We have a landscape server here from which we obtain FIPS code and updates. I want to add all of this during the autoinstall, in the late-commands section. But, I seem to be triggering something as this causes the installation to go interactive. Here's the relevant section:
- ['curtin', 'in-target', '--target=/target', '--', 'bash', '-c', 'echo "deb http://dmz-landscape.domain.com/repository/standalone/esm focal-infra-updates main" >> /etc/apt/sources.list']
- ['curtin', 'in-target', '--target=/target', '--', 'bash', '-c', 'echo "deb http://dmz-landscape.domain.com/repository/standalone/esm focal-infra-security main" >> /etc/apt/sources.list']
- ['curtin', 'in-target', '--target=/target', '--', 'bash', '-c', 'echo "deb http://dmz-landscape.domain.com/repository/standalone/fips-updates focal-updates main" >> /etc/apt/sources.list']
- ['curtin', 'in-target', '--target=/target', '--', 'wget', '-O', '/etc/apt/trusted.gpg.d/our-landscape-cert.gpg', 'http://server.domain.com/media/our-landscape-cert.asc.gpg']
- ['curtin', 'in-target', '--target=/target', '--', 'bash', '-c', 'echo '\''Dir::Etc::trustedparts "/etc/apt/trusted.gpg.d/";'\'' > /etc/apt/apt.conf.d/51trustedparts']
- ['curtin', 'in-target', '--target=/target', '--', 'apt-get', 'update']
- ['curtin', 'in-target', '--target=/target', '--', 'apt-get', 'install', '-y', 'linux-tools-fips', 'ubuntu-fips']
I have tried multiple variations using quotes around the Dir::Etc::trustedparts to no avail; this part seeming necessary to get the apt process to trust the key. The key I'm importing is de-armored.
I removed those latter steps after importing the key and the autoinstall works.
Any feedback on how to fix this would be appreciated.
