Allow any hashing algorithm in osbuild stage inputs #3514
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
achilleas-k
force-pushed
the
fix/repo-checksums
branch
from
be20153
to
498b86f
Compare
|
I also did a test locally with a custom repo using the Before the fix, grepping through the stage inputs of the manifest in the job store: and after |
supakeen
previously approved these changes
Jun 26, 2023
Yeah good idea as a sanity check. |
Helper functions that create stage input objects with references always hard-coded `sha256:` as a prefix/algorithm for the checksum. This prevents the functions from being used in cases where other algorithms are use, like sha1, which is possible with (perhaps older) RPM repositories. The inputs in osbuild a number of hashing algorithms and we should be able to generate stages with other prefixes when necessary. Remove the `sha256:` prefix in the helper functions and assume all arguments to these functions provide the correct prefix. Update tests to match.
Unit test for the function where the original issue was located. See rhbz#2215043.
Make sure checksums used in the file input helper functions contain only 1 colon delimiter and it is not at the start of the string. Adjusted tests to work with new restriction.
achilleas-k
force-pushed
the
fix/repo-checksums
branch
from
d9dccd0
to
3ccc2a8
Compare
schutzbot
reviewed
Jun 26, 2023
There was a problem hiding this comment.
Manifest-diff job [0] as manifests.diff.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Helper functions that create stage input objects with references always hard-coded
sha256:as a prefix/algorithm for the checksum. This prevents the functions from being used in cases where other algorithms are use, like sha1, which is possible with (perhaps older) RPM repositories. The inputs in osbuild a number of hashing algorithms and we should be able to generate stages with other prefixes when necessary.This PR removes the
sha256:prefix in the helper functions and assumes all arguments to these functions provide the correct prefix.Fixes rhbz#2215043 (RHELPLAN-159871).
This pull request includes: