mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-09-17 07:03:31 +00:00
Kubernetes Prow Robot
GitHub
@@ -25,12 +25,12 @@ set -o pipefail
|
||||
|
||||
### Hardcoded constants
|
||||
DEFAULT_CNI_VERSION="v0.8.7"
|
||||
DEFAULT_CNI_SHA1="96a30cb67e33da95fb1d99f93dd787c2a3c08627"
|
||||
DEFAULT_CNI_HASH="8f2cbee3b5f94d59f919054dccfe99a8e3db5473b553d91da8af4763e811138533e05df4dbeab16b3f774852b4184a7994968f5e036a3f531ad1ac4620d10ede"
|
||||
DEFAULT_NPD_VERSION="v0.8.0"
|
||||
DEFAULT_NPD_SHA1="9406c975b1b035995a137029a004622b905b4e7f"
|
||||
DEFAULT_NPD_HASH="b15d6919321e832b5fc7bc150c2e141e947305e82b34b514adbda9b9bc41088beadbf833f5bbbf44b9a8181c3fd8ed41e1629458d7544ccaecb374c22bde1517"
|
||||
DEFAULT_CRICTL_VERSION="v1.19.0"
|
||||
DEFAULT_CRICTL_SHA1="bc9d57377402c2cc36ca5e600d55de96b15953de"
|
||||
DEFAULT_MOUNTER_TAR_SHA="8003b798cf33c7f91320cd6ee5cec4fa22244571"
|
||||
DEFAULT_CRICTL_HASH="fbbb34a1667bcf94df911a92ab6b70a9d2b34da967244a222f288bf0135c587cbfdcc89deedc5afd1823e109921df9caaa4e9ff9cc39e55a9b8cdea8eb6ebe72"
|
||||
DEFAULT_MOUNTER_TAR_SHA="7956fd42523de6b3107ddc3ce0e75233d2fcb78436ff07a1389b6eaac91fb2b1b72a08f7a219eaf96ba1ca4da8d45271002e0d60e0644e796c665f99bb356516"
|
||||
###
|
||||
|
||||
# Use --retry-connrefused opt only if it's supported by curl.
|
||||
@@ -126,9 +126,9 @@ function validate-hash {
|
||||
local -r file="$1"
|
||||
local -r expected="$2"
|
||||
|
||||
actual=$(sha1sum ${file} | awk '{ print $1 }') || true
|
||||
actual=$(sha512sum ${file} | awk '{ print $1 }') || true
|
||||
if [[ "${actual}" != "${expected}" ]]; then
|
||||
echo "== ${file} corrupted, sha1 ${actual} doesn't match expected ${expected} =="
|
||||
echo "== ${file} corrupted, sha512 ${actual} doesn't match expected ${expected} =="
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
@@ -146,7 +146,7 @@ function valid-storage-scope {
|
||||
|
||||
# Retry a download until we get it. Takes a hash and a set of URLs.
|
||||
#
|
||||
# $1 is the sha1 of the URL. Can be "" if the sha1 is unknown.
|
||||
# $1 is the sha512 of the URL. Can be "" if the sha512 is unknown.
|
||||
# $2+ are the URLs to download.
|
||||
function download-or-bust {
|
||||
local -r hash="$1"
|
||||
@@ -168,7 +168,7 @@ function download-or-bust {
|
||||
echo "== Hash validation of ${url} failed. Retrying. =="
|
||||
else
|
||||
if [[ -n "${hash}" ]]; then
|
||||
echo "== Downloaded ${url} (SHA1 = ${hash}) =="
|
||||
echo "== Downloaded ${url} (SHA512 = ${hash}) =="
|
||||
else
|
||||
echo "== Downloaded ${url} =="
|
||||
fi
|
||||
@@ -220,21 +220,21 @@ function install-gci-mounter-tools {
|
||||
function install-node-problem-detector {
|
||||
if [[ -n "${NODE_PROBLEM_DETECTOR_VERSION:-}" ]]; then
|
||||
local -r npd_version="${NODE_PROBLEM_DETECTOR_VERSION}"
|
||||
local -r npd_sha1="${NODE_PROBLEM_DETECTOR_TAR_HASH}"
|
||||
local -r npd_hash="${NODE_PROBLEM_DETECTOR_TAR_HASH}"
|
||||
else
|
||||
local -r npd_version="${DEFAULT_NPD_VERSION}"
|
||||
local -r npd_sha1="${DEFAULT_NPD_SHA1}"
|
||||
local -r npd_hash="${DEFAULT_NPD_HASH}"
|
||||
fi
|
||||
local -r npd_tar="node-problem-detector-${npd_version}.tar.gz"
|
||||
|
||||
if is-preloaded "${npd_tar}" "${npd_sha1}"; then
|
||||
if is-preloaded "${npd_tar}" "${npd_hash}"; then
|
||||
echo "${npd_tar} is preloaded."
