Issue #4253

Updated by over 5 years ago

A report from upstream katello ( indicates that pulp generates a repomd.xml file that claims to use the checksum type that has been set on the publisher, but in fact is not using that: 

 In this example it purports to have used a sha1 checksum, but in fact its actually a sha256 checksum: 

   <data type="modules"> 
     <location href="repodata/824ffe238f202a0612ecbb2b0c0459dc289a7ef47adb1f26406453d41f476449-modules.yaml.gz"/> 
     <checksum type="sha1">824ffe238f202a0612ecbb2b0c0459dc289a7ef47adb1f26406453d41f476449</checksum> 
     <open-checksum type="sha1">da39a3ee5e6b4b0d3255bfef95601890afd80709</open-checksum> 

 To reproduce: 

 1.    create and sync a yum repository 
 2.    set a checksum type of sha1 
 3.    publish the repository