keith-turner commented on a change in pull request #411:
URL: https://github.com/apache/fluo-muchos/pull/411#discussion_r722409743
##########
File path: ansible/roles/common/tasks/main.yml
##########
@@ -21,6 +21,13 @@
retries: 10
delay: 15
until: epelresult is not failed
+# Update ca-certificates to ensure that CA certificates are new enough
+# to support SSL verification against websites used to download software
+- name: "update ca-certificates package to latest version"
+ yum:
+ name: 'ca-certificates*'
Review comment:
> On CentOS 7.5, ca-certificates appears like it would be enough.
Since Muchos is targeting centos, seems like if it could be more narrow that
would be good.
> Note that it will only update and not install any new packages if the
wildcard matches multiple.
I did not realize that. Seems like that makes it pretty safe for any cases
I can think of, but with something like this I would err on the side of caution.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
