openstack/kolla-ansible
Code Issues Proposed changes

Fix base CentOS repository keys

Browse Source 
Fix typo in variable name ("yup" instead of "yum"), which means we now
import the repo keys we intended to. Furthermore we no longer try to
import EPEL key in that very spot, as it should be imported after
epel-release is installed, which already happens later during the base
image build.

CentOS/EPEL keys in the image before this patch:

()[root@6843e7e136cf ~]# rpm -q gpg-pubkey --qf '%{summary}\n' | grep -i -E '(centos)|(epel)'
gpg(CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>)
gpg(Fedora EPEL (7) <epel@fedoraproject.org>)

With this patch:

()[root@64a6ae7d0347 ~]# rpm -q gpg-pubkey --qf '%{summary}\n' | grep -i -E '(centos)|(epel)'
gpg(CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>)
gpg(CentOS Storage SIG (http://wiki.centos.org/SpecialInterestGroup/Storage) <security@centos.org>)
gpg(CentOS Virtualization SIG (http://wiki.centos.org/SpecialInterestGroup/Virtualization) <security@centos.org>)
gpg(Fedora EPEL (7) <epel@fedoraproject.org>)

Change-Id: I5cd22a887282e5de199a809b0798a439ce1a99e7
Closes-Bug: #1625585
This commit is contained in:
Jiri Stransky 2016-09-20 13:22:28 +02:00
parent ebcd7b2979
commit 20751763a2
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docker/base/Dockerfile.j2
View File

@ -79,8 +79,7 @@ RUN yum-config-manager --enable rhel-7-server-rpms \
RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
{% set base_centos_yup_repo_keys = [
'/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7',
{% set base_centos_yum_repo_keys = [
'/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage',
'/etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Virtualization'
] %}