[ansible/xray] "Import CentOS GPG public key" hardcoded URL

[gianluca-fiasco]

Is this a BUG REPORT or FEATURE REQUEST? (choose one): Bug

Which installer:
Ansible

Which product and version (eg: ansible & collection version - 7.24.2):
Ansible collection multiple versions

Which operating system and version(eg: ubuntu & version - 20.4):
RHEL8

Which product license (Enterprise/Pro):
Enterprise+

What happened:

This task should be customizable, and the URL should not be hardcoded.

The task located at this link:

- name: Import CentOS GPG public key
  become: true
  ansible.builtin.rpm_key:
    key: https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official
    state: present

has the following issues:

• It is not idempotent: This task will run every time, regardless of the key’s presence.
• External URL: The URL points to an external resource, which may violate security policies.

In my company (an S&P 500 firm with 30,000 employees), we are not permitted to retrieve files from the internet. Ideally, this key should be fetched from an internal server or hosted on Artifactory itself.

[chukka]

@gianluca-fiasco Thanks for raising this issue , Would you mind raising this as a Pull Request, Happy to take this in upcoming releases :)