42ed522880
https download fails with errors such as... 00:21:13.479 ERROR: cannot verify opendev.org's certificate, issued by ‘/C=US/O=Let's Encrypt/CN=R3’: 00:21:13.479 Issued certificate has expired. The upstream root certificate expire on Oct 1, 2021. ca-certificates needs to be updated to version 2021.2.50 but that version is only available in Centos 7.9 or newer. This build container is locked down to Centos 7.8 without updates. This update adds repo definitions for 7.9 and 7.8 updates, but sets them to disabled by default. When updating ca-certificates I temporarily enable the Centos 7.9 updates repo. I also disable the yum module that causes the "system is not registered with an entitlement server" messages, but those messages turned out to NOT be the root cause of ca-certificates failure to update. Closes-bug: 1946151 Closes-bug: 1946122 Signed-off-by: Scott Little <scott.little@windriver.com> Change-Id: I7ac47582e731ec5003f76ddfa24331ca87e1bf6c
27 lines
614 B
Plaintext
27 lines
614 B
Plaintext
# centos_7_8_url must be defined in /etc/yum/vars/
|
|
|
|
[centos-os]
|
|
name=centos-os
|
|
baseurl=$centos_7_8_url/os/$basearch/
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
|
|
|
[centos-extras]
|
|
name=centos-extras
|
|
baseurl=$centos_7_8_url/extras/$basearch/
|
|
enabled=1
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
|
|
|
# Disable updates by default for stability,
|
|
# but define it so it can be enebled for single packages
|
|
# if so desired.
|
|
[centos-updates]
|
|
name=centos-updates
|
|
baseurl=$centos_7_8_url/updates/$basearch/
|
|
enabled=0
|
|
gpgcheck=1
|
|
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
|
|
|