Project

Profile

Help

Story #3760

As a user of export distributor, I have a file with a list of checksum generated with the ISO

Added by rabajaj over 3 years ago. Updated over 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
2.17.0
Groomed:
No
Sprint Candidate:
No
Tags:
Easy Fix, Pulp 2
Sprint:
Quarter:

Description

As a user, I would like to be able to know the checksum of the ISO generated by the export distributor.

After generating an ISO, the export distributor will calculate md5, sha1, sha256, and sha512 checksums of the ISO and write them to a file with the same name as the ISO, but with a '.DIGESTS' extension. The file will have the following format:

bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso

Checklist

Associated revisions

Revision e53b8bf4 View on GitHub
Added by Rahul Bajaj over 3 years ago

Create checksum for exported iso file

When we export a .iso file, we must also export a checksum file with it.

closes #3760 https://pulp.plan.io/issues/3760

History

#1 Updated by dkliban@redhat.com over 3 years ago

  • Subject changed from while exporting a iso, a checksum must be sent along with it. to As a user of export distributor, I have a file with a list of checksum generated with the ISO
  • Description updated (diff)

#2 Updated by bmbouter over 3 years ago

Do we want 3 checksums? This makes it a bit harder to programatically process since then the code has to parse the checksum file to verify it with a local checksum calculation. Note that el5 will need sha1 if you want to verify the checksum itself on an EL5 box. Is that a valid use case?

#3 Updated by dkliban@redhat.com over 3 years ago

I don't think anyone is going to validate on an EL5 box since Pulp only runs on EL7. The only real requirement is that the checksum be better than than MD5. So perhaps it should just be a SHA512.

#4 Updated by bmbouter over 3 years ago

I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:

bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso

I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either: repo_export.iso.checksum or repo_export.iso.DIGESTS.

What do you all think about ^? What do you think the filename should be?

#5 Updated by dkliban@redhat.com over 3 years ago

bmbouter wrote:

I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:

[...]

I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either: repo_export.iso.checksum or repo_export.iso.DIGESTS.

I like the .DIGESTS. The format looks good to me. I will update the ticket.

What do you all think about ^? What do you think the filename should be?

#6 Updated by dkliban@redhat.com over 3 years ago

  • Description updated (diff)

#7 Updated by dkliban@redhat.com over 3 years ago

  • Description updated (diff)

#8 Updated by dkliban@redhat.com over 3 years ago

  • Tracker changed from Issue to Story
  • % Done set to 0

#9 Updated by Anonymous over 3 years ago

  • Status changed from NEW to MODIFIED
  • % Done changed from 0 to 100

#10 Updated by dkliban@redhat.com about 3 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE
  • Platform Release set to 2.17.0

#11 Updated by bmbouter over 2 years ago

  • Tags Pulp 2 added

Please register to edit this issue

Also available in: Atom PDF