From ffa0c2d87a46af3a0c7b388ad6607ee56a595fa4 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Wed, 6 Jun 2018 13:59:11 -0400 Subject: [PATCH] Stop installing percona-release and setup using yum_repository Due to the security role adding the `localpkg_gpgcheck` option and the fact that the Percona release RPM is not signed, it fails to install leading to failing gate for CentOS. The behaviour for Debian-based operating systems is to manually install the repositories so let's switch CentOS to do the same. Change-Id: I71840bd209cd398e0ce46d61ac895dea68ba193c Related-Bug: #1675918 --- tasks/galera_install_yum.yml | 9 +++++++-- vars/redhat-7.yml | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/tasks/galera_install_yum.yml b/tasks/galera_install_yum.yml index a65f04e3..d183ec74 100644 --- a/tasks/galera_install_yum.yml +++ b/tasks/galera_install_yum.yml @@ -77,8 +77,13 @@ - skip_ansible_lint - name: Install percona repo - package: - pkg: "{{ galera_percona_xtrabackup_repo.repo }}" + yum_repository: + name: 'percona-release-$basearch' + description: 'Percona-Release YUM repository - $basearch' + baseurl: "{{ galera_percona_xtrabackup_repo.repo }}" + enabled: true + gpgcheck: true + gpgkey: 'https://www.percona.com/downloads/RPM-GPG-KEY-percona' state: "{{ galera_percona_xtrabackup_repo.state }}" register: install_packages until: install_packages|success diff --git a/vars/redhat-7.yml b/vars/redhat-7.yml index fb0fb601..64f5fc69 100644 --- a/vars/redhat-7.yml +++ b/vars/redhat-7.yml @@ -74,7 +74,7 @@ _galera_repo: gpgkey: "https://yum.mariadb.org/RPM-GPG-KEY-MariaDB" _galera_percona_xtrabackup_repo: - repo: "http://www.percona.com/downloads/percona-release/redhat/0.1-4/percona-release-0.1-4.noarch.rpm" + repo: "http://repo.percona.com/release/$releasever/RPMS/$basearch" state: "{{ (use_percona_upstream | bool) | ternary('present', 'absent') }}" galera_server_percona_distro_packages: