From bc615c068996294dcf215542f5277caccda61173 Mon Sep 17 00:00:00 2001
From: Saikrishna Arcot <sarcot@microsoft.com>
Date: Mon, 30 Jan 2023 12:04:05 -0800
Subject: [PATCH] Fix build break for jessie apt key expiration. (#13328)

#### Why I did it

The GPG key used for Jessie's official repos has since expired, which means building 201911 images no longer works.

#### How I did it

Fake the time to be before the expiry date.
---
 Makefile.work                              |  6 ++++++
 dockers/docker-base-stretch/Dockerfile.j2  |  2 +-
 dockers/docker-base/Dockerfile.j2          |  7 ++++++-
 dockers/docker-basic_router/Dockerfile     |  2 +-
 dockers/docker-config-engine/Dockerfile.j2 |  2 +-
 dockers/docker-fpm-quagga/Dockerfile.j2    |  2 +-
 sonic-slave-jessie/Dockerfile.j2           | 13 +++++++++----
 7 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/Makefile.work b/Makefile.work
index 8140363c06..b2177102df 100644
--- a/Makefile.work
+++ b/Makefile.work
@@ -195,6 +195,11 @@ SONIC_BUILD_INSTRUCTION :=  make \
 .PHONY: sonic-slave-build sonic-slave-bash init reset
 
 .DEFAULT_GOAL :=  all
+FAKETIME := rm -rf faketime_0.9.7-2_amd64.deb libfaketime_0.9.7-2_amd64.deb; \
+		curl "https://sonicstoragepublic.blob.core.windows.net/packages/libfaketime_0.9.7-2_amd64.deb?sp=r&st=2022-12-05T06:39:44Z&se=2032-12-05T14:39:44Z&spr=https&sv=2021-06-08&sr=b&sig=SDqUC7DtESpNHTc1Dsh%2B9%2Finxfo4OwNiXGw762OV2tM%3D" -o libfaketime_0.9.7-2_amd64.deb; \
+		curl "https://sonicstoragepublic.blob.core.windows.net/packages/faketime_0.9.7-2_amd64.deb?sp=r&st=2022-12-05T04:50:15Z&se=2033-12-06T12:50:15Z&spr=https&sv=2021-06-08&sr=b&sig=7l4dm4tyO73RwwAbRM6zNEglkOjs8bLV%2BJe9coiEHxo%3D" -o faketime_0.9.7-2_amd64.deb; \
+		cp faketime_0.9.7-2_amd64.deb libfaketime_0.9.7-2_amd64.deb dockers/docker-base/; \
+		cp faketime_0.9.7-2_amd64.deb libfaketime_0.9.7-2_amd64.deb sonic-slave-jessie/
 
 %::
 ifneq (,$(filter $(CONFIGURED_ARCH), armhf arm64))
@@ -205,6 +210,7 @@ ifneq ($(BLDENV), )
 endif
 endif
 	@$(OVERLAY_MODULE_CHECK)
+	@$(FAKETIME)
 
 	@docker inspect --type image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) &> /dev/null || \
 	    { echo Image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) not found. Building... ; \
diff --git a/dockers/docker-base-stretch/Dockerfile.j2 b/dockers/docker-base-stretch/Dockerfile.j2
index 19af55acc4..b696d0a2e0 100644
--- a/dockers/docker-base-stretch/Dockerfile.j2
+++ b/dockers/docker-base-stretch/Dockerfile.j2
@@ -89,7 +89,7 @@ RUN apt-get -y purge   \
 {%- endif %}
 
 # Add support for supervisord to handle startup dependencies
-RUN pip install supervisord-dependent-startup==1.4.0
+RUN pip install supervisord-dependent-startup==1.4.0 'toposort<=1.7'
 
 # Clean up apt
 # Remove /var/lib/apt/lists/*, could be obsoleted for derived images
diff --git a/dockers/docker-base/Dockerfile.j2 b/dockers/docker-base/Dockerfile.j2
index 3407361dcc..a2f818a031 100644
--- a/dockers/docker-base/Dockerfile.j2
+++ b/dockers/docker-base/Dockerfile.j2
@@ -38,7 +38,12 @@ COPY ["no-check-valid-until", "/etc/apt/apt.conf.d"]
 COPY ["sources.list", "/etc/apt/sources.list"]
 {% endif %}
 COPY ["no_install_recommend_suggest", "/etc/apt/apt.conf.d"]
-RUN apt-get update
+
+COPY ["faketime_0.9.7-2_amd64.deb", "/root"]
+COPY ["libfaketime_0.9.7-2_amd64.deb","/root"]
+RUN dpkg -i /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
+RUN rm /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
+RUN faketime "2022-11-01" apt-get update
 
