TASK: [geerlingguy.repo-epel | Install EPEL repo.] ****************************
fatal: [ec2-54-237-72-83.compute-1.amazonaws.com] => One or more undefined variables: 'dict object' has no attribute u'NA'

Recently added this to a project, appears the default config may no longer be valid? I get the following error:

fatal: [127.0.0.1]: FAILED! => changed=false 
  attempts: 5
  msg: 'failed to fetch key at https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-2 , error was: HTTP Error 404: Not Found'

Looking at https://dl.fedoraproject.org/pub/epel/ it appears there is a GPG key for 4-7, but nothing for 1-3.

TASK [geerlingguy.repo-epel : Import EPEL GPG key.] ****************************
Thursday 04 February 2021 12:04:54 +0000 (0:00:00.556) 0:02:09.191 *****
�[1;30mFAILED - RETRYING: Import EPEL GPG key. (5 retries left).�[0m
�[1;30mFAILED - RETRYING: Import EPEL GPG key. (4 retries left).�[0m
�[1;30mFAILED - RETRYING: Import EPEL GPG key. (3 retries left).�[0m
�[1;30mFAILED - RETRYING: Import EPEL GPG key. (2 retries left).�[0m
�[1;30mFAILED - RETRYING: Import EPEL GPG key. (1 retries left).�[0m
�[0;31mfatal: [i-0301e3f7*********]: FAILED! => {"attempts": 5, "changed": false, "msg": "error: cannot open Packages index using db5 - Permission denied (13)\nerror: cannot open Packages database in /var/lib/rpm\nerror: /tmp/tmpNqccQQ: key 1 import failed.\n"}�[0m

It's version 3.0.0 of geerlingguy.repo-epel

Tested the epel_repo_gpg_key_url variable which shows:
"https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7"

Tested it's valid too:
curl https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 | wc -l
29

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.9 (Maipo)

Host; Centos 7.6
Ansible: 2.9.1

Guest; Centos 7.7

If I run yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm it installs fine. Any ideas how to fix this?

There appears to be a change in loop conditionals in Ansible 2.5 - ansible/ansible#37980

The install of the epel package works but the conditional fails, leading to retries and eventually a failure of the task.

Changing this line should resolve - https://github.com/geerlingguy/ansible-role-repo-epel/blob/master/tasks/main.yml#L11

the docker centos7 image has already installed epel. Therefore, travis-ci does not check the playbook and idempotence correctly.

https://travis-ci.org/geerlingguy/ansible-role-repo-epel/jobs/244234385

Checking Ansible playbook syntax.
playbook: /etc/ansible/roles/role_under_test/tests/test.yml
Running command: docker exec 1497798189 env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml
PLAY [all] *********************************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [role_under_test : Check if EPEL repo is already configured.] *************
ok: [localhost]
TASK [role_under_test : Install EPEL repo.] ************************************
skipping: [localhost]
TASK [role_under_test : Import EPEL GPG key.] **********************************
skipping: [localhost]
PLAY RECAP *********************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=0

I often enough get the following error on the first try, but then it succeeds on the second try. However, this behavior is inconsistent as many times it will succeed on the first try. I've reproduced the issue on the same base machine (a vagrant box), but again, inconsistently. Its not only happening intermittently on vagrant boxes, because its happened on VM's as well.

=> {"changed": false, "failed": true, "rc": 1}
msg: Package at http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm could not be installed
FATAL: all hosts have already failed -- aborting

My guess is that it happens when there is a network issue - which leads me to wonder if we could add a delay/retries (assuming others have seen this issue).

Tried to run one of my ansible scripts today that uses this role and it failed because it couldn't find the epel-release rpm. I noticed the official fedora epel wiki directs people to https://dl.fedoraproject.org now instead of http://download.fedoraproject.org. I changed it and everything is working as it should again.

When installing epel-repo using this role.

I've traced the issue to the "Install EPEL repo." task. It appears that with CentOS 8 it hangs when asking to trust the GPG key.
Disabiling the gpg check is a workaround for this issue.

Tested using fresh rebuilt CentOS 8 host on DigitalOcean

TASK [repo-epel : Install EPEL repo.] ********************************************************************************************************************************************************
fatal: [192.168.0.50]: FAILED! => {"msg": "The conditional check 'result.rc == 0' failed. The error was: error while evaluating conditional (result.rc == 0): 'dict object' has no attribute 'rc'"}

I have a weird use case where I need to use this role to install and enable the epel repo, install stuff and then disable the repo during a molecule prepare step.

