Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for empty signature files #3526

Closed
garretwyman opened this issue May 8, 2024 · 6 comments
Closed

Check for empty signature files #3526

garretwyman opened this issue May 8, 2024 · 6 comments
Labels
Feature

Comments

@garretwyman
Copy link
Contributor

We have had an intermittent issue where pulp is uploading an empty (0 bytes) signature file.

Would like to add a simple check to confirm the signature file is not 0 bytes prior to publishing. If it is 0, raise an exception.
garretwyman added a commit to garretwyman/pulp_rpm that referenced this issue May 8, 2024
@garretwyman
Adding simple check for empty signature files. Closes pulp#3526
80f3815
@garretwyman garretwyman mentioned this issue May 8, 2024
Merged
@dralley
Copy link
Contributor

dralley commented May 8, 2024

What version were you using? #2892 was fixed a good while ago, but if you're using an older release of Katello or Pulp I could see how you might run into it still?

@garretwyman
Copy link
Contributor Author

garretwyman commented May 8, 2024
edited
Loading

pulp-rpm==3.25.1
pulpcore==3.51.2

The issue we were running into was the repomd.xml.asc file.

@dralley
Copy link
Contributor

dralley commented May 8, 2024

How was your signing service configured?

@daviddavis
Copy link
Contributor

We have a signing service at Microsoft that we use. In Pulp, we've configured a SigningService to call a python script that makes a request to a container we've created that in turn submits requests to MS signing service and then waits for them to finish.

We haven't been able to pinpoint where we are ending up with an empty repomd.xml.asc file but it does look like we're getting back a non-empty file from the MS signing service so it's either a problem in our container, script, or possibly Pulp.

We've added a bunch of logging output to help us narrow down the problem, but we've also created this patch as a stopgap to prevent a publication from being created as clients can't download any packages if repomd.xml.asc is empty and then we get a call in the middle of the night to fix it.

We don't mind if you want to reject the change--we will just add this to our own fork of pulp_rpm--but it seems like validating the signing service result could be helpful?

@daviddavis
Copy link
Contributor

@dralley I've looked through the Pulp code already and didn't see anything that could cause repomd.xml.asc to sometimes end up as empty but if you wanted to confirm, we'd appreciate it.

@sdherr
Copy link
Contributor

sdherr commented May 10, 2024

We don't mind if you want to reject the change--we will just add this to our own fork of pulp_rpm--but it seems like validating the signing service result could be helpful?

Agreed and hopefully a temporary fork at that, once we actually track down the problem. But I also don't think there's any scenario where you'd want to publish an empty signature file, so maybe the patch has value. Either the signature file should not exist, or it should contain a valid signature.

garretwyman added a commit to garretwyman/pulp_rpm that referenced this issue May 10, 2024
@garretwyman
Adding simple check for empty signature files. Closes pulp#3526
1afab71 
adding newline
garretwyman added a commit to garretwyman/pulp_rpm that referenced this issue May 13, 2024
@garretwyman
Adding simple check for empty signature files. Closes pulp#3526
c33e7af 
adding newline

PR Review
@pulpbot pulpbot moved this to Done in RH Pulp Kanban board May 13, 2024
patchback bot pushed a commit that referenced this issue May 13, 2024
@garretwyman @patchback
Adding simple check for empty signature files. Closes #3526
9ca8048 
adding newline

PR Review

(cherry picked from commit 9a90c7a)
@patchback patchback bot mentioned this issue May 13, 2024
Merged
dralley pushed a commit that referenced this issue May 13, 2024
@garretwyman @dralley
Adding simple check for empty signature files. Closes #3526
1cb0233 
adding newline

PR Review

(cherry picked from commit 9a90c7a)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature
Projects
No open projects
RH Pulp Kanban board
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@daviddavis @sdherr @dralley @ggainey @garretwyman