Getting started guide for InfluxDB 3 Core and Enterprise lacks sha256 of the install script

[jdstrand]

While convenient, curl | sh is not best practice (even when served over HTTPS; consider the codecov incident). At a minimum, please add the sha256sum for the install script in these sections. You could alternatively update the command to verify the sha256sum as part of the invocation (similar to how telegraf (et al) verify the gpg key in https://www.influxdata.com/downloads/).

Note: the install script correctly verifies the sha256 of the file it downloads. This is about ensuring that the sha256 of the install script itself can be verified.

Relevant URLs

• https://docs.influxdata.com/influxdb3/core/get-started/#run-the-install-script
• https://docs.influxdata.com/influxdb3/enterprise/get-started/#run-the-install-script

[jdstrand]

I'm told that CI processes have been adjusted to push the install script to S3 automatically. This is good, but CI isn't calculating a checksum. Eg:

$ curl -D - -o /dev/null -is https://www.influxdata.com/d/install_influxdb3.sh | head -1
HTTP/2 200 
$ curl -D - -o /dev/null -is https://www.influxdata.com/d/install_influxdb3.sh.sha256 | head -1
HTTP/2 404 

If we were publishing the sha256 to S3, then we could update the docs to reference https://www.influxdata.com/d/install_influxdb3.sh.sha256 instead of hardcoding the sha256 in the page.