dfinity · ericswanson-dfinity · Feb 2, 2024 · Feb 2, 2024 · Feb 2, 2024 · Feb 2, 2024
@@ -24,25 +24,32 @@ jobs:
       - uses: actions/checkout@v4
       - name: Install shfmt
         run: go install mvdan.cc/sh/v3/cmd/shfmt@latest
-      - name: Generate
+      - name: Generate (dfx)
         run: |
-          shellcheck --shell=sh public/install/*.sh --exclude SC2154,SC2034,SC3003,SC3014,SC3043
-          ~/go/bin/shfmt -d -p -i 4 -ci -bn -s public/install/*.sh
-          sed -i "s/@revision@/${GITHUB_SHA}/" public/install/999_footer.sh
-          mkdir _out
-          cat public/install/*.sh > _out/install.sh
-          sed -i "
-            /#!.*/p
-            /##.*/p
-            /^ *$/d
-            /^ *#/d
-            s/ *#.*//
-          " _out/install.sh
-          cp public/manifest.json _out/manifest.json
-      - name: Upload Artifacts
+          shellcheck --shell=sh public/install-dfx.sh --exclude SC2154,SC2034,SC3003,SC3014,SC3043
+          ~/go/bin/shfmt -d -p -i 4 -ci -bn -s public/install-dfx.sh
+          sed -i "s/@revision@/${GITHUB_SHA}/" public/install-dfx.sh
+          mkdir _out-dfx
+          cp public/install-dfx.sh _out-dfx/install.sh
+          cp public/manifest.json _out-dfx/manifest.json
+      - name: Generate (dfxvm)
+        run: |
+          shellcheck --shell=sh public/install-dfxvm.sh --exclude SC2154,SC2034,SC3003,SC3014,SC3043
+          ~/go/bin/shfmt -d -p -i 4 -ci -bn -s public/install-dfxvm.sh
+          sed -i "s/@revision@/${GITHUB_SHA}/" public/install-dfxvm.sh
+          mkdir _out-dfxvm
+          cp public/install-dfxvm.sh _out-dfxvm/install.sh
+      - name: Upload Artifacts (dfx)
         if: github.event_name == 'push'
         uses: JamesIves/github-pages-deploy-action@releases/v3
         with:
           single_commit: yes
           branch: public-manifest
-          folder: _out/
+          folder: _out-dfx/
+      - name: Upload Artifacts (dfxvm)
+        if: github.event_name == 'push'
+        uses: JamesIves/github-pages-deploy-action@releases/v3
+        with:
+          single_commit: yes
+          branch: dfxvm-install-script
+          folder: _out-dfxvm/
@@ -1,4 +1,235 @@
-## 999_footer.sh
+#!/usr/bin/env sh
+
+##
+## Borrowed from rustup (https://sh.rustup.rs)
+##
+## This is just a little script that can be downloaded from the internet to
+## install dfx. It just does platform detection, downloads the installer
+## and runs it.
+##
+## You are NOT AUTHORIZED to remove any license agreements or prompts from the following script.
+##
+set -u
+
+#   Functions useful for dealing with the manifest (which is JSON).
+
+# Get the version of a tag from the manifest JSON file.
+# Arguments:
+#   $1 - The tag to get.
+#   STDIN - The manifest file.
+# Returns:
+#   0 if the tag was found, 1 if it wasn't.
+#   Prints out the version number.
+get_tag_from_manifest_json() {
+    # Find the tag in the file. Then get the last digits.
+    # The first grep returns `"tag_name": "1.2.3` (without the last quote).
+    cat \
+        | tr -d '\n' \
+        | grep -o "\"$1\":[[:space:]]*\"[a-zA-Z0-9.]*" \
+        | grep -o "[0-9.]*$"
+}
+
+# A newline separated list of boolean flags. See the read_flags function to see how it's parsed.
+DFX_BOOL_FLAGS=""
+
+# Make a BOOLEAN flag and its description.
+#
+# Arguments:
+#   $1 - The long name of the boolean. This will be used on the command line. The name of the
+#        environment variable will be `flag_NAME` where NAME is this argument, capitalized.
+#        The value of this argument is empty string if not specified, and "1" if it is.
+#   $2 - A description of the flag. This is not currently used but will be when we have enough
+#        flags to implement help.
+define_flag_BOOL() {
+    local VARNAME
+    VARNAME="flag_$(echo "$1" | tr /a-z/ /A-Z)"
+    eval "$VARNAME=\${$VARNAME:-}"
+    DFX_BOOL_FLAGS="${DFX_BOOL_FLAGS}--${1} $VARNAME $2"
+}
+
+# Get the flag name of a line in the flag description.
+get_flag_name() {
+    echo "$1"
+}
+
+# Get the variable name of a line in the flag description.
+get_var_name() {
+    echo "$2"
+}
+
+# Read all the command line flags and set the flag_XXXX environment variables.
+#
+# Arguments:
+#   $* - Flags to parse.
+# Side Effects:
+#   Environment variables are set according to flags defined and flags.
+read_flags() {
+    # Set values from command line.
