You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: Bug Reports not following this template may be closed without feedback.
Getting Help
Please use this issue template for reporting identified or suspected bugsonly. For support on configuration or troubleshooting please see Getting Help for the appropriate channels.
Describe the bug
Hi, For security reason, we use a tools named "pulp", to synchronize external rpm/deb repository.
So that internal server, only connect to one internal node, to donwload all packages (redhat,ubuntu ,postgresql, etc ...)
We tried to do the same for the rundeck repository, but our synchronisation failed.
After analysing the issue, the sync failed because it find some sha1 checksum for the list of packages (md5 and sha1 are disabled in the tools for security reason)
Expected behavior
sha256 is used for the repo metadata
Ex based on another repository (postgres): <checksum type="sha256" pkgid="YES">69744c5f5ce61f17d70d0cd9c54cba046dbdbf9478eb702a57392e253f871f21</checksum> Screenshots
Desktop (please complete the following information):
Additional context
The text was updated successfully, but these errors were encountered:
Note: Bug Reports not following this template may be closed without feedback.
Getting Help
Please use this issue template for reporting identified or suspected bugs only. For support on configuration or troubleshooting please see Getting Help for the appropriate channels.
Describe the bug
Hi, For security reason, we use a tools named "pulp", to synchronize external rpm/deb repository.
So that internal server, only connect to one internal node, to donwload all packages (redhat,ubuntu ,postgresql, etc ...)
We tried to do the same for the rundeck repository, but our synchronisation failed.
After analysing the issue, the sync failed because it find some sha1 checksum for the list of packages (md5 and sha1 are disabled in the tools for security reason)
Apparently in #8259 the repo switched to sha256
But it look like sha1 is still used internally.
(just wanted to indicate the issue, we installed manually the tools to avoid the problem)
It you download the file primary.xml.gz use for the rpm redhat repo :
wget https://packagecloud.io/pagerduty/rundeck/rpm_any/rpm_any/x86_64/repodata/424ae6b1614330e5b6862de4d52c1ef0dfaa81ac-primary.xml.gz
You can see that sha is still used instead of sha256for the file's checksum
Ex:
My Rundeck detail
To Reproduce
wget https://packagecloud.io/pagerduty/rundeck/rpm_any/rpm_any/x86_64/repodata/424ae6b1614330e5b6862de4d52c1ef0dfaa81ac-primary.xml.gz
Verify that sha is used instead of sha256
Expected behavior
sha256 is used for the repo metadata
Ex based on another repository (postgres):
<checksum type="sha256" pkgid="YES">69744c5f5ce61f17d70d0cd9c54cba046dbdbf9478eb702a57392e253f871f21</checksum>
Screenshots
Desktop (please complete the following information):
Additional context
The text was updated successfully, but these errors were encountered: