[libvirt] Broken OpenVZ RPM deps on CentOS 7 (Re: [jenkins-ci PATCH v2 1/3] guests: add openvz repository on) CentOS 7

CC'ing Nikolay on this to raise the issue of broken deps in the OpenVZ repo for CentOS 7 & incorrectly documented GPG keys ... On Fri, Dec 06, 2019 at 06:53:38PM +0000, Daniel P. Berrangé wrote: Originally I was using this URL for yum: https://download.openvz.org/virtuozzo/releases/7.0/x86_64/os/ Which results in this broken dep at install time: This appears to be a recent problem from the Dec 4th release of openvz-7.0.12-283 - the previous openvz-7.0.11-235 has correctly resolving deps. The other issue that I forgot to mention is that the GPG keys used for signing the RPMs on download.openvz.org are incorrectly / misleadingly documented. In the README at: https://download.openvz.org/ it documents & links to https://download.openvz.org/RPM-GPG-Key-OpenVZ saying this is used to sign RPMs on download.openvz.org This doc is repeated at https://wiki.openvz.org/Package_signatures That key has key ID a7a1d4b6 as identified as "OpenVZ Project <security(a)openvz.org&gt;&quot; This documentation is all wrong though, as this key is not used to sign the RPMs for CentOS7 at least The RPMs in https://download.openvz.org/virtuozzo/releases/7.0/x86_64/os/ at signed by key with ID 44cdad2a. It took me a long time to find this key, but eventually I discovered a link to it from https://docs.virtuozzo.com/keys/ Section 2, 2. Virtuozzo 7, Virtuozzo Automator 7, and Virtuozzo PowerPanel Signing Key https://docs.virtuozzo.com/keys/VIRTUOZZO_GPG_KEY which identifies itself as "Virtuozzo Team (GPG key signature for packages) <security(a)virtuozzo.com&gt;&quot; Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|