Pulp deb don't create metadata of official Ubuntu repo

Support
#1

Problem: After synchronization of Ubuntu repositories ( eg: Ubuntu22 main ) I don’t have metadata. Miss InRelease and Release.gpg

Pulpcore + plugin version:
“deb”: “3.2.0”,
“rpm”: “3.25.2”,
“core”: “3.50.2”

Operating system - distribution and version:
k8s

When I create a deb repo for example Ubuntu 22 main, it miss the medata. I see only Release file in the root directory. It miss the inRelease and Release.gpg file.
I have seen in the documentation it is possible to do it ( Feature Overview — Pulp deb Support 3.2.0 documentation )
I have also followed a documentation explaining that we have to change a parameter called :

  • allowed_content_checksums
    ( Content Checksums - Pulp Operator )
    I have changed this parameter and a migration of the DB has been done.
    But I see any changes in my Ubuntu repositories.

Do you have an idea on how to do it ?
Thanks

#2

It depends on what it is you want.

  • By default Pulp generates its own metadata during publish. The Release file you see in your repo is part of the APT repo metadata created by Pulp. If you want that metadata to be signed (via a Release.gpg and/or InRelease file), then you need to set up a signing service.
  • If you want Pulp to serve the original upstream metadata, then you need to use a verbatim publication. Be warned, there have been reports of upstream repos that do not work well using verbatim publications.
3 Likes
#3

Thank you @quba42 ,
Just to inform you I have been able to create the signing service for Ubuntu distributions.
I have now a global solution who synchronize all data on premise to distribute to my endpoint.
I can use the gpg public key to sign my packages in the pulp.
And as you have explained, I am able to create a snapshot of each repo.

I put the script just in case for other people who would need to.

UBUNTU_URL=http://ch.archive.ubuntu.com/ubuntu/
REPOS_L=(
...
    "focal;--url ${UBUNTU_URL} --distribution=focal;os/focal"
    "focal-updates;--url ${UBUNTU_URL} --distribution=focal-updates;os/focal"
    "focal-security;--url ${UBUNTU_URL} --distribution=focal-security;os/focal"
...
)

DEFAULT_REMOTE_OPTIONS=( --architecture=amd64 --policy immediate --tls-validation False ) 
    
SIGNING_SERVICE_NAME='PulpQE'
POETRYRUN='poetry run'

...
CreateRepo() 
{ 
BACKUPIFS=$IFS
for r in "${REPOS_L[@]}";do 
    IFS=";" read -r -a r <<< "$r"
    REPO_NAME="${r[0]}"
    URL="${r[1]}"
    BASEPATH="${r[2]}"

    echo "# Create remote for $REPO_NAME #"
    $POETRYRUN pulp deb remote create --name $REPO_NAME \
    $URL \
    ${DEFAULT_REMOTE_OPTIONS[@]} | jq -C
    check

    echo "# Create repository for $REPO_NAME repo and on remote $REPO_NAME #" 
    $POETRYRUN pulp deb repository create --name=$REPO_NAME \
    --description $REPO_NAME \
    --remote $REPO_NAME | jq -C
    check

    echo "# Sync $REPO_NAME repo #"
    $POETRYRUN pulp deb repository sync --name $REPO_NAME | jq -C
    check
    
    echo "# Create publication  for $REPO_NAME repo #"
    PULP_HREF_CURR=$($POETRYRUN pulp deb publication --type apt create --repository $REPO_NAME \
    --signing-service=${SIGNING_SERVICE_NAME} | jq -r .pulp_href)
    check

    echo "# Create a distribution attached to the last reference for ${REPO_NAME}_Snap repo on publication ${PULP_HREF_CURR} #"
    $POETRYRUN pulp deb distribution create --name "${REPO_NAME}_Snap" \
    --base-path "${BASEPATH}/${REPO_NAME}_Snap" --publication ${PULP_HREF_CURR} | jq -C
    check

    echo "# Create a distribution attached to the last reference for $REPO_NAME repo on publication ${PULP_HREF_CURR} #"
    $POETRYRUN pulp deb distribution create --name $REPO_NAME \
    --base-path "${BASEPATH}/${REPO_NAME}" --publication ${PULP_HREF_CURR} | jq -C
    check

done
IFS=$BACKUPIFS
}
3 Likes