 # Pre-install fundamental packages
 RUN apt-get -y install \
diff --git a/dockers/docker-basic_router/Dockerfile b/dockers/docker-basic_router/Dockerfile
index 7d7c724920..b7b4497115 100644
--- a/dockers/docker-basic_router/Dockerfile
+++ b/dockers/docker-basic_router/Dockerfile
@@ -6,7 +6,7 @@ MAINTAINER Xudong Wu
 ENV DEBIAN_FRONTEND=noninteractive
 
 ## Update apt's cache of available packages
-RUN apt-get clean && apt-get update
+RUN apt-get clean && faketime "2022-11-01" apt-get update
 
 COPY deps /deps
 
diff --git a/dockers/docker-config-engine/Dockerfile.j2 b/dockers/docker-config-engine/Dockerfile.j2
index ba72cce31d..51b6ddaca1 100644
--- a/dockers/docker-config-engine/Dockerfile.j2
+++ b/dockers/docker-config-engine/Dockerfile.j2
@@ -3,7 +3,7 @@ FROM docker-base
 ## Make apt-get non-interactive
 ENV DEBIAN_FRONTEND=noninteractive
 
-RUN apt-get update
+RUN faketime "2022-11-01" apt-get update
 
 # Dependencies for sonic-cfggen
 RUN apt-get install -y python-lxml python-yaml python-bitarray python-pip python-dev python-natsort
diff --git a/dockers/docker-fpm-quagga/Dockerfile.j2 b/dockers/docker-fpm-quagga/Dockerfile.j2
index 9d1312d073..5ca6bf0882 100644
--- a/dockers/docker-fpm-quagga/Dockerfile.j2
+++ b/dockers/docker-fpm-quagga/Dockerfile.j2
@@ -7,7 +7,7 @@ RUN [ -f /etc/rsyslog.conf ] && sed -ri "s/%syslogtag%/$docker_container_name#%s
 ENV DEBIAN_FRONTEND=noninteractive
 
 # Update apt's cache of available packages
-RUN apt-get update
+RUN faketime "2022-11-01" apt-get update
 
 # Install required packages
 RUN apt-get install -y libdbus-1-3 libdaemon0 libjansson4 libpython2.7
diff --git a/sonic-slave-jessie/Dockerfile.j2 b/sonic-slave-jessie/Dockerfile.j2
index 0224f9727b..a60e8254e9 100644
--- a/sonic-slave-jessie/Dockerfile.j2
+++ b/sonic-slave-jessie/Dockerfile.j2
@@ -34,7 +34,12 @@ RUN echo "deb [arch=arm64] http://archive.debian.org/debian jessie main contrib
 ## Make apt-get non-interactive
 ENV DEBIAN_FRONTEND=noninteractive
 
-RUN apt-get update && apt-get install -y \
+COPY ["faketime_0.9.7-2_amd64.deb","/root"]
+COPY ["libfaketime_0.9.7-2_amd64.deb","/root"]
+RUN dpkg -i /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
+RUN rm /root/faketime_0.9.7-2_amd64.deb /root/libfaketime_0.9.7-2_amd64.deb
+
+RUN faketime "2022-11-01" apt-get update && apt-get install -y \
         apt-utils \
         default-jre-headless \
         openssh-server \
@@ -346,7 +351,7 @@ RUN git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git /
 ENV PATH /usr/share/depot_tools:$PATH
 
 # Install docker engine 17.03.2~ce-0 inside docker and enable experimental feature
-RUN apt-get update
+RUN faketime "2022-11-01" apt-get update
 RUN apt-get install -y \
            apt-transport-https \
            ca-certificates \
@@ -358,7 +363,7 @@ RUN add-apt-repository \
            "deb [arch={{ CONFIGURED_ARCH }}] https://download.docker.com/linux/debian \
            $(lsb_release -cs) \
            stable"
-RUN apt-get update
+RUN faketime "2022-11-01" apt-get update
 {%- if CONFIGURED_ARCH == "amd64" %}
 RUN apt-get install -y docker-ce=17.03.2~ce-0~debian-jessie
 {%- else %}
@@ -368,5 +373,5 @@ RUN echo "DOCKER_OPTS=\"--experimental --storage-driver=vfs\"" >> /etc/default/d
 
 # For jenkins slave
 RUN echo "deb [arch={{ CONFIGURED_ARCH }}] http://archive.debian.org/debian jessie-backports main" >> /etc/apt/sources.list
-RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN faketime "2022-11-01" apt-get -o Acquire::Check-Valid-Until=false update
 RUN apt-get -y -o Acquire::Check-Valid-Until=false install ca-certificates-java=20161107~bpo8+1 openjdk-8-jdk