test(ci): harden Kustomize checksum verification

[danish9039]

✏️ Summary of Changes

This PR hardens the shared Kustomize install path in tests/install_KinD_create_KinD_cluster_install_kustomize.sh.

The recent CI failures were happening before any component-specific tests ran, during the Kustomize bootstrap step. Across reruns, the failure signature varied:

• checksum mismatch
• checksums.txt: no properly formatted checksum lines found

This change makes the Kustomize verification step more explicit and less brittle by:

• matching the checksum entry for the exact expected asset name (kustomize_v5.7.1_linux_amd64.tar.gz),
• using curl --fail --show-error so bad HTTP responses fail earlier and more clearly,
• reusing the explicit asset variable for extraction.

This is intentionally scoped to the shared CI/bootstrap path and does not modify any component manifests.

📦 Dependencies

• None

🐛 Related Issues

• Follow-up to repeated CI failures in the shared Install KinD, Create KinD cluster and Install kustomize step, observed while validating #3367.

✅ Validation

Validated locally against the current upstream kustomize/v5.7.1 release metadata and download assets:

KUSTOMIZE_VERSION=v5.7.1
KUSTOMIZE_ASSET="kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz"
curl --fail --show-error --silent --location --remote-name \
  "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F${KUSTOMIZE_VERSION}/${KUSTOMIZE_ASSET}"
curl --fail --show-error --silent --location \
  "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F${KUSTOMIZE_VERSION}/checksums.txt" \
  | grep -F "  ${KUSTOMIZE_ASSET}" > checksums.txt
sha256sum --check checksums.txt

Observed result:

• exact asset checksum verification passed locally.

✅ Contributor Checklist

• I have tested these changes with kustomize. See Installation Prerequisites.
• All commits are signed-off to satisfy the DCO check.
• I have considered adding my company to the adopters page to support Kubeflow and help the community, since I expect help from the community for my issue (see 1. and 2.).

[github-actions]

Welcome to the Kubeflow Manifests Repository

Thanks for opening your first PR. Your contribution means a lot to the Kubeflow community.

Before making more PRs:
Please ensure your PR follows our Contributing Guide.
Please also be aware that many components are synchronizes from upstream via the scripts in /scripts.
So in some cases you have to fix the problem in the upstream repositories first, but you can use a PR against kubeflow/manifests to test the platform integration.

Community Resources:

• CNCF Slack channels: https://www.kubeflow.org/docs/about/community/#kubeflow-slack-channels
• Community meetings: https://www.kubeflow.org/docs/about/community/

Thanks again for helping to improve Kubeflow.

[Copilot]

Pull request overview

Hardens the shared CI bootstrap step that downloads and verifies Kustomize in the KinD-based test setup, aiming to reduce flaky failures during checksum verification before component tests run.

Changes:

• Introduces an explicit KUSTOMIZE_ASSET variable to avoid repeating the asset name.
• Uses curl --fail --show-error for clearer and earlier failures on bad HTTP responses.
• Filters checksums.txt to the exact expected asset entry before running sha256sum --check.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

[juliusvonkohout]

thank you
/lgtm
/approve

[google-oss-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: juliusvonkohout

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [juliusvonkohout]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment