[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pulp-list] syncing old repos with sha1 checksums

On 09/12/2012 12:40 AM, Mike McCune wrote:
We got this bug in Katello:


that describes an issue we are having trying to remove packages from existing repos. We call pulp's /pulp/api/services/disassociate/packages/ API call which searches for packages by filename and sha. The issue came from the old repository metadata from this virtualbox repo that Corey synced:


the RPM metadata in the above location are still checksummed with a sha1 signature vs sha256. The issue comes down to the pulp code in v1:


here in pulp/server/api/repo.py:

    def _translate_filename_checksum_pairs(self, pkg_infos):
Translates a list of filename/checksum structures to a list of package ids.
        @param pkg_infos: format is [((filename, checksum), [repoids])]
        @return:    {'repo_id':[pkgids]}, {errors}
        start_translate = time.time()
        p_col = model.Package.get_collection()
        repo_pkgs = {}
        errors = {}
        for item in pkg_infos:
            filename = item[0][0]
            checksum = item[0][1]
            repos = item[1]
found = p_col.find_one({"filename":filename, "checksum.sha256":checksum}, {"id":1})

you can see it will never find the packages with metadata signed with checksum.sha... is this fixed in V2?

Yes, this should not be an issue in v2. In v2, we leave it to the user to set the criteria and what to look for when calling unassociate_by_criteria. If your criteria filter includes the checksum sha as checksum and pulp db has that checksum to match, we should find the unit and remove it.

Do you need this fixed in v1?

~ Prad

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]