As part of the Hybrid Control Plane (HCP) effort, we would like to rework how we upload images to Glance. Currently we are using the glance-direct import method, which requires downloading the release image to the client before uploading it to Glance. We would like to switch to the web-download import method, which allows us to bypass the client and have Glance download the image directly from the source.

Once we do this, we need to verify the signature of the uploaded image to ensure the image hasn't been manipulated or corrupted on upload. Glance provides two image properties for doing image verification, os_hash_algo and os_hash_value, which store the name of the hashing algorithm used and the hash value, respectively. However, the former is not currently user-configurable and defaults to SHA-512. This is not suitable since only SHA-256 signatures are currently provided for OpenShift images, meaning we would still need to download the image to the client (verifying against the SHA-256 signature in the process) in order to generate a SHA-512 signature that we can use to verify the image in Glance.

We have discussed changing this and allowing the user to specify os_hash_algo when creating the image. The first step in making this change is to write a spec. This task covers that effort.