With the new `repo_gpgcheck` attribute, a signing key can now be implicated in
fetching the repository metadata. If this is a previously un-imported key, a
prompt is generated by `yum makecache`, which fails in a chef run due to the
non-interactive context. This results in the `yum_repository` resource failing
if a previously un-imported key is used in tandem with `repo_gpgcheck = true`.

Cookbook users should be responsible for ensuring that keys they refer to in
their resources can be trusted, either by referring to keys at secure URLs, or
by creating a local, trusted file using managed secrets, and referring
directly to that.

Therefore, add the `-y` flag to the `yum makecache` command, allowing repo
metadata to be fetched without manual intervention.