|
||||
return
|
||||
fi
|
||||
|
||||
echo "Downloading ${npd_tar}."
|
||||
local -r npd_release_path="${NODE_PROBLEM_DETECTOR_RELEASE_PATH:-https://storage.googleapis.com/kubernetes-release}"
|
||||
download-or-bust "${npd_sha1}" "${npd_release_path}/node-problem-detector/${npd_tar}"
|
||||
download-or-bust "${npd_hash}" "${npd_release_path}/node-problem-detector/${npd_tar}"
|
||||
local -r npd_dir="${KUBE_HOME}/node-problem-detector"
|
||||
mkdir -p "${npd_dir}"
|
||||
tar xzf "${KUBE_HOME}/${npd_tar}" -C "${npd_dir}" --overwrite
|
||||
@@ -247,22 +247,22 @@ function install-node-problem-detector {
|
||||
function install-cni-binaries {
|
||||
if [[ -n "${CNI_VERSION:-}" ]]; then
|
||||
local -r cni_version="${CNI_VERSION}"
|
||||
local -r cni_sha1="${CNI_SHA1}"
|
||||
local -r cni_hash="${CNI_HASH}"
|
||||
else
|
||||
local -r cni_version="${DEFAULT_CNI_VERSION}"
|
||||
local -r cni_sha1="${DEFAULT_CNI_SHA1}"
|
||||
local -r cni_hash="${DEFAULT_CNI_HASH}"
|
||||
fi
|
||||
|
||||
local -r cni_tar="${CNI_TAR_PREFIX}${cni_version}.tgz"
|
||||
local -r cni_url="${CNI_STORAGE_URL_BASE}/${cni_version}/${cni_tar}"
|
||||
|
||||
if is-preloaded "${cni_tar}" "${cni_sha1}"; then
|
||||
if is-preloaded "${cni_tar}" "${cni_hash}"; then
|
||||
echo "${cni_tar} is preloaded."
|
||||
return
|
||||
fi
|
||||
|
||||
echo "Downloading cni binaries"
|
||||
download-or-bust "${cni_sha1}" "${cni_url}"
|
||||
download-or-bust "${cni_hash}" "${cni_url}"
|
||||
local -r cni_dir="${KUBE_HOME}/cni"
|
||||
mkdir -p "${cni_dir}/bin"
|
||||
tar xzf "${KUBE_HOME}/${cni_tar}" -C "${cni_dir}/bin" --overwrite
|
||||
@@ -275,10 +275,10 @@ function install-cni-binaries {
|
||||
function install-crictl {
|
||||
if [[ -n "${CRICTL_VERSION:-}" ]]; then
|
||||
local -r crictl_version="${CRICTL_VERSION}"
|
||||
local -r crictl_sha1="${CRICTL_TAR_HASH}"
|
||||
local -r crictl_hash="${CRICTL_TAR_HASH}"
|
||||
else
|
||||
local -r crictl_version="${DEFAULT_CRICTL_VERSION}"
|
||||
local -r crictl_sha1="${DEFAULT_CRICTL_SHA1}"
|
||||
local -r crictl_hash="${DEFAULT_CRICTL_HASH}"
|
||||
fi
|
||||
local -r crictl="crictl-${crictl_version}-linux-amd64.tar.gz"
|
||||
|
||||
@@ -287,14 +287,14 @@ function install-crictl {
|
||||
runtime-endpoint: ${CONTAINER_RUNTIME_ENDPOINT:-unix:///var/run/dockershim.sock}
|
||||
EOF
|
||||
|
||||
if is-preloaded "${crictl}" "${crictl_sha1}"; then
|
||||
if is-preloaded "${crictl}" "${crictl_hash}"; then
|
||||
echo "crictl is preloaded"
|
||||
return
|
||||
fi
|
||||
|
||||
echo "Downloading crictl"
|
||||
local -r crictl_path="https://storage.googleapis.com/k8s-artifacts-cri-tools/release/${crictl_version}"
|
||||
download-or-bust "${crictl_sha1}" "${crictl_path}/${crictl}"
|
||||
download-or-bust "${crictl_hash}" "${crictl_path}/${crictl}"
|
||||
tar xf "${crictl}"
|
||||
mv crictl "${KUBE_BIN}/crictl"
|
||||
}
|
||||
@@ -304,15 +304,15 @@ function install-exec-auth-plugin {
|
||||
return
|
||||
fi
|
||||
local -r plugin_url="${EXEC_AUTH_PLUGIN_URL}"
|
||||
local -r plugin_sha1="${EXEC_AUTH_PLUGIN_SHA1}"
|
||||
local -r plugin_hash="${EXEC_AUTH_PLUGIN_HASH}"
|
||||
|
||||
if is-preloaded "gke-exec-auth-plugin" "${plugin_sha1}"; then
|
||||
