feat(ci): compare lists of packages to deliver to testing repositories (#3206)

[mushroomempires]

Description

Fixes # MON-195796

Type of change

• Patch fixing an issue (non-breaking change)
• New functionality (non-breaking change)
• Breaking change (patch or feature) that might cause side effects breaking part of the Software
• Updating documentation (missing information, typo...)

Target serie

• 23.10.x
• 24.04.x
• 24.10.x
• 25.10.x
• master

How this pull request can be tested ?

Please describe the procedure to verify that the goal of the PR is matched. Provide clear instructions so that it can be correctly tested.

Any relevant details of the configuration to perform the test should be added.

Checklist

• I have followed the coding style guidelines provided by Centreon
• I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
• I have commented my code, especially hard-to-understand areas of the PR.
• I have made corresponding changes to the documentation.
• I have rebased my development branch on the base branch (master, maintenance).

Summary by Aikido

⚠️ Security Issues: 4	Quality Issues: 0	✅ Resolved Issues: 2

⚡ Enhancements

• Stored list of restored DEB and RPM packages to text files
• Added comparison step to verify delivered packages matched restored lists
• Redirected root repository paths for DEB and RPM deliveries to test-specific

^{More info}

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🏷️ Required labels (at least one) (1)

• coderabbit

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: d2ea380a-1785-4fa0-8cdd-fc8d811799a1

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch MON-195796-dev-25.10.x

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can approve the review once all CodeRabbit's comments are resolved.

Enable the reviews.request_changes_workflow setting to automatically approve the review once all CodeRabbit's comments are resolved.

[aikido-pr-checks]

Template Injection in GitHub Workflows Action - critical severity
A GitHub Actions workflow step contains a template expression referencing potentially untrusted GitHub context fields. This may allow malicious input to be injected into shell commands, leading to a potential supply chain attack as tokens of the CI/CD pipeline could be exfiltrated.

Show fix

Remediation: Review your GitHub Actions workflow for any template expressions that interpolate GitHub context values, especially those ending with unsafe suffixes such as 'body', 'title', 'email', 'head_ref', etc. Sanitize or validate these inputs before use, or refactor the workflow to avoid directly embedding untrusted data in shell commands.

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}

[aikido-pr-checks]

Template Injection in GitHub Workflows Action - critical severity
A GitHub Actions workflow step contains a template expression referencing potentially untrusted GitHub context fields. This may allow malicious input to be injected into shell commands, leading to a potential supply chain attack as tokens of the CI/CD pipeline could be exfiltrated.

Show fix

Remediation: Review your GitHub Actions workflow for any template expressions that interpolate GitHub context values, especially those ending with unsafe suffixes such as 'body', 'title', 'email', 'head_ref', etc. Sanitize or validate these inputs before use, or refactor the workflow to avoid directly embedding untrusted data in shell commands.

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}

[aikido-pr-checks]

Template Injection in GitHub Workflows Action - critical severity
A GitHub Actions workflow step contains a template expression referencing potentially untrusted GitHub context fields. This may allow malicious input to be injected into shell commands, leading to a potential supply chain attack as tokens of the CI/CD pipeline could be exfiltrated.

Show fix

Remediation: Review your GitHub Actions workflow for any template expressions that interpolate GitHub context values, especially those ending with unsafe suffixes such as 'body', 'title', 'email', 'head_ref', etc. Sanitize or validate these inputs before use, or refactor the workflow to avoid directly embedding untrusted data in shell commands.

_{Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info}

[Tpo76]

🤖 This is an automatic comment generated by an internal tool.

Complexity Classification: Standard

Justification: Automatic classification failed; defaulting to standard.

Metric	Value
WIP Points	2
SLA Track	Standard SLA (2 work days)
First review SLA	1 work day

A maintainer can override this classification at any time.