Skip to content

Commit 497caf0

Browse files
committed
Fix opensuse trusted certificates
There's a bug[1] with the combination of the p11-kit and ca-certificates-mozilla packages available on the latest built opensuse-15 node in nodepool (which has not been rebuilt for weeks due to a separate issue[2]) which causes the standard CA bundle to not be installed correctly and causes jobs that call to external HTTPS services to fail. Upgrading both packages in sync fixes the issue. [1] https://bugzilla.suse.com/show_bug.cgi?id=1154871 [2] http://bugzilla.suse.com/show_bug.cgi?id=1166139 Change-Id: Ia8fdfe12fd9089e178adcb2b5eec997eebada262 Needed-by: https://review.opendev.org/713566
1 parent f4ab2ce commit 497caf0

1 file changed

Lines changed: 5 additions & 0 deletions

File tree

tools/fixup_stuff.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -200,6 +200,11 @@ function fixup_suse {
200200
# have been dragged in by some other system dependency
201201
sudo rm -rf /usr/lib/python3.6/site-packages/ply-*.egg-info
202202
sudo rm -rf /usr/lib/python3.6/site-packages/six-*.egg-info
203+
204+
# Ensure trusted CA certificates are up to date
205+
# See https://bugzilla.suse.com/show_bug.cgi?id=1154871
206+
# May be removed once a new opensuse-15 image is available in nodepool
207+
sudo zypper up -y p11-kit ca-certificates-mozilla
203208
}
204209

205210
# The version of pip(1.5.4) supported by python-virtualenv(1.11.4) has

0 commit comments

Comments
 (0)