CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo configuration
points at URLs which have become non-existent.
First, start by using a heredoc RUN for legibility. It's important to use
`set -e` to offset the fact that we're no longer chaining every command
together with an &&.
Also, because we're using a single RUN command to perform all RPM operations,
we no longer need to work around the OverlayFS bug.
Adjust the CentOS-*.repo files to point at vault.centos.org.
Take the opportunity to split the Xen deps from Tools deps, and to adjust the
other packages we use:
* We need bzip2-devel for the dombuilder, not just bzip2.
* zstd-devel is another optional dependency since the last time this package
list was refreshed.
* openssl-devel hasn't been a dependency since Xen 4.6.
* We long ago ceased being able to build Qemu and SeaBIOS in this container,
so drop their dependencies too.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Anthony PERARD <anthony.perard@vates.tech>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Doug Goldstein <cardoe@cardoe.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Oleksii Kurochko <oleksii.kurochko@gmail.com>
---
automation/build/centos/7.dockerfile | 70 +++++++++++++++-------------
1 file changed, 37 insertions(+), 33 deletions(-)
diff --git a/automation/build/centos/7.dockerfile b/automation/build/centos/7.dockerfile
index 657550f308bb..9e66d72a5bd5 100644
--- a/automation/build/centos/7.dockerfile
+++ b/automation/build/centos/7.dockerfile
@@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \
RUN mkdir /build
WORKDIR /build
-# work around https://github.com/moby/moby/issues/10180
-# and add EPEL for dev86
-RUN rpm --rebuilddb && \
- yum -y install \
- yum-plugin-ovl \
- epel-release \
- && yum clean all && \
- rm -rf /var/cache/yum
+RUN <<EOF
+ set -e
+
+ # Fix up Yum config now that mirror.centos.org doesn't exist
+ sed -e 's/mirror.centos.org/vault.centos.org/g' \
+ -e 's/^#.*baseurl=https\?/baseurl=https/g' \
+ -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \
+ -i /etc/yum.repos.d/*.repo
+
+ # Add the EPEL repo to get dev86
+ yum -y install epel-release
+
+ yum -y update
-# install Xen depends
-RUN yum -y update \
- && yum -y install \
+ # Xen deps
+ yum -y install \
+ bison \
+ binutils \
+ checkpolicy \
+ flex \
gcc \
+ make \
+
+ # Tools/stubdom/docs deps
+ yum -y install \
+ acpica-tools \
+ bzip2-devel \
+ dev86 \
gcc-c++ \
- ncurses-devel \
- zlib-devel \
- openssl-devel \
- python-devel \
+ git \
libuuid-devel \
+ ncurses-devel \
+ patch \
pkgconfig \
- flex \
- bison \
- libaio-devel \
- glib2-devel \
- yajl-devel \
- pixman-devel \
- glibc-devel \
- make \
- binutils \
- git \
- wget \
- acpica-tools \
+ python-devel \
python-markdown \
- patch \
- checkpolicy \
- dev86 \
+ wget \
xz-devel \
- bzip2 \
- nasm \
- && yum clean all && \
+ yajl-devel \
+ zlib-devel \
+ zstd-devel \
+
+ yum clean all
rm -rf /var/cache/yum
+EOF
--
2.39.2
On Wed, 2024-07-03 at 15:20 +0100, Andrew Cooper wrote: > CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo > configuration > points at URLs which have become non-existent. > > First, start by using a heredoc RUN for legibility. It's important > to use > `set -e` to offset the fact that we're no longer chaining every > command > together with an &&. > > Also, because we're using a single RUN command to perform all RPM > operations, > we no longer need to work around the OverlayFS bug. > > Adjust the CentOS-*.repo files to point at vault.centos.org. > > Take the opportunity to split the Xen deps from Tools deps, and to > adjust the > other packages we use: > > * We need bzip2-devel for the dombuilder, not just bzip2. > * zstd-devel is another optional dependency since the last time this > package > list was refreshed. > * openssl-devel hasn't been a dependency since Xen 4.6. > * We long ago ceased being able to build Qemu and SeaBIOS in this > container, > so drop their dependencies too. