Since the client_key is write_only, the only solution currently would be to update the client_key with your entitlement cert. You could do this instead of checking the client_key, or every time before sync or when you hit a 403.
I imagine that these solutions may not suffice for you though. In which case, can you file a feature request and we can look at possible solutions? https://pulp.plan.io/projects/pulp/issues/new David On Thu, Sep 9, 2021 at 1:36 PM Bin Li (BLOOMBERG/ 120 PARK) < bli...@bloomberg.net> wrote: > It makes sense to make it private. Redhat subscription manager frequent > updated the entitlement cert. We don't know if the client_key in pulp is > valid until we get the 403 error. We'd like update the key automatically. > Is there an alternative way to compare the client key so we always have a > valid key? > > From: davidda...@redhat.com At: 09/09/21 12:56:46 UTC-4:00 > To: Bin Li (BLOOMBERG/ 120 PARK ) <bli...@bloomberg.net> > Cc: pulp-list@redhat.com > Subject: Re: [Pulp-list] pulp-rpm-client 3.15.0 > > The remote fields client_key, username, and password became no longer > readable in pulp 3.11. You can still set/update them but we considered > exposing them in the API as a security vulnerability. > > https://docs.pulpproject.org/pulpcore/changes.html#id330 > https://pulp.plan.io/issues/8202 > > David > > > On Thu, Sep 9, 2021 at 12:42 PM Bin Li (BLOOMBERG/ 120 PARK) < > bli...@bloomberg.net> wrote: > >> We are using pulpcore.client.pulp_rpm to query pulp remote objects to >> compare the client_key to make sure we always have valid entitlement in >> pulp. We current running 3.7.3 >> >> After we upgraded to 3.15.2 and installed pulp-rpm-client 3.15.0. We got >> the following error >> AttributeError: 'RpmRpmRemoteResponse' object has no attribute >> 'client_key'. >> >> Should the 'RpmRpmRemoteResponse' has client_key attribute as previous >> releases? >> >> >> class RpmRpmRemoteResponse(builtins.object) >> | RpmRpmRemoteResponse(pulp_href=None, pulp_created=None, name=None, >> url=None, ca_cert=None, client_cert=None, tls_validation=None, >> proxy_url=None, pulp_labels=None, pulp_last_updated=None, >> download_concurrency=None, max_retries=None, policy=None, >> total_timeout=None, connect_timeout=None, sock_connect_timeout=None, >> sock_read_timeout=None, headers=None, rate_limit=None, >> sles_auth_token=None, local_vars_configuration=None) >> >> >> class RpmRpmRemote(builtins.object) >> | RpmRpmRemote(name=None, url=None, ca_cert=None, client_cert=None, >> client_key=None, tls_validation=None, proxy_url=None, proxy_username=None, >> proxy_password=None, username=None, password=None, pulp_labels=None, >> download_concurrency=None, max_retries=None, policy=None, >> total_timeout=None, connect_timeout=None, sock_connect_timeout=None, >> sock_read_timeout=None, headers=None, rate_limit=None, >> sles_auth_token=None, local_vars_configuration=None) >> >> >> >> _______________________________________________ >> Pulp-list mailing list >> Pulp-list@redhat.com >> https://listman.redhat.com/mailman/listinfo/pulp-list > > >
_______________________________________________ Pulp-list mailing list Pulp-list@redhat.com https://listman.redhat.com/mailman/listinfo/pulp-list
