update apt sources, add apt keyring gpg

[rdxmb]

fix #149
fix #105

see https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl

[rdxmb]

I've searched for a solution without using the shell module, but all of them were even more ugly ...

Any other ideas for that?

Thanks for your feedback!

(ps. Ok, saving as .asc does not need dearmor, so this will be the way to go)

[rdxmb]

we could set kubernetes_apt_repository to the new one.

[rdxmb]

if there is a safe way to do that with apt_repository, please let me know

[geerlingguy]

This is how I currently solve this: https://www.jeffgeerling.com/blog/2022/aptkey-deprecated-debianubuntu-how-fix-ansible

[rdxmb]

@geerlingguy yes, I have already seen that. However, /etc/apt/trusted.gpg.d/ does not seem to be the recommended way. Most docs recommend to add the signing key explicitly to the source.

The trick seems to be the .asc here, so I will change that.

What about the other stuff with deleting the old source?

[rdxmb]

ready for review.

[geerlingguy]

@rdxmb - I realized my edit to that blog post may have not taken effect; there's a newer/simpler way to do it correctly using Ansible's ansible.builtin.deb822_repository module. This only works in Ansible 2.15+, so the role meta version requirement would need to be bumped too if we go that route. But it seems like that would be the cleanest method.

[rdxmb]

to be honest, I didn't realize the upgrade on your blog post.

Maybe I will have a look at deb822_repository, at the moment this PR works for my environment.

[ndouglas]

I opened a similar PR, #153, because I had a miserable time getting deb822_repository to work for me. I finally did, but I want to make clear that my PR is largely untested (I'm not actually using this project) and there is some cleanup work that needs to be done as part of the migration if you're working with an existing cluster.

[rhino5oh]

@geerlingguy Can we get either this PR in or make some progress on #153? The current repos have been deprecated since August 2023 and this role has been broken in its current state since January 31st...

[geerlingguy]

Merging this for now — I would like to move to deb822_repository at some point of course :)

[rhino5oh]

@geerlingguy Thank you! Can you tag the repo with these changes as well?

[rhino5oh]

I just realized that this PR did not update the yum repository as well, which should have probably be done at the same time. I can try to work up a PR for that....even one that attempts to use deb822_repository, since it looks like #153 doesn't update the yum repo either

[geerlingguy]

@rhino5oh - oh haha, that makes sense, and I would gladly merge a PR updating yum/dnf too!

[geerlingguy]

I've pushed a commit that should hopefully fix yum.