Skip to content
This repository has been archived by the owner on Apr 29, 2024. It is now read-only.

Commit

Permalink
Merge pull request #1019 from caos/disable-yum-gpg-repochecks
Browse files Browse the repository at this point in the history
fix: disable gpg checks for https yum repos
  • Loading branch information
eliobischof authored Jun 29, 2022
2 parents 6ffb758 + c1adaf6 commit 951f06e
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 1 deletion.
2 changes: 1 addition & 1 deletion internal/operator/nodeagent/dep/k8s/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg`), 0644); err != nil {
return err
}
Expand Down
20 changes: 20 additions & 0 deletions internal/operator/nodeagent/dep/package-manager-init.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package dep

import (
"bytes"
"errors"
"fmt"
"os"
"os/exec"
Expand Down Expand Up @@ -31,15 +32,34 @@ func (p *PackageManager) debSpecificInit() error {

func (p *PackageManager) remSpecificInit() error {

if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil {
return err
}

return p.rembasedInstall(
&Software{Package: "yum-utils"},
&Software{Package: "yum-plugin-versionlock"},
&Software{Package: "firewalld"},
)
}

func (p *PackageManager) remSpecificDisableGPGRepoCheckForGcloudRepo() error {

repoSpecPath := "/etc/yum.repos.d/google-cloud.repo"
if _, err := os.Stat(repoSpecPath); errors.Is(err, os.ErrNotExist) {
// Do nothing if repo file doesn't exist
return nil
}

return exec.Command("sed", "-i", "s/repo_gpgcheck=1/repo_gpgcheck=0/g", repoSpecPath).Run()
}

func (p *PackageManager) remSpecificUpdatePackages() error {

if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil {
return err
}

conflictingCronFile := "/etc/cron.daily/yumupdate.sh"
removeConflictingCronFile := true
_, err := os.Stat(conflictingCronFile)
Expand Down

0 comments on commit 951f06e

Please # to comment.