Import gpg keys for mirroring into local keyring

We need the gpg signing keys for the upstream repos in root's keyring.
Fuel uses golja-gnupg for importing keys - so seems like a good thing
for us to use too.

Change-Id: I343be9397ba53f494485d1ff0f1e1e4c96c0273f

modules.env

@@ -56,6 +56,7 @@ SOURCE_MODULES["https://github.com/biemond/biemond-wildfly"]="v0.4.0"
 SOURCE_MODULES["https://github.com/duritong/puppet-sysctl"]="v0.0.11"
 SOURCE_MODULES["https://github.com/jfryman/puppet-selinux"]="v0.2.5"
 SOURCE_MODULES["https://github.com/maestrodev/puppet-wget"]="v1.6.0"
+SOURCE_MODULES["https://github.com/n1tr0g/golja-gnupg"]="1.2.2"
 SOURCE_MODULES["https://github.com/nanliu/puppet-staging"]="1.0.0"
 SOURCE_MODULES["https://github.com/puppetlabs/puppetlabs-apache"]="b9f630a60811694916ecf8758103d4bca2ac6038"
 SOURCE_MODULES["https://github.com/puppetlabs/puppetlabs-apt"]="2.1.0"

modules/openstack_project/files/reprepro/updates

@@ -20,7 +20,7 @@ Components: main non-free contrib
 UDebComponents: main
 Architectures: amd64
 GetInRelease: no
-VerifyRelease: 55BE302B
+VerifyRelease: 2B90D010
 
 Name: debian-security
 Method: http://security.debian.org/
@@ -28,4 +28,4 @@ Components: main non-free contrib
 UDebComponents: main
 Architectures: amd64
 GetInRelease: no
-VerifyRelease: 55BE302B
+VerifyRelease: 2B90D010

modules/openstack_project/manifests/mirror_update.pp

@@ -86,7 +86,17 @@ class openstack_project::mirror_update (
        File['/usr/local/bin/reprepro-mirror-update'],
        File['/etc/afsadmin.keytab'],
        File['/etc/reprepro.keytab'],
-       Class['::openstack_project::reprepro']
+       Class['::openstack_project::reprepro'],
     ]
   }
+
+  include ::gnupg
+
+  gnupg_key { 'Ubuntu Archive':
+    ensure     => present,
+    key_id     => '40976EAF437D05B5',
+    user       => 'root',
+    key_server => 'hkp://keyserver.ubuntu.com',
+    key_type   => 'public',
+  }
 }