Fix information disclosure #11959
Merged
Fix information disclosure #11959
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
release-note
|
Hi @bbaassssiiee. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
k8s-ci-robot
added
the
lgtm
|
Thanks @bbaassssiiee |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: bbaassssiiee, tico88612, yankay The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
We'll have to remind other PRs to write the commit message correctly. 😂 
|
clyhtsuriva
added a commit
to clyhtsuriva/kubespray
that referenced
this pull request
Feb 16, 2025
commit d7962fb Author: Jan Breitkopf <[email protected]> Date: Sat Feb 15 13:16:20 2025 +0100 fix quotations in dhclient hooks (kubernetes-sigs#11946) commit dbb9900 Author: Moritz Graf <[email protected]> Date: Fri Feb 14 16:56:24 2025 +0100 Update main.yml (kubernetes-sigs#11943) Adding single quotees around parameters in crictl. commit e24216b Author: Max Gautier <[email protected]> Date: Fri Feb 14 09:28:21 2025 +0100 Automatically derive defaults versions from checksums (kubernetes-sigs#11906) * Automatically derive defaults versions from checksums Currently, when updating checksums, we manually update the default versions. However, AFAICT, for all components where we have checksums, we're using the newest version out of those checksums. Codify this in the `_version` defaults variables definition to make the process automatic and reduce manual steps (as well as the diff size during reviews). We assume the versions are sorted, with newest first. This should be guaranteed by the pre-commit hooks. * Validate checksums are ordered by versions, newest first * Generalize render-readme-versions hook for other static files The pre-commit hook introduced a142f40 (Update versions in README.md with pre-commit, 2025-01-21) allow to update our README with new versions. It turns out other "static" files (== which don't interpret Ansible variables) also use the default version (in that case, our Dockefiles, but there might be others) The Dockerfile breaks if the variable they use (`kube_version`) is a Jinja template. For helping with automatic version upgrade, generalize the hook to deal with other static files, and make a template out of the Dockerfile. * Dockerfile: template kube_version with pre-commit instead of runtime * Validate all versions/checksums are strings in pre-commit All the ansible/python tooling for version is for version strings. YAML unhelpfully consider some stuff as number, so enforce this. * Stringify checksums versions commit a51e7dd Author: Boris <[email protected]> Date: Tue Feb 11 14:37:58 2025 +0300 refact ip stack (kubernetes-sigs#11953) commit c557adf Author: Bas <[email protected]> Date: Sat Feb 8 12:01:55 2025 +0100 bugfix (kubernetes-sigs#11959) commit d10a2cd Author: Ali Afsharzadeh <[email protected]> Date: Sat Feb 8 06:41:57 2025 +0330 Update load balancers versions to Nginx 1.27, Haproxy 3.1 (kubernetes-sigs#11928) commit cfad1bd Author: Raul Butuc <[email protected]> Date: Fri Feb 7 17:09:55 2025 +0200 Fix incorrect syntax for secondary nodelocaldns manifest (kubernetes-sigs#11952) * Fix incorrect syntax * Fix incorrect syntax commit 08b77b5 Author: Kay Yan <[email protected]> Date: Thu Feb 6 19:53:56 2025 +0800 Fix CI by exclude the `.ansible` in `.ansible-lint` & remove `ctr image pull` workaround (kubernetes-sigs#11948) * exclude .ansible in ansible-lint * remote ctr i pull workdaround Signed-off-by: Kay Yan <[email protected]> --------- Signed-off-by: Kay Yan <[email protected]> commit fe0a1f4 Author: Mohamed Omar Zaian <[email protected]> Date: Wed Feb 5 09:50:16 2025 +0100 Bump nerdctl to v2.0.3 (kubernetes-sigs#11913) commit 624937d Author: Mohamed Omar Zaian <[email protected]> Date: Wed Feb 5 08:32:15 2025 +0100 [containerd] Support containerd v2.0.x (kubernetes-sigs#11845)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
What this PR does / why we need it:
The download.url could contain username and password when using private file repositories.
That will be in the logs. Use unsafe_show_logs to override.
Which issue(s) this PR fixes:
Fixes #11958
Special notes for your reviewer:
There is more discussion about private file repos in #10294
Does this PR introduce a user-facing change?: