tools/toCOPY/yum.repos.d/centos.repo
Scott Little 42ed522880 Update ca-certificates to pull from Centos 7.9
https download fails with errors such as...

00:21:13.479 ERROR: cannot verify opendev.org's certificate, issued by
‘/C=US/O=Let's Encrypt/CN=R3’:
00:21:13.479   Issued certificate has expired.

The upstream root certificate expire on Oct 1, 2021.

ca-certificates needs to be updated to version 2021.2.50
but that version is only available in Centos 7.9 or newer.
This build container is locked down to Centos 7.8 without
updates.

This update adds repo definitions for 7.9 and 7.8 updates,
but sets them to disabled by default.

When updating ca-certificates I temporarily enable the
Centos 7.9 updates repo.

I also disable the yum module that causes the
"system is not registered with an entitlement server"
messages, but those messages turned out to NOT be the root
cause of ca-certificates failure to update.

Closes-bug: 1946151
Closes-bug: 1946122
Signed-off-by: Scott Little <scott.little@windriver.com>
Change-Id: I7ac47582e731ec5003f76ddfa24331ca87e1bf6c
2021-10-06 12:01:27 -04:00

27 lines
614 B
Plaintext

# centos_7_8_url must be defined in /etc/yum/vars/
[centos-os]
name=centos-os
baseurl=$centos_7_8_url/os/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
[centos-extras]
name=centos-extras
baseurl=$centos_7_8_url/extras/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
# Disable updates by default for stability,
# but define it so it can be enebled for single packages
# if so desired.
[centos-updates]
name=centos-updates
baseurl=$centos_7_8_url/updates/$basearch/
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7