frontend/cmd: https-based repositories

cirocosta / estaleiro

building container images with bill of materials

Apache License 2.0

2 stars 0 forks source link

frontend/cmd: https-based repositories #18

Closed cirocosta closed 5 years ago

cirocosta commented 5 years ago

As ubuntu:bionic doesn't have ca-certificates by default, we end up having trouble performing any retrievals for packages that are https-based.

I've been wondering about the possibility of splitting the retrieval of the initial repository listing from the rest so that for that part, we could have ca-certificates, not polluting the rest of the process afterwards 🤔

cirocosta commented 5 years ago

As we already add some dependencies in the key additions step (which runs out-of-tree), we could perform the same for what could be a "repository setup" step that would perform not only adding extra repos (and apt updateing), but also performing the key setup 🤔

cirocosta commented 5 years ago

naturally, this would mean that we'd need to refactor estaleiro apt to do less, and apt-key to do more 😁

cirocosta commented 5 years ago

we did it!