fb_apt: Significant updates #250
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jaymzh
force-pushed
the
fb_apt_modernization
branch
from
248cd2b to
ebc93be
Compare
jaymzh
commented
Feb 3, 2025
| } | ||
| # fb_apt must be defined for this to work... | ||
| keys = FB::Apt.get_official_keyids(node).map { |id| [id, nil] }.to_h |
There was a problem hiding this comment.
this is OK because we only look at keyis in /etc/trusted.gpg now, not all keyids in /etc/trusted.gpg.d/* - as those are cleaned up separately.
jaymzh
force-pushed
the
fb_apt_modernization
branch
2 times, most recently
from
1fe7d2c to
274ae92
Compare
|
Hey @jaymzh, not sure if you saw this, but @adsr filed #241, and we ended up making an internal fork (called |
|
I had not seen it, no. But this should solve your problem without forking and in a backwards compat way |
jaymzh
force-pushed
the
fb_apt_modernization
branch
2 times, most recently
from
df41c12 to
c21c549
Compare
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 8, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 8, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 8, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 8, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 8, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 13, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
|
Got minor cookstyle nits: http://github.com/facebook/chef-cookbooks/actions/runs/13218441920/job/36900538177?pr=250 |
jaymzh
force-pushed
the
fb_apt_modernization
branch
from
c21c549 to
5e0896f
Compare
Sorry! Fixed. |
|
@dafyddcrosby has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator. |
davide125
requested changes
Feb 13, 2025
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 13, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
* Deprecate `node['fb_apt']['repos']` which was always a bad API (sorry), and replace it with `node['fb_apt']['sources']` which integrates nicely with the new `node['fb_apt']['keymap']` * Deprecate `node['fb_apt']['keys']` which was very broken on modern apt and replace it with a new `node['fb_apt']['keymap']` * Update syntax for security and update repos on modern debian and ubuntu * Remove old Ubuntu 16 cruft * Lots of cleanups and refactoring for readability Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
force-pushed
the
fb_apt_modernization
branch
from
5e0896f to
97c16fb
Compare
|
@jaymzh has updated the pull request. You must reimport the pull request before landing. |
|
@dafyddcrosby has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator. |
|
This pull request has been merged in a106940. |
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 13, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
jaymzh
added a commit
to jaymzh/chef-cookbooks
that referenced
this pull request
Feb 13, 2025
* centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in facebook#250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com>
facebook-github-bot
pushed a commit
that referenced
this pull request
Feb 14, 2025
Summary: * centos8 mirrors have moved, adjust kitchen setup accordingly. * logind can't run in containers * modern chef * Newer chef requires at least debian 11 for SSL compatability * rsyslog needs several tweaks to run in containers, added to ci_fixes * default apache config in centos points to some certs, so make those This makes everything green _except_ for debian which requires significant refactors of fb_apt, which can be found in #250, but I didn't want production-effecting stuff mixed with CI fixes Signed-off-by: Phil Dibowitz <phil@ipom.com> Pull Request resolved: #254 Differential Revision: D69275524 fbshipit-source-id: 6b6e7f0a10263d28e999f3adaa0b8c916459a604
|
@ericnorris - just curious - did you end up looking at this at all? It'd be great if you didn't have to maintain a fork. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
node['fb_apt']['repos']which was always a bad API(sorry), and replace it with
node['fb_apt']['sources']whichintegrates nicely with the new
node['fb_apt']['keymap']node['fb_apt']['keys']which was very broken on modernapt and replace it with a new
node['fb_apt']['keymap']ubuntu
Signed-off-by: Phil Dibowitz phil@ipom.com