]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Anchor[postgresql::server::service::begin::main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Service[postgresqld_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Postgresql_conn_validator[validate_service_is_running_instance_main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Service/Postgresql::Server::Instance::Service[main]/Anchor[postgresql::server::service::end::main]: Skipping because of failed dependencies
Warning: /Stage[main]/Postgresql::Server::Reload/Postgresql::Server::Instance::Reload[main]/Exec[postgresql_reload_main]: Skipping because of failed dependencies
Notice: Applied catalog in 9.67 seconds

@jonathannewman
Copy link

jonathannewman commented Jan 4, 2024
edited
Loading

Issuing dnf -qy module disable postgresql on the redhat 8 system prior to installing the module seems to fix the issue with it not being found. Also an issue on AlmaLinux 8.

@ekohl ekohl linked an issue Jan 5, 2024 that may be closed by this pull request
GPG Key no longer valid for RPMS #1565
Closed
@ekohl
Copy link
Collaborator

ekohl commented Jan 5, 2024

Issuing dnf -qy module disable postgresql on the redhat 8 system prior to installing the module seems to fix the issue with it not being found. Also an issue on AlmaLinux 8.

There is code to manage the DNF module:

puppetlabs-postgresql/manifests/globals.pp

Lines 280 to 284 in 0b610d1

if $manage_dnf_module {
class { 'postgresql::dnfmodule':
ensure => $globals_version,
}
}

However, I didn't consider ensuring the DNF module is absent so you can use the package repo. Perhaps the logic needs to be enhanced that if you enable $manage_package_repo then it should also ensure the DNF module is absent (on EL 8 & 9).

@vaol
Copy link
Contributor Author

vaol commented Jan 5, 2024

After checking on CentOS7, Almalinux8 and Almalinux9 it indeed seems that the GPG key is different on RH7 than the others.

I have pushed a new change, with his version I am able to properly install PostgreSQL on both CentOS7 and Almalinux9.

@jonathannewman
Copy link

Confirmed working on centos7. Works on almalinux8 and redhat 8 with the dnf -qy module disable postgresql, otherwise fails with:

Error: Execution of '/usr/bin/dnf -d 0 -e 1 -y install postgresql14-server' returned 1: Error: Unable to find a match: postgresql14-server
Error: /Stage[main]/Postgresql::Server::Install/Package[postgresql-server]/ensure: change from 'purged' to 'present' failed: Execution of '/usr/bin/dnf -d 0 -e 1 -y install postgresql14-server' returned 1: Error: Unable to find a match: postgresql14-server

Seems like that should be a separate issue?

@vchepkov
Copy link

vchepkov commented Jan 7, 2024

imho, module should provide a parameter to override location of the key, this way module users can easily address it via hiera in the future

@Ramesh7
Copy link
Contributor

Ramesh7 commented Jan 8, 2024

Thanks @vaol for raising the PR and @jonathannewman & @donoghuc for validating and review.

I was looking at pipeline failures for CentOS, AlmaLinux and Rocky, the rerun doesn't work as expected so tried locally (CentOS & AlmaLinux) and works fine but here on github actions there are not showing much details.

Checking further.

@Ramesh7
Copy link
Contributor

Ramesh7 commented Jan 8, 2024

Looks like while running test for multi instance postgresql (https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/spec/acceptance/server_instance_spec.rb#L18-L21), the spec trying to stop main postgres service and thats where it hags and keep waiting for service to stop.
Strace :

select(13, [3 12], [], [], {tv_sec=0, tv_usec=100000}) = 0 (Timeout)
wait4(13722, 0x7ffe770650c8, WNOHANG, NULL) = 0

Process 13722 :

root       13722   13564  0 08:09 ?        00:00:00 /bin/systemctl stop -- postgresql

@Ramesh7
Copy link
Contributor

Ramesh7 commented Jan 8, 2024

@vaol can you please rebase the PR?
Once done we should be good to take it forward.

@vaol
Copy link
Contributor Author

vaol commented Jan 8, 2024

Hello, sure, I just did. Let me know if anything else.

@Ramesh7 Ramesh7 merged commit 07ae23f into puppetlabs:main Jan 9, 2024
@donoghuc
Copy link

donoghuc commented Jan 9, 2024

@Ramesh7 is there a new GH issue or puppet ticket tracking this work? #1566 (comment)

@vaol vaol mentioned this pull request Feb 12, 2024
Closed
@geirra geirra mentioned this pull request Feb 16, 2024
Merged
@ekohl ekohl linked an issue Aug 28, 2024 that may be closed by this pull request
GPG Key Outdated on Tag 8.2.1 #1573
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ramesh7 Ramesh7 Ramesh7 approved these changes

@jonathannewman jonathannewman jonathannewman approved these changes

@nmburgan nmburgan nmburgan approved these changes

@donoghuc donoghuc donoghuc left review comments

@alexjfisher alexjfisher Awaiting requested review from alexjfisher alexjfisher is a code owner

@bastelfreak bastelfreak Awaiting requested review from bastelfreak bastelfreak is a code owner

@deric deric Awaiting requested review from deric deric is a code owner

@ekohl ekohl Awaiting requested review from ekohl ekohl is a code owner

@SimonHoenscheid SimonHoenscheid Awaiting requested review from SimonHoenscheid SimonHoenscheid is a code owner

@smortex smortex Awaiting requested review from smortex smortex is a code owner

Assignees
No one assigned
Labels
community maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

GPG Key Outdated on Tag 8.2.1 GPG Key no longer valid for RPMS
9 participants
@vaol @CLAassistant @jonathannewman @ekohl @vchepkov @Ramesh7 @donoghuc @nmburgan @ia-content