From 6cae8dfa32c4083e2a7128086003dacbed346123 Mon Sep 17 00:00:00 2001
From: Ravi Teja <raviteja1804@gmail.com>
Date: Wed, 8 Mar 2023 14:10:27 -0600
Subject: [PATCH] fix: use sha1 instead of md5 to make the installer work in
 FIPS (#1260)

Co-authored-by: RaviTeja Buddabathuni (rbuddaba) <rbuddaba@cisco.com>
---
 roles/installer/templates/deployments/deployment.yaml.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/roles/installer/templates/deployments/deployment.yaml.j2 b/roles/installer/templates/deployments/deployment.yaml.j2
index 32670640..fe02e7f1 100644
--- a/roles/installer/templates/deployments/deployment.yaml.j2
+++ b/roles/installer/templates/deployments/deployment.yaml.j2
@@ -27,7 +27,7 @@ spec:
     "secrets/app_credentials",
     "storage/persistent",
   ] %}
-        checksum-{{ template | replace('/', '-') }}: "{{ lookup('template', template + '.yaml.j2') | md5 }}"
+        checksum-{{ template | replace('/', '-') }}: "{{ lookup('template', template + '.yaml.j2') | sha1 }}"
 {% endfor %}
 {% for secret in [
     "bundle_cacert",
@@ -37,7 +37,7 @@ spec:
     "receptor_ca",
     "receptor_work_signing",
   ] %}
-        checksum-secret-{{ secret }}: "{{ lookup('ansible.builtin.vars', secret, default='')["resources"][0]["data"] | default('') | md5 }}"
+        checksum-secret-{{ secret }}: "{{ lookup('ansible.builtin.vars', secret, default='')["resources"][0]["data"] | default('') | sha1 }}"
 {% endfor %}
 {% if annotations %}
         {{ annotations | indent(width=8) }}