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > --- > CC: Anthony PERARD <anthony.perard@vates.tech> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Doug Goldstein <cardoe@cardoe.com> > CC: Roger Pau Monné <roger.pau@citrix.com> > CC: Oleksii Kurochko <oleksii.kurochko@gmail.com> Release-Acked-by: Oleksii Kurochko <oleksii.kurochko@gmail.com> ~ Oleksii > --- > automation/build/centos/7.dockerfile | 70 +++++++++++++++----------- > -- > 1 file changed, 37 insertions(+), 33 deletions(-) > > diff --git a/automation/build/centos/7.dockerfile > b/automation/build/centos/7.dockerfile > index 657550f308bb..9e66d72a5bd5 100644 > --- a/automation/build/centos/7.dockerfile > +++ b/automation/build/centos/7.dockerfile > @@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \ > RUN mkdir /build > WORKDIR /build > > -# work around https://github.com/moby/moby/issues/10180 > -# and add EPEL for dev86 > -RUN rpm --rebuilddb && \ > - yum -y install \ > - yum-plugin-ovl \ > - epel-release \ > - && yum clean all && \ > - rm -rf /var/cache/yum > +RUN <<EOF > + set -e > + > + # Fix up Yum config now that mirror.centos.org doesn't exist > + sed -e 's/mirror.centos.org/vault.centos.org/g' \ > + -e 's/^#.*baseurl=https\?/baseurl=https/g' \ > + -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \ > + -i /etc/yum.repos.d/*.repo > + > + # Add the EPEL repo to get dev86 > + yum -y install epel-release > + > + yum -y update > > -# install Xen depends > -RUN yum -y update \ > - && yum -y install \ > + # Xen deps > + yum -y install \ > + bison \ > + binutils \ > + checkpolicy \ > + flex \ > gcc \ > + make \ > + > + # Tools/stubdom/docs deps > + yum -y install \ > + acpica-tools \ > + bzip2-devel \ > + dev86 \ > gcc-c++ \ > - ncurses-devel \ > - zlib-devel \ > - openssl-devel \ > - python-devel \ > + git \ > libuuid-devel \ > + ncurses-devel \ > + patch \ > pkgconfig \ > - flex \ > - bison \ > - libaio-devel \ > - glib2-devel \ > - yajl-devel \ > - pixman-devel \ > - glibc-devel \ > - make \ > - binutils \ > - git \ > - wget \ > - acpica-tools \ > + python-devel \ > python-markdown \ > - patch \ > - checkpolicy \ > - dev86 \ > + wget \ > xz-devel \ > - bzip2 \ > - nasm \ > - && yum clean all && \ > + yajl-devel \ > + zlib-devel \ > + zstd-devel \ > + > + yum clean all > rm -rf /var/cache/yum > +EOF
On Wed, Jul 03, 2024 at 03:20:02PM +0100, Andrew Cooper wrote: > CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo configuration > points at URLs which have become non-existent. > > First, start by using a heredoc RUN for legibility. It's important to use > `set -e` to offset the fact that we're no longer chaining every command > together with an &&. > > Also, because we're using a single RUN command to perform all RPM operations, > we no longer need to work around the OverlayFS bug. > > Adjust the CentOS-*.repo files to point at vault.centos.org. > > Take the opportunity to split the Xen deps from Tools deps, and to adjust the > other packages we use: > > * We need bzip2-devel for the dombuilder, not just bzip2. > * zstd-devel is another optional dependency since the last time this package > list was refreshed. > * openssl-devel hasn't been a dependency since Xen 4.6. > * We long ago ceased being able to build Qemu and SeaBIOS in this container, > so drop their dependencies too. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Roger Pau Monné <roiger.pau@citrix.com> > --- > CC: Anthony PERARD <anthony.perard@vates.tech> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Doug Goldstein <cardoe@cardoe.com> > CC: Roger Pau Monné <roger.pau@citrix.com> > CC: Oleksii Kurochko <oleksii.kurochko@gmail.com> > --- > automation/build/centos/7.dockerfile | 70 +++++++++++++++------------- > 1 file changed, 37 insertions(+), 33 deletions(-) > > diff --git a/automation/build/centos/7.dockerfile b/automation/build/centos/7.dockerfile > index 657550f308bb..9e66d72a5bd5 100644 > --- a/automation/build/centos/7.dockerfile > +++ b/automation/build/centos/7.dockerfile > @@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \ > RUN mkdir /build > WORKDIR /build > > -# work around https://github.com/moby/moby/issues/10180 > -# and add EPEL for dev86 > -RUN rpm --rebuilddb && \ > - yum -y install \ > - yum-plugin-ovl \ > - epel-release \ > - && yum clean all && \ > - rm -rf /var/cache/yum > +RUN <<EOF > + set -e > + > + # Fix up Yum config now that mirror.centos.org doesn't exist > + sed -e 's/mirror.centos.org/vault.centos.org/g' \ > + -e 's/^#.*baseurl=https\?/baseurl=https/g' \ > + -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \ Why do you also need to uncomment baseurl and comment mirrorlist? Isn't baseurl already enabled, and having extra mirrorlist won't harm as it's just extra location to search for packages? (IOW: even if they don't exist it shouldn't be an issue). Thanks, Roger.
