Disable external repositories by default and enable only when needed.
Implements: blueprint repos-off-by-default
Obtain binaries from encrypted source when we're unable to check for
their signatures. This should provide better security than downloading
the files over HTTP but does not replace signature verification or file
This makes it consistent with the rest of the images and lets kolla
users disable external repo in a clean fashion.
Co-Authored-By: Martin André <email@example.com>
Package is not architecture specific but CentOS repo is. So change URL
to not use $basearch in it so package can be installed on non-x86
Debian/Ubuntu fail due to lack of key used for signing packages.
Partially-Implements: blueprint multiarch-and-arm64-containers