Description of problem:
If a customer wants to install any package on top of Jenkins image, it will try to enable htb repository but OpenShift Dedicate node does not allow that. Therefore, build process fail.
In order to avoid this, a client should disable the htb repository before installing any package in Dockerfile. Can we disable the repository when the image built?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.oc project test
2.git clone https://github.com/Jooho/jenkins-test-dockerbuild.git;cd jenkins-test-test-dockerbuild
3.oc new-build .
Installing : epel-release-7-11.noarch 1/1https://cdn.redhat.com/content/htb/rhel/server/7/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden
Trying other mirror.
To address this issue please refer to the below knowledge base article
Build successfully without any issues.
Justin or Brenton do you have any idea where this repo is coming from? Our dockerfile does not install or enable it. Nor do i see it in /etc/yum.repos.d for the image.
I'd bet anything this is an artifact from the base image or something the build system is injecting automatically.
Can you attempt to recreate this using a different FROM image, such as the "rhel7" base image? We are trying to determine if the issue is really specific to the Jenkins image since nothing in the jenkins image references the htb repository.
If I pull the current image, the only repo file is /etc/yum.conf.d/redhat.repo - which is as it should be. I'm guessing you can bypass this by disabling the subscription-manager plugin.
Can you try using --disableplugin='*' on your yum operation?
it occurs the same errors even if I change FROM image so I bet the repos are enabled by something else like host repos.
From this doc, I understand a subscription of host will be loaded to containter but I am still wondering where those repositories are coming from. I feel those repos are default one if we don't specify.(guess).
*** Bug 1330852 has been marked as a duplicate of this bug. ***
My understanding is that the resolution to this is to have the HTB repos disabled on the dedicated nodes. We can't fix this, tickets need to be opened w/ the ops team to get the repos disabled.