From 1c5e3f8450fd430807d8b18f6f383e31ad7e0dcc Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Wed, 27 Sep 2023 10:14:55 -0400 Subject: [PATCH] fix: Add quotes per shellcheck lint --- scripts/install-worker.sh | 2 +- temp.sh | 101 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 1 deletion(-) create mode 100755 temp.sh diff --git a/scripts/install-worker.sh b/scripts/install-worker.sh index bc63bca6e..b7ae53680 100644 --- a/scripts/install-worker.sh +++ b/scripts/install-worker.sh @@ -466,7 +466,7 @@ if [[ "$CACHE_CONTAINER_IMAGES" == "true" ]] && ! [[ ${ISOLATED_REGIONS} =~ $BIN done #### Tag the pulled down image for all other regions in the partition - for REGION in ${REGIONS[@]}; do + for REGION in "${REGIONS[@]}"; do for img in "${PULLED_IMGS[@]}"; do region_uri=$(/etc/eks/get-ecr-uri.sh "${region}" "${AWS_DOMAIN}") regional_img="${img/$ECR_URI/$region_uri}" diff --git a/temp.sh b/temp.sh new file mode 100755 index 000000000..29fc0555c --- /dev/null +++ b/temp.sh @@ -0,0 +1,101 @@ +#!/usr/bin/env bash + +AWS_DOMAIN="amazonaws.com" +BINARY_BUCKET_REGION="us-east-1" +ECR_URI=$(./files/get-ecr-uri.sh "${BINARY_BUCKET_REGION}" "${AWS_DOMAIN}") + +PAUSE_CONTAINER="${ECR_URI}/eks/pause:3.5" +K8S_MINOR_VERSION="1.27" + +#### Cache kube-proxy images starting with the addon default version and the latest version +KUBE_PROXY_ADDON_VERSIONS=$(aws eks describe-addon-versions --addon-name kube-proxy --kubernetes-version=${K8S_MINOR_VERSION}) +KUBE_PROXY_IMGS=() +if [[ $(jq '.addons | length' <<< $KUBE_PROXY_ADDON_VERSIONS) -gt 0 ]]; then + DEFAULT_KUBE_PROXY_FULL_VERSION=$(echo "${KUBE_PROXY_ADDON_VERSIONS}" | jq -r '.addons[] .addonVersions[] | select(.compatibilities[] .defaultVersion==true).addonVersion') + DEFAULT_KUBE_PROXY_VERSION=$(echo "${DEFAULT_KUBE_PROXY_FULL_VERSION}" | cut -d"-" -f1) + DEFAULT_KUBE_PROXY_PLATFORM_VERSION=$(echo "${DEFAULT_KUBE_PROXY_FULL_VERSION}" | cut -d"-" -f2) + + LATEST_KUBE_PROXY_FULL_VERSION=$(echo "${KUBE_PROXY_ADDON_VERSIONS}" | jq -r '.addons[] .addonVersions[] .addonVersion' | sort -V | tail -n1) + LATEST_KUBE_PROXY_VERSION=$(echo "${LATEST_KUBE_PROXY_FULL_VERSION}" | cut -d"-" -f1) + LATEST_KUBE_PROXY_PLATFORM_VERSION=$(echo "${LATEST_KUBE_PROXY_FULL_VERSION}" | cut -d"-" -f2) + + KUBE_PROXY_IMGS=( + ## Default kube-proxy images + "${ECR_URI}/eks/kube-proxy:${DEFAULT_KUBE_PROXY_VERSION}-${DEFAULT_KUBE_PROXY_PLATFORM_VERSION}" + "${ECR_URI}/eks/kube-proxy:${DEFAULT_KUBE_PROXY_VERSION}-minimal-${DEFAULT_KUBE_PROXY_PLATFORM_VERSION}" + + ## Latest kube-proxy images + "${ECR_URI}/eks/kube-proxy:${LATEST_KUBE_PROXY_VERSION}-${LATEST_KUBE_PROXY_PLATFORM_VERSION}" + "${ECR_URI}/eks/kube-proxy:${LATEST_KUBE_PROXY_VERSION}-minimal-${LATEST_KUBE_PROXY_PLATFORM_VERSION}" + ) +fi + +#### Cache VPC CNI images starting with the addon default version and the latest version +VPC_CNI_ADDON_VERSIONS=$(aws eks describe-addon-versions --addon-name vpc-cni --kubernetes-version=${K8S_MINOR_VERSION}) +VPC_CNI_IMGS=() +if [[ $(jq '.addons | length' <<< $VPC_CNI_ADDON_VERSIONS) -gt 0 ]]; then + DEFAULT_VPC_CNI_VERSION=$(echo "${VPC_CNI_ADDON_VERSIONS}" | jq -r '.addons[] .addonVersions[] | select(.compatibilities[] .defaultVersion==true).addonVersion') + LATEST_VPC_CNI_VERSION=$(echo "${VPC_CNI_ADDON_VERSIONS}" | jq -r '.addons[] .addonVersions[] .addonVersion' | sort -V | tail -n1) + CNI_IMG="${ECR_URI}/amazon-k8s-cni" + CNI_INIT_IMG="${CNI_IMG}-init" + + VPC_CNI_IMGS=( + ## Default VPC CNI Images + "${CNI_IMG}:${DEFAULT_VPC_CNI_VERSION}" + "${CNI_INIT_IMG}:${DEFAULT_VPC_CNI_VERSION}" + + ## Latest VPC CNI Images + "${CNI_IMG}:${LATEST_VPC_CNI_VERSION}" + "${CNI_INIT_IMG}:${LATEST_VPC_CNI_VERSION}" + ) +fi + +CACHE_IMGS=( + "${PAUSE_CONTAINER}" + ${KUBE_PROXY_IMGS[@]+"${KUBE_PROXY_IMGS[@]}"} + ${VPC_CNI_IMGS[@]+"${VPC_CNI_IMGS[@]}"} +) +PULLED_IMGS=() + +for img in "${CACHE_IMGS[@]}"; do + # ## only kube-proxy-minimal is vended for K8s 1.24+ + # if [[ "${img}" == *"kube-proxy:"* ]] && [[ "${img}" != *"-minimal-"* ]] && vercmp "${K8S_MINOR_VERSION}" gteq "1.24"; then + # continue + # fi + ## Since eksbuild.x version may not match the image tag, we need to decrement the eksbuild version until we find the latest image tag within the app semver + eksbuild_version="1" + if [[ ${img} == *'eksbuild.'* ]]; then + eksbuild_version=$(echo "${img}" | grep -o 'eksbuild\.[0-9]\+' | cut -d'.' -f2) + fi + ## iterate through decrementing the build version each time + for build_version in $(seq "${eksbuild_version}" -1 1); do + img=$(echo "${img}" | sed -E "s/eksbuild.[0-9]+/eksbuild.${build_version}/") + echo "[IMAGE] $img" + PULLED_IMGS+=("${img}") + # if /etc/eks/containerd/pull-image.sh "${img}"; then + # PULLED_IMGS+=("${img}") + # break + # elif [[ "${build_version}" -eq 1 ]]; then + # exit 1 + # fi + done +done + +#### Tag the pulled down image for all other regions in the partition +for region in $(aws ec2 describe-regions --all-regions | jq -r '.Regions[] .RegionName'); do + for img in "${PULLED_IMGS[@]}"; do + region_uri=$(./files/get-ecr-uri.sh "${region}" "${AWS_DOMAIN}") + regional_img="${img/$ECR_URI/$region_uri}" + echo "[TAGGED] ${regional_img}" + # ## Tag ECR fips endpoint for supported regions + # if [[ "${region}" =~ (us-east-1|us-east-2|us-west-1|us-west-2|us-gov-east-1|us-gov-east-2) ]]; then + # regional_fips_img="${regional_img/.ecr./.ecr-fips.}" + # sudo ctr -n k8s.io image tag "${img}" "${regional_fips_img}" || : + # sudo ctr -n k8s.io image tag "${img}" "${regional_fips_img/-eksbuild.1/}" || : + # fi + # ## Cache the non-addon VPC CNI images since "v*.*.*-eksbuild.1" is equivalent to leaving off the eksbuild suffix + # if [[ "${img}" == *"-cni"*"-eksbuild.1" ]]; then + # sudo ctr -n k8s.io image tag "${img}" "${regional_img/-eksbuild.1/}" || : + # fi + done +done