e64184a3da
Bionic requires a functioning gpg-agent to run apt-key add. This means that gpg-agent must be working properly in the chroot when the lxc image preparation script runs. Previous changes [1] have enabled apt-key to communicate with gpg-agent during the lxc_hosts role checks, however the cache prep fails almost every time when lxc_hosts is used within other role checks. This is not a new issue, debian-installer is affected too [2]. This change adopts the same route as d-i, and simply copies the host /etc/apt/trusted.gpg.d directory to the LXC image, removing the need for apt-key and in turn gpg-agent. [1] https://review.openstack.org/#/c/588629/ [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851774 Change-Id: Ia511881f675cd88ecc58360b18531f0dac486b70
57 lines
1.5 KiB
YAML
57 lines
1.5 KiB
YAML
---
|
|
# Copyright 2016, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
_lxc_hosts_container_image_url: "http://cdimage.ubuntu.com/ubuntu-base/releases/18.04/release/ubuntu-base-18.04.1-base-{{ lxc_cache_map.arch }}.tar.gz"
|
|
|
|
_lxc_cache_map:
|
|
distro: ubuntu
|
|
arch: "{{ lxc_architecture_mapping.get( ansible_architecture ) }}"
|
|
release: bionic
|
|
copy_from_host:
|
|
- /etc/apt/sources.list
|
|
- /etc/apt/apt.conf.d/
|
|
- /etc/apt/trusted.gpg.d
|
|
- /etc/apt/preferences.d/
|
|
- /etc/environment
|
|
- /etc/localtime
|
|
- /etc/protocols
|
|
|
|
_lxc_cache_prep_template: "prep-scripts/ubuntu_18_prep.sh.j2"
|
|
|
|
_lxc_cache_distro_packages:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- cron # bionic doesn't have cronie
|
|
- dbus
|
|
- debianutils # for 'which' executable
|
|
- gcc
|
|
- iproute2
|
|
- iputils-ping
|
|
- libffi-dev
|
|
- libssl-dev
|
|
- locales
|
|
- netbase
|
|
- openssh-server
|
|
- openssl
|
|
- python2.7
|
|
- python-dev
|
|
- python3-dev
|
|
- rsync
|
|
- sudo
|
|
- systemd
|
|
- systemd-sysv
|
|
- tar
|
|
- wget
|