COS-2758: ITUP Cluster Migration - Use HTTPS where possible

[marmijo]

These commits are needed in order to migrate the RHCOS build pipeline to the new ITUP cluster. They deal with modifying our configuration to only use HTTPS where possible since the ITUP cluster restricts the use of HTTP on port 80.

@aaradhak and I have been using these commits in a fork of this repo for testing on the cluster. We've worked out most of the issues, so let's merge them now.

commit 8301c67176e71ff2c6c5236109c89a149422a592
Author: Michael Armijo <[email protected]>
Date:   Thu Jul 18 17:59:22 2024 -0600

    extensions/Dockerfile: use the FCOS defined fedora.repo to set up container
    
    Use the fedora.repo file defined in fedora-coreos-config to set up the
    container. This will force packages to be downloaded from
    dl.fedoraproject.org, as specified in the FCOS file. The ITUP cluster,
    being used by the RHCOS pipeline, requires all outbound connections
    to be specified in a Firewall Egress file, and this will ensure the
    same connection will always be used.

commit 761db82968b0caf82ce5cf7761c9bef970097237
Author: Michael Armijo <[email protected]>
Date:   Mon Jun 24 14:19:27 2024 -0600

    c9s-mirror.repo: use https for repo baseurl
    
    We use https in the main c9s.repo file, so let's use it here
    too to be consistent. Also, the RHCOS pipeline is migrating
    to a new ITUP cluster which is restricting port 80, so
    lets just use HTTPS on port 443 which is already open.
    
    Co-authored-by: Aashish Radhakrishnan <[email protected]>

commit 9d4fa02d9664386f9fa137221886b8321fc1c2d9
Author: Michael Armijo <[email protected]>
Date:   Thu Jun 20 13:28:59 2024 -0600

    tests/replace-rt-kernel: use https for baseurl for repos
    
    We use https in the main c9s.repo file, so let's use it here
    too to be consistent. Also, the RHCOS pipeline is migrating
    to a new ITUP cluster which is restricting port 80, so
    lets just use HTTPS on port 443 which is already open.
    
    Co-authored-by: Aashish Radhakrishnan <[email protected]>

[openshift-ci-robot]

@marmijo: This pull request references COS-2758 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the epic to target either version "4.18." or "openshift-4.18.", but it targets "openshift-4.17" instead.

In response to this:

These commits are needed in order to migrate the RHCOS build pipeline to the new ITUP cluster. They deal with modifying our configuration to only use HTTPS where possible since the ITUP cluster restricts the use of HTTP on port 80.

@aaradhak and I have been using these commits in a fork of this repo for testing on the cluster. We've worked out most of the issues, so let's merge them now.

commit 8301c67176e71ff2c6c5236109c89a149422a592
Author: Michael Armijo <[email protected]>
Date:   Thu Jul 18 17:59:22 2024 -0600

   extensions/Dockerfile: use the FCOS defined fedora.repo to set up container
   
   Use the fedora.repo file defined in fedora-coreos-config to set up the
   container. This will force packages to be downloaded from
   dl.fedoraproject.org, as specified in the FCOS file. The ITUP cluster,
   being used by the RHCOS pipeline, requires all outbound connections
   to be specified in a Firewall Egress file, and this will ensure the
   same connection will always be used.

commit 761db82968b0caf82ce5cf7761c9bef970097237
Author: Michael Armijo <[email protected]>
Date:   Mon Jun 24 14:19:27 2024 -0600

   c9s-mirror.repo: use https for repo baseurl
   
   We use https in the main c9s.repo file, so let's use it here
   too to be consistent. Also, the RHCOS pipeline is migrating
   to a new ITUP cluster which is restricting port 80, so
   lets just use HTTPS on port 443 which is already open.
   
   Co-authored-by: Aashish Radhakrishnan <[email protected]>

commit 9d4fa02d9664386f9fa137221886b8321fc1c2d9
Author: Michael Armijo <[email protected]>
Date:   Thu Jun 20 13:28:59 2024 -0600

   tests/replace-rt-kernel: use https for baseurl for repos
   
   We use https in the main c9s.repo file, so let's use it here
   too to be consistent. Also, the RHCOS pipeline is migrating
   to a new ITUP cluster which is restricting port 80, so
   lets just use HTTPS on port 443 which is already open.
   
   Co-authored-by: Aashish Radhakrishnan <[email protected]>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[marmijo]

8301c67 is related to #1546. Just like the issue states, we should move away from using Fedora content altogether in these containers when testing RHCOS/SCOS.

Also, some version of this PR will likely need to be backported through 4.12 where applicable.

[openshift-ci]

@marmijo: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[mike-nguyen]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: marmijo, mike-nguyen

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [marmijo,mike-nguyen]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment