feat(GPG): import new GPG future key

attributes/default.rb

@@ -181,6 +181,7 @@
 # of the Agent will be signed with this key.
 # DATADOG_RPM_KEY_CURRENT always contains the key that is used to sign repodata and latest packages
 default['datadog']['yumrepo_gpgkey_new_current'] = "#{yum_protocol}://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public"
+default['datadog']['yumrepo_gpgkey_new_4F09D16B'] = "#{yum_protocol}://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public"
 default['datadog']['yumrepo_gpgkey_new_b01082d3'] = "#{yum_protocol}://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public"
 default['datadog']['yumrepo_gpgkey_new_fd4bf915'] = "#{yum_protocol}://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public"
 default['datadog']['yumrepo_gpgkey_new_e09422b3'] = "#{yum_protocol}://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public"

recipes/repository.rb

@@ -31,8 +31,10 @@
 # A2923DFF56EDA6E76E55E492D3A80E30382E94DE expires in 2022
 # D75CEA17048B9ACBF186794B32637D44F14F620E expires in 2032
 # 5F1E256061D813B125E156E8E6266D4AC0962C7D expires in 2028
+# D18886567EABAD8B2D2526900D826EB906462314 expires in 2033
 apt_gpg_keys = {
   'DATADOG_APT_KEY_CURRENT.public'           => 'https://keys.datadoghq.com/DATADOG_APT_KEY_CURRENT.public',
+  'D18886567EABAD8B2D2526900D826EB906462314' => 'https://keys.datadoghq.com/DATADOG_APT_KEY_06462314.public',
   '5F1E256061D813B125E156E8E6266D4AC0962C7D' => 'https://keys.datadoghq.com/DATADOG_APT_KEY_C0962C7D.public',
   'D75CEA17048B9ACBF186794B32637D44F14F620E' => 'https://keys.datadoghq.com/DATADOG_APT_KEY_F14F620E.public',
   'A2923DFF56EDA6E76E55E492D3A80E30382E94DE' => 'https://keys.datadoghq.com/DATADOG_APT_KEY_382E94DE.public',
@@ -47,7 +49,9 @@
 # DATADOG_RPM_KEY_E09422B3.public expires in 2022
 # DATADOG_RPM_KEY_FD4BF915.public expires in 2024
 # DATADOG_RPM_KEY_B01082D3.public expires in 2028
+# DATADOG_RPM_KEY_4F09D16B.public expires in 2033
 rpm_gpg_keys = [['DATADOG_RPM_KEY_CURRENT.public', 'current', ''],
+                ['DATADOG_RPM_KEY_4F09D16B.public', '4F09D16B', '2416 A377 57B1 BB02 68B3  634B 52AF C599 4F09 D16B'],
                 ['DATADOG_RPM_KEY_B01082D3.public', 'b01082d3', '7408 BFD5 6BC5 BF0C 361A  AAE8 5D88 EEA3 B010 82D3'],
                 ['DATADOG_RPM_KEY_FD4BF915.public', 'fd4bf915', 'C655 9B69 0CA8 82F0 23BD  F3F6 3F4D 1729 FD4B F915'],
                 ['DATADOG_RPM_KEY_E09422B3.public', 'e09422b3', 'A4C0 B90D 7443 CF6E 4E8A  A341 F106 8E14 E094 22B3']]

spec/repository_spec.rb

@@ -25,6 +25,8 @@
     # see https://github.com/chefspec/chefspec/issues/541
     expect(chef_run.remote_file('remote_file_DATADOG_APT_KEY_CURRENT.public')).to notify(
       'execute[import apt datadog key DATADOG_APT_KEY_CURRENT.public]').to(:run).immediately
+    expect(chef_run.remote_file('remote_file_D18886567EABAD8B2D2526900D826EB906462314')).to notify(
+      'execute[import apt datadog key D18886567EABAD8B2D2526900D826EB906462314]').to(:run).immediately
     expect(chef_run.remote_file('remote_file_5F1E256061D813B125E156E8E6266D4AC0962C7D')).to notify(
       'execute[import apt datadog key 5F1E256061D813B125E156E8E6266D4AC0962C7D]').to(:run).immediately
     expect(chef_run.remote_file('remote_file_D75CEA17048B9ACBF186794B32637D44F14F620E')).to notify(
@@ -44,6 +46,8 @@
 
     expect(chef_run.remote_file('remote_file_DATADOG_APT_KEY_CURRENT.public')).to notify(
       'execute[import apt datadog key DATADOG_APT_KEY_CURRENT.public]').to(:run).immediately
+    expect(chef_run.remote_file('remote_file_D18886567EABAD8B2D2526900D826EB906462314')).to notify(
+      'execute[import apt datadog key D18886567EABAD8B2D2526900D826EB906462314]').to(:run).immediately
     expect(chef_run.remote_file('remote_file_5F1E256061D813B125E156E8E6266D4AC0962C7D')).to notify(
       'execute[import apt datadog key 5F1E256061D813B125E156E8E6266D4AC0962C7D]').to(:run).immediately
     expect(chef_run.remote_file('remote_file_D75CEA17048B9ACBF186794B32637D44F14F620E')).to notify(
@@ -197,6 +201,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -218,6 +223,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
       # Key FD4BF915 (from 2020-09-08 to 2024-09-07)
       # Key E09422B3
       import_gpg_keys([
+        '4F09D16B',
         'b01082d3',
         'fd4bf915',
         'e09422b3'
@@ -228,6 +234,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -260,6 +267,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'http://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'http://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'http://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'http://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'http://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -282,6 +290,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -304,6 +313,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -326,6 +336,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',
@@ -348,6 +359,7 @@ def set_yum_repo_and_gnupg(key, install_gnupg)
         expect(chef_run).to create_yum_repository('datadog').with(
           gpgkey: [
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_CURRENT.public',
+            'https://keys.datadoghq.com/DATADOG_RPM_KEY_4F09D16B.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_B01082D3.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_FD4BF915.public',
             'https://keys.datadoghq.com/DATADOG_RPM_KEY_E09422B3.public',