Browse code
Fix opensuse trusted certificates
There's a bug[1] with the combination of the p11-kit and
ca-certificates-mozilla packages available on the latest built
opensuse-15 node in nodepool (which has not been rebuilt for weeks due
to a separate issue[2]) which causes the standard CA bundle to not be
installed correctly and causes jobs that call to external HTTPS services
to fail. Upgrading both packages in sync fixes the issue.
[1] https://bugzilla.suse.com/show_bug.cgi?id=1154871
[2] http://bugzilla.suse.com/show_bug.cgi?id=1166139
Change-Id: Ia8fdfe12fd9089e178adcb2b5eec997eebada262
Needed-by: https://review.opendev.org/713566
Colleen Murphy authored on 2020/04/04 02:14:07Showing 1 changed files
| ... | ... |
@@ -200,6 +200,11 @@ function fixup_suse {
|
| 200 | 200 |
# have been dragged in by some other system dependency |
| 201 | 201 |
sudo rm -rf /usr/lib/python3.6/site-packages/ply-*.egg-info |
| 202 | 202 |
sudo rm -rf /usr/lib/python3.6/site-packages/six-*.egg-info |
| 203 |
+ |
|
| 204 |
+ # Ensure trusted CA certificates are up to date |
|
| 205 |
+ # See https://bugzilla.suse.com/show_bug.cgi?id=1154871 |
|
| 206 |
+ # May be removed once a new opensuse-15 image is available in nodepool |
|
| 207 |
+ sudo zypper up -y p11-kit ca-certificates-mozilla |
|
| 203 | 208 |
} |
| 204 | 209 |
|
| 205 | 210 |
# The version of pip(1.5.4) supported by python-virtualenv(1.11.4) has |