On 03/07/2024 3:55 pm, Roger Pau Monné wrote: > On Wed, Jul 03, 2024 at 03:20:02PM +0100, Andrew Cooper wrote: >> CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo configuration >> points at URLs which have become non-existent. >> >> First, start by using a heredoc RUN for legibility. It's important to use >> `set -e` to offset the fact that we're no longer chaining every command >> together with an &&. >> >> Also, because we're using a single RUN command to perform all RPM operations, >> we no longer need to work around the OverlayFS bug. >> >> Adjust the CentOS-*.repo files to point at vault.centos.org. >> >> Take the opportunity to split the Xen deps from Tools deps, and to adjust the >> other packages we use: >> >> * We need bzip2-devel for the dombuilder, not just bzip2. >> * zstd-devel is another optional dependency since the last time this package >> list was refreshed. >> * openssl-devel hasn't been a dependency since Xen 4.6. >> * We long ago ceased being able to build Qemu and SeaBIOS in this container, >> so drop their dependencies too. >> >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > Acked-by: Roger Pau Monné <roiger.pau@citrix.com> Thanks. > >> --- >> CC: Anthony PERARD <anthony.perard@vates.tech> >> CC: Stefano Stabellini <sstabellini@kernel.org> >> CC: Doug Goldstein <cardoe@cardoe.com> >> CC: Roger Pau Monné <roger.pau@citrix.com> >> CC: Oleksii Kurochko <oleksii.kurochko@gmail.com> >> --- >> automation/build/centos/7.dockerfile | 70 +++++++++++++++------------- >> 1 file changed, 37 insertions(+), 33 deletions(-) >> >> diff --git a/automation/build/centos/7.dockerfile b/automation/build/centos/7.dockerfile >> index 657550f308bb..9e66d72a5bd5 100644 >> --- a/automation/build/centos/7.dockerfile >> +++ b/automation/build/centos/7.dockerfile >> @@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \ >> RUN mkdir /build >> WORKDIR /build >> >> -# work around https://github.com/moby/moby/issues/10180 >> -# and add EPEL for dev86 >> -RUN rpm --rebuilddb && \ >> - yum -y install \ >> - yum-plugin-ovl \ >> - epel-release \ >> - && yum clean all && \ >> - rm -rf /var/cache/yum >> +RUN <<EOF >> + set -e >> + >> + # Fix up Yum config now that mirror.centos.org doesn't exist >> + sed -e 's/mirror.centos.org/vault.centos.org/g' \ >> + -e 's/^#.*baseurl=https\?/baseurl=https/g' \ >> + -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \ > Why do you also need to uncomment baseurl and comment mirrorlist? > Isn't baseurl already enabled, and having extra mirrorlist won't harm > as it's just extra location to search for packages? (IOW: even if they > don't exist it shouldn't be an issue). It appears that having an uncontactable mirror list, as opposed to no mirror list, is fatal. I didn't end up with this because I like the look of the sed expression. ~Andrew
On Wed, Jul 03, 2024 at 04:09:48PM +0100, Andrew Cooper wrote: > On 03/07/2024 3:55 pm, Roger Pau Monné wrote: > > On Wed, Jul 03, 2024 at 03:20:02PM +0100, Andrew Cooper wrote: > >> CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo configuration > >> points at URLs which have become non-existent. > >> > >> First, start by using a heredoc RUN for legibility. It's important to use > >> `set -e` to offset the fact that we're no longer chaining every command > >> together with an &&. > >> > >> Also, because we're using a single RUN command to perform all RPM operations, > >> we no longer need to