Skip to content
This repository was archived by the owner on May 30, 2023. It is now read-only.

profiles: force to use ssl USE flag for wget#444

Merged
dongsupark merged 1 commit intoflatcar-masterfrom
dongsu/wget-force-ssl
Jun 25, 2020
Merged

profiles: force to use ssl USE flag for wget#444
dongsupark merged 1 commit intoflatcar-masterfrom
dongsu/wget-force-ssl

Conversation

@dongsupark
Copy link
Copy Markdown
Contributor

@dongsupark dongsupark commented Jun 25, 2020
edited
Loading

When catalyst tries to fetch a file via https, wget sometimes fails to do so, with the following messages:

https://www.kernel.org/pub/software/scm/git/git-2.24.1.tar.xz: HTTPS
support not compiled in.
!!! Couldn't download 'git-2.24.1.tar.xz'. Aborting.

That probably happens because wget in some catalyst stages are compiled without ssl USE flag.
If a catalyst stage is lucky enough to rebuild wget with ssl before actually fetching a file, it would work well.
Though if not, it would fail.
It is not deterministic, and hard to reproduce.

So backport the fix from upstream Gentoo, for both amd64 and arm64.
By setting ssl for wget in package.use.force, it is now not possible to disable ssl for wget.

More details: https://bugs.gentoo.org/611072

profiles: force to use ssl USE flag for wget
517e23e 
When catalyst tries to fetch a file via https, wget sometimes fails
to do so, with the following messages:

```
https://www.kernel.org/pub/software/scm/git/git-2.24.1.tar.xz: HTTPS
support not compiled in.
!!! Couldn't download 'git-2.24.1.tar.xz'. Aborting.
```

That probably happens because wget in some catalyst stages are compiled
without `ssl` USE flag. If a catalyst stage is lucky enough to rebuild
wget with `ssl` before actually fetching a file, it would work well.
Though if not, it would fail. It is not deterministic, and hard to
reproduce.

So backport the fix from upstream Gentoo,
gentoo/gentoo@d141380b915d , for both amd64
and arm64. By setting `ssl` for wget in `package.use.force`, it is now
not possible to disable `ssl` for wget.

More details: https://bugs.gentoo.org/611072
@dongsupark dongsupark requested a review from a team June 25, 2020 12:23
@pothos
Copy link
Copy Markdown
Contributor

pothos commented Jun 25, 2020

Will it be enabled in stage1 and does it mean that we can remove https://github.com/flatcar-linux/scripts/blob/flatcar-master/bootstrap_sdk#L57?

@dongsupark
Copy link
Copy Markdown
Contributor Author

dongsupark commented Jun 25, 2020

Yeah, I think so, we can probably remove the hack in bootstrap_sdk.

Anyway I would prefer to change those gradually.
First enable ssl for wget.
Then go through several Jenkins runs with that change.
If there is no wget error like @sayanchowdhury has seen, and there is no regression, then remove the hack in bootstrap_sdk.

@dongsupark dongsupark merged commit e92dc8d into flatcar-master Jun 25, 2020
@dongsupark dongsupark deleted the dongsu/wget-force-ssl branch June 25, 2020 14:32
@dongsupark
Copy link
Copy Markdown
Contributor Author

dongsupark commented Jun 25, 2020

cherry-picked to beta, alpha, and edge.

@dongsupark dongsupark mentioned this pull request Jun 26, 2020
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@sayanchowdhury sayanchowdhury sayanchowdhury approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

alpha beta bug Something isn't working edge stable

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dongsupark @pothos @sayanchowdhury @vbatts