On Wed, Jul 03, 2024 at 04:09:48PM +0100, Andrew Cooper wrote: > On 03/07/2024 3:55 pm, Roger Pau Monné wrote: > > On Wed, Jul 03, 2024 at 03:20:02PM +0100, Andrew Cooper wrote: > >> CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo > >> configuration > >> points at URLs which have become non-existent. > >> > >> First, start by using a heredoc RUN for legibility. It's important to use > >> `set -e` to offset the fact that we're no longer chaining every command > >> together with an &&. > >> > >> Also, because we're using a single RUN command to perform all RPM > >> operations, > >> we no longer need to work around the OverlayFS bug. > >> > >> Adjust the CentOS-*.repo files to point at vault.centos.org. > >> > >> Take the opportunity to split the Xen deps from Tools deps, and to adjust > >> the > >> other packages we use: > >> > >> * We need bzip2-devel for the dombuilder, not just bzip2. > >> * zstd-devel is another optional dependency since the last time this > >> package > >> list was refreshed. > >> * openssl-devel hasn't been a dependency since Xen 4.6. > >> * We long ago ceased being able to build Qemu and SeaBIOS in this > >> container, > >> so drop their dependencies too. > >> > >> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> > > Acked-by: Roger Pau Monné <roiger....@citrix.com> > > Thanks. > > > > >> --- > >> CC: Anthony PERARD <anthony.per...@vates.tech> > >> CC: Stefano Stabellini <sstabell...@kernel.org> > >> CC: Doug Goldstein <car...@cardoe.com> > >> CC: Roger Pau Monné <roger....@citrix.com> > >> CC: Oleksii Kurochko <oleksii.kuroc...@gmail.com> > >> --- > >> automation/build/centos/7.dockerfile | 70 +++++++++++++++------------- > >> 1 file changed, 37 insertions(+), 33 deletions(-) > >> > >> diff --git a/automation/build/centos/7.dockerfile > >> b/automation/build/centos/7.dockerfile > >> index 657550f308bb..9e66d72a5bd5 100644 > >> --- a/automation/build/centos/7.dockerfile > >> +++ b/automation/build/centos/7.dockerfile > >> @@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \ > >> RUN mkdir /build > >> WORKDIR /build > >> > >> -# work around https://github.com/moby/moby/issues/10180 > >> -# and add EPEL for dev86 > >> -RUN rpm --rebuilddb && \ > >> - yum -y install \ > >> - yum-plugin-ovl \ > >> - epel-release \ > >> - && yum clean all && \ > >> - rm -rf /var/cache/yum > >> +RUN <<EOF > >> + set -e > >> + > >> + # Fix up Yum config now that mirror.centos.org doesn't exist > >> + sed -e 's/mirror.centos.org/vault.centos.org/g' \ > >> + -e 's/^#.*baseurl=https\?/baseurl=https/g' \ > >> + -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \ > > Why do you also need to uncomment baseurl and comment mirrorlist? > > Isn't baseurl already enabled, and having extra mirrorlist won't harm > > as it's just extra location to search for packages? (IOW: even if they > > don't exist it shouldn't be an issue). > > It appears that having an uncontactable mirror list, as opposed to no > mirror list, is fatal. > > I didn't end up with this because I like the look of the sed expression.
I wouldn't mind a comment to note the above, but it might be obvious for people more familiar to yum than myself, hence no strong request. Thanks, Roger.
