Run c_rehash to work around openssl rehash issue on focal/armhf. #848
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As discussed in https://discourse.ros.org/t/ssl-failure-in-buildfarm-jobs-ros1/18304/3 there is an issue with Ubuntu 20.04 armhf when being run on an amd64 20.04 host via qemu which is interfering with openssl-rehash. Until the cause is identified we're invoking c_rehash explicitly as the last step before cache invalidation when the build environment is 20.04 on armhf.
Just kind of throwing this in after git is installed since that brings curl brings ca-certificates.
cottsay
approved these changes
Jan 13, 2021
There was a problem hiding this comment.
I'm not sure that the conditional logic is really needed - rehashing the certificates should be OK to do on a working image as well. I'm fine with it though.
I know that our farm doesn't run any sourcedeb jobs on these workers, but I'm not sure what mechanism we're using to enforce that. Probably not even worth looking into.
sourcedeb jobs run on agents with the |
|
This pull request has been mentioned on ROS Discourse. There might be relevant details there: https://discourse.ros.org/t/ssl-failure-in-buildfarm-jobs-ros1/18304/4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As discussed in
https://discourse.ros.org/t/ssl-failure-in-buildfarm-jobs-ros1/18304/3
there is an issue with Ubuntu 20.04 armhf when being run on an amd64
20.04 host via qemu which is interfering with openssl-rehash.
Until the cause is identified we're invoking c_rehash explicitly as the
last step before cache invalidation when the build environment is 20.04
on armhf.
On a local test using the script generated with
generate_release_script.py https://raw.githubusercontent.com/ros-infrastructure/ros_buildfarm_config/production/index.yaml noetic ufhf geometry_msgs ubuntu focal armhf > /tmp/geom.shI was able to get past the SSL issue shown on the buildfarm and confirmed with a local run before modification. But I then got a weird compiler issue when actually building the deb which didn't seem related but that I also didn't bother to triage deeply. So far as I can tell this is enough to get these packages operational.
@cottsay when examining the template files I saw that the binarydeb task file as opposed to the generate file didn't have the rehash workaround so I threw on an additional commit adding it. But it made no difference for me locally.