Ensure add-apt-repository keeps trusted=yes from deb input string

Ensure add-apt-repository keeps trusted=yes from deb input string

I am attempting to add a private repository to my sources.list using the add-apt-repository command, but I do not have access to the public key that corresponds to that package repository.

If I try to add the repository normally

sudo add-apt-repository "deb http://my-private-server.test $(lsb_release -s -c) main"

I have problems with the public key not being available (as I expect)

  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY <pubkey>
Reading package lists... Done                                                                            
W: GPG error: https://my-private-server.test bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY <pubkey>
E: The repository 'http://my-private-server.test bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

I would like to mark that I trust the repository, but if I try to add the repository with [trusted=yes] added, if I look in my sources.list, it has been stripped from the entry.

sudo add-apt-repository "deb [trusted=yes] http://my-private-server.test $(lsb_release -s -c) main"
tail /etc/apt/sources.list
deb http://my-private-server.test bionic main
# deb-src http://my-private-server bionic main

If I add [arch=amd64] instead of [trusted=yes], it appears correctly in sources.list. If I manually add [trusted=yes] to sources.list the error that comes from the repository not being signed no longer appears, but I do not want to have to manually edit the file.

What is the correct way to add a trusted repository with add-apt-repository?

相关内容