packer/scylla_install_image: update gpg key inisde the image

[yaronkaikov]

Following the changes in 23bc340, it seems i missed a place for the gpg key replacement

adding it so we can run apt-get update inside our images

Fixes: https://github.com/scylladb/scylla-pkg/issues/4255

[yaronkaikov]

Verified with https://jenkins.scylladb.com/job/scylla-master/job/releng-testing/job/next-machine-image/370/ (https://jenkins.scylladb.com/job/scylla-master/job/releng-testing/job/artifacts/job/artifacts-ami-arm-test/46/ failed due unrelated failure, re-run was ok)

Also created an instance based on the AMI that was created and verified apt-get update works

[yaronkaikov@london]~/git/scylla-machine-image (update-gpg-key-inside-iamge)$ ssh [email protected]
The authenticity of host '44.198.164.138 (44.198.164.138)' can't be established.
ED25519 key fingerprint is SHA256:vZdvYP52A5NSd+4rxZ+z6BNmuc7jbzSjX6o0fj+Qpd0.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '44.198.164.138' (ED25519) to the list of known hosts.
Welcome to Ubuntu 24.04 LTS (GNU/Linux 6.8.0-1012-aws x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/pro

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.


   _____            _ _       _____  ____  
  / ____|          | | |     |  __ \|  _ \ 
 | (___   ___ _   _| | | __ _| |  | | |_) |
  \___ \ / __| | | | | |/ _` | |  | |  _ < 
  ____) | (__| |_| | | | (_| | |__| | |_) |
 |_____/ \___|\__, |_|_|\__,_|_____/|____/ 
               __/ |                       
              |___/                        

Version:
        6.2.0~dev-0.20240804.0660675387dd
Nodetool:
        nodetool help
CQL Shell:
        cqlsh
More documentation available at: 
        https://docs.scylladb.com/
By default, Scylla sends certain information about this node to a data collection server. For more details, see https://www.scylladb.com/privacy/

    Scylla is starting...

Please wait for Scylla startup to finish. To see its status, run 
 'systemctl status scylla-server'

This EC2 instance is optimized for Scylla.

scyllaadm@ip-10-0-1-91:~$ sudo apt-get update
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease                  
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease                
Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease                                            
Hit:5 https://downloads.scylladb.com/testing/unstable/scylla/master/deb/unified/next-machine-image/2024-08-04T17:29:46Z/scylladb-master stable InRelease
Reading package lists... Done                          

[soyacz]

LGTM

Is there a way to prevent this in the future?
Some kind of unit test, or just one place to update these keys?

[yaronkaikov]

LGTM

Is there a way to prevent this in the future? Some kind of unit test, or just one place to update these keys?

We should, and we plan

For now we are following the procedure in https://github.com/scylladb/scylla-pkg/wiki/GPG---keys-lifecycle-and-setup , i have made it more clear for next time (it was my first time :-) )