Story #3760
closed
As a user of export distributor, I have a file with a list of checksum generated with the ISO
Status:
CLOSED - CURRENTRELEASE
Description
As a user, I would like to be able to know the checksum of the ISO generated by the export distributor.
After generating an ISO, the export distributor will calculate md5, sha1, sha256, and sha512 checksums of the ISO and write them to a file with the same name as the ISO, but with a '.DIGESTS' extension. The file will have the following format:
bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso
- Subject changed from while exporting a iso, a checksum must be sent along with it. to As a user of export distributor, I have a file with a list of checksum generated with the ISO
- Description updated (diff)
Do we want 3 checksums? This makes it a bit harder to programatically process since then the code has to parse the checksum file to verify it with a local checksum calculation. Note that el5 will need sha1 if you want to verify the checksum itself on an EL5 box. Is that a valid use case?
I don't think anyone is going to validate on an EL5 box since Pulp only runs on EL7. The only real requirement is that the checksum be better than than MD5. So perhaps it should just be a SHA512.
I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:
bb16e10946c7d24c5bbf989c3877d0dd *repo_export.iso
bd5f9d38232bd31dc7334b70e4259f68ab6327f4 *repo_export.iso
eb93b60b4be097fd618dbdd625f70ee64a6a77d502e50b39d2c259df9ccb8f53 *repo_export.iso
a92d64650c862bf89643dceff172c8762212c24bcb815a33f3356b63538392ee50ba6aa07188b3d1a2a760be7e9a9b0631520768c1c0a6ce60b024a3a8bc766b *repo_export.iso
I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either: repo_export.iso.checksum
or repo_export.iso.DIGESTS
.
What do you all think about ^? What do you think the filename should be?
bmbouter wrote:
I thought about this and looked at some examples on the internet. I keep seeing this format which includes multiple checksums and the filename:
[...]
I think we should do the same. It's md5, sha1, sha256, sha512. It allows anyone to verify it with whatever they have. It contains the filename on each line I think for extra clarity. Also the filename for the checksum file would be either: repo_export.iso.checksum
or repo_export.iso.DIGESTS
.
I like the .DIGESTS. The format looks good to me. I will update the ticket.
What do you all think about ^? What do you think the filename should be?
- Description updated (diff)
- Description updated (diff)
- Tracker changed from Issue to Story
- % Done set to 0
- Status changed from NEW to MODIFIED
- % Done changed from 0 to 100
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
- Platform Release set to 2.17.0
Also available in: Atom
PDF
Create checksum for exported iso file
When we export a .iso file, we must also export a checksum file with it.
closes #3760 https://pulp.plan.io/issues/3760