Project

Profile

Help

Story #7487

closed

Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment

As a user, I'm prevented from changing ALLOWED_CONTENT_CHECKSUMS if I already have content in my DB

Added by bmbouter about 2 years ago. Updated almost 2 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
Category:
-
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
Yes
Tags:
Sprint:
Sprint 83
Quarter:

Description

Background

Users should not change the ALLOWED_CONTENT_CHECKSUMS if they already have content in their DB.

Idea

Let's add a check at Pulp start time that causes them to not do that

Implementation

As suggested by @daviddavis, at the bottom of the pulpcore.app.settings, add another check that performs a select like SELECT * FROM artifacts WHERE a IS NULL or b IS NULL ... and if this returns any artifacts, raise an ImproperlyConfigured error.

Testing

Since we can't change settings during functional test runs, we cannot reasonably test for this.


Related issues

Related to Container Support - Issue #7774: `podman push` leads to missing checksums on the ArtifactsCLOSED - CURRENTRELEASEipanova@redhat.comActions
Actions #1

Updated by bmbouter about 2 years ago

  • Description updated (diff)
Actions #2

Updated by bmbouter about 2 years ago

  • Parent task set to #3778
Actions #3

Updated by daviddavis about 2 years ago

  • Groomed changed from No to Yes
  • Sprint Candidate changed from No to Yes
  • Sprint set to Sprint 81
Actions #4

Updated by bmbouter about 2 years ago

  • Description updated (diff)

As @mdellweg correctly points out my implementation won't work well. Rewrote the story to use the suggestion from @daviddavis.

Actions #5

Updated by daviddavis about 2 years ago

  • Status changed from NEW to ASSIGNED
Actions #6

Updated by daviddavis about 2 years ago

  • Assignee set to daviddavis
Actions #7

Updated by bmbouter about 2 years ago

  • Sprint/Milestone set to 3.7.0
Actions #8

Updated by pulpbot about 2 years ago

  • Status changed from ASSIGNED to POST
Actions #9

Updated by rchan about 2 years ago

  • Sprint changed from Sprint 81 to Sprint 82
Actions #10

Updated by daviddavis about 2 years ago

  • Related to Task #7536: Add support for ALLOWED_CONTENT_CHECKSUMS added
Actions #11

Updated by daviddavis about 2 years ago

  • Related to deleted (Task #7536: Add support for ALLOWED_CONTENT_CHECKSUMS)

Added by daviddavis about 2 years ago

Revision 69ae7bc5

Added check for ALLOWED_CONTENT_CHECKSUMS that Artifacts are missing

fixes #7487

Actions #12

Updated by daviddavis about 2 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100
Actions #13

Updated by daviddavis about 2 years ago

  • Status changed from MODIFIED to ASSIGNED
  • Sprint/Milestone deleted (3.7.0)

This causes a bug in pclean where a database session gets created and thus the db cannot be dropped. Reverting and removing from 3.7:

https://github.com/pulp/pulpcore/pull/926

Actions #14

Updated by rchan about 2 years ago

  • Sprint changed from Sprint 82 to Sprint 83
Actions #15

Updated by pulpbot almost 2 years ago

  • Status changed from ASSIGNED to POST

Added by daviddavis almost 2 years ago

Revision 9a9a06f1

Added check for ALLOWED_CONTENT_CHECKSUMS that Artifacts are missing

fixes #7487

Actions #16

Updated by daviddavis almost 2 years ago

  • Status changed from POST to MODIFIED
Actions #17

Updated by ttereshc almost 2 years ago

  • Sprint/Milestone set to 3.8.0
Actions #18

Updated by pulpbot almost 2 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Actions #19

Updated by daviddavis almost 2 years ago

  • Related to Issue #7774: `podman push` leads to missing checksums on the Artifacts added

Also available in: Atom PDF