The varnish and intel-cmt-cat v3.x packages have been flagged as insecure.
``dnf builddep collectd`` was installing the deps for the 5.8 version of
collectd from the epel repo, which included these vulnerable packages.
The build scripts for centos 8 have been updated to unstall dependencies
from opstools instead, which provide a newer version of collectd.
Change-Id: I3d2a1496e3524c4bf7bd56ecbd11e7ceeed01f01
Signed-off-by: Slawomir Strehlau <slawomir.strehlau@intel.com>
Signed-off-by: Emma Foley <efoley@redhat.com>
# For collectd
dnf install -y yum-utils
# For collectd
dnf install -y yum-utils
-dnf install -y epel-release
dnf install -y centos-release-opstools
# For CentOS 8, a lot of the dependencies are from PowerTools repo
dnf install -y 'dnf-command(config-manager)' && dnf config-manager --set-enabled powertools
dnf install -y centos-release-opstools
# For CentOS 8, a lot of the dependencies are from PowerTools repo
dnf install -y 'dnf-command(config-manager)' && dnf config-manager --set-enabled powertools
-dnf builddep -y collectd
-
-# CentOS 8 doesn't have intel-cmt-cat-devel packaged, so use the version from CentOS7
-dnf install -y http://mirror.centos.org/centos/7/os/x86_64/Packages/intel-cmt-cat-3.0.1-1.el7.x86_64.rpm \
- http://mirror.centos.org/centos/7/os/x86_64/Packages/intel-cmt-cat-devel-3.0.1-1.el7.x86_64.rpm
+# Use collectd.spec from centos-opstools to install deps since
+# ``dnf builddep -y collectd`` isn't finding collectd in centos-opstools
+dnf builddep -y https://raw.githubusercontent.com/centos-opstools/collectd/master/collectd.spec
# Install required packages
dnf -y install $(echo "
# Install required packages
dnf -y install $(echo "
# ping collectd-6
liboping-devel
# ping collectd-6
liboping-devel
-#install epel release required for git-review
-epel-release
-python3-libvirt
python3-pip
python36-devel
numactl-devel
python3-pip
python36-devel
numactl-devel
+intel-cmt-cat
+intel-cmt-cat-devel