Browse Source

Fix issues with Percona in Zuul and clean up a little bit

Percona site has connectivity issues from OVH hosts (of Zuul).
This patch makes it so that:
  - the internal repo is actually used
  - RPM GPG keys are downloaded from the actually used repo
  - Ubuntu mimics the RHEL behavior (i.e. the Percona repo is
    enabled only in the xtrabackup image)
    extra benefit: no need for APT preferences for Percona repo
    to spare MariaDB deps

Change-Id: Id27831f6b404762f9e44fd6bd1c4702bf06b05f8
Signed-off-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
(cherry picked from commit de58339a0e)
changes/55/665355/2
Radosław Piliszek 2 years ago
parent
commit
45ae94f9ad
  1. 7
      docker/base/Dockerfile.j2
  2. 4
      docker/base/apt_preferences.debian
  3. 5
      docker/base/apt_preferences.ubuntu
  4. 77
      docker/base/gpg-keys/PERCONA-PACKAGING-KEY
  5. 6
      docker/base/percona-release.repo
  6. 5
      docker/base/sources.list.ubuntu
  7. 6
      docker/xtrabackup/Dockerfile.j2
  8. 6
      tests/templates/template_overrides.j2

7
docker/base/Dockerfile.j2

@ -62,10 +62,6 @@ COPY yum.conf /etc/yum.conf
#### BEGIN REPO ENABLEMENT
# Workaround https://bugs.launchpad.net/kolla/+bug/1813906
# https://jira.percona.com/browse/PT-1685
COPY gpg-keys/PERCONA-PACKAGING-KEY /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
{% set base_yum_repo_files = [
] %}
@ -88,13 +84,12 @@ COPY gpg-keys/PERCONA-PACKAGING-KEY /etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY
'td.repo'
] %}
## NOTE(yoctozepto): Percona keys omitted on purpose (handled via the repo file for compatibility with Zuul)
{% set base_yum_repo_keys = [
'https://artifacts.elastic.co/GPG-KEY-elasticsearch',
'https://packages.grafana.com/gpg.key',
'https://repos.influxdata.com/influxdb.key',
'https://packagecloud.io/gpg.key',
'https://www.percona.com/downloads/RPM-GPG-KEY-percona',
'/etc/pki/rpm-gpg/PERCONA-PACKAGING-KEY',
'https://packages.treasuredata.com/GPG-KEY-td-agent'
] %}
{% elif base_arch == 'aarch64' %}

4
docker/base/apt_preferences.debian

@ -1,4 +0,0 @@
# Lower the priority of packages from Percona's repos
Package: *
Pin: origin repo.percona.com
Pin-Priority: 100

5
docker/base/apt_preferences.ubuntu

@ -2,8 +2,3 @@
Package: ceph* *cephfs* librbd* *rados* python*-rbd librgw* python*-rados python*-ceph* python*-rgw
Pin: version 13.*
Pin-Priority: -1
# Lower the priority of packages from Percona's repos
Package: *
Pin: origin repo.percona.com
Pin-Priority: 100

