Install CentOS7's OpenSSL 1.0.2 package on CentOS6 to resolve certificate issues

[sxa]

Fixes #2342

Checklist

• commit message has one of the standard prefixes
• faq.md updated if appropriate
• other documentation is changed or added (if applicable)
• playbook changes run through VPC or QPC (if you have access)
• for inventory.yml changes, bastillion/nagios/jenkins updated accordingly

[sxa]

CentOS6 playbook check has passed :-)

[sxa]

I'd really prefer not to do this, but since CentOS6 is out of support and it seems that it is not possible for this to work without OpenSSL 1.0.2, pulling the packages from CentOS7 seems a safe option and appears to work.

NOTE: Which this works for creating the docker build image, it does NOT pass in VagrantPlaybookCheck, possibly due to the presence of some 32-bit openssl packages. That should NOT block the merging of this (since things are even more broken just now) but should be addressed subsequently...

[jerboaa]

This seems a very ugly hack. But I guess that's better than a broken build. An update to CentOS 7 for the docker build containers needs to be considered.

[sxa]

This seems a very ugly hack. But I guess that's better than a broken build.

My thoughts exactly :-) But at least it's a documented, repeatable and visible hack that should not have any effect on the contents of the Temurin builds.

An update to CentOS 7 for the docker build containers needs to be considered.

The issue with that is, of course, that without putting in the older libraries somewhere you're going to end up on a dependency on later versions of glibc etc. and given how close we are to the next release I really don't want to be even considering that right now.

[jerboaa]

An update to CentOS 7 for the docker build containers needs to be considered.

The issue with that is, of course, that without putting in the older libraries somewhere you're going to end up on a dependency on later versions of glibc etc. and given how close we are to the next release I really don't want to be even considering that right now.

Yes understood. It should be discussed on the PMC for the January releases, though.

[sxa]

Solaris failure is being addressed elsewhere. Merging in the absence of any major objections (This was also circulated to #infrastructure last night) and I've raised #2351 to get VPC fixed.