=== vrubiolo1 is now known as vrubiolo
amansi26blackboxsw: I have raised a pull request https://github.com/canonical/cloud-init/pull/584 for contributing PowerVM specific modules. Can you review the code? I am first time contributor. I am not able to add reviewer to the PR.14:07
blackboxsw+1 amansi26 I'll check that out today.15:10
blackboxswlooks like smoser got a first pass on it too15:10
amansi26Working on those comments from smoser15:11
blackboxswamansi26: thanks for starting this upstream for config modules. I think we'll have a couple of iterations on it to align it with how some of the other config modules behave.15:15
meenablackboxsw: it's been merged16:02
blackboxsw+1 meena16:28
blackboxswthanks again for attending the summit this year. it was super helpful16:28
blackboxswthanks all who attended the virtual cloud-init summit this year. It felt useful to reconnect for discussion and "face" time16:29
Odd_Blokeananke: I'm reading apt-key's manpage again, and on buster it says "Instead of using this command a keyring should be placed directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive name and either "gpg" or "asc" as file extension."  Were you using .asc as the file extension when trying to put ASCII-armored keys there?16:31
anankeOdd_Bloke: yes, I've tried both .gpg and .asc, neither of them seemed to work16:44
Odd_BlokeHmm, interesting.16:45
anankeon a side note, apt-key appears to be deprecated for the most part16:45
Odd_BlokeYeah, it is 100% deprecated.16:46
Odd_BlokeWe need to move off of it, for sure.16:46
anankeso while using the original key with apt-key 'add' command would work (I've tested it), but that also requires gnupg16:46
anankethe result is added to the main keyring16:47
anankeso my current approach is to use write_file module, where the contents is populated by the following:16:47
anankewget -q -O - https://deb.parrotsec.org/parrot/misc/parrotsec.gpg | gpg --no-default-keyring --keyring ./tempfile.gpg --import16:47
anankegpg --no-default-keyring --keyring ./tempfile.gpg --export | gzip | base6416:47
anankethis exports the keyring in format that's accepted by apt, and can be dropped into /etc/apt/trusted.gpg.d/16:48
Odd_BlokeBut it's broken in Debian because gnupg isn't present; if we need to convert given keys to a specific format for trusted.gpg.d then we need gnupg regardless and dropping apt-key usage won't help us with that.16:48
anankethe nasty side effect of my current approach is the user-data limit imposed by AWS. I keep having to trim comments/etc, and moving code to external scripts16:49
Odd_Blokeananke: Can you give me a sources.list.d snippet and a package that's reliably installable from the third-party repo you're configuring, so I can play around a bit locally?17:08
anankeOdd_Bloke: sure thing, here is a trimmed sample: https://dpaste.com/A2ZF5HHW617:53
anankethis is fed to the official debian 10.5 AMI17:53
Odd_Blokeananke: Hmm, I'm not using an AMI but I don't see certificate issues but do see "Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown.  Could not handshake: Error in the certificate verification. [IP: 443]"18:36
Odd_BlokeThis is using apt directly, not via cloud-init.18:36
anankeOdd_Bloke: have you imported the key?19:14
anankethe two lines earlier should work on vanilla debian, second line can be simply: gpg --no-default-keyring --keyring ./tempfile.gpg --export > /etc/apt/trusted.gpg.d/parrotos.gpg19:15
ayyveeHello all! I'm running into a situation in a cloud-config a command in our `runcmd` block is erroring out but the config script continues to run and because the last command in the block exits with a zero exit code, cloud-init thinks that the script passed! Any advice on this front?19:59
Odd_Blokeayyvee: You could add `set -e` to your script, which would cause it to exit if any command (or, rather, pipeline) exits non-zero.20:05
Odd_BlokeNote that you may discover that other things in your script exit non-zero which you don't want to be fatal; you'll either want to address the reason those are exiting non-zero, or ensure that the pipeline exits zero by appending `|| true`20:06
ayyveeCan you do that in ` #cloud-config` file? Or do you just add `set -e` as the first entry in the list after `runcmd`?20:14
Odd_Blokeayyvee: Ah, apologies, I think I misunderstood your question!  Are you able to pastebin (http://paste.ubuntu.com) your cloud-config?20:16
ayyveeOdd_Bloke lmk if i should provide anything else21:02
rharperayyvee: runcmd is converted into a single shell script;, you can see the output by looking at /var/lib/cloud/instance/scripts/runcmd  ;21:16
rharperayyvee: to your point;  I believe if you add the set -e ; then it should exit on error rather than running to completion;21:17
rharperayyvee:  https://paste.ubuntu.com/p/BKyGjfK4RY/21:21
ayyveeah! excellent thank you all!21:26
ayyveevery helpful :)21:26

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!