ansible.builtin.apt_repository PPAs and GPG keys
I understand very little about apt and gpg keys, so you're gonna have to talk to me like I'm 2yrs old.
If I follow the instructions on a PPA website, I can add the PPA with the command:
add-apt-repository ppa:blah/blah
That one command downloads the gpg key and puts it in the keyrings folder, and creates a file in /etc/apt/sources.list.d that has the "signed-by" attribute that points to the keyring file.
I now want to do this with ansible. I followed ansible's instructions, and numerous articles written in the last few months, and they say to put an entry:
- name: Add PPA
ansible.builtin.apt_repository:
repo: ppa:blah/blah
state: present
Well it doesn't work. I can see it create the file in /etc/apt/sources.list.d, but it has no "signed-by" attribute in it. No keyring file is created at all. After a while of hanging, ansible finally erases the file it just created in /etc/apt/sources.list.d, and spits out the error:
Failed to update apt cache: unknown reason
Isn't ansible just supposed to (in the background) execute commands as if the user typed them? That is, I can add this PPA and GPG key with the one command above, why is ansible failing at it?
I've come across some instructions that say to have two separate ansible instructions where the first instruction is to download the gpg key to the keyring folder. Well I can't believe that is a solution, because when I go to these PPA websites, they have no links for gpg keys, they only have the above one command (add-apt-repository) that does everything.