77
docker/base/gpg-keys/PERCONA-PACKAGING-KEY

@ -1,77 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQINBFd0veABEADyFa8jPHXhhX1XS9W7Og4p+jLxB0aowElk4Kt6lb/mYjwKmQ77
9ZKUAvb1xRYFU1/NEaykEl/jxE7RA/fqlqheZzBblB3WLIPM0sMfh/D4fyFCaKKF
k2CSwXtYfhk9DOsBP2K+ZEg0PoLqMbLIBUxPl61ZIy2tnF3G+gCfGu6pMHK7WTtI
nnruMKk51s9Itc9vUeUvRGDcFIiEEq0xJhEX/7J/WAReD5Am/kD4CvkkunSqbhhu
B6DV9tAeEFtDppEHdFDzfHfTOwlHLgTvgVETDgLgTRXzztgBVKl7Gdvc3ulbtowB
uBtbuRr49+QIlcBdFZmM6gA4V5P9/qrkUaarvuIkXWQYs9/8oCd3SRluhdxXs3xX
1/gQQXYHUhcdAWrqS56txncXf0cnO2v5kO5rlOX1ovpNQsc69R52LJKOLA1Kmjca
JNtC+4e+SF2upK14gtXK384z7owXYUA4NRZOEu+UAw7wAoiIWPUfzMEHYi8I3Rsz
EtpVyOQC5YyYgwzIdt4YxlVJ0CUoinvtIygies8LkA5GQvaGJHYG1aQ3i9WDddCX
wtoV1uA4EZlEWjTXlSRc92jhSKut/EWbmYHEUhmvcfFErrxUPqirpVZHSaXY5Rdh
KVFyx9JcRuIQ0SJxeHQPlaEkyhKpTDN5Cw7USLwoXfIu2w0w0W06LdXZ7wARAQAB
tDtQZXJjb25hIERldmVsb3BtZW50IFRlYW0gKFBhY2thZ2luZyBrZXkpIDxpbmZv
QHBlcmNvbmEuY29tPokCNwQTAQgAIQUCWwLC+wIbAwULCQgHAgYVCAkKCwIEFgID
AQIeAQIXgAAKCRCTNKJfhQfvpYf+D/oD7dFS0eXR4OH2g8CACNeTWB2EJ57W0gyL
wko42IjBSOSogB4BMm/3vlk8PefikTU5+Z/fYK3OIJV7kMIEXNfnNzr3QWvafHRR
qGUoTmvP29O5Y4s7oGllIUOlr9gwtSGfHnjtF+WZBhko2uH6KvXBJay28ye4S8sS
zDQdk8RULFN4hfIT4duOjo7Clf4iZtoUX7bVN32NRYH8Ss4IvbdDOAjlzjQa+NgO
SEsDvP3DwRoZQcAIMXngOMlPa/SA87pAcOup/8AvX3i7F7ZfWkKys3jpoSRyt0Ol
InpOrlJqJY4ugSxNkCgz+21kb1EVtIjSY8LAMPzZ5OAiiG0MyOTUyKFhzAkE1Mn3
Cs9TzNjybPlvPGt6CsckjgReL2XQBqITRsmLOwzWguuqduBlPISVoeGUPpEBj7Hv
Ca7p9QbEaXtN5JmlAFLwPTuM4S5IxG5bEXMFECKL45J8F9G/EGs/qO/HSebQsJ/+
i5Ct6gElUwIOaaCUPpWG0qwR2aP4QAndvLsaGN7v6BmtLYw8+n5vjIueFXh/gRyI
8eOIxrCUYhukkdM+YQ0h6Xd+X8FvHdYRGHmW86Ro2HkBqqKyXbab04+769jpzCdM
b0oKzXapU94mKuWZ+fOncshTpUN17neFzb1YIc2kcwb3rQxDJNd7IR3mq+d3yapk
vTYlP7uFk7RGUGVyY29uYSBNeVNRTCBEZXZlbG9wbWVudCBUZWFtIChQYWNrYWdp
bmcga2V5KSA8bXlzcWwtZGV2QHBlcmNvbmEuY29tPokCOQQwAQgAIwUCWwLD2Rwd
IFVzZXIgSUQgaXMgbm8gbG9uZ2VyIHZhbGlkAAoJEJM0ol+FB++lW4UQALX2/ofm
ALXhdC0nlh4X1MJLPpmLjyZKTyK3YNOUJukzGW0LVGIq4SAvPxw4oc4zQ1PCQuUG
oj062Fd4sWF1oGFQBOVUAebnyCOcAE1ybcpw9FhdB6ZGa0hTx1RD9jg+OT8e1u62
XbQyRuLBbbncyIt/lhTcqnCVv14auolAVLuFqiFx5uk2n1x5Y5bs6ABt9Ka0MhYZ
m6Qyhm0kGNYn+AiHEwNgdAboe155zp2augVVDmGS+s+tVD60nnWzZLsZGCCZh2gJ
jyxxXNaIeY7OyaMRQFa3gBVGd7UeJZ1d3MR4nR7wlKMUXSC8a0l+bkgi/sgyAJNg
X3bCiEDRIGxGv/Dgg1/ahKVEch/W0Y+0DyifPzAFtnCBH0c2GJUrU8/c2i1iKhYf
/r/711136Oqd5LDROQGzo4dnzdTs3qEeWdIVkgSwaLUFrw6Kq0tAnZSqHK2WQw3C
1oPdlBMimysOhJnwsmYbtlgRF2/rU7QiuJvMHXqBPfOSHKRcy5hoa5S2+PCe/IXB
Qmod1MlmfsUH6TjwC5SWGFaIm76+ROsiQKie28fAqRLKqeNvuaMqxTsVpYofQZXE
