[Pulp-list] syncing old repos with sha1 checksums
Mike McCune
mmccune at redhat.com
Wed Sep 12 04:40:40 UTC 2012
We got this bug in Katello:
https://bugzilla.redhat.com/show_bug.cgi?id=855146
that describes an issue we are having trying to remove packages from
existing repos. We call pulp's
/pulp/api/services/disassociate/packages/ API call which searches for
packages by filename and sha. The issue came from the old repository
metadata from this virtualbox repo that Corey synced:
http://download.virtualbox.org/virtualbox/rpm/fedora/17/x86_64/
the RPM metadata in the above location are still checksummed with a sha1
signature vs sha256. The issue comes down to the pulp code in v1:
https://bugzilla.redhat.com/show_bug.cgi?id=855146#c7
here in pulp/server/api/repo.py:
def _translate_filename_checksum_pairs(self, pkg_infos):
"""
Translates a list of filename/checksum structures to a list of
package ids.
@param pkg_infos: format is [((filename, checksum), [repoids])]
@return: {'repo_id':[pkgids]}, {errors}
"""
start_translate = time.time()
p_col = model.Package.get_collection()
repo_pkgs = {}
errors = {}
for item in pkg_infos:
filename = item[0][0]
checksum = item[0][1]
repos = item[1]
found = p_col.find_one({"filename":filename,
"checksum.sha256":checksum}, {"id":1})
you can see it will never find the packages with metadata signed with
checksum.sha... is this fixed in V2?
--
Mike McCune
mmccune AT redhat.com
Red Hat Engineering | Portland, OR
Systems Management | 650-254-4248
More information about the Pulp-list
mailing list