#!/usr/bin/env bash set -uo pipefail [ "$#" -gt 1 ] && log_error "Need 1 version instead of $#" 'usage: dctlenv install []' version_requested="${1:-""}" [ -n "$version_requested" ] || log_error 'Version is not specified' 'usage: dctlenv install []' version_requested=$(echo $version_requested | sed 's/^v//') if [[ $version_requested == "latest" ]]; then version="$(dctlenv-list-remote | tail -n 1)" else version="$(dctlenv-list-remote | grep "$version_requested" | head -n 1)" fi [ -n "$version" ] || log_error "No version $version_requested found in remote" dst_path="$DCTLENV_ROOT/versions/$version" if [ -f "$dst_path/driftctl" ]; then echo "driftctl v$version is already installed" exit 0 fi DCTLENV_ARCH="${DCTLENV_ARCH:-amd64}" case "$(uname -s)" in Darwin*) os="darwin_$DCTLENV_ARCH" ;; MINGW64*) os="windows_$DCTLENV_ARCH" ;; MSYS_NT*) os="windows_$DCTLENV_ARCH" ;; CYGWIN_NT*) os="windows_$DCTLENV_ARCH" ;; *) os="linux_$DCTLENV_ARCH" ;; esac case "${DCTLENV_CURL:-0}" in 0) curl="-#" ;; 1) curl="-s" ;; *) log_error 'You can only set DCTLENV_CURL to 0 or 1' ;; esac driftctl_url="https://github.com/snyk/driftctl/releases/download" echo "Installing driftctl v$version" echo "Downloading release tarball from $driftctl_url/v$version/driftctl_$os" $(curlw "$curl" -f -L -o "$dst_path/driftctl_$os" --create-dirs "$driftctl_url/v$version/driftctl_$os") || log_error 'Tarball download failed' echo "Downloading SHA256 hashes file from $driftctl_url/v$version/driftctl_SHA256SUMS" $(curlw -s -f -L -o "$dst_path/driftctl_SHA256SUMS" "$driftctl_url/v$version/driftctl_SHA256SUMS") || log_debug 'SHA256 hashes download failed' if [[ -f "$dst_path/driftctl_SHA256SUMS" ]]; then sha256sum_bin="$(command -v sha256sum 2>/dev/null)" if [[ -n "$sha256sum_bin" ]]; then (cd "$dst_path"; grep "driftctl_$os" "driftctl_SHA256SUMS" | "$sha256sum_bin" -c) &>/dev/null \ && echo "SHA256 hash matched!" \ || log_error 'SHA256 hash does not match!' else echo 'No sha256sum tool available. Skipping SHA256 hash validation' fi if [ "${DCTLENV_PGP:-0}" -eq 0 ]; then $(rm "$dst_path/driftctl_SHA256SUMS") fi else echo 'No SHA256 hashes file available. Skipping SHA256 hash validation' fi if [ "${DCTLENV_PGP:-0}" -gt 0 ]; then echo "Downloading SHA256 hashes signature file from $driftctl_url/v$version/driftctl_SHA256SUMS.gpg" $(curlw -s -f -L -o "$dst_path/driftctl_SHA256SUMS.gpg" "$driftctl_url/v$version/driftctl_SHA256SUMS.gpg") || log_debug 'SHA256 hashes signature download failed' if [[ -f "$dst_path/driftctl_SHA256SUMS.gpg" ]]; then gpg_bin="$(command -v gpg 2>/dev/null)" if [[ -n "$gpg_bin" ]]; then ("$gpg_bin" --verify "$dst_path/driftctl_SHA256SUMS.gpg" "$dst_path/driftctl_SHA256SUMS") &>/dev/null \ && echo "PGP signature matched!" \ || log_error 'PGP signature rejected!' else echo 'No gpg tool available. Skipping signature validation' fi $(rm "$dst_path/driftctl_SHA256SUMS.gpg") else echo 'No SHA256 hashes signature file available. Skipping signature validation' fi $(rm "$dst_path/driftctl_SHA256SUMS") fi $(mv "$dst_path/driftctl_$os" "$dst_path/driftctl") $(chmod +x "$dst_path/driftctl") || log_error "Fail to make the binary executable" echo "Installation of driftctl v${version} successful. To make this your default version, run 'dctlenv use ${version}'"