Katello allows an additional flag to be passed to candlepin when importing a manifest: Force. The only case I've seen where this is required is when importing a manifest with a creation date that is earlier than the currently imported manifest. My question: Should this really be allowed? Is a manifest with an earlier date even valid any longer?
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
On Wed, Jun 27, 2012 at 10:30 AM, Tom McKay thomasmckay@redhat.com wrote:
Katello allows an additional flag to be passed to candlepin when importing a manifest: Force. The only case I've seen where this is required is when importing a manifest with a creation date that is earlier than the currently imported manifest. My question: Should this really be allowed? Is a manifest with an earlier date even valid any longer? _______________________________________________ candlepin mailing list candlepin@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/candlepin
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Seems to me that force should be hidden from view, and possibly not be there at all.
On 06/27/2012 10:44 AM, Devan Goodwin wrote:
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
I download the wrong manifest, and need to restore to the last one i downloaded?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Consultants who hack stuff.
Seems to me that force should be hidden from view, and possibly not be there at all.
I am fine to bury this in the CLI. That allows us to have it for advanced users.
-- bk
I think the restoring use case should be fixed by a restore uri that knows how to fix a broken manifest upload vs a force flag.
As far as consultants go do they really need a force flag? Sounds to me like they're trying to break something.
Sincerely, Jesus On Jun 27, 2012 10:48 AM, "Bryan Kearney" bkearney@redhat.com wrote:
On 06/27/2012 10:44 AM, Devan Goodwin wrote:
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
I download the wrong manifest, and need to restore to the last one i downloaded?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Consultants who hack stuff.
Seems to me that force should be hidden from view, and possibly not be there at all.
I am fine to bury this in the CLI. That allows us to have it for advanced users.
-- bk
______________________________**_________________ candlepin mailing list candlepin@lists.fedorahosted.**org candlepin@lists.fedorahosted.org https://fedorahosted.org/**mailman/listinfo/candlepinhttps://fedorahosted.org/mailman/listinfo/candlepin
On Wed, Jun 27, 2012 at 11:44:44AM -0300, Devan Goodwin wrote:
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Seems to me that force should be hidden from view, and possibly not be there at all.
I've long been trying to get that option out of the ui. There's few cases where a non developer can use it and it won't end up hurting them.
It should be available as an advanced cli option, wrapped in nice warnings, and only used when something catastrophic has happened, and you need to roll back to an old version.
I'd prefer sig checking to just be a config option, but if we wanted it to be tweakable at run time, it should be a seperate option, so you can roll back to and older manifest version, but still verify its integrity.
katello-devel mailing list katello-devel@redhat.com https://www.redhat.com/mailman/listinfo/katello-devel
-James
On 06/27/2012 10:52 AM, James Bowes wrote:
On Wed, Jun 27, 2012 at 11:44:44AM -0300, Devan Goodwin wrote:
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Seems to me that force should be hidden from view, and possibly not be there at all.
I've long been trying to get that option out of the ui. There's few cases where a non developer can use it and it won't end up hurting them.
It should be available as an advanced cli option, wrapped in nice warnings, and only used when something catastrophic has happened, and you need to roll back to an old version.
I'd prefer sig checking to just be a config option, but if we wanted it to be tweakable at run time, it should be a seperate option, so you can roll back to and older manifest version, but still verify its integrity.
katello-devel mailing list katello-devel@redhat.com https://www.redhat.com/mailman/listinfo/katello-devel
-James
ok.. added to the backlog:
As a user, i would like the Force flag removed from the UI but kept in the CLI for manifest uploads so that I can not hurt myself accidently.
-- bk
On Jun 27, 2012, at 10:57 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 10:52 AM, James Bowes wrote:
On Wed, Jun 27, 2012 at 11:44:44AM -0300, Devan Goodwin wrote:
On Wed, Jun 27, 2012 at 11:17 AM, Bryan Kearney bkearney@redhat.com wrote:
On 06/27/2012 09:38 AM, Devan Goodwin wrote:
I believe the creation date is the only thing force buys you, and indeed an older manifest should not normally be usable unless something went wrong with the new one. The force flag has kind of run off the rails. It was requested for development purposes if I recall correctly, but there is definitely no reason I can think of it should be allowed for end users.
If we turn back on checking the signature, and the checks for type, then it will become relevant again.
- bk
What's the use case where an end user would want to bypass date checking?
Same question for bypassing signature checking. (that one is even more scary to me, what on earth would someone be doing to need that?) :)
Seems to me that force should be hidden from view, and possibly not be there at all.
I've long been trying to get that option out of the ui. There's few cases where a non developer can use it and it won't end up hurting them.
It should be available as an advanced cli option, wrapped in nice warnings, and only used when something catastrophic has happened, and you need to roll back to an old version.
I'd prefer sig checking to just be a config option, but if we wanted it to be tweakable at run time, it should be a seperate option, so you can roll back to and older manifest version, but still verify its integrity.
katello-devel mailing list katello-devel@redhat.com https://www.redhat.com/mailman/listinfo/katello-devel
-James
ok.. added to the backlog:
As a user, i would like the Force flag removed from the UI but kept in the CLI for manifest uploads so that I can not hurt myself accidently.
+1
-- bk
katello-devel mailing list katello-devel@redhat.com https://www.redhat.com/mailman/listinfo/katello-devel
candlepin@lists.stg.fedorahosted.org