From 86855be634e64ef3ae9e6b16c86e3129a5d66055 Mon Sep 17 00:00:00 2001
From: Max Gautier <mg@max.gautier.name>
Date: Fri, 6 Sep 2024 10:56:03 +0200
Subject: [PATCH] download_hash: document missing support

---
 scripts/download_hash.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/scripts/download_hash.py b/scripts/download_hash.py
index ca65b05e2..77ba34e82 100644
--- a/scripts/download_hash.py
+++ b/scripts/download_hash.py
@@ -45,6 +45,21 @@ downloads = {
     "skopeo_binary": "https://github.com/lework/skopeo-binary/releases/download/{version}/skopeo-{os}-{arch}.sha256",
     "yq": "https://github.com/mikefarah/yq/releases/download/{version}/checksums-bsd", # see https://github.com/mikefarah/yq/pull/1691 for why we use this url
 }
+# TODO: downloads not supported
+# youki: no checkusms in releases
+# kata: no checksums in releases
+# gvisor: sha512 checksums
+# crun : PGP signatures
+# cri_dockerd: no checksums or signatures
+# helm_archive: PGP signatures
+# krew_archive: different yaml structure
+# calico_crds_archive: different yaml structure
+
+# TODO:
+# noarch support -> k8s manifests, helm charts
+# different checksum format (needs download role changes)
+# different verification methods (gpg, cosign) ( needs download role changes) (or verify the sig in this script and only use the checksum in the playbook)
+# perf improvements (async)
 
 def download_hash(only_downloads: [str]) -> None:
     # Handle file with multiples hashes, with various formats.