feat: add a download script to facilitate easy use in CI MONGOSH-2687 #2532
Conversation
download_latest.sh
Outdated
| arch=arm64 | ||
| esac | ||
|
|
||
| urls=$(curl -fsSL https://api.github.com/repos/mongodb-js/mongosh/releases/latest | jq -r '.assets[] | .browser_download_url' | grep -v -e \.sig -e shared -e openssl) |
There was a problem hiding this comment.
Let's use https://downloads.mongodb.com/compass/mongosh.json for this rather than GH
There was a problem hiding this comment.
Definitely better, yes. Adjusted jq query accordingly.
addaleax
left a comment
addaleax
left a comment
There was a problem hiding this comment.
I don't know if we need to have some sort of triage conversation in the team here, we don't typically add this type of feature on a very ad-hoc basis but this does make sense to me to add in general
download_latest.sh
Outdated
|
|
||
| curl -fsSL "$url" | tar -xzf - \ | ||
| --transform "s/.*\///" \ | ||
| --wildcards "**/mongosh" |
There was a problem hiding this comment.
We'd probably want mongosh_crypt_v1.so to be extracted next to mongosh
There was a problem hiding this comment.
I should maybe know this, but: why so? What breaks if it’s not there? (It worked for me without.)
There was a problem hiding this comment.
Automatic encryption for Queryable Encryption & CSFLE don't – not everybody cares about those, but I don't think we'd like to ship "partially broken" versions of mongosh if we don't need to
There was a problem hiding this comment.
OK, the script now downloads both the executable and the shared library.
Co-authored-by: Anna Henningsen <github@addaleax.net>
Co-authored-by: Anna Henningsen <github@addaleax.net>
|
@addaleax Triage: by all means. I just wanted to PoC the idea to get the ball rolling. |
addaleax
changed the title
| esac | ||
|
|
||
| jq_query=$(cat <<EOF | ||
| .versions[0].downloads[] | |
There was a problem hiding this comment.
We can't really do a semver comparison here, right? Otherwise I think that would be highly preferable.
If we leave this as-is, I'd leave a comment in
about this script depending on that specific ordering| select( | ||
| .distro == "$os" and | ||
| .arch == "$arch" and | ||
| (has("sharedOpenssl") | not) |
There was a problem hiding this comment.
Generally the sharedOpenssl versions are mildly preferable – we could test for the presence on the current system through e.g. ldd $(which curl) | grep -q libssl.so.3?
There was a problem hiding this comment.
Are they preferable because we want updates from system library maintenance?
I get antsy testing for anything OpenSSL-related. macOS’s default curl actually uses SecureTransport, so I’m not sure testing curl is the best approach.
Does mongosh always require OpenSSL?
There was a problem hiding this comment.
Would it maybe suffice merely to output a sufficiently-loud warning in the console that the downloaded mongosh uses a static OpenSSL & thus is only recommended for short-term usage?
download_latest.sh
Outdated
| zip) | ||
| file=$(mktemp) | ||
|
|
||
| echo "Downloading $url to $file …" |
There was a problem hiding this comment.
Would keep using >&2 like above for all diagnostic information
download_latest.sh
Outdated
| exit 1 | ||
| esac | ||
|
|
||
| echo "✅ Success! 'mongosh' and its crypto library are now saved in this directory." |
| [installation documentation](https://www.mongodb.com/docs/mongodb-shell/install#mdb-shell-install). | ||
|
|
||
| You can also run `download_latest.sh` to download a `mongosh` binary. You can use | ||
| this script without cloning the repository thus: |
There was a problem hiding this comment.
I'd mention npx mongosh here, since that's probably easier for most people who don't truly need a local installation
There was a problem hiding this comment.
I pushed something … it may not be the best verbiage.
2 participants
No description provided.