Install: Update Debian/Ubuntu installation instructions

[amotl]

About

The GPG key handling in the Debian/Ubuntu installation documentation
is incorrect. The ASCII-armored key is being written directly to
/etc/apt/trusted.gpg.d/, which apt rejects with an unsupported file
type error. This causes repository signatures to remain untrusted and
installations to fail.

Preview

• https://cratedb-guide--479.org.readthedocs.build/install/debian-ubuntu.html

References

• Install: Fix GPG key handling in Debian/Ubuntu installation instructions #399

[coderabbitai]

Note

Currently processing new changes in this PR. This may take a few minutes, please wait...

📥 Commits

Reviewing files that changed from the base of the PR and between 940f077 and 409a388.

📒 Files selected for processing (1)

• docs/install/debian-ubuntu.md (2 hunks)

 ___________________________
< Clippy has nothing on me. >
 ---------------------------
  \
   \   \
        \ /\
        ( )
      .( o ).

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch install-debian-gpg-dearmor

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Walkthrough

Updated the Debian/Ubuntu installation guide with revised prerequisites, modernized GPG key import procedure using keyring storage, updated apt source configuration to reference signed keys, and adjusted the CrateDB installation command syntax.

Changes

Cohort / File(s)	Summary
Installation documentation update docs/install/debian-ubuntu.md	Updated prerequisites (removed apt-transport-https, apt-utils, lsb-release; added curl, gnupg, procps). Changed GPG key import to use gpg --dearmor with keyring storage at /usr/share/keyrings/cratedb.gpg. Updated apt source line to include signed-by parameter. Modified install command to include --yes flag. Minor shell prompt marker adjustment.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify GPG key dearmoring procedure and keyring path are consistent with current Debian/Ubuntu standards
• Confirm signed-by syntax is compatible with target Ubuntu/Debian versions
• Validate that updated prerequisites are necessary and sufficient

Possibly related issues

• Install: Fix GPG key handling in Debian/Ubuntu installation instructions #399: Directly addresses GPG key handling modernization by implementing dearmored key storage and signed-by apt source configuration, aligning with current Debian security best practices.

Poem

🐰 Keys now dearmored in keyrings they dwell,
Apt sources signed—security's bell!
Prerequisites trimmed, the guide shines anew,
CrateDB installs with--yes flowing through! ✨

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title accurately describes the main change: updating Debian/Ubuntu installation instructions, which directly corresponds to the file modified and the core issue being fixed.
Description check	✅ Passed	The PR description clearly explains the problem (incorrect GPG key handling causing apt to reject the key) and the intended fix, which aligns with the documented changes to the installation instructions.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch install-debian-gpg-dearmor

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 940f077 and 409a388.

📒 Files selected for processing (1)

• docs/install/debian-ubuntu.md (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: amotl
Repo: crate/cratedb-guide PR: 0
File: :0-0
Timestamp: 2025-10-06T16:40:16.322Z
Learning: In the crate/cratedb-guide repository, documentation is organized by content type: files in `docs/feature/`, `docs/integrate/`, and `docs/ingest/` are reference material designed for quick access, while `docs/start/` contains learning path content. Reference material sections use top-right reference layouts for efficient navigation.

Learnt from: amotl
Repo: crate/cratedb-guide PR: 420
File: docs/connect/erlang.md:100-113
Timestamp: 2025-10-19T19:21:49.864Z
Learning: In the cratedb-guide repository, when documenting cloud or alternative connection methods, show only the differences from the canonical example (e.g., SSL configuration) rather than repeating the entire workflow (query execution, cleanup, etc.). This pattern is used consistently across pages to avoid repetition.

📚 Learning: 2025-08-14T19:02:43.308Z

Learnt from: amotl
Repo: crate/cratedb-guide PR: 253
File: docs/integrate/mindsdb/index.md:21-33
Timestamp: 2025-08-14T19:02:43.308Z
Learning: In CrateDB integration documentation examples, default connection parameters (user="crate", password="", host="127.0.0.1") are intentionally used to provide working out-of-the-box examples for users with local CrateDB instances, rather than using placeholder values that require customization.

Applied to files:

• docs/install/debian-ubuntu.md

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Build docs

🔇 Additional comments (3)

docs/install/debian-ubuntu.md (3)

27-28: GPG key handling fix is sound and addresses the stated issue.

The use of gpg --dearmor to convert the ASCII-armored key to binary format, storing it in /usr/share/keyrings/cratedb.gpg, and referencing it via signed-by=/usr/share/keyrings/cratedb.gpg correctly implements the modern per-repository signature verification approach. This should resolve the apt rejection issue and ensure repository signatures are trusted.

Also applies to: 31-31

---

24-24: Verify necessity of procps package.

The updated prerequisites now include procps, which provides utilities like ps, top, and free. However, it's not directly used in the installation commands shown. Clarify whether this is needed for subsequent configuration steps or if it can be optional.

---

55-55: Good practice: --yes flag makes installation non-interactive.

Adding the --yes flag to the apt install command aligns with best practices for documentation examples, eliminating the need for user prompts during installation.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}