+    # shellcheck disable=SC2199
+    # https://github.com/koalaman/shellcheck/wiki/SC2199
+    while [ -n "$*" ]; do
+        local ARG="$1"
+        shift
+
+        OLD_IFS="$IFS"
+        IFS=$'\n'
+        for line in ${DFX_BOOL_FLAGS}; do
+            [ "$line" ] || break
+
+            IFS="$OLD_IFS"
+            FLAG="$(get_flag_name "$line")"
+            VARNAME="$(get_var_name "$line")"
+
+            if [ "$ARG" == "$FLAG" ]; then
+                eval "$VARNAME=1"
+            fi
+        done
+    done
+}
+
+log() {
+    if "$_ansi_escapes_are_valid"; then
+        printf "\33[1minfo:\33[0m %s\n" "$1" 1>&2
+    else
+        printf '%s\n' "$1" 1>&2
+    fi
+}
+
+say() {
+    printf 'dfinity-sdk: %s\n' "$1"
+}
+
+warn() {
+    if $_ansi_escapes_are_valid; then
+        printf "\33[1mwarn:\33[0m %s\n" "$1" 1>&2
+    else
+        printf '%s\n' "$1" 1>&2
+    fi
+}
+
+err() {
+    say "$1" >&2
+    exit 1
+}
+
+need_cmd() {
+    if ! check_cmd "$1"; then
+        err "need '$1' (command not found)"
+    fi
+}
+
+check_cmd() {
+    command -v "$1" >/dev/null 2>&1
+}
+
+assert_nz() {
+    if [ -z "$1" ]; then err "assert_nz $2"; fi
+}
+
+# Run a command that should never fail. If the command fails execution
+# will immediately terminate with an error showing the failing
+# command.
+ensure() {
+    if ! "$@"; then err "command failed: $*"; fi
+}
+
+# This is just for indicating that commands' results are being
+# intentionally ignored. Usually, because it's being executed
+# as part of error handling.
+ignore() {
+    "$@"
+}
+
+define_flag_BOOL "insecure" "Allows downloading from insecure URLs, either using HTTP or TLS 1.2 or less."
+
+check_help_for() {
+    local _cmd
+    local _arg
+    local _ok
+    _cmd="$1"
+    _ok="y"
+    shift
+
+    # If we're running on OS-X, older than 10.13, then we always
+    # fail to find these options to force fallback
+    if check_cmd sw_vers; then
+        case "$(sw_vers -productVersion)" in
+            10.15*) ;; # Catalina
+            11.*) ;;   # Big Sur
+            12.*) ;;   # Monterey
+            13.*) ;;   # Ventura
+            *)
+                warn "Detected OS X platform older than 10.15 (Catalina)"
+                _ok="n"
+                ;;
+        esac
+    fi
+
+    for _arg in "$@"; do
+        if ! "$_cmd" --help all | grep -q -- "$_arg"; then
+            _ok="n"
+        fi
+    done
+
+    test "$_ok" = "y"
+}
+
+# Check for an error message in the output of a command.
+# Arguments:
+#   $1 - The error message to look for.
+#   $2... - The command and arguments to run.
+# Returns:
+#   Whether false if the error message was not found, or true if it wasn't (so the feature is
+#   supported.
+# TODO: move this logic to execute once during install.sh run.
+check_support_for() {
+    local err="$1"
+    shift
+    local cmd="$*"
+
+    # Run the command, grep for the error message, if it is found returns false, if it
+    # is not found, returns true.
+    ! ($cmd 2>&1 | grep "$err" >/dev/null)
+}
+
+# This wraps curl or wget. Try curl first, if not installed, use wget instead.
+# Arguments:
+#   $1 - URL to download.
+#   $2 - Path to output the download. Use - to output to stdout.
+downloader() {
+    local _dld
+    if check_cmd curl; then
+        _dld=curl
+    elif check_cmd wget; then
+        _dld=wget
+    else
+        _dld='curl or wget' # to be used in error message of need_cmd
+    fi
+
+    if [ "$1" = --check ]; then
+        need_cmd "$_dld"
+    elif [ "$_dld" = curl ]; then
+        if check_help_for curl --proto --tlsv1.2; then
+            curl --proto '=https' --tlsv1.2 --show-error --fail --connect-timeout 10 --retry 5 --location "$1" --output "$2"
+        elif ! [ "$flag_INSECURE" ]; then
+            warn "Not forcing TLS v1.2, this is potentially less secure"
+            curl --show-error --fail --connect-timeout 10 --retry 5 --location "$1" --output "$2"
+        else
+            err "TLS 1.2 is not supported on this platform. To force using it, use the --insecure flag."
+        fi
+    elif [ "$_dld" = wget ]; then
+        if check_help_for wget --https-only --secure-protocol; then
+            wget --https-only --secure-protocol=TLSv1_2 --timeout 10 --tries 5 --waitretry 5 "$1" -O "$2"
+        elif ! [ "$flag_INSECURE" ]; then
+            warn "Not forcing TLS v1.2, this is potentially less secure"
+            wget --timeout 10 --tries 5 --waitretry 5 "$1" -O "$2"
+        else
+            err "TLS 1.2 is not supported on this platform. To force using it, use the --insecure flag."
+        fi
+    else
+        err "Unknown downloader" # should not reach here
+    fi
+}
 
 # If DFX_RELEASE_ROOT is unset or empty, default it.
 SDK_WEBSITE="https://sdk.dfinity.org"