Story #8325
closedTask #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS
Write a guide for changing ALLOWED_CONTENT_CHECKSUMS
100%
Related issues
Updated by daviddavis almost 4 years ago
Rough PoC:
Pulp can prohibit or allow checksums by setting the ALLOWED_CONTENT_CHECKSUMS
setting. Changing this setting requires a few steps.
First, before you change the setting, see how your Pulp instance will be impacted by this change by running:
<insert task info from https://pulp.plan.io/issues/7986>
Before switching, any on-demand repos containing forbidden checksum digests will need to be synced with policy immediate to populate missing allowed checksums. Alternatively, users can remove these offending repo versions followed by orphan cleanup.
If you have artifacts that do not conform to your ALLOWED_CONTENT_CHECKSUMS setting, you can update them using:
pulpcore-manager handle-artifact-checksums
Updated by daviddavis almost 4 years ago
- Blocked by Story #7986: As a user, I can evaluate a “what-if scenario” by generating a report of impacted content from a set of user provided checksums (not from ALLOWED_CONTENT_CHECKSUMS) added
Updated by ppicka over 3 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to ppicka
Updated by ppicka over 3 years ago
- Groomed changed from No to Yes
- Sprint set to Sprint 92
Updated by pulpbot over 3 years ago
- Status changed from ASSIGNED to POST
Added by ppicka over 3 years ago
Updated by ppicka over 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulpcore|b7268ea9233b39e4abd726be594c39c11bc45cea.
Updated by pulpbot over 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Allow content checksums doc
Update docs with how to properly change 'ALLOWED_CONTENT_CHECKSUMS' setting.
closes: #8325 https://pulp.plan.io/issues/8325