From e65050d3f4dcbb5c46034b19e69f459b104a3a40 Mon Sep 17 00:00:00 2001
From: emiran-orange <71817149+emiran-orange@users.noreply.github.com>
Date: Fri, 13 Oct 2023 04:06:04 +0200
Subject: [PATCH] Ability to define GPG key path for Docker APT (#10513)

---
 docs/docker.md                                  | 6 ++++++
 roles/container-engine/docker/defaults/main.yml | 3 +++
 roles/container-engine/docker/tasks/main.yml    | 1 +
 tests/files/packet_debian12-docker.yml          | 1 +
 tests/files/packet_ubuntu22-aio-docker.yml      | 1 +
 5 files changed, 12 insertions(+)

diff --git a/docs/docker.md b/docs/docker.md
index 4cfcb7fe2..b5de70274 100644
--- a/docs/docker.md
+++ b/docs/docker.md
@@ -97,3 +97,9 @@ Adding extra options to pass to the docker daemon:
 ## This string should be exactly as you wish it to appear.
 docker_options: ""
 ```
+
+For Debian based distributions, set the path to store the GPG key to avoid using the default one used in `apt_key` module (e.g. /etc/apt/trusted.gpg)
+
+```yaml
+docker_repo_key_keyring: /etc/apt/trusted.gpg.d/docker.gpg
+```
diff --git a/roles/container-engine/docker/defaults/main.yml b/roles/container-engine/docker/defaults/main.yml
index 91227f91e..e537558c3 100644
--- a/roles/container-engine/docker/defaults/main.yml
+++ b/roles/container-engine/docker/defaults/main.yml
@@ -5,6 +5,9 @@ docker_cli_version: "{{ docker_version }}"
 docker_package_info:
   pkgs:
 
+# Path where to store repo key
+# docker_repo_key_keyring: /etc/apt/trusted.gpg.d/docker.gpg
+
 docker_repo_key_info:
   repo_keys:
 
diff --git a/roles/container-engine/docker/tasks/main.yml b/roles/container-engine/docker/tasks/main.yml
index cf81ce2b1..1fc490b12 100644
--- a/roles/container-engine/docker/tasks/main.yml
+++ b/roles/container-engine/docker/tasks/main.yml
@@ -57,6 +57,7 @@
   apt_key:
     id: "{{ item }}"
     url: "{{ docker_repo_key_info.url }}"
+    keyring: "{{ docker_repo_key_keyring|default(omit) }}"
     state: present
   register: keyserver_task_result
   until: keyserver_task_result is succeeded
diff --git a/tests/files/packet_debian12-docker.yml b/tests/files/packet_debian12-docker.yml
index 5d4ac539f..2a7406103 100644
--- a/tests/files/packet_debian12-docker.yml
+++ b/tests/files/packet_debian12-docker.yml
@@ -7,3 +7,4 @@ mode: default
 container_manager: docker
 etcd_deployment_type: docker
 resolvconf_mode: docker_dns
+docker_repo_key_keyring: /etc/apt/trusted.gpg.d/docker.gpg
diff --git a/tests/files/packet_ubuntu22-aio-docker.yml b/tests/files/packet_ubuntu22-aio-docker.yml
index b78c6b0a4..d0f9e70dc 100644
--- a/tests/files/packet_ubuntu22-aio-docker.yml
+++ b/tests/files/packet_ubuntu22-aio-docker.yml
@@ -15,3 +15,4 @@ enable_nodelocaldns: False
 container_manager: docker
 etcd_deployment_type: docker
 resolvconf_mode: docker_dns
+docker_repo_key_keyring: /etc/apt/trusted.gpg.d/docker.gpg
-- 
GitLab