Project

Profile

Help

Actions
Send by e-mail Copy link

Story #7487

closed

Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment

As a user, I'm prevented from changing ALLOWED_CONTENT_CHECKSUMS if I already have content in my DB

Added by bmbouter over 3 years ago. Updated over 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
daviddavis
Category:
-
Sprint/Milestone:
3.8.0
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
Yes
Tags:
Sprint:
Sprint 83
Quarter:

Description

Background

Users should not change the ALLOWED_CONTENT_CHECKSUMS if they already have content in their DB.

Idea

Let's add a check at Pulp start time that causes them to not do that

Implementation

As suggested by @daviddavis, at the bottom of the pulpcore.app.settings, add another check that performs a select like SELECT * FROM artifacts WHERE a IS NULL or b IS NULL ... and if this returns any artifacts, raise an ImproperlyConfigured error.

Testing

Since we can't change settings during functional test runs, we cannot reasonably test for this.

Related issues

Related to Container Support - Issue #7774: `podman push` leads to missing checksums on the ArtifactsCLOSED - CURRENTRELEASEipanova@redhat.comActions
Actions
Send by e-mail Copy link

Also available in: Atom PDF