Add Yum configuration to the fuel-release package

This package installs the following Yum configuration
entries for Fuel Admin node:

* base, updates and security MOS repos (enabled by default)
* repos configuration includes online mirrorlists
* GPG key for MOS packages (verification is enabled)

Also remove Fuel packages that directly depend on
the 'fuel' package from the FUEL_PACKAGES var

Change-Id: I20c2c53d823372b44a6c9409f0ee46c1d1910782
Blueprint: separate-fuel-node-provisioning

fuel-release/RPM-GPG-KEY-mos

@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQENBFWt8ogBCACtT/j4WMGuhEI486Vv9zVV0GWGefHE5hBlgJSjSgrExLFqQ2Fo
+ScaABCfvzUeuXHNoh/c2eLjx3YE6oFrdiw5tam0NFlZMM+PSufciTxQz8vrXHGx7
+VB5rg2TXKoqOv9cW690FsRAeOtKTtBxZvYVTLEPn2GJW09Xy9CBa+n23XBHTBvKs
+j3hxkn25Oy70Wgxk/BJqpynXGno+NzuAnIbb+f+X7i6fiXwrvtp5zOYOJeUwS+fU
+IM/mXbetOd/sHtJqc9NUYpTip4nElEqAYRCsXDTbuMNdzSr8VlSMM8b61mBGelLH
+XJe+EPP+Logc5KXO8adoGgWhqlbD6n7w+ynHABEBAAG0LmZ1ZWwtaW5mcmEgKEV4
+YW1wbGUga2V5KSA8ZGV2b3BzQG1pcmFudGlzLmNvbT6JATgEEwECACIFAlWt8ogC
+GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELzlzEYfoisIkuQIAJl0cFJ5
+BSKMXHhRYf0BeDzhdh3pmcOXs/jSznTIxB4OE5OdwrMgKyoIkSIP8AEttvB+BuOv
+BHmhTL7kvRhP5xiKdbCwmDtoERoaqxhRRbZJcJ+pHvl7mkEu8Gj2KZe2lfE4Z6ZF
+6q00Gx9HYfse1+VgUR5ymh41nZCvRTNEnYBp1RQcPogiLy2rYvZbxYnUtg4jaD7D
+vuuEQwrfEHdKFUlWBCIVbl+e3K6ZSniOcqqyHK72/HI0SYuZpGfCzzw5deODcjWm
+Gz4nZr41cB3eHXkfmG3ngdhmb2MpVr83u+JebOovjzusf71oIdZBTFNYsZNSVKrn
+l0rrRuDIMHbQMuS5AQ0EVa3yiAEIALZqdLGXSGZAgUXl7zhPH5wnIQtdo6iMIovZ
+zQNW95RDT2nm/3YddiRy6FuOTbaHXw07D4ZUl4dGVHzEwBllhULxcHV3OOdQ3gVp
+4mBAZ8kv0EelzqPfDQWR2Cq0hi7IJ4Q4ePpZhQFiasz8qbV7D7CYbZdDAmQKxqAk
+0XYOjbB3jzB2r6MHflAKmJzTp3+NAE9bDLAwXa0ot2THDbpPdB4R6pxpD6Y3jweW
+uLUCnIfvyIBwhHobaU28pw/BA+0dkC9jnLnoO+TrzB9YD5839Lc3ctrdPBLiFPMG
+wdfAVRCyfgLjOyULqjTudx1Mo+Dgz9+xrcTFoehI7UYoZnraEKkAEQEAAYkBHwQY
+AQIACQUCVa3yiAIbDAAKCRC85cxGH6IrCPH5B/0Uc+OhMSCkRos1Yv5tA4bsEcjt
+8+sJ2S6pUqCbZxmXpzKspKpnjp3DJjmQKDB2q4UPDVElVDMMdBlstTx1RRZDf8yk
+nDvRBSzawk7Xhfloro8N2Lxv6gWhhMvHUYItyO6KMbAZuZ2M1I1/OFHG/f//7oPM
+0QpNbihf+GqE/dWRz9ZDz+xlSFli6AR/3ldq7N6gkCsEFdi3j6ZDf0qLsZpazPUI
+wiCC/aAYLkRDtTJV1G6EsWijmOTNNlCEFS/XDLQ3N2Ev/1sgAO0AlBMdXqSnqUI1
+1h/eSKCiGmkwFWlCf/4HnJVP7QpSeRPLyw785Fvt3p9vT+64isZ0ZK6cpcj8
+=0aQD
+-----END PGP PUBLIC KEY BLOCK-----

fuel-release/mos-os.repo

@@ -0,0 +1,8 @@
+[mos$fuelver-base]
+name=mos$fuelver-base
+#baseurl=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/os/x86_64/
+mirrorlist=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/mos-mirrors-os.txt
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/fuel-gpg/RPM-GPG-KEY-mos
+skip_if_unavailable=1

fuel-release/mos-security.repo

@@ -0,0 +1,8 @@
+[mos$fuelver-security]
+name=mos$fuelver-security
+#baseurl=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/security/x86_64/
+mirrorlist=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/mos-mirrors-security.txt
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/fuel-gpg/RPM-GPG-KEY-mos
+skip_if_unavailable=1

fuel-release/mos-updates.repo

@@ -0,0 +1,8 @@
+[mos$fuelver-updates]
+name=mos$fuelver-updates
+#baseurl=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/updates/x86_64/
+mirrorlist=http://mirror.fuel-infra.org/mos-repos/centos/mos$fuelver-centos$releasever-fuel/mos-mirrors-updates.txt
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/fuel-gpg/RPM-GPG-KEY-mos
+skip_if_unavailable=1

iso/bootstrap_admin_node.sh

@@ -13,6 +13,9 @@ exec 2>&1
 
 VBOX_BLACKLIST_MODULES="i2c_piix4 intel_rapl"
 