if is-preloaded "gke-exec-auth-plugin" "${plugin_hash}"; then
|
||||
echo "gke-exec-auth-plugin is preloaded"
|
||||
return
|
||||
fi
|
||||
|
||||
echo "Downloading gke-exec-auth-plugin binary"
|
||||
download-or-bust "${plugin_sha1}" "${plugin_url}"
|
||||
download-or-bust "${plugin_hash}" "${plugin_url}"
|
||||
mv "${KUBE_HOME}/gke-exec-auth-plugin" "${KUBE_BIN}/gke-exec-auth-plugin"
|
||||
chmod a+x "${KUBE_BIN}/gke-exec-auth-plugin"
|
||||
|
||||
@@ -334,9 +334,9 @@ function install-kube-manifests {
|
||||
if [ -n "${KUBE_MANIFESTS_TAR_HASH:-}" ]; then
|
||||
local -r manifests_tar_hash="${KUBE_MANIFESTS_TAR_HASH}"
|
||||
else
|
||||
echo "Downloading k8s manifests sha1 (not found in env)"
|
||||
download-or-bust "" "${manifests_tar_urls[@]/.tar.gz/.tar.gz.sha1}"
|
||||
local -r manifests_tar_hash=$(cat "${manifests_tar}.sha1")
|
||||
echo "Downloading k8s manifests hash (not found in env)"
|
||||
download-or-bust "" "${manifests_tar_urls[@]/.tar.gz/.tar.gz.sha512}"
|
||||
local -r manifests_tar_hash=$(cat "${manifests_tar}.sha512")
|
||||
fi
|
||||
|
||||
if is-preloaded "${manifests_tar}" "${manifests_tar_hash}"; then
|
||||
@@ -363,7 +363,7 @@ function install-kube-manifests {
|
||||
cp "${dst_dir}/kubernetes/gci-trusty/health-monitor.sh" "${KUBE_BIN}/health-monitor.sh"
|
||||
|
||||
rm -f "${KUBE_HOME}/${manifests_tar}"
|
||||
rm -f "${KUBE_HOME}/${manifests_tar}.sha1"
|
||||
rm -f "${KUBE_HOME}/${manifests_tar}.sha512"
|
||||
}
|
||||
|
||||
# A helper function for loading a docker image. It keeps trying up to 5 times.
|
||||
@@ -547,9 +547,9 @@ function install-kube-binary-config {
|
||||
if [[ -n "${SERVER_BINARY_TAR_HASH:-}" ]]; then
|
||||
local -r server_binary_tar_hash="${SERVER_BINARY_TAR_HASH}"
|
||||
else
|
||||
echo "Downloading binary release sha1 (not found in env)"
|
||||
download-or-bust "" "${server_binary_tar_urls[@]/.tar.gz/.tar.gz.sha1}"
|
||||
local -r server_binary_tar_hash=$(cat "${server_binary_tar}.sha1")
|
||||
echo "Downloading binary release sha512 (not found in env)"
|
||||
download-or-bust "" "${server_binary_tar_urls[@]/.tar.gz/.tar.gz.sha512}"
|
||||
local -r server_binary_tar_hash=$(cat "${server_binary_tar}.sha512")
|
||||
fi
|
||||
|
||||
if is-preloaded "${server_binary_tar}" "${server_binary_tar_hash}"; then
|
||||
@@ -613,7 +613,7 @@ function install-kube-binary-config {
|
||||
# Clean up.
|
||||
rm -rf "${KUBE_HOME}/kubernetes"
|
||||
rm -f "${KUBE_HOME}/${server_binary_tar}"
|
||||
rm -f "${KUBE_HOME}/${server_binary_tar}.sha1"
|
||||
rm -f "${KUBE_HOME}/${server_binary_tar}.sha512"
|
||||
}
|
||||
|
||||
######### Main Function ##########
|
||||
|
||||
@@ -63,6 +63,6 @@ echo "Uploading gci mounter ACI in ${ACI_DIR} to ${MOUNTER_GCS_DIR}"
|
||||
gsutil cp "${ACI_DIR}/${MOUNTER_ACI_IMAGE}" "${MOUNTER_GCS_DIR}"
|
||||
|
||||
echo "Upload completed"
|
||||
echo "Updated gci-mounter ACI version and SHA1 in cluster/gce/gci/configure.sh"
|
||||
ACI_HASH=$(sha1sum "${ACI_DIR}/${MOUNTER_ACI_IMAGE}")
|
||||
echo "Updated gci-mounter ACI version and SH512 in cluster/gce/gci/configure.sh"
|
||||
ACI_HASH=$(sha512sum "${ACI_DIR}/${MOUNTER_ACI_IMAGE}")
|
||||
echo "${MOUNTER_ACI_IMAGE} hash: ${ACI_HASH}"
|
||||
|
||||
Reference in New Issue
Block a user