cache k0s and metadata files in S3 bucket (#242)

laverya · web-flow · commit 05247d05d833 · 2024-01-05T10:27:48.000-05:00
* initial script to upload k0s binaries to bucket

* update path

* minimal metadata upload

* call as part of release process

* upload to infra-staging on pr

* chmod +x

* welp

* logic fix

* move export

* prod export

* proper name?

* test uploading k0s binary

* override logic

* reupload override versions

* quotes

* ?

* quotes

* wat

* strip quotes

* remove debug

* use static metadata name in dev and staging

* ensure reuploading metadata works

* remove old comment
diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml
@@ -59,3 +59,14 @@ jobs:
     - name: Build Linux AMD64
       run: |
         make embedded-cluster-linux-amd64 VERSION=dev-$SHORT_SHA
+        ./output/bin/embedded-cluster version metadata > metadata.json
+
+    - name: Cache files
+      env:
+        S3_BUCKET: "tf-infra-staging-emb-cluster-bin"
+        AWS_ACCESS_KEY_ID: ${{ secrets.INFRA_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }}
+        AWS_SECRET_ACCESS_KEY: ${{ secrets.INFRA_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }}
+        AWS_REGION: "us-east-1"
+      run: |
+        export EC_VERSION="dev-metadata"
+        ./scripts/cache-files.sh
diff --git a/.github/workflows/release-dev.yaml b/.github/workflows/release-dev.yaml
@@ -22,6 +22,15 @@ jobs:
           make embedded-cluster-linux-amd64
           tar -C output/bin -czvf embedded-cluster-linux-amd64.tgz embedded-cluster
           ./output/bin/embedded-cluster version metadata > metadata.json
+      - name: Cache files
+        env:
+          S3_BUCKET: "tf-staging-embedded-cluster-bin"
+          AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }}
+          AWS_REGION: "us-east-1"
+        run: |
+          export EC_VERSION="staging-metadata"
+          ./scripts/cache-files.sh
       - name: Publish development release
         uses: marvinpinto/action-automatic-releases@latest
         with:
diff --git a/.github/workflows/release-prod.yaml b/.github/workflows/release-prod.yaml
@@ -24,6 +24,16 @@ jobs:
           make embedded-cluster-linux-amd64 VERSION=$TAG_NAME
           tar -C output/bin -czvf embedded-cluster-linux-amd64.tgz embedded-cluster
           ./output/bin/embedded-cluster version metadata > metadata.json
+      - name: Cache files
+      - name: Cache files
+        env:
+          S3_BUCKET: "tf-embedded-cluster-binaries"
+          AWS_ACCESS_KEY_ID: ${{ secrets.PROD_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }}
+          AWS_SECRET_ACCESS_KEY: ${{ secrets.PROD_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }}
+          AWS_REGION: "us-east-1"
+        run: |
+          export EC_VERSION="$TAG_NAME"
+          ./scripts/cache-files.sh
       - name: Publish release
         uses: marvinpinto/action-automatic-releases@latest
         with:
diff --git a/scripts/cache-files.sh b/scripts/cache-files.sh
@@ -0,0 +1,89 @@
+#!/bin/bash
+
+set -eo pipefail
+
+function require() {
+    if [ -z "$2" ]; then
+        echo "validation failed: $1 unset"
+        exit 1
+    fi
+}
+
+require AWS_ACCESS_KEY_ID "${AWS_ACCESS_KEY_ID}"
+require AWS_SECRET_ACCESS_KEY "${AWS_SECRET_ACCESS_KEY}"
+require AWS_REGION "${AWS_REGION}"
+require S3_BUCKET "${S3_BUCKET}"
+
+function retry() {
+    local retries=$1
+    shift
+
+    local count=0
+    until "$@"; do
+        exit=$?
+        wait=$((2 ** $count))
+        count=$(($count + 1))
+        if [ $count -lt $retries ]; then
+            echo "Retry $count/$retries exited $exit, retrying in $wait seconds..."
+            sleep $wait
+        else
+            echo "Retry $count/$retries exited $exit, no more retries left."
+            return $exit
+        fi
+    done
+    return 0
+}
+
+function k0sbin() {
+    # first, figure out what version of k0s is in the current build
+    local k0s_version=
+    k0s_version=$(awk '/^K0S_VERSION/{print $3}' Makefile)
+    local k0s_override=
+    k0s_override=$(awk '/^K0S_BINARY_SOURCE_OVERRIDE/{gsub("\"", "", $3); print $3}' Makefile)
+
+    # check if the binary already exists in the bucket
+    local k0s_binary_exists=
+    k0s_binary_exists=$(aws s3api head-object --bucket "${S3_BUCKET}" --key "k0s-binaries/${k0s_version}" || true)
+
+    # if the binary already exists, we don't need to upload it again
+    if [ -n "${k0s_binary_exists}" ]; then
+        echo "k0s binary ${k0s_version} already exists in bucket ${S3_BUCKET}, skipping upload"
+        return 0
+    fi
+
+    # if the override is set, the binary will have been added to the bucket through another process
+    if [ -n "${k0s_override}" ] && [ "${k0s_override}" != '' ]; then
+        echo "K0S_BINARY_SOURCE_OVERRIDE is set to '${k0s_override}', using that source"
+        curl -L -o "${k0s_version}" "${k0s_override}"
+    else
+        # download the k0s binary from official sources
+        curl -L -o "${k0s_version}" "https://github.com/k0sproject/k0s/releases/download/${k0s_version}/k0s-${k0s_version}-amd64"
+    fi
+
+    # upload the binary to the bucket
+    retry 3 aws s3 cp "${k0s_version}" "s3://${S3_BUCKET}/k0s-binaries/${k0s_version}"
+}
+
+function metadata() {
+    if [ -z "${EC_VERSION}" ]; then
+        echo "EC_VERSION unset, not uploading metadata.json"
+        return 0
+    fi
+
+    # check if a file 'metadata.json' exists in the directory
+    # if it does, upload it as metadata/${ec_version}.json
+    if [ -f metadata.json ]; then
+        retry 3 aws s3 cp metadata.json "s3://${S3_BUCKET}/metadata/${EC_VERSION}.json"
+    else
+        echo "metadata.json not found, skipping upload"
+    fi
+
+}
+
+# there are two files to be uploaded for each release - the k0s binary and the metadata file
+function main() {
+    k0sbin
+    metadata
+}
+
+main "$@"