+# The following packages need to be installed prior to installing any other ones
+BOOTSTRAP_PACKAGES="fuel-release yum-plugin-priorities yum-utils"
+
 FUEL_PACKAGES=" \
 authconfig \
 bind-utils \
@@ -22,10 +25,6 @@ dhcp \
 docker \
 fuel \
 fuel-bootstrap-cli \
-fuel-bootstrap-image \
-fuel-library \
-fuelmenu \
-fuel-mirror \
 fuel-openstack-metadata \
 fuel-utils \
 gdisk \
@@ -48,7 +47,6 @@ telnet \
 vim \
 virt-what \
 wget \
-yum-plugin-priorities \
 "
 
 ASTUTE_YAML='/etc/fuel/astute.yaml'
@@ -205,13 +203,16 @@ function ifname_valid {
 }
 
 yum makecache
-yum install -y yum-plugin-priorities
+echo $BOOTSTRAP_PACKAGES | xargs -n1 yum install -y
-yum install -y $FUEL_PACKAGES
+FUEL_RELEASE=$(cat /etc/fuel_release)
+
+# Disable online base MOS repo if we run an ISO installation
+[ -f /etc/fuel_build_id ] && yum-config-manager --disable mos${FUEL_RELEASE}-base --save
+
+echo $FUEL_PACKAGES | xargs -n1 yum install -y
 
 touch /var/lib/hiera/common.yaml /etc/puppet/hiera.yaml
 
-FUEL_RELEASE=$(cat /etc/fuel_release)
-
 # Be sure, that network devices have been initialized
 udevadm trigger --subsystem-match=net
 udevadm settle
@@ -498,24 +499,6 @@ else
   bs_status=3
 fi
 
-# Enable updates repository
-cat > /etc/yum.repos.d/mos${FUEL_RELEASE}-updates.repo << EOF
-[mos${FUEL_RELEASE}-updates]
-name=mos${FUEL_RELEASE}-updates
-baseurl=http://mirror.fuel-infra.org/mos-repos/centos/mos${FUEL_RELEASE}-centos\$releasever-fuel/updates/x86_64/
-gpgcheck=0
-skip_if_unavailable=1
-EOF
-
-# Enable security repository
-cat > /etc/yum.repos.d/mos${FUEL_RELEASE}-security.repo << EOF
-[mos${FUEL_RELEASE}-security]
-name=mos${FUEL_RELEASE}-security
-baseurl=http://mirror.fuel-infra.org/mos-repos/centos/mos${FUEL_RELEASE}-centos\$releasever-fuel/security/x86_64/
-gpgcheck=0
-skip_if_unavailable=1
-EOF
-
 #Check if repo is accessible
 echo "Checking for access to updates repository..."
 repourl=$(yum repolist all -v | awk '{if ($1 ~ "baseurl" && $3 ~ "updates") print $3}' | head -1)

specs/fuel-main.spec

@@ -38,9 +38,18 @@ managing OpenStack.
 %install
 rm -rf %{buildroot}
 mkdir -p %{buildroot}/etc
+mkdir -p %{buildroot}/etc/yum/vars/
+mkdir -p %{buildroot}/etc/yum.repos.d
 echo %{fuel_release} > %{buildroot}%{_sysconfdir}/fuel_release
+echo %{fuel_release} > %{buildroot}%{_sysconfdir}/yum/vars/fuelver
 install -D -m 700 -d %{buildroot}/root/.ssh
 install -p -m 600 %{_builddir}/%{name}-%{version}/bootstrap/ssh/id_rsa %{buildroot}/root/.ssh/bootstrap.rsa
+# copy GPG key
+install -D -m 644 %{_builddir}/%{name}-%{version}/fuel-release/RPM-GPG-KEY-mos %{buildroot}/etc/pki/fuel-gpg/RPM-GPG-KEY-mos
+# copy yum repos and mirror lists to /etc/yum.repos.d
+for file in %{_builddir}/%{name}-%{version}/fuel-release/*.repo ; do
+    install -D -m 644 "$file" %{buildroot}/etc/yum.repos.d
+done
 
 %clean
 rm -rf %{buildroot}
@@ -59,8 +68,15 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 URL:       http://github.com/Mirantis
 
 %description -n fuel-release
-This packages provides /etc/fuel_release file.
+This packages provides /etc/fuel_release file
+and Yum configuration for Fuel online repositories.
 
 %files -n fuel-release
 %defattr(-,root,root)
 %{_sysconfdir}/fuel_release
+%config(noreplace) %attr(0644,root,root) /etc/yum/vars/fuelver
+%config(noreplace) %attr(0644,root,root) /etc/yum.repos.d/*
+%dir /etc/pki/fuel-gpg
+/etc/pki/fuel-gpg/*
+
+