Actions
Issue #4253
closed
modules.yaml reference in repomd.xml does not use selected checksum
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
2.17.0
Platform Release:
2.18.1
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Easy Fix, Pulp 2
Sprint:
Sprint 47
Quarter:
Description
A report from upstream katello (https://projects.theforeman.org/issues/25529) indicates that pulp generates a repomd.xml file that claims to use the checksum type that has been set on the publisher, but in fact is not using that:
In this example it purports to have used a sha1 checksum, but in fact its actually a sha256 checksum:
<data type="modules">
<location href="repodata/824ffe238f202a0612ecbb2b0c0459dc289a7ef47adb1f26406453d41f476449-modules.yaml.gz"/>
<timestamp>1542811864</timestamp>
<size>33</size>
<checksum type="sha1">824ffe238f202a0612ecbb2b0c0459dc289a7ef47adb1f26406453d41f476449</checksum>
<open-size>0</open-size>
<open-checksum type="sha1">da39a3ee5e6b4b0d3255bfef95601890afd80709</open-checksum>
</data>
To reproduce:
1. create and sync a yum repository
2. set a checksum type of sha1
3. publish the repository
Related issues
Actions
.
Fix bugs related to modularity
Ensure we don't publish module metadata files for repositories where the source repo had none.
Use the correct mechanism for determining the checksum used in the name of the modules.yaml.gz metadata file.
Additionally, refactor the module publish step to be more similar to the others.
closes #4252 https://pulp.plan.io/issues/4252 closes #4253 https://pulp.plan.io/issues/4253