Story #3760
closedAs a user of export distributor, I have a file with a list of checksum generated with the ISO
100%
Description
As a user, I would like to be able to know the checksum of the ISO generated by the export distributor.
After generating an ISO, the export distributor will calculate md5, sha1, sha256, and sha512 checksums of the ISO and write them to a file with the same name as the ISO, but with a '.DIGESTS' extension. The file will have the following format:
bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso
Updated by dkliban@redhat.com over 5 years ago
- Subject changed from while exporting a iso, a checksum must be sent along with it. to As a user of export distributor, I have a file with a list of checksum generated with the ISO
- Description updated (diff)
Updated by bmbouter over 5 years ago
Do we want 3 checksums? This makes it a bit harder to programatically process since then the code has to parse the checksum file to verify it with a local checksum calculation. Note that el5 will need sha1 if you want to verify the checksum itself on an EL5 box. Is that a valid use case?
Updated by dkliban@redhat.com over 5 years ago
I don't think anyone is going to validate on an EL5 box since Pulp only runs on EL7. The only real requirement is that the checksum be better than than MD5. So perhaps it should just be a SHA512.
Updated by bmbouter over 5 years ago
I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:
bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso
I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either: repo_export.iso.checksum
or repo_export.iso.DIGESTS
.
What do you all think about ^? What do you think the filename should be?
Updated by dkliban@redhat.com over 5 years ago
bmbouter wrote:
I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:
[...]
I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either:
repo_export.iso.checksum
orrepo_export.iso.DIGESTS
.
I like the .DIGESTS. The format looks good to me. I will update the ticket.
What do you all think about ^? What do you think the filename should be?
Updated by dkliban@redhat.com over 5 years ago
- Tracker changed from Issue to Story
- % Done set to 0
Added by Rahul Bajaj about 5 years ago
Updated by Anonymous about 5 years ago
- Status changed from NEW to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulp_rpm:e53b8bf4ea5bf91a71c4b81ff9f0fad920c1691c.
Updated by dkliban@redhat.com about 5 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
- Platform Release set to 2.17.0
Create checksum for exported iso file
When we export a .iso file, we must also export a checksum file with it.
closes #3760 https://pulp.plan.io/issues/3760