From 75085b8fa94a78fe4f2901dcbb5d544a93aca5c0 Mon Sep 17 00:00:00 2001 From: Elio Bischof Date: Mon, 27 Jun 2022 14:43:13 +0200 Subject: [PATCH 1/3] fix: disable gpg checks for https yum repos --- internal/operator/nodeagent/dep/k8s/common.go | 2 +- .../nodeagent/dep/package-manager-init.go | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/internal/operator/nodeagent/dep/k8s/common.go b/internal/operator/nodeagent/dep/k8s/common.go index 7262d35a2..e0f95e5ab 100644 --- a/internal/operator/nodeagent/dep/k8s/common.go +++ b/internal/operator/nodeagent/dep/k8s/common.go @@ -55,7 +55,7 @@ name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 -repo_gpgcheck=1 +repo_gpgcheck=0 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg`), 0644); err != nil { return err } diff --git a/internal/operator/nodeagent/dep/package-manager-init.go b/internal/operator/nodeagent/dep/package-manager-init.go index 73bf3b7be..abeaa4944 100644 --- a/internal/operator/nodeagent/dep/package-manager-init.go +++ b/internal/operator/nodeagent/dep/package-manager-init.go @@ -2,6 +2,7 @@ package dep import ( "bytes" + "errors" "fmt" "os" "os/exec" @@ -38,8 +39,23 @@ func (p *PackageManager) remSpecificInit() error { ) } +func (p *PackageManager) remSpecificDisableGPGRepoCheckForGcloudRepo() error { + + repoSpecPath := "/etc/yum.repos.d/google-cloud.repo" + if _, err := os.Stat(repoSpecPath); errors.Is(err, os.ErrNotExist) { + // Do nothing if repo file doesn't exist + return nil + } + + return exec.Command("sed", "-i", "s/repo_gpgcheck=1/repo_gpgcheck=0/g", repoSpecPath).Run() +} + func (p *PackageManager) remSpecificUpdatePackages() error { + if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil { + return err + } + conflictingCronFile := "/etc/cron.daily/yumupdate.sh" removeConflictingCronFile := true _, err := os.Stat(conflictingCronFile) From 1e9a10a4ab9f869904d4bb76001060c3006c1546 Mon Sep 17 00:00:00 2001 From: Elio Bischof Date: Mon, 27 Jun 2022 17:35:11 +0200 Subject: [PATCH 2/3] fix: gpg disable order --- internal/operator/nodeagent/dep/package-manager-init.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/internal/operator/nodeagent/dep/package-manager-init.go b/internal/operator/nodeagent/dep/package-manager-init.go index abeaa4944..75d5bd136 100644 --- a/internal/operator/nodeagent/dep/package-manager-init.go +++ b/internal/operator/nodeagent/dep/package-manager-init.go @@ -32,6 +32,10 @@ func (p *PackageManager) debSpecificInit() error { func (p *PackageManager) remSpecificInit() error { + if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil { + return err + } + return p.rembasedInstall( &Software{Package: "yum-utils"}, &Software{Package: "yum-plugin-versionlock"}, @@ -52,10 +56,6 @@ func (p *PackageManager) remSpecificDisableGPGRepoCheckForGcloudRepo() error { func (p *PackageManager) remSpecificUpdatePackages() error { - if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil { - return err - } - conflictingCronFile := "/etc/cron.daily/yumupdate.sh" removeConflictingCronFile := true _, err := os.Stat(conflictingCronFile) From c1adaf69e57bc2966b1c88e9799615f4d171326c Mon Sep 17 00:00:00 2001 From: Elio Bischof Date: Tue, 28 Jun 2022 13:42:48 +0200 Subject: [PATCH 3/3] fix: disable gpg repo check for update and init --- internal/operator/nodeagent/dep/package-manager-init.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/operator/nodeagent/dep/package-manager-init.go b/internal/operator/nodeagent/dep/package-manager-init.go index 75d5bd136..939641c12 100644 --- a/internal/operator/nodeagent/dep/package-manager-init.go +++ b/internal/operator/nodeagent/dep/package-manager-init.go @@ -56,6 +56,10 @@ func (p *PackageManager) remSpecificDisableGPGRepoCheckForGcloudRepo() error { func (p *PackageManager) remSpecificUpdatePackages() error { + if err := p.remSpecificDisableGPGRepoCheckForGcloudRepo(); err != nil { + return err + } + conflictingCronFile := "/etc/cron.daily/yumupdate.sh" removeConflictingCronFile := true _, err := os.Stat(conflictingCronFile)