For a full list of bug fixes and changes that occurred as part of this release, see the changelog for this release in the Pulpcore documentation.
New in Pulp 3.11
Let’s take a look at the main features of this release.
New Artifacts Checksum Reports #7986
You can now evaluate how many content units are affected by a checksum type change by using the ‘pulpcore-manager handle-artifact-checksums –report’ command.
You can simply run this command, or run it with the
--checksums and include a comma-sseparated list of the checksums that you want to use.
With this report, you can preview the impact of any change you want to make before you change the setting.
This new feature is currently a tech preview.
Proxy Authorization Updates #8167
In previous versions of Pulp, the only way to specify a proxy username and password was to append them in the
With this release, there are two new fields:
proxy_password for remotes that you can use to enter your credentials. As a result of this change, you can no longer specify credentials as part of the
A data migration will move the proxy authentication information on existing remotes to the new fields.
Worker timeout is now configurable #8291
In previous versions of Pulp, worker timeout was hardcoded as 30 seconds. Depending on the system, and the I/O of Postgresql, this hardcoded value caused problems.
As part of this release, a new setting
WORKER_TTL has been added. You can specify the interval, in seconds, that you consider a worker as missing after its last heartbeat. The default value is 30 seconds.
You can edit the
WORKER_TTL setting in
QueryExistingArtifacts now enforces ALLOWED_CONTENT_CHECKSUMS #7854
An error will now occur if you sync content that includes a checksum that is not part of
handle-artifact-checksums - now fully supported #7928
handle-artifact-checksums, command, which was introduced as a tech preview is now a fully-supported part of Pulp 3.
In earlier versions of Pulp plugins,
/pulp/api/v3/status/ listed Python package names instead of Django app names.
With this release, the
component field of the
versions section of the status API
/pulp/api/v3/status/ now lists the Django app name, not the Python package name. Similarly the OpenAPI schema at
/pulp/api/v3 does also. To support this change, plugins are required to supply their label and version in the
PulpPluginAppConfig since 3.10. #8198
The following items have been removed from Pulpcore as part of this release:
Sensitive data removed from Remote responses #8202
Removed sensitive fields
client_key from Remote responses. You can still set and update these fields, but they will no longer be readable.
sha1 from ALLOWED_CONTENT_CHECKSUMS #8246
sha1 checksums have been removed from the
ALLOWED_CONTENT_CHECKSUMS setting because they are insecure.
With this release, the default
Systems with existing Artifacts will undergo an automatic update as part of this release #8322
Due to the removal of
sha1 from the
ALLOWED_CONTENT_CHECKSUMS setting, every system that had any Artifacts synced prior to Pulpcore 3.11 will have to run the
pulpcore-manager handle-content-checksums command. This release provides an automatic data migration that will run the command automatically as part of the
pulpcore-manager migrate command all upgrades must run anyway.
The key field of SigningService #8398
key field from the SigningService response has been removed. The SigningService contains the key information in the
public_key field already.
Addressing AccessPolicy via the viewset’s classname#8397
The ability to address
AccessPolicy using the viewset’s classname. Use the Viewset’s
Plugin developer updates #7815
This release includes the following updates to the plugin API.
Plugin developers now have the flexibility to use more than one
WorkingDirectory() within a task, which includes nested calls. Tasks will also now use a temporary working directory by default.
pulpcore.app.pulp_hashlib instead of
pulpcore.app.pulp_hashlib module has been added, which provides the
new function and ensures that only allowed hashes listed in
ALLOWED_CONTENT_CHECKSUMS can be instantiated. Plugin writers should use this instead of
hashlib.new to generate checksum hashers.
New method for querying content #8375
get_content method to
pulpcore.plugin.models.RepositoryVersion that accepts a queryset and returns a list of content in that repository using the given queryset.
This allows for specific content type to be returned by executing
Plugin API Removals
- Adjusted the
ALLOWED_CONTENT_CHECKSUMSsetting to remove
sha1because they are insecure. Now, by default, the
- Removed the unused
Plugin API Deprecations
pulpcore.plugin.tasking.WorkingDirectory has been deprecated. #8231
If you have any questions or comments about anything in this release, don’t hesitate to write to us at