Bug #37522
closed
Yum Metadata Checksum of SHA1 no longer supported by Pulp
Added by Ian Ballou 7 months ago.
Updated 6 months ago.
Description
Pulp-RPM 3.25.0+ removed support for SHA1 yum metadata checksums on publications. An error is thrown when trying to use it.
Also, Pulp merged metadata_checksum_type and package_checksum_type into checksum_type. We should use this new field.
We supposedly can override the removal of SHA1 with ALLOWED_PUBLISH_CHECKSUMS, but it's not working for me at the moment. Ideally we'd allow that to be an installer configurable.
Alternatively, we can remove SHA1 to match the checksum types that Pulp seems to support: CHECKSUM_TYPES.SHA256, CHECKSUM_TYPES.SHA384, CHECKSUM_TYPES.SHA512
I think the ideal approach would be to override the sha1 removal in the Pulp settings and then mark sha1 as deprecated in the UI. We can also add the other checksum types as options since they're available in Pulp.
Granted, I'm not sure why anyone would need to publish content with SHA1 checksums these days, even EL5 supported SHA256 as far as I can tell.
So far it's looking like pulp-rpm doesn't support configuring SHA1 to be publishable, so we may need to just remove SHA1 entirely.
- Status changed from New to Ready For Testing
- Assignee set to Ian Ballou
- Pull request https://github.com/Katello/katello/pull/11013 added
- Triaged changed from No to Yes
- Fixed in Releases Katello 4.14.0 added
- Status changed from Ready For Testing to Closed
- Pull request https://github.com/Katello/katello/pull/11051 added
- Fixed in Releases Katello 4.13.1 added
- Fixed in Releases deleted (
Katello 4.13.1)
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by Anonymous