As a user, I can verify blobs checksum during v2 image import
When we upload a v2 docker image into Pulp, we do not perform any checks on blobs, so we cannot be sure that we downloaded what we wanted to. We need to introduce a checksum verification on downloaded blobs.
Obviously, eventually docker client will stumble across corrupted blobs during docker pull, because it does a checksum verification of blobs, but at this point we cannot call ourself trustful, we cannot afford ourselves to leave things like this.
Verify blob checksum
(cherry picked from commit 32f89230ee8f8cc86eb3015ba0244c0269a994f0)
Please register to edit this issue