Skip to content
Snippets Groups Projects
Commit 818034f4 authored by Alex Iribarren's avatar Alex Iribarren
Browse files

Merge branch 'gpg' into 'master' 

Set legacy crypto policy for old SHA1 keys

See merge request !230
parents 4f47f8a1 2c2bfa33
No related branches found
No related tags found
1 merge request!230Set legacy crypto policy for old SHA1 keys
Pipeline #4862255 passed
Stage: prepare
    Stage: build
      Stage: deploy_test
        Stage: deploy
          Stage: cleanup
            Hide whitespace changes
            Inline Side-by-side
            Showing
            with 4 additions and 2 deletions
            reposync/Dockerfile
            + 4
            2
            View file @ 818034f4
            FROM gitlab-registry.cern.ch/linuxsupport/alma9-base:latest
            RUN yum install -y yum-utils bc diffutils python3-requests \
            RUN yum install -y yum-utils bc diffutils python3-requests crypto-policies-scripts \
            && yum clean all
            RUN rm -rf /etc/yum.repos.d/*
            COPY gpgkeys/ /etc/pki/rpm-gpg/
            RUN find /etc/pki/rpm-gpg/ -type f -exec rpm --import {} \;
            # We still have plenty of gpg keys with SHA1 signatures, so we need the LEGACY crypto policy
            RUN update-crypto-policies --set LEGACY \
            && find /etc/pki/rpm-gpg/ -type f -exec rpm --import {} \;
            COPY *.sh /root/
            COPY *.py /root/
            COPY prod.repos.d/ /root/prod.repos.d/
            ......
            0% or .
            You are about to add 0 people to the discussion. Proceed with caution.
            Finish editing this message first!
            Please register or to comment