diff --git a/.github/workflows/build-k3s.yaml b/.github/workflows/build-k3s.yaml index 2c39de9216..125d201f10 100644 --- a/.github/workflows/build-k3s.yaml +++ b/.github/workflows/build-k3s.yaml @@ -22,7 +22,7 @@ jobs: - name: Build K3s binary run: | DOCKER_BUILDKIT=1 SKIP_IMAGE=1 SKIP_AIRGAP=1 SKIP_VALIDATE=1 GOCOVER=1 make - + sha256sum dist/artifacts/k3s > dist/artifacts/k3s.sha256sum - name: bundle repo if: inputs.upload-repo == true run: | @@ -39,4 +39,4 @@ jobs: uses: actions/upload-artifact@v3 with: name: k3s - path: dist/artifacts/k3s \ No newline at end of file + path: dist/artifacts/k3s* \ No newline at end of file diff --git a/install.sh b/install.sh old mode 100644 new mode 100755 index d27e33be16..34bfe1ef6f --- a/install.sh +++ b/install.sh @@ -44,6 +44,10 @@ set -o noglob # Commit of k3s to download from temporary cloud storage. # * (for developer & QA use) # +# - INSTALL_K3S_PR +# PR build of k3s to download from Github Artifacts. +# * (for developer & QA use) +# # - INSTALL_K3S_BIN_DIR # Directory to install k3s binary, links, and uninstall script to, or use # /usr/local/bin as the default @@ -92,6 +96,7 @@ set -o noglob # Defaults to 'stable'. GITHUB_URL=https://github.com/k3s-io/k3s/releases +GITHUB_PR_URL="" STORAGE_URL=https://k3s-ci-builds.s3.amazonaws.com DOWNLOADER= @@ -337,6 +342,7 @@ verify_downloader() { setup_tmp() { TMP_DIR=$(mktemp -d -t k3s-install.XXXXXXXXXX) TMP_HASH=${TMP_DIR}/k3s.hash + TMP_ZIP=${TMP_DIR}/k3s.zip TMP_BIN=${TMP_DIR}/k3s.bin cleanup() { code=$? @@ -350,7 +356,10 @@ setup_tmp() { # --- use desired k3s version if defined or find version from channel --- get_release_version() { - if [ -n "${INSTALL_K3S_COMMIT}" ]; then + if [ -n "${INSTALL_K3S_PR}" ]; then + VERSION_K3S="PR ${INSTALL_K3S_PR}" + get_pr_artifact_url + elif [ -n "${INSTALL_K3S_COMMIT}" ]; then VERSION_K3S="commit ${INSTALL_K3S_COMMIT}" elif [ -n "${INSTALL_K3S_VERSION}" ]; then VERSION_K3S=${INSTALL_K3S_VERSION} @@ -434,13 +443,20 @@ download() { # --- download hash from github url --- download_hash() { - if [ -n "${INSTALL_K3S_COMMIT}" ]; then - HASH_URL=${STORAGE_URL}/k3s${SUFFIX}-${INSTALL_K3S_COMMIT}.sha256sum + if [ -n "${INSTALL_K3S_PR}" ]; then + info "Downloading hash ${GITHUB_PR_URL}" + curl -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL} + unzip -p ${TMP_ZIP} k3s.sha256sum > ${TMP_HASH} + sed -i 's/dist\/artifacts\/k3s/k3s/g' ${TMP_HASH} else - HASH_URL=${GITHUB_URL}/download/${VERSION_K3S}/sha256sum-${ARCH}.txt + if [ -n "${INSTALL_K3S_COMMIT}" ]; then + HASH_URL=${STORAGE_URL}/k3s${SUFFIX}-${INSTALL_K3S_COMMIT}.sha256sum + else + HASH_URL=${GITHUB_URL}/download/${VERSION_K3S}/sha256sum-${ARCH}.txt + fi + info "Downloading hash ${HASH_URL}" + download ${TMP_HASH} ${HASH_URL} fi - info "Downloading hash ${HASH_URL}" - download ${TMP_HASH} ${HASH_URL} HASH_EXPECTED=$(grep " k3s${SUFFIX}$" ${TMP_HASH}) HASH_EXPECTED=${HASH_EXPECTED%%[[:blank:]]*} } @@ -457,9 +473,48 @@ installed_hash_matches() { return 1 } +# Use the GitHub API to identify the artifact associated with a given PR +get_pr_artifact_url() { + GITHUB_API_URL=https://api.github.com/repos/k3s-io/k3s + + # Check if jq is installed + if ! [ -x "$(command -v jq)" ]; then + echo "jq is required to use INSTALL_K3S_PR. Please install jq and try again" + exit 1 + fi + + if [ -z "${GITHUB_TOKEN}" ]; then + fatal "Installing PR builds requires GITHUB_TOKEN with k3s-io/k3s repo authorization" + fi + + # GET request to the GitHub API to retrieve the latest commit SHA from the pull request + COMMIT_ID=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$GITHUB_API_URL/pulls/$INSTALL_K3S_PR" | jq -r '.head.sha') + + # GET request to the GitHub API to retrieve the Build workflow associated with the commit + wf_raw=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$GITHUB_API_URL/commits/$COMMIT_ID/check-runs") + build_workflow=$(printf "%s" "$wf_raw" | jq -r '.check_runs[] | select(.name == "build / Build")') + + # Extract the Run ID from the build workflow and lookup artifacts associated with the run + RUN_ID=$(echo "$build_workflow" | jq -r ' .details_url' | awk -F'/' '{print $(NF-2)}') + + # Extract the artifat ID for the "k3s" artifact + artifacts=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" "$GITHUB_API_URL/actions/runs/$RUN_ID/artifacts") + artifacts_url=$(echo "$artifacts" | jq -r '.artifacts[] | select(.name == "k3s") | .archive_download_url') + GITHUB_PR_URL=$artifacts_url +} + # --- download binary from github url --- download_binary() { - if [ -n "${INSTALL_K3S_COMMIT}" ]; then + if [ -n "${INSTALL_K3S_PR}" ]; then + # Since Binary and Hash are zipped together, check if TMP_ZIP already exists + if ! [ -f ${TMP_ZIP} ]; then + info "Downloading K3s artifact ${GITHUB_PR_URL}" + curl -o ${TMP_ZIP} -H "Authorization: Bearer $GITHUB_TOKEN" -L ${GITHUB_PR_URL} + fi + # extract k3s binary from zip + unzip -p ${TMP_ZIP} k3s > ${TMP_BIN} + return + elif [ -n "${INSTALL_K3S_COMMIT}" ]; then BIN_URL=${STORAGE_URL}/k3s${SUFFIX}-${INSTALL_K3S_COMMIT} else BIN_URL=${GITHUB_URL}/download/${VERSION_K3S}/k3s${SUFFIX} diff --git a/install.sh.sha256sum b/install.sh.sha256sum index 25d9095099..8f5ea770b2 100644 --- a/install.sh.sha256sum +++ b/install.sh.sha256sum @@ -1 +1 @@ -431c6fe653336279073e5b913557aa22d7ef1794b30b4f02002b4482910464d7 install.sh +91e1015131eb5dad5967e7f1ef735222863edf9c2bf8a2eee1c96687c756e52e install.sh