In the actual playbook I also want to use this role to enable the epel repo even if it's been disabled (enabled=0). But there's no way to do that with this role. The only thing I can do is delete the epel file out of the repos config directory in /etc/yum

Perhaps this line https://github.com/geerlingguy/ansible-role-repo-epel/blob/master/tasks/main.yml#L33 should be something along the lines of:

value: "{{ 0 if epel_repo_disable | bool else 1 }}"

and remove https://github.com/geerlingguy/ansible-role-repo-epel/blob/master/tasks/main.yml#L35 ?

Actually, epel main repo is enabled by installation.
Ability to disable it globally would be useful.
PR will come.

Hey there!

Just wondering if there was a plan to include support for EL9? Thanks!

Code checks only if file exists:
- name: Check if EPEL repo is already configured. stat: path={{ epel_repofile_path }} register: epel_repofile_result
But sometimes (for example, on Amazon Linux distro) it exists but not enabled.
Can be solved maybe this way.

Seems that the default key is not valid anymore, maybe is related with the latest changes.
Happens on Centos7 using ansible 2.9.6.
`

`

Hi

• http://dl.fedoraproject.org/pub/epel/epel-release-latest-5.noarch.rpm
• http://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
• http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Also note that CentOS already ships with EPEL repo rpm. yum install epel-release should work

Hi everyone. As I know, now ini_file is an external module that contains in community.general collection. So if I correctly understand, we need to use community.general.ini_file and add community.general collection requirements.

The use of ansible_check_mode means that a later version of Ansible is required (2.1+). On the galaxy page it says 1.8 and later will work.

Just a heads-up really and not an issue:
On my CentOS release 5.11 (Final) the key in /etc/pki/rpm-gpg/ is 'RPM-GPG-KEY-EPEL' and not 'RPM-GPG-KEY-EPEL-5'

I'll add a different epel_repo_gpg_key_url to the vars of my centos5 hosts.

Using geerlingguy/docker-ubi8-ansible:latest I am getting:

    TASK [geerlingguy.repo-epel : Check if EPEL repo is already configured.] *******
    Thursday 24 September 2020  11:07:41 +0200 (0:00:04.626)       0:00:15.583 ****
    ok: [rhel8]

    TASK [geerlingguy.repo-epel : Import EPEL GPG key.] ****************************
    Thursday 24 September 2020  11:07:45 +0200 (0:00:04.745)       0:00:20.329 ****
fatal: [rhel8]: FAILED! => changed=false
  msg: Not a valid key /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

[root@rhel8 /]# ls /etc/pki/rpm-gpg/
RPM-GPG-KEY-redhat-beta  RPM-GPG-KEY-redhat-release

It would looks like the EPEL key is only available by default on Centos and not rhel/ubi ?

if /etc/yum.repos.d/epel.repo or /etc/yum.repos.d/epel-testing.repo removed.

This playbook is unable to re-generate the files.

In Travis, it looks like whatever Docker is used for CentOS 8, 7, and 6 already has EPEL:

    TASK [geerlingguy.repo-epel : Check if EPEL repo is already configured.] *******
    ok: [instance]
    
    TASK [geerlingguy.repo-epel : Import EPEL GPG key with fingerprint safety check (ansible >= 2.9).] ***
    skipping: [instance]
    
    TASK [geerlingguy.repo-epel : Import EPEL GPG key (ansible < 2.9).] ************
    skipping: [instance]
    
    TASK [geerlingguy.repo-epel : Install EPEL repo.] ******************************
    skipping: [instance]
    
    TASK [geerlingguy.repo-epel : Disable Main EPEL repo.] *************************
    skipping: [instance]

So, we might need a different docker image or remove EPEL in a molecule prepare playbook.

Per the advice here: https://fedoraproject.org/wiki/EPEL

on CentOS 8 it is recommended to also enable the PowerTools repository since EPEL packages may depend on packages from it: dnf config-manager --set-enabled PowerTools

If I'm reading the Travis output correctly, the tests aren't actually getting to try installing the EPEL repo because the Docker image already has it. The step to install EPEL is skipped on the initial and idempotence re-run.

https://travis-ci.org/geerlingguy/ansible-role-repo-epel/jobs/369346957