JcSyhwhTcaQxsrYYM+4z8sbdxiIqR7PW6BthsAKCrOr6U53Pm00+yI16Tt7FNcVc
wHl+lRTe/EhDQ93LvbFvB4/Svx/GLdlvdsHaiQI3BBMBCgAhBQJXdL3gAhsDBQsJ
CAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEJM0ol+FB++l4koQAKkrRP+K/p/TGlnq
lbNyS5gdSIB1hxT3iFwIdF9EPZq0U+msh8OY7omV/82rJp4T5cIJFvivtWQpEwpU
jJtqBzVrQlF+12D1RFPSoXkmk6t4opAmCsAmAtRHaXIzU9WGJETaHl57Trv5IPMv
15X3TmLnk1mDMSImJoxWJMyUHzA37BlPjvqQZv5meuweLCbL4qJS015s7Uz+1f/F
siDLsrlE0iYCAScfBeRSKF4MSnk5huIGgncaltKJPnNYppXUb2wt+4X2dpY3/V0B
oiG8YBxV6N7sA7lC/OoYF6+H3DMlSxGBQEb1i9b6ypwZIbG6CnM2abLqO67D3XGx
559/FtAgxrDBX1f63MQKlu+tQ9mOrCvSbt+bMGT6frFopgH6XiSOhOiMmjUazVRB
sXRK/HM5qIk5MK0tGPSgpc5tr9NbMDmp58OQZYQscslKhx0EDDYHQyHfYFS2qodu
RwQG4BgpZm2xjGM/auCvdZ+pxjqy7dnEXvMVf0i1BylkyW4p+oK5nEwY3KHljsRx
uJ0+gjfyj64ihNMSqDX5k38T2GPSXm5XAN+/iazlIuiqPQKLZWUjTOwr2/AA6Azt
U/fmsXV2swz8WekqT2fphvWKUOISr3tEGG+HF1iIY43BoAMHYYOcdSI1ZODZq3Wi
c+zlN1WzPshDB+d3acxeV5JhstvPuQINBFd0veABEACfuHVbey5qG5P6rRhAX2pd
d/f7iwHdcW1+evxCfCR5fHzsO1LRwlHM9GRqlztKzgxzAIfgUXqdMXUs6vW8agfk
u553h8gBqrhdq9NH65/YenzV/Sv9c/EGzsBQurau1RC4gfJ4jgAedu4FQKZvVr//
0NTWuJm3el3orYYz4rLq79avSgD7Q/uK8/j71zgCJixsFzjC8ehRlOtMdetPTY36
zc2LjQSMTSpE7SvEbrk6yDKpQvZabl3dmkEkBvoFpat7x+i3ZtBCzRFTx2rH/9DW
KCO+SuGVBXs8vhLtAvKKjbWGGU9LrmESZcahI6fliH5w28NvpOuJlr8Rn/6jQmJD
DPKO50XKM8hpT6DBqIE99YqYLUzXAKf4Y88FyHvlO6kiVbXaOYz1OTqCWVqjaMYF
biPW6NgDX0hyE9uG0lfNA9P5edqyPSEaTN+kpD9OVqG6R0uPBCFY8u25NrNRhMqI
FQdvI54eEtN0ktFP0FrlFFkg6S+l+3Qsr9sMDKCUVTJ/BkKwqkdhTv5XY4KiIEJQ
jvMKr0vH5lYiPDGX/3KsJL+rxJjA++4Wh40WBLYDSDWSAfCPSokg1lRjOaMDhnH5
YnUeEk6Mhy61DQRsH+xEpeL/F1L06u0Wh+0iXqKXJA4jvU4XwGSkzg3yaablkYnu
n5myhIQYswIdCyEH4Wl3SQARAQABiQIfBBgBCgAJBQJXdL3gAhsMAAoJEJM0ol+F
B++lxqkQAIC7jz1CWt+tbKgutLRFcxexNQZoTAAPTk3OjqqeCLWO1cmHtmjNSXTc
5rpX78vPEYQjzQpAARZxAppAdeJHBzm9Qrfiyo7TW8P0Gf9c9p1mPUtl2g0BNvRU
7zYzgCF1aIwKtS+XO2UdTT56Gy5vaxd1BiTg8J9ytkIGSkuSXSOASeGC5RmN3SaD
6yomVa483k9kVhhSOUzKwYK9f2WgGhI1xxpVF5LbbRhCoEz4ia/TqJoWdH/agul3
4AGWOgPRhMu+FEpb/nons73XTwQtcXiZAe9z4ZltVsSciolgRzPwkXxMmWVMme9Y
ymVCPTrzxPi6nc6npSZzE275m02u86V2htwD2MbSuGmcTdmAPPfXgQ5XM57ELElD
bNA1eN1jZAhzYBLv63X+nNOy6ysuac5Q7ozyBOIpNksLleA0+FzsnYmPlGqzYtnD
6nFglDn898jk/LWkwitL472fh8RRbDYffsXealiy6W2TYKrQl52ajLV7D5PUUS9x
SlAPcdPSuXAzh7GhOKDommWwLfPo0uYN3Xja+AkW135ctz4evCpvZjkBTfog07FG
lumduUK5fHvJYiSyV1P5SKr4722C8jWCo2YcS+IsZgVFFuY1bG6HtiImpP75IM0G
3g1uyd2OhF9nGDSxjp4kKWnUoGdV0P1bUXaAbvXRzlIcx7dOD7tZ
=cTh+
-----END PGP PUBLIC KEY BLOCK-----

