From 30a851c9a47dd49beaf0fd2dcc9c878a9b87ec0f Mon Sep 17 00:00:00 2001
From: Maxime Robert <maxime.robert@smile.fr>
Date: Mon, 3 Apr 2023 12:13:42 +0200
Subject: [PATCH] Update new repository signing key:
 https://www.jenkins.io/blog/2023/03/27/repository-signing-keys-changing/

---
 tasks/apt/install.yml | 20 +++++++++++++++-----
 tasks/yum/install.yml |  2 +-
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/tasks/apt/install.yml b/tasks/apt/install.yml
index 2a97063..2362ac1 100644
--- a/tasks/apt/install.yml
+++ b/tasks/apt/install.yml
@@ -61,15 +61,25 @@
   ignore_errors: true
   changed_when: false
 
-- name: Add Jenkins key
+- name: Remove old Jenkins repository
+  apt_repository:
+    repo: 'deb https://pkg.jenkins.io/debian-stable binary/'
+    state: absent
+- name: Remove old Jenkins key
   apt_key:
     url: "https://pkg.jenkins.io/debian-stable/jenkins.io.key"
-    state: present
+    state: absent
 
 - name: Add Jenkins repository
-  apt_repository:
-    repo: 'deb https://pkg.jenkins.io/debian-stable binary/'
-    state: present
+  block:
+    - name: Add Jenkins key
+      get_url:
+        url: "https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key"
+        dest: /usr/share/keyrings/jenkins-keyring.asc
+    - name: Add Jenkins repository
+      apt_repository:
+        repo: 'deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian-stable binary/'
+        state: present
 
 - name: Install Jenkins binary package
   apt:
diff --git a/tasks/yum/install.yml b/tasks/yum/install.yml
index cb452d7..87366cd 100644
--- a/tasks/yum/install.yml
+++ b/tasks/yum/install.yml
@@ -31,7 +31,7 @@
     dest: "/etc/yum.repos.d/jenkins.repo"
 
 - name: "Import Jenkins key"
-  command: "rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key"
+  command: "rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key"
   changed_when: false
 
 - name: "Install Jenkins"