-
-
Notifications
You must be signed in to change notification settings - Fork 284
/
Copy pathget-flatcar
executable file
·83 lines (68 loc) · 2.92 KB
/
get-flatcar
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/usr/bin/env bash
# USAGE: ./scripts/get-flatcar
# USAGE: ./scripts/get-flatcar channel version dest
#
# ENV VARS:
# - OEM_ID - specify OEM image id to download, alongside the default one
set -eou pipefail
GPG=${GPG:-/usr/bin/gpg}
CHANNEL=${1:-"stable"}
VERSION=${2:-"current"}
DEST_DIR=${3:-"$PWD/examples/assets"}
OEM_ID=${OEM_ID:-""}
DEST=$DEST_DIR/flatcar/$VERSION
BASE_URL=https://$CHANNEL.release.flatcar-linux.net/amd64-usr/$VERSION
# check channel/version exist based on the header response
if ! curl -s -I "${BASE_URL}/flatcar_production_pxe.vmlinuz" | grep -q -E '^HTTP/[0-9.]+ [23][0-9][0-9]'; then
echo "Channel or Version not found"
exit 1
fi
if [[ ! -d "$DEST" ]]; then
echo "Creating directory ${DEST}"
mkdir -p "${DEST}"
fi
if [[ -n "${OEM_ID}" ]]; then
IMAGE_NAME="flatcar_production_${OEM_ID}_image.bin.bz2"
# check if the oem version exists based on the header response
if ! curl -s -I "${BASE_URL}/${IMAGE_NAME}" | grep -q -E '^HTTP/[0-9.]+ [23][0-9][0-9]'; then
echo "OEM version not found"
exit 1
fi
fi
echo "Downloading Flatcar Linux $CHANNEL $VERSION images and sigs to $DEST"
echo "Flatcar Linux Image Signing Key"
curl -f# https://www.flatcar.org/security/image-signing-key/Flatcar_Image_Signing_Key.asc -o "${DEST}/Flatcar_Image_Signing_Key.asc"
$GPG --import <"$DEST/Flatcar_Image_Signing_Key.asc" || true
# Version
echo "version.txt"
curl -f# "${BASE_URL}/version.txt" -o "${DEST}/version.txt"
# PXE kernel and sig
echo "flatcar_production_pxe.vmlinuz..."
curl -f# "${BASE_URL}/flatcar_production_pxe.vmlinuz" -o "${DEST}/flatcar_production_pxe.vmlinuz"
echo "flatcar_production_pxe.vmlinuz.sig"
curl -f# "${BASE_URL}/flatcar_production_image.vmlinuz.sig" -o "${DEST}/flatcar_production_pxe.vmlinuz.sig"
# PXE initrd and sig
echo "flatcar_production_pxe_image.cpio.gz"
curl -f# "${BASE_URL}/flatcar_production_pxe_image.cpio.gz" -o "${DEST}/flatcar_production_pxe_image.cpio.gz"
echo "flatcar_production_pxe_image.cpio.gz.sig"
curl -f# "${BASE_URL}/flatcar_production_pxe_image.cpio.gz.sig" -o "${DEST}/flatcar_production_pxe_image.cpio.gz.sig"
# Install image
echo "flatcar_production_image.bin.bz2"
curl -f# "${BASE_URL}/flatcar_production_image.bin.bz2" -o "${DEST}/flatcar_production_image.bin.bz2"
echo "flatcar_production_image.bin.bz2.sig"
curl -f# "${BASE_URL}/flatcar_production_image.bin.bz2.sig" -o "${DEST}/flatcar_production_image.bin.bz2.sig"
# Install oem image
if [[ -n "${IMAGE_NAME-}" ]]; then
echo "${IMAGE_NAME}"
curl -f# "${BASE_URL}/${IMAGE_NAME}" -o "${DEST}/${IMAGE_NAME}"
echo "${IMAGE_NAME}.sig"
curl -f# "${BASE_URL}/${IMAGE_NAME}.sig" -o "${DEST}/${IMAGE_NAME}.sig"
fi
# verify signatures
$GPG --verify "${DEST}/flatcar_production_pxe.vmlinuz.sig"
$GPG --verify "${DEST}/flatcar_production_pxe_image.cpio.gz.sig"
$GPG --verify "${DEST}/flatcar_production_image.bin.bz2.sig"
# verify oem signature
if [[ -n "${IMAGE_NAME-}" ]]; then
$GPG --verify "${DEST}/${IMAGE_NAME}.sig"
fi