work around the OverlayFS bug. > >> > >> Adjust the CentOS-*.repo files to point at vault.centos.org. > >> > >> Take the opportunity to split the Xen deps from Tools deps, and to adjust the > >> other packages we use: > >> > >> * We need bzip2-devel for the dombuilder, not just bzip2. > >> * zstd-devel is another optional dependency since the last time this package > >> list was refreshed. > >> * openssl-devel hasn't been a dependency since Xen 4.6. > >> * We long ago ceased being able to build Qemu and SeaBIOS in this container, > >> so drop their dependencies too. > >> > >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > > Acked-by: Roger Pau Monné <roiger.pau@citrix.com> > > Thanks. > > > > >> --- > >> CC: Anthony PERARD <anthony.perard@vates.tech> > >> CC: Stefano Stabellini <sstabellini@kernel.org> > >> CC: Doug Goldstein <cardoe@cardoe.com> > >> CC: Roger Pau Monné <roger.pau@citrix.com> > >> CC: Oleksii Kurochko <oleksii.kurochko@gmail.com> > >> --- > >> automation/build/centos/7.dockerfile | 70 +++++++++++++++------------- > >> 1 file changed, 37 insertions(+), 33 deletions(-) > >> > >> diff --git a/automation/build/centos/7.dockerfile b/automation/build/centos/7.dockerfile > >> index 657550f308bb..9e66d72a5bd5 100644 > >> --- a/automation/build/centos/7.dockerfile > >> +++ b/automation/build/centos/7.dockerfile > >> @@ -6,44 +6,48 @@ LABEL maintainer.name="The Xen Project" \ > >> RUN mkdir /build > >> WORKDIR /build > >> > >> -# work around https://github.com/moby/moby/issues/10180 > >> -# and add EPEL for dev86 > >> -RUN rpm --rebuilddb && \ > >> - yum -y install \ > >> - yum-plugin-ovl \ > >> - epel-release \ > >> - && yum clean all && \ > >> - rm -rf /var/cache/yum > >> +RUN <<EOF > >> + set -e > >> + > >> + # Fix up Yum config now that mirror.centos.org doesn't exist > >> + sed -e 's/mirror.centos.org/vault.centos.org/g' \ > >> + -e 's/^#.*baseurl=https\?/baseurl=https/g' \ > >> + -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \ > > Why do you also need to uncomment baseurl and comment mirrorlist? > > Isn't baseurl already enabled, and having extra mirrorlist won't harm > > as it's just extra location to search for packages? (IOW: even if they > > don't exist it shouldn't be an issue). > > It appears that having an uncontactable mirror list, as opposed to no > mirror list, is fatal. > > I didn't end up with this because I like the look of the sed expression. I wouldn't mind a comment to note the above, but it might be obvious for people more familiar to yum than myself, hence no strong request. Thanks, Roger.
On 04/07/2024 9:15 am, Roger Pau Monné wrote: > On Wed, Jul 03, 2024 at 04:09:48PM +0100, Andrew Cooper wrote: >> On 03/07/2024 3:55 pm, Roger Pau Monné wrote: >>> On Wed, Jul 03, 2024 at 03:20:02PM +0100, Andrew Cooper wrote: >>>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> >>> Acked-by: Roger Pau Monné <roiger.pau@citrix.com> >> Thanks. I've taken the liberty of correcting your email address when taking this tag. ~Andrew
CentOS 7 is fully End-of-life as of 2024-06-30, and the Yum repo configuration
points at URLs which have become non-existent.
First, start by using a heredoc RUN for legibility. It's important to use
`set -e` to offset the fact that we're no longer chaining every command
together with an &&.
Also, because we're using a single RUN command to perform all RPM operations,
we no longer need to work around the OverlayFS bug.