6
docker/base/percona-release.repo

@ -3,11 +3,13 @@ name = Percona-Release YUM repository - $basearch
baseurl = https://repo.percona.com/release/$releasever/RPMS/$basearch
enabled = 0
gpgcheck = 1
gpgkey = https://www.percona.com/downloads/RPM-GPG-KEY-percona
gpgkey = https://repo.percona.com/yum/RPM-GPG-KEY-Percona
https://repo.percona.com/yum/PERCONA-PACKAGING-KEY
[percona-release-noarch]
name = Percona-Release YUM repository - noarch
baseurl = https://repo.percona.com/release/$releasever/RPMS/noarch
enabled = 0
gpgcheck = 1
gpgkey = https://www.percona.com/downloads/RPM-GPG-KEY-percona
gpgkey = https://repo.percona.com/yum/RPM-GPG-KEY-Percona
https://repo.percona.com/yum/PERCONA-PACKAGING-KEY

5
docker/base/sources.list.ubuntu

@ -1,4 +1,4 @@
# For non-x86 architectures we use sources.list.debian.ARCHITECTURENAME
# For non-x86 architectures we use sources.list.ubuntu.<arch>
# Default repos
deb http://archive.ubuntu.com/ubuntu/ bionic main restricted universe multiverse
@ -37,4 +37,5 @@ deb http://ppa.launchpad.net/odl-team/carbon/ubuntu xenial main
deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
# Percona XtraBackup repo
deb http://repo.percona.com/apt bionic main
# NOTE(yoctozepto): enabled only in the xtrabackup image (to spare MariaDB deps and allow Zuul override)
#deb http://repo.percona.com/apt bionic main

6
docker/xtrabackup/Dockerfile.j2

@ -6,7 +6,11 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
{% import "macros.j2" as macros with context %}
{% if base_package_type == 'rpm' %}
RUN yum-config-manager --enable percona\*
RUN yum-config-manager --enable percona-release-\*
{% endif %}
{% if base_package_type == 'deb' %}
RUN sed -i -e '/percona/ s|^#deb |deb |' /etc/apt/sources.list
{% endif %}
{% if base_package_type in ['rpm', 'deb'] %}

6
tests/templates/template_overrides.j2

@ -49,7 +49,7 @@ RUN sed -i -e "/^mirrorlist/d" \
-e "s|^baseurl=https://packagecloud.io/grafana|baseurl={{ nodepool_grafana_proxy }}|g" \
-e "s|^baseurl=https://trunk.rdoproject.org|baseurl=http://{{ nodepool_rdo_proxy }}|g" \
-e "s|^baseurl=https://cbs.centos.org/repos|baseurl={{ nodepool_cbs_centos_proxy }}|g" \
-e "s|^baseurl=https://repo.percona.com|baseurl={{ nodepool_percona_proxy }}|g" \
-e "s|https://repo.percona.com|{{ nodepool_percona_proxy }}|g" \
/etc/yum.repos.d/*.repo
{% raw %}
@ -65,15 +65,17 @@ RUN sed -i -e "/^mirrorlist/d" \
-e "s|^baseurl=https://packagecloud.io/grafana|baseurl={{ nodepool_grafana_proxy }}|g" \
-e "s|^baseurl=https://trunk.rdoproject.org|baseurl=http://{{ nodepool_rdo_proxy }}|g" \
-e "s|^baseurl=https://cbs.centos.org/repos|baseurl={{ nodepool_cbs_centos_proxy }}|g" \
-e "s|^baseurl=https://repo.percona.com|baseurl={{ nodepool_percona_proxy }}|g" \
-e "s|https://repo.percona.com|{{ nodepool_percona_proxy }}|g" \
/etc/yum.repos.d/*.repo
{% raw %}
{% elif base_distro == "ubuntu" %}
{% endraw %}
## TODO(yoctozepto): replace base repo earlier as well (like RHEL-based do)
RUN sed -i -e "s|http://archive.ubuntu.com|http://{{ nodepool_mirror_host }}|" \
-e "s|http://ubuntu-cloud.archive.canonical.com/ubuntu|http://{{ nodepool_mirror_host }}/ubuntu-cloud-archive|" \
-e "s|http://repo.percona.com|{{ nodepool_percona_proxy }}|" \
/etc/apt/sources.list \
&& apt-get update

Loading…
Cancel
Save