Skip to content

Move checksums to kubespray_defaults/vars#12234

Merged
k8s-ci-robot merged 1 commit intokubernetes-sigs:masterfrom
VannTen:cleanup/checksums_are_not_defaults
May 18, 2025
Merged

Move checksums to kubespray_defaults/vars#12234
k8s-ci-robot merged 1 commit intokubernetes-sigs:masterfrom
VannTen:cleanup/checksums_are_not_defaults

Conversation

@VannTen
Copy link
Copy Markdown
Contributor

@VannTen VannTen commented May 18, 2025

What type of PR is this?
/kind cleanup

What this PR does / why we need it:
The checksums are not a defaults and are not meant to be changed from
the inventories.

Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

Binary checksums are no longer overridable from inventories or host facts

@VannTen
Move checksums to kubespray_defaults/vars
f9204ef 
The checksums are not a defaults and are not meant to be changed from
the inventories.

Furthermore, role defaults have a lower priority that hosts facts, which
technically means a rogue hosts could hijack the hashes for its
variables.
@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 18, 2025
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented May 18, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: VannTen

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels May 18, 2025
@tmurakam
Copy link
Copy Markdown
Contributor

tmurakam commented May 18, 2025

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 18, 2025
@k8s-ci-robot k8s-ci-robot merged commit 3a2862e into kubernetes-sigs:master May 18, 2025
46 checks passed
@tico88612 tico88612 mentioned this pull request May 20, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MrFreezeex MrFreezeex Awaiting requested review from MrFreezeex

@tico88612 tico88612 Awaiting requested review from tico88612

Assignees

@tmurakam tmurakam

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@VannTen @k8s-ci-robot @tmurakam