Project

General

Profile

Bug #11276

Changing GPG key on a library repository can break content views that contain that repository

Added by Eric Helms about 4 years ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Candlepin
Target version:
Difficulty:
hard
Triaged:
Yes
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Since all repositories and their clones are represented by the same content ID in Candlepin, if a user changes the GPG key on the library version of a repository, any content views that contain that repository may be broken. In other words, if the user changes the GPG key because say it expired, and then attempts a package install from a content view in production that was signed by the old key those packages own't be installable without turning off GPG key validation.

History

#1 Updated by Eric Helms over 3 years ago

  • Legacy Backlogs Release (now unused) set to 86

#2 Updated by Eric Helms over 3 years ago

  • Legacy Backlogs Release (now unused) changed from 86 to 143

#3 Updated by Justin Sherrill about 3 years ago

  • Category set to Candlepin
  • Legacy Backlogs Release (now unused) changed from 143 to 114
  • Difficulty set to hard

Also available in: Atom PDF