Closed tuminoid closed 3 days ago
/test metal3-dev-env-integration-test-ubuntu-main
Setting up a dev-env is successful test enough for this, as we can see from the logs if it downloaded it or not, and if it matched or not.
/test metal3-centos-e2e-integration-test-release-1-7
Let's also see if we can pass older release test (we should, as we just ignore anything passed to us)
/unhold
Works as expected. It ignores the KUBECTL_SHA256 if passed to it and download the sha and verified it regardless of the version of kubectl.
/cc @Rozzii @kashifest
/retitle remove hardcoded KUBECTL_SHA256 pinning with downloaded SHA check
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: kashifest
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Kubectl is not our production binary, so loosen the pinning by changing from hardcoded kubectl pinning to verifying versus downloaded sha256. KUBECTL_SHA256 is passed thru JJB -> project-infra -> CAPM3 -> dev-env and it makes it super difficult to test new k8s versions in sane way, especially when we would actually need to have one version skew to for upgrade scenarios.