theforeman · ekohl · Apr 20, 2021 · Apr 15, 2021
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -124,6 +124,9 @@
 # @param allowed_export_path
 #   Allowed paths that pulp can use for content exports
 #
+# @param allowed_content_checksums
+#   List of checksum types to allow for content operations
+#
 # @param worker_count
 #   Number of pulpcore workers. Defaults to 8 or the number of CPU cores, whichever is smaller. Enabling more than 8 workers, even with additional CPU cores
 #   available, likely results in performance degradation due to I/O blocking and is not recommended in most cases. Modifying this parameter should
@@ -188,6 +191,7 @@
   Stdlib::Fqdn $servername = $facts['networking']['fqdn'],
   Array[Stdlib::Absolutepath] $allowed_import_path = ['/var/lib/pulp/sync_imports'],
   Array[Stdlib::Absolutepath] $allowed_export_path = [],
+  Pulpcore::ChecksumTypes $allowed_content_checksums = ['sha224', 'sha256', 'sha384', 'sha512'],
   String[1] $remote_user_environ_name = 'HTTP_REMOTE_USER',
   Integer[0] $worker_count = min(8, $facts['processors']['count']),
   Boolean $service_enable = true,

diff --git a/spec/classes/pulpcore_spec.rb b/spec/classes/pulpcore_spec.rb
@@ -22,6 +22,7 @@
           is_expected.to contain_concat__fragment('base')
             .with_content(%r{ALLOWED_EXPORT_PATHS = \[\]})
             .with_content(%r{ALLOWED_IMPORT_PATHS = \["/var/lib/pulp/sync_imports"\]})
+            .with_content(%r{ALLOWED_CONTENT_CHECKSUMS = \["sha224", "sha256", "sha384", "sha512"\]})
             .without_content(/sslmode/)
           is_expected.to contain_file('/etc/pulp')
           is_expected.to contain_file('/var/lib/pulp')

diff --git a/spec/type_aliases/checksumtypes_spec.rb b/spec/type_aliases/checksumtypes_spec.rb
@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+describe 'Pulpcore::ChecksumTypes' do 
+  it { is_expected.to allow_value(['sha1']) }
+  it { is_expected.to allow_value(['sha256']) }
+  it { is_expected.not_to allow_values(['sha0', 'md3']) }
+  it { is_expected.not_to allow_values([]) }
+end
diff --git a/templates/settings.py.erb b/templates/settings.py.erb
@@ -39,6 +39,7 @@ REST_FRAMEWORK__DEFAULT_AUTHENTICATION_CLASSES = (
 
 ALLOWED_IMPORT_PATHS = <%= scope['pulpcore::allowed_import_path'] %>
 ALLOWED_EXPORT_PATHS = <%= scope['pulpcore::allowed_export_path'] %>
+ALLOWED_CONTENT_CHECKSUMS = <%= scope['pulpcore::allowed_content_checksums'] %>
 
 # Derive HTTP/HTTPS via the X-Forwarded-Proto header set by Apache
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
diff --git a/types/checksumtypes.pp b/types/checksumtypes.pp
@@ -0,0 +1,2 @@
+# The supported checksum types by pulpcore
+type Pulpcore::ChecksumTypes = Array[Enum['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'], 1]
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# The supported checksum types by pulpcore
		type Pulpcore::ChecksumTypes = Array[Enum['md5', 'sha1', 'sha224', 'sha256', 'sha384', 'sha512'], 1]