From 9b0ebb456ac2993627cbfc876db6f6b5a60da864 Mon Sep 17 00:00:00 2001
From: Mohammed Naser <mnaser@vexxhost.com>
Date: Tue, 31 Jul 2018 15:54:35 -0400
Subject: [PATCH] Import GPG key for NGINX via Ansible

The GPG key for NGINX was added manually therefore YUM would try
to pull it down and fail because the repository cache would not
allow any requests that tried to pull down a GPG key.

This patch adds it via Ansible beforehand that way it doesn't go
through the proxy.

Change-Id: I96ad7f049ab72ce338596ae34362e3a4ca026bb6
---
 tasks/keystone_install.yml | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/tasks/keystone_install.yml b/tasks/keystone_install.yml
index 6cbcd3ca..5669f661 100644
--- a/tasks/keystone_install.yml
+++ b/tasks/keystone_install.yml
@@ -51,12 +51,23 @@
     - ansible_pkg_mgr in ['yum', 'dnf']
     - keystone_sp != {}
 
+- name: Add NGINX repository keys
+  rpm_key:
+    key: "{{ keystone_nginx_gpg_key }}"
+    state: present
+  when:
+    - ansible_pkg_mgr in ['yum', 'dnf']
+    - keystone_web_server == 'nginx'
+  register: add_nginx_key
+  until: add_nginx_key is success
+  retries: 5
+  delay: 2
+
 - name: Add NGINX repository
   yum_repository:
     name: nginx
     description: 'nginx repo'
     baseurl: "{{ keystone_nginx_repo }}"
-    gpgkey: "{{ keystone_nginx_gpg_key }}"
   when:
     - ansible_pkg_mgr in ['yum', 'dnf']
     - keystone_web_server == 'nginx'