Workaround for broken pgp signature on es 1.7.6 debian repo

I just tried to rebuild some AMIs for our very outdated 1.7 cluster and discovered that our ansible scripts now fail with a signature error on the elastic repo which used to work as documented here:

The error I'm getting is:

==> null: W: GPG error: stable Release: The following signatures were invalid: 46095ACC8548582C1A2699A9D27D666CD88E42B4
==> null: E: The repository ' stable Release' is not signed.

To work around this, I simply curled the package and used dpkg -i to install it.

curl -L -O
dpkg -i elasticsearch-1.7.6.deb

If anyone has a better solution for this, I'd be interested to know. Any Elastic people reading this, please update the documentation for this or fix the signature; probably there are some more people getting stuck on this. Also, I think this may affect other packages as well.

For reference, here's my ansible code with the old way of installing commented out.

  # - name: Install es add-apt-repostory
  #   become: yes
  #   apt: name=software-properties-common state=latest
  # - name: Add es apt key
  #   become: yes
  #   apt_key: url= state=present
  # - name: Add es Repository
  #   become: yes
  #   apt_repository: repo='deb stable main' state=present
  # - name: Install ES 1.7.x
  #   become: yes
  #   apt: name=elasticsearch state=present allow-unauthenticated=true
  # NOTE official repo signature no longer works so working around it by installing using dpkg; should be the same package as before
  - name: download es deb package
      dest: /tmp/elasticsearch-1.7.6.deb
  - name: install the es deb
    shell: dpkg -i /tmp/elasticsearch-1.7.6.deb

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.