Pulp

In 3.10, the default for ALLOWED_CONTENT_CHECKSUMS included md5 and sha1. In 3.11, it does not.

Problem¶

If the user hasn't manually brought back md5 and sha1 in the ALLOWED_CONTENT_CHECKSUMS setting, this will present a problem at upgrade time when the pulpcore-manager migrate goes to run. Specifically Pulp will refuse to run the migrate because Artifacts have md5 and sha1 from <3.11 and the user (and installer) never ran pulpcore-migrate handle-artifact-checksums.

Experience the problem¶

1. Install a 3.10 version of pulp
2. Use pulp_file to sync down https://fixtures.pulpproject.org/file/PULP_MANIFEST
3. Upgrade to 3.11 and attempt to run migrations (you'll experience the 3.11 failure here)
4. Even if you can get around the migrations running when Pulp goes to start you'll then experience the problem again at Pulp start time.

Solution¶

Have pulpcore ship a migration with 3.11 that runs the pulpcore-migrate handle-artifact-checksums command from the migration itself. Users can set the ALLOWED_CONTENT_CHECKSUMS to the checksums they desire prior to starting pulpcore 3.11 and if they do nothing this migration will ensure the don't encounter a problem.

Additionally this check here needs to not perform the check for the migrate command also: https://github.com/pulp/pulpcore/blob/master/pulpcore/app/settings.py#L312 Otherwise the migration itself won't be able to run to resolve the problem.