Offline deployment does not work if repos have never been synced

[AdamWill]

This is kind of a dnf problem, I guess, but I suspect dnf would just say 'don't do that', so.

If you install Fedora Server (24, but I don't think it matters) without any repository connection, ensuring to install the necessary packages (@freeipa-server), then on the installed system try to do rolectl deploy domaincontroller/some.domain, it fails because dnf fails: dnf fails with Error: Failed to synchronize cache for repo 'somerepo' and rolekit is set to die in that case. It seems dnf will always try to refresh the metadata, even if you're just telling it to install some packages that are already installed.

I hit this because I'm working on openQA FreeIPA testing and so far I haven't figured out the masquerading to give the openvswitch network access to the outside world (so the server and client test boxes can see each other and the host, but they can't see anything else)...but it seems like a genuine case to consider.

[sgallagher]

I don't know, this seems pretty "edge-case" to me. I mean, it's pretty unrealistic to expect in a real-world environment that the system won't have access to at least a local package mirror. Rolekit is meant to set up externally-visible network services, so having a functional network doesn't seem like a tremendously unrealistic prerequisite.

[AdamWill]

OK. Well, I can probably work around it somehow with a fake local repository or something (disabling all repositories doesn't work because then dnf complains that there are no enabled repositories).

[AdamWill]

for the record, it proved intractably difficult to get dnf to just accept that the packages were installed and exit successfully without a repository with comps, so I gave up on this approach and decided to deal with the extra complexity of NATing the workers out to the wider network...