Listing artifacts is not allowed anymore as non-admin #5875
Comments
|
We discourage users from uploading and using raw artifacts (#5525). Instead, you should follow this approach to upload the content directly to the repository: https://pulpproject.org/pulp_file/docs/user/guides/upload/#upload-a-file-into-foo. |
|
If the artifact is too large to be uploaded in a single shot, we need to resort to chunked uploads. Afaik chunked uploads create an artifact after the final /commit api call. This artifact still needs to be associated with a repository. I could obtain the pulp_href to the artifact from the task status. Unless the task ends with an error, for example of the artifact allready exists. Then i don't get a href to the artifact. In this scenario i would like to list the artifact based on the sha256 of the file that has been uploaded, such so that i can obtain the pulp_href to the artifact, which i need to associate the artifact with a repository. Unless you can provide an alternative to identify an artifact created from chunked upload, i don't see another solution through the api. |
|
In all places, where you can upload a file, you can alternatively specify an uncommited upload, or even a remote url. |
|
We should probably deprecate / lock down / remove the "upload commit" too. |
|
I am not sure if i am agreeing with closing this. It looks unresolved to me. The end result of the example at https://pulpproject.org/pulpcore/docs/user/guides/upload-publish/?h=chunked#chunked-uploads is a committed upload. Which according the documentation states: This queues a task that creates an artifact, and the upload gets deleted and cannot be re-used. So after a commit, the upload is gone, and the end-result is an artifact at that point according the documentation Now from this point we can move forward on either:
With the API i can add an uncommitted upload with --upload From what i understand is that the current way should be to upload a large file in chunks but not end with a commit. Then associate the uncommited upload with a repository. Now i wonder how i can verify that the uncommitted upload actually matches the sha256 of the in chunks uploaded file ? Cause this was an option with the /commit step, but i can't do that while creating a file content or rpm content Anyways, the documentation states incorrect things in my opinion. |
|
I kind of hit close comment by accident and then thought, well it's not broken as such. |
|
Can you maybe file a feature request for providing checksums when using Uploads as a separate issue? |
|
Version
3.64
Describe the bug
When uploading a large file with the procedure stated here https://pulpproject.org/pulpcore/docs/user/guides/upload-publish/?h=chunked#chunked-uploads you will end up with an artifact that is not associated with any repository yet.
The last step where you do a commit will produce a reference to an artifact task.
My current workflow is to verify that the artifact task has completed.
Next step is to list the artifact based on the sha256, just to verify that it is really there (maybe too much paranoia), but that step is no longer allowed. I think it was before change #5669
When artifact is present, i associate it with a repository based on the artifact href obtained from the previous step
I can't find any permission to still allow users to list artifacts (https://pulpproject.org/pulpcore/restapi/#tag/Artifacts/operation/artifacts_list)
To Reproduce
List artifacts as non-admin user
Expected behavior
Allow user to still list artifacts based on rbac
Additional context
None
The text was updated successfully, but these errors were encountered: