From e5790650a1d321cc0d18dd1c4b58f24a9fb59c33 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Wed, 3 Nov 2021 07:20:00 +0100 Subject: [PATCH] profiles: add ssl USE flag to make libcurl fetch from https:// Now that Github rejects access to an unauthenticated URL with `git://`, we have to make git and libcurl work with `https://`. However, during the SDK stage2, curl is not explicitly installed, but just inherited from the stage1. As a result, curl is built without the `ssl` USE flag. So installation of baselayout fails with: ``` git fetch https://github.com/flatcar-linux/baselayout.git --prune +HEAD:refs/git-r3/HEAD fatal: unable to access 'https://github.com/flatcar-linux/baselayout.git/': Protocol "https" not supported or disabled in libcurl ``` To resolve the issue, we need to install curl with `BOOTSTRAP_USE=ssl` before trying to install baselayout. Also we need to set `CURL_SSL=openssl` as required by curl. Using a USE_EXPAND variable `curl_ssl_openssl` in `BOOTSTRAP_USE`, we can specify the correct `CURL_SSL` variable in curl. --- .../coreos-overlay/profiles/coreos/base/make.defaults | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/make.defaults b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/make.defaults index 83d92968a5..be0aea6853 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/make.defaults +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/make.defaults @@ -37,6 +37,9 @@ BOOTSTRAP_USE="${BOOTSTRAP_USE} curl" # Add `minimal` useflag to prevent texinfo to pull dev-lang/perl with not required set of dependencies. BOOTSTRAP_USE="${BOOTSTRAP_USE} minimal" +# Add `ssl` USE flag to make libcurl capable of fetching from https URLs. +BOOTSTRAP_USE="${BOOTSTRAP_USE} curl_ssl_openssl ssl" + # Set SELinux policy POLICY_TYPES="targeted mcs mls"