Fix INSTALL_K3S_PR support

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
5 months ago · d1709d60ce
2 changed files with 20 additions and 13 deletions
--- a/install.sh
+++ b/install.sh
@ -445,7 +445,7 @@ download() {
 download_hash() {
    if [ -n "${INSTALL_K3S_PR}" ]; then
        info "Downloading hash ${GITHUB_PR_URL}"
-        curl -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL}
+        curl -s -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL}
        unzip -p ${TMP_ZIP} k3s.sha256sum > ${TMP_HASH}
    else
        if [ -n "${INSTALL_K3S_COMMIT}" ]; then
@ -481,28 +481,35 @@ get_pr_artifact_url() {
        fatal "Installing PR builds requires jq"
    fi
    # Check if unzip is installed
    if ! [ -x "$(command -v unzip)" ]; then
        fatal "Installing PR builds requires unzip"
    fi
    if [ -z "${GITHUB_TOKEN}" ]; then
        fatal "Installing PR builds requires GITHUB_TOKEN with k3s-io/k3s repo permissions"
    fi
    # GET request to the GitHub API to retrieve the latest commit SHA from the pull request
-    pr_raw=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$github_api_url/pulls/$INSTALL_K3S_PR")
+    set +e
-    
+    commit_id=$(curl -f -s -H "Authorization: Bearer ${GITHUB_TOKEN}" "${github_api_url}/pulls/${INSTALL_K3S_PR}" | jq -r '.head.sha')
-    if ! echo "$pr_raw" | grep -q "Bad credentials.*401" ; then
+    set -e
    if [ -z "${commit_id}" ]; then
        fatal "Installing PR builds requires GITHUB_TOKEN with k3s-io/k3s repo permissions"
    fi
    commit_id=$( echo "$pr_raw" | jq -r '.head.sha')
    # GET request to the GitHub API to retrieve the Build workflow associated with the commit
-    wf_raw=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$github_api_url/commits/$commit_id/check-runs")
+    wf_raw=$(curl -s -H "Authorization: Bearer ${GITHUB_TOKEN}" "${github_api_url}/commits/${commit_id}/check-runs")
-    build_workflow=$(printf "%s" "$wf_raw" | jq -r '.check_runs[] |  select(.name == "build / Build")')
+    build_workflow=$(printf "%s" "${wf_raw}" | jq -r '.check_runs[] |  select(.name == "build / Build")')
    # Extract the Run ID from the build workflow and lookup artifacts associated with the run
-    run_id=$(echo "$build_workflow" | jq -r ' .details_url' | awk -F'/' '{print $(NF-2)}' | sort -rn | head -1)
+    run_id=$(echo "${build_workflow}" | jq -r ' .details_url' | awk -F'/' '{print $(NF-2)}' | sort -rn | head -1)
    # Extract the artifact ID for the "k3s" artifact    
-    artifacts=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$github_api_url/actions/runs/$run_id/artifacts")
+    artifacts=$(curl -s -H "Authorization: Bearer ${GITHUB_TOKEN}" "${github_api_url}/actions/runs/${run_id}/artifacts")
-    artifacts_url=$(echo "$artifacts" | jq -r '.artifacts[] | select(.name == "k3s") | .archive_download_url')
+    artifacts_url=$(echo "${artifacts}" | jq -r '.artifacts[] | select(.name == "k3s") | .archive_download_url')
-    GITHUB_PR_URL=$artifacts_url
+    GITHUB_PR_URL="${artifacts_url}"
 }
 # --- download binary from github url ---
@ -511,7 +518,7 @@ download_binary() {
        # Since Binary and Hash are zipped together, check if TMP_ZIP already exists
        if ! [ -f ${TMP_ZIP} ]; then
            info "Downloading K3s artifact ${GITHUB_PR_URL}"
-            curl -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL}
+            curl -s -f -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL}
        fi
        # extract k3s binary from zip
        unzip -p ${TMP_ZIP} k3s > ${TMP_BIN}
--- a/install.sh.sha256sum
+++ b/install.sh.sha256sum
@ -1 +1 @@
-2e2469498e1d6a5dcd97d0eeae342298500b27fe0768527ea8039a3295cdbce9  install.sh
+a5a95f60c57049a1d4eb11953e60d80f5f7e2fae4c7865959da669b48a44e668  install.sh
`@ -1 +1 @@`
	`2e2469498e1d6a5dcd97d0eeae342298500b27fe0768527ea8039a3295cdbce9 install.sh`	`a5a95f60c57049a1d4eb11953e60d80f5f7e2fae4c7865959da669b48a44e668 install.sh`