[FOLIO-3307] Vagrant version updates failing Created: 04/Oct/21 Updated: 05/Oct/21 Resolved: 05/Oct/21 |
|
| Status: | Closed |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | TBD |
| Reporter: | Wayne Schneider | Assignee: | Wayne Schneider |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||
| Sprint: | DevOps Sprint 124 | ||||||||
| Development Team: | FOLIO DevOps | ||||||||
| Description |
|
After Vagrant box builds, the Jenkins job is unable to update the version on Vagrant Cloud, with this error: curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. Something may have changed with Vagrant Cloud's certificate. The server that runs the packer builds for Vagrant boxes is still Ubuntu 16.04, so it is not getting maintenance updates (i.e. no new ca-certificates package). In the short term, we can turn off certificate checking for this part of the job. Long term, we should upgrade the server. |
| Comments |
| Comment by Wayne Schneider [ 05/Oct/21 ] |
|
Turning off certificate checking takes care of the problem for now. Cherry-picked the fix into the r2-2021-release branch |