From e74ff3a8c5fa03edc3d4c62b88cda5a409824b07 Mon Sep 17 00:00:00 2001 From: Vincent Brillault <vincent.brillault@cern.ch> Date: Thu, 17 Dec 2020 09:47:09 +0100 Subject: [PATCH] Install CERN repo and CERN-CA-certs --- Dockerfile | 14 +++++++++----- etc/pki/rpm-gpg/RPM-GPG-KEY-cern | 28 ++++++++++++++++++++++++++++ etc/yum.repos.d/cern.repo | 9 +++++++++ 3 files changed, 46 insertions(+), 5 deletions(-) create mode 100644 etc/pki/rpm-gpg/RPM-GPG-KEY-cern create mode 100644 etc/yum.repos.d/cern.repo diff --git a/Dockerfile b/Dockerfile index ba087c8..f7027ca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,17 +4,21 @@ FROM centos/php-73-centos7 # Temporarily switch to root user to install packages USER root -# We need the z-push repo for php-awl -ADD etc/yum.repos.d/z-push.repo /etc/yum.repos.d/z-push.repo +# We need the z-push repo for php-awl and the cern repo for CERN-CA-certs +ADD etc/yum.repos.d/*.repo /etc/yum.repos.d/ +ADD etc/pki/rpm-gpg/RPM-GPG-KEY-cern /etc/pki/rpm-gpg/ -# Install PHP dependencies +# Install and CERN-CA-certs epel for PHP deps RUN yum install -y \ - epel-release + epel-release CERN-CA-certs && \ + yum clean all +# Install PHP dependencies RUN yum install -y \ rh-php73-php-imap \ rh-php73-php-xsl \ - php-awl + php-awl && \ + yum clean all # Fixes for Apache RUN yum remove -y \ diff --git a/etc/pki/rpm-gpg/RPM-GPG-KEY-cern b/etc/pki/rpm-gpg/RPM-GPG-KEY-cern new file mode 100644 index 0000000..fdedfa1 --- /dev/null +++ b/etc/pki/rpm-gpg/RPM-GPG-KEY-cern @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.2.6 (GNU/Linux) + +mQGiBEK/0MURBACv5Rm/jRnrbyocW5t43hrjFxlw/DPLTWiA16apk3P2HQQ8F6cs +EY/gmNmUf4U8KB6ncxdye/ostSBFJmVYh0YEYUxBSYM6ZFui3teVRxxXqN921jU2 +GbbWGqqlxbDqvBxDEG95pA9oSiFYalVfjxVv0hrcrAHQDW5DL2b8l48kGwCgnxs1 +iO7Z/5KRalKSJqKx70TVIUkD/2YkkHjcwp4Nt1pPlKxLaFp41cnCEGMEZVsNIQuJ +1SgHyMHKBzMWkD7QHqAeW3Sa9CDAJKoVPHZK99puF8etyUpC/HfmOIF6jwGpfG5A +S7YbqHX6vitRlQt1b1aq5K83J8Y0+8WmjZmCQY6+y2KHOPP+zHWKe5TJDeqDnN0j +sZsKA/441IF4JJTPEhvRFsPJO5WKg1zGFbxRPKvgi7+YY6pJ0VFbOMcJVMkvSZ2w +4QRD+2ets/pRxNhITHfPToMV3lhC8m1Je5fzoSvSixgH/5o9mekWWSW7Uq7U0IWA +7OD7RraJRrGxy0Tz3G+exA7svv/zn9TW/BaHFlMHoyyDHOYZmIhhBB8RAgAhBQJC +v+/uFwyAEeb+6rc8Txi4s8pfgZAf4xOTel99AgcAAAoJEF4D/eUdHgNLGCgAmwdu +KegSOBXpDe061zF8NoN6+OFiAJ9nKo+uC6xBZ9Ey550SmhFCPPA2/rRTQ0VSTiBM +aW51eCBTdXBwb3J0IChSUE0gc2lnbmluZyBrZXkgZm9yIENFUk4gTGludXggU3Vw +cG9ydCkgPGxpbnV4LnN1cHBvcnRAY2Vybi5jaD6IWgQTEQIAGgUCQr/QxQULBwMC +AQMVAgMDFgIBAh4BAheAAAoJEF4D/eUdHgNL/HsAn1ntKwRoSA9L0r8UyF7Zqn3U +79m1AJ9Y4NsSE/dlFYLfmf0+baoq7b5asIicBBMBAgAGBQJCv9DjAAoJEPy9YCiW +u335GTwEALjUQ7+cHxi0sifstCLoyRYQSu7Eas0M1UD2ZxSQNBnYsx4rDZJk9TmK +7QCzR1yRw9aixzZsRlNbed5VPxSzn89PE5m7Sx1bpl89sPgZ4BY95AL2wExyDWRp +1ON2+ztYeYtT7ZCkmeM+PBzt6RHR/jo3361faBS+qOkmpiiRWf3XiEYEExECAAYF +AkK/0WAACgkQkB/jE5N6X33DFQCgkvy1ruogu5Ibs5CzGY/ALiSJhyAAn3ygn3p/ +xrNQ8Dy5j4KfgJINoxT4iEYEEBECAAYFAkK/9CcACgkQDIloXtlLxZSiRACdG0kT +KlB4X4VBocUyxMReO9e5MvsAoIKWgcJYE8AGmRXjfIisCAzPtVX+iEYEExECAAYF +AkK/8oUACgkQtQgG0wyY/52z1ACgkkxNdhHKbEol3Kwka1tICWHMIwIAn3PWJQR0 +C1MV1+CnT8UupHzxy6J7 +=IUD3 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/etc/yum.repos.d/cern.repo b/etc/yum.repos.d/cern.repo new file mode 100644 index 0000000..e7c3c24 --- /dev/null +++ b/etc/yum.repos.d/cern.repo @@ -0,0 +1,9 @@ +[cern] +name=CentOS-7 - CERN [HEAD] +baseurl=http://linuxsoft.cern.ch//cern/centos/7/cern/x86_64 +enabled=1 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern +exclude=puppet,puppet-server,facter,mcollective*,hiera,puppet-agent +includepkgs=CERN-CA-certs +priority=10 -- GitLab