Skip to content

Commit

Permalink
[apt] Instruct apt-get to NOT check the "Valid Until" date in Release…
Browse files Browse the repository at this point in the history
… files (sonic-net#3973)

This is an addendum to sonic-net#3958, which also instructs apt to ignore the "Valid Until" date in Release files inside the slave containers, making a complete solution, much like the previously abandoned PR sonic-net#2609. This patch also unifies file names and contents.

When the Debian team archives a repo, it stops updating the "Valid Until" date, thus apt-get will not apply updates for that repo unless we explicitly tell it to ignore the "Valid Until" date. Also, this has become an issue with active (i.e., non-archived) repos twice in the past year because the Debian folks seem to occasionally let the expiration lapse before updating the date. This will cause SONiC builds to fail with a message like E: Release file for http://debian-archive.trafficmanager.net/debian-security/dists/jessie/updates/InRelease is expired (invalid since 3d 3h 11min 20s). Updates for this repository will not be applied. until the dates have been updated and propagated to all mirrors. With this patch, SONiC should no longer be affected by lapsed "Valid Until" dates, whether they be accidental or purposeful.
  • Loading branch information
jleveque authored and pphuchar committed Mar 9, 2020
1 parent 8219e46 commit ff8d2ec
Show file tree
Hide file tree
Showing 11 changed files with 25 additions and 8 deletions.
2 changes: 1 addition & 1 deletion dockers/docker-base-stretch/Dockerfile.j2
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ COPY ["sources.list.arm64", "/etc/apt/sources.list"]
COPY ["sources.list", "/etc/apt/sources.list"]
{% endif %}
COPY ["no_install_recommend_suggest", "/etc/apt/apt.conf.d"]
COPY ["aptconf_archive_expired_release", "/etc/apt/apt.conf.d"]
COPY ["no-check-valid-until", "/etc/apt/apt.conf.d"]

# Update apt cache and
# pre-install fundamental packages
Expand Down
3 changes: 0 additions & 3 deletions dockers/docker-base-stretch/aptconf_archive_expired_release

This file was deleted.

4 changes: 4 additions & 0 deletions dockers/docker-base-stretch/no-check-valid-until
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Instruct apt-get to NOT check the "Valid Until" date in Release files
# Once the Debian team archives a repo, they stop updating this date

Acquire::Check-Valid-Until "false";
2 changes: 1 addition & 1 deletion dockers/docker-base/Dockerfile.j2
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ COPY ["dpkg_01_drop", "/etc/dpkg/dpkg.cfg.d/01_drop"]
COPY ["sources.list.armhf", "/etc/apt/sources.list"]
{% elif CONFIGURED_ARCH == "arm64" %}
COPY ["sources.list.arm64", "/etc/apt/sources.list"]
COPY ["aptconf_archive_expired_release", "/etc/apt/apt.conf.d"]
COPY ["no-check-valid-until", "/etc/apt/apt.conf.d"]
{% else %}
COPY ["sources.list", "/etc/apt/sources.list"]
{% endif %}
Expand Down
3 changes: 0 additions & 3 deletions dockers/docker-base/aptconf_archive_expired_release

This file was deleted.

4 changes: 4 additions & 0 deletions dockers/docker-base/no-check-valid-until
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Instruct apt-get to NOT check the "Valid Until" date in Release files
# Once the Debian team archives a repo, they stop updating this date

Acquire::Check-Valid-Until "false";
3 changes: 3 additions & 0 deletions files/apt/apt.conf.d/no-check-valid-until
Original file line number Diff line number Diff line change
@@ -1 +1,4 @@
# Instruct apt-get to NOT check the "Valid Until" date in Release files
# Once the Debian team archives a repo, they stop updating this date

Acquire::Check-Valid-Until "false";
2 changes: 2 additions & 0 deletions sonic-slave-jessie/Dockerfile.j2
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ FROM debian:jessie

MAINTAINER [email protected]

COPY ["no-check-valid-until", "/etc/apt/apt.conf.d/"]

## Remove retired jessie-updates repo
RUN sed -i '/http:\/\/deb.debian.org\/debian jessie-updates main/d' /etc/apt/sources.list

Expand Down
4 changes: 4 additions & 0 deletions sonic-slave-jessie/no-check-valid-until
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Instruct apt-get to NOT check the "Valid Until" date in Release files
# Once the Debian team archives a repo, they stop updating this date

Acquire::Check-Valid-Until "false";
2 changes: 2 additions & 0 deletions sonic-slave-stretch/Dockerfile.j2
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ FROM debian:stretch

MAINTAINER [email protected]

COPY ["no-check-valid-until", "/etc/apt/apt.conf.d/"]

RUN echo "deb [arch=amd64] http://debian-archive.trafficmanager.net/debian/ stretch main contrib non-free" >> /etc/apt/sources.list && \
echo "deb-src [arch=amd64] http://debian-archive.trafficmanager.net/debian/ stretch main contrib non-free" >> /etc/apt/sources.list && \
echo "deb [arch=amd64] http://debian-archive.trafficmanager.net/debian-security/ stretch/updates main contrib non-free" >> /etc/apt/sources.list && \
Expand Down
4 changes: 4 additions & 0 deletions sonic-slave-stretch/no-check-valid-until
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Instruct apt-get to NOT check the "Valid Until" date in Release files
# Once the Debian team archives a repo, they stop updating this date

Acquire::Check-Valid-Until "false";

0 comments on commit ff8d2ec

Please sign in to comment.