This is a partial revert of [0]. For the bootstrap we only use the
release pocket, not updates or security, so the version of
ca-certificates we install initially is too old to verify current
LetsEncrypt protected hosts.
[0] I455568f1e261060aefe555e9f5b4ef0830b60157
Change-Id: I673bc0ec687df6db59911f17dae1d50cbc7e3dd6
Debian is already doing this and according to ubuntu package search
apt-transport-https is a transitional package at least as far back as
bionic. We leave xenial with http as it isn't clear if apt there
supports https.
Change-Id: I455568f1e261060aefe555e9f5b4ef0830b60157
Zed is coming, CentOS Stream 9 will be in use on more and more projects.
Make AArch64 CI ready for it.
Change-Id: I161691e777815102cf28692ade522df073f662ae
This distro release reached its EOL December 31, 2021. We are removing
it from our CI system as people should really stop testing on it. They
can use CentOS 8 Stream or other alternatives instead.
Depends-On: https://review.opendev.org/c/opendev/base-jobs/+/827181
Change-Id: I13e8185b7839371a9f9043b715dc39c6baf907d5
In line with CentOS deprecation, http://mirrorlist.centos.org has
stopped returning mirror sources. As the dib builds have this in the
initial image clones, they won't build any more. Pause this to stop a
spiral of failing builds.
Since we setup local mirrors, things might keep working in our
ecosystem for a bit, so far the upstream mirrors haven't pulled the 8/
directory directly it seems.
Change-Id: I99ca38f346b3a5d19d7565c1f6114a51b7fe2da3
LE recently expired it's root certificate. Unfortunately, the base
Ubuntu distros (up to focal) use a 2019 ca-certificates package that
hasn't accounted for this. Even more unfortunately, deboostrap can't
use the updates repo to get a more recent certificate package when
building the initial chroot.
The end result is that the chroot can't contact the mirrors via https
to actually pull the updated certificates package from them, breaking
the build.
To work around this use http:// for the mirror location.
Change-Id: Ifdb177d2ed75eab9e2acb984a9be785fba517d3e
The versions of Ansible we use in Zuul don't detect Debian Bullseye
correctly and try to use python2. Set a python3 override.
Change-Id: I6a202d7d2d9e85e99d53d2f13993bf2e3a4237d3
Wheel jobs were removed with
Ia44c384072c0482cfd11c642013fd51004f85c8b. There are now no more job
references for these nodes, so this now removes them from nodepool.
Change-Id: I5dc4f42629661da984cc197a11e3383cddc4ff54
Since Debian Buster can not be used with nova 23.0.0 because of the
min required libvirt version, we should make Bullseye available for CI
to ensure that OpenStack Wallaby release will run on it smoothly.
Depends-On: https://review.opendev.org/c/openstack/diskimage-builder/+/783790
Change-Id: I9c1bb7aaa02ba60ee52e2d7b990e2e6e1212317f
Our convention with the names is "<provider>-<region>" which hasn't
been followed for these two cases.
This mostly only affects the key for the stats reported to graphite.
I never noticed with linaro because our stats generally match
"<provider>-*" and "linaro-us" just so happened to match that :/
Change-Id: Icbbcebd48abc56d0458cb6f9fb1c0b63249f6da4
Our system-config roles for nodepool update the zookeeper configuration
for our nodepool hosts. The content in the files here is merely a
placeholder. Make that more apparent via the addition of comments and
use of dummy data.
Change-Id: I4e35088a04f6393409963f841f2e9ba174c69598
