diff --git a/manifests/init.pp b/manifests/init.pp index eb6f267f..8c51f5ed 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -124,6 +124,9 @@ # @param allowed_export_path # Allowed paths that pulp can use for content exports # +# @param allowed_content_checksums +# List of checksum types to allow for content operations +# # @param worker_count # Number of pulpcore workers. Defaults to 8 or the number of CPU cores, whichever is smaller. Enabling more than 8 workers, even with additional CPU cores # available, likely results in performance degradation due to I/O blocking and is not recommended in most cases. Modifying this parameter should @@ -188,6 +191,7 @@ Stdlib::Fqdn $servername = $facts['networking']['fqdn'], Array[Stdlib::Absolutepath] $allowed_import_path = ['/var/lib/pulp/sync_imports'], Array[Stdlib::Absolutepath] $allowed_export_path = [], + Array[Enum['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512']] $allowed_content_checksums = ['sha224', 'sha256', 'sha384', 'sha512'], String[1] $remote_user_environ_name = 'HTTP_REMOTE_USER', Integer[0] $worker_count = min(8, $facts['processors']['count']), Boolean $service_enable = true, diff --git a/spec/classes/pulpcore_spec.rb b/spec/classes/pulpcore_spec.rb index 94efdfa1..1a5268fe 100644 --- a/spec/classes/pulpcore_spec.rb +++ b/spec/classes/pulpcore_spec.rb @@ -22,6 +22,7 @@ is_expected.to contain_concat__fragment('base') .with_content(%r{ALLOWED_EXPORT_PATHS = \[\]}) .with_content(%r{ALLOWED_IMPORT_PATHS = \["/var/lib/pulp/sync_imports"\]}) + .with_content(%r{ALLOWED_CONTENT_CHECKSUMS = \["sha224", "sha256", "sha384", "sha512"\]}) .without_content(/sslmode/) is_expected.to contain_file('/etc/pulp') is_expected.to contain_file('/var/lib/pulp') diff --git a/templates/settings.py.erb b/templates/settings.py.erb index 757dc3c6..54e847fb 100644 --- a/templates/settings.py.erb +++ b/templates/settings.py.erb @@ -39,6 +39,7 @@ REST_FRAMEWORK__DEFAULT_AUTHENTICATION_CLASSES = ( ALLOWED_IMPORT_PATHS = <%= scope['pulpcore::allowed_import_path'] %> ALLOWED_EXPORT_PATHS = <%= scope['pulpcore::allowed_export_path'] %> +ALLOWED_CONTENT_CHECKSUMS = <%= scope['pulpcore::allowed_content_checksums'] %> # Derive HTTP/HTTPS via the X-Forwarded-Proto header set by Apache SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')