Project

Profile

Help

Issue #6735

Updated by bmbouter over 1 year ago

## Background

The BaseRemote.ca_cert and BaseRemote.client_cert fields the current serializers tell the user "All new line characters must be escaped". You can see that [here](https://github.com/pulp/pulpcore/blob/master/pulpcore/app/serializers/repository.py#L54-L71).

There are two issues with this:

1. It's not needed. For example pulp-certguard allows users to submit certs without modification, they are saved in the database, and openssl uses them correctly.

2. It's extra work for users.

## Solution

1. Update the serializers to not have newlines escaped
2. Audit the handling of these fields throughout the code and remove any "unescaping" that is done
3. Add a `.removal` release note indicating this is a breaking change and users will need to re-save their ca_cert and client_cert fields
4. Audit client_key as well just for good measure
5. Add a test that sync's content where a ca_cert is required
6. Add a test that sync's content where a client_cert and client_key is required

## How to add these tests?

These tests will use the Red Hat CDN and will use a test certificate and key registered to pulp-infra, along with the master ca_cert of the Red Hat CDN. The test certs will be stored as a Travis secret and made available to the tests via environment variables. If the test goes to run and the environment variables are not present the test should skip.

Back