Adjust the CentOS-*.repo files to point at vault.centos.org. This also
involves swapping mirrorlist= for baseurl= in the yum config.
Use a minor bashism to express the dependenices more coherently, and identify
why we have certain dependencies. Some adjustments are:
* We need bzip2-devel for the dombuilder. bzip2 needs retaining stubdom or
`tar` fails to unpack the .bz2 archives.
* {lzo,lz4,ztd}-devel are new optional dependency since the last time this
package list was refreshed.
* openssl-devel hasn't been a dependency since Xen 4.6.
* We long ago ceased being able to build Qemu and SeaBIOS in this container,
so drop their dependencies too.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Roger Pau Monné <roiger.pau@citrix.com>
Release-Acked-by: Oleksii Kurochko <oleksii.kurochko@gmail.com>
---
CC: Anthony PERARD <anthony.perard@vates.tech>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Doug Goldstein <cardoe@cardoe.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Oleksii Kurochko <oleksii.kurochko@gmail.com>
v2:
* Expand on the sed required to fix the config
* Adjust the package list to actually build. Passing job:
https://gitlab.com/xen-project/people/andyhhp/xen/-/jobs/7268879932
---
automation/build/centos/7.dockerfile | 101 ++++++++++++++++-----------
1 file changed, 62 insertions(+), 39 deletions(-)
diff --git a/automation/build/centos/7.dockerfile b/automation/build/centos/7.dockerfile
index 657550f308bb..f41dda732084 100644
--- a/automation/build/centos/7.dockerfile
+++ b/automation/build/centos/7.dockerfile
@@ -6,44 +6,67 @@ LABEL maintainer.name="The Xen Project" \
RUN mkdir /build
WORKDIR /build
-# work around https://github.com/moby/moby/issues/10180
-# and add EPEL for dev86
-RUN rpm --rebuilddb && \
- yum -y install \
- yum-plugin-ovl \
- epel-release \
- && yum clean all && \
- rm -rf /var/cache/yum
+RUN <<EOF
+ set -e
+
+ # Fix up Yum config now that mirror.centos.org doesn't exist
+ sed -e 's/mirror.centos.org/vault.centos.org/g' \
+ -e 's/^#.*baseurl=https\?/baseurl=https/g' \
+ -e 's/^mirrorlist=https\?/#mirrorlist=https/g' \
+ -i /etc/yum.repos.d/*.repo
+
+ # Add the EPEL repo to get dev86
+ yum -y install epel-release
+
+ # Update everything (Base container is out of date)
+ yum -y update
+
+ DEPS=(
+ # Xen
+ binutils
+ gcc
+ make
+ python
+ # Kconfig
+ bison
+ flex
+ # Flask
+ checkpolicy
+
+ # Tools (general)
+ git
+ gzip
+ patch
+ perl
+ pkgconfig
+ wget
+ # libxenguest dombuilder
+ bzip2-devel
+ lz4-devel
+ lzo-devel
+ xz-devel
+ zlib-devel
+ zstd-devel
+ # libacpi
+ acpica-tools
+ # libxl
+ libuuid-devel
+ yajl-devel
+ # RomBIOS
+ dev86
+ # Header Check
+ gcc-c++
+ # xentop
+ ncurses-devel
+ # Python bindings
+ python-devel
+
+ # Stubdom download/extract
+ bzip2
+ )
+
+ yum -y install "${DEPS[@]}"
-# install Xen depends
-RUN yum -y update \
- && yum -y install \
- gcc \
- gcc-c++ \
- ncurses-devel \
- zlib-devel \
- openssl-devel \
- python-devel \
- libuuid-devel \
- pkgconfig \
- flex \
- bison \
- libaio-devel \
- glib2-devel \
- yajl-devel \
- pixman-devel \
- glibc-devel \
- make \
- binutils \
- git \
- wget \
- acpica-tools \
- python-markdown \
- patch \
- checkpolicy \
- dev86 \
- xz-devel \
- bzip2 \
- nasm \
- && yum clean all && \
+ yum clean all
rm -rf /var/cache/yum
+EOF
--
2.39.2
© 2016 - 2024 Red Hat, Inc.