mirror of https://github.com/coder/coder.git
provisionersdk: extract and embed agent bootstrap scripts (#2886)
This commit extracts the existing hard-coded agent scripts to their own files and embeds them using go:embed. We can more easily use e.g. shellcheck to validate our agent scripts.
This commit is contained in:
Cian Johnston
GitHub
parent
8d8c1a1927
commit
8a59178e7e
|
|
@ -1,52 +1,20 @@
|
|||
package provisionersdk
|
||||
|
||||
import (
|
||||
_ "embed"
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var (
|
||||
// On Windows, VS Code Remote requires a parent process of the
|
||||
// executing shell to be named "sshd", otherwise it fails. See:
|
||||
// https://github.com/microsoft/vscode-remote-release/issues/5699
|
||||
windowsScript = `$ProgressPreference = "SilentlyContinue"
|
||||
Invoke-WebRequest -Uri ${ACCESS_URL}bin/coder-windows-${ARCH}.exe -OutFile $env:TEMP\sshd.exe
|
||||
Set-MpPreference -DisableRealtimeMonitoring $true -ExclusionPath $env:TEMP\sshd.exe
|
||||
$env:CODER_AGENT_AUTH = "${AUTH_TYPE}"
|
||||
$env:CODER_AGENT_URL = "${ACCESS_URL}"
|
||||
Start-Process -FilePath $env:TEMP\sshd.exe -ArgumentList "agent" -PassThru`
|
||||
|
||||
linuxScript = `#!/usr/bin/env sh
|
||||
set -eux pipefail
|
||||
BINARY_DIR=$(mktemp -d -t coder.XXXXXX)
|
||||
BINARY_NAME=coder
|
||||
BINARY_URL=${ACCESS_URL}bin/coder-linux-${ARCH}
|
||||
cd $BINARY_DIR
|
||||
if command -v curl >/dev/null 2>&1; then
|
||||
curl -fsSL --compressed "${BINARY_URL}" -o "${BINARY_NAME}"
|
||||
elif command -v wget >/dev/null 2>&1; then
|
||||
wget -q "${BINARY_URL}" -O "${BINARY_NAME}"
|
||||
elif command -v busybox >/dev/null 2>&1; then
|
||||
busybox wget -q "${BINARY_URL}" -O "${BINARY_NAME}"
|
||||
else
|
||||
echo "error: no download tool found, please install curl, wget or busybox wget"
|
||||
exit 1
|
||||
fi
|
||||
chmod +x $BINARY_NAME
|
||||
export CODER_AGENT_AUTH="${AUTH_TYPE}"
|
||||
export CODER_AGENT_URL="${ACCESS_URL}"
|
||||
exec ./$BINARY_NAME agent`
|
||||
|
||||
darwinScript = `#!/usr/bin/env sh
|
||||
set -eux pipefail
|
||||
BINARY_DIR=$(mktemp -d -t coder.XXXXXX)
|
||||
BINARY_NAME=coder
|
||||
cd $BINARY_DIR
|
||||
curl -fsSL --compressed "${ACCESS_URL}bin/coder-darwin-${ARCH}" -o "${BINARY_NAME}"
|
||||
chmod +x $BINARY_NAME
|
||||
export CODER_AGENT_AUTH="${AUTH_TYPE}"
|
||||
export CODER_AGENT_URL="${ACCESS_URL}"
|
||||
exec ./$BINARY_NAME agent`
|
||||
// These used to be hard-coded, but after growing significantly more complex
|
||||
// it made sense to put them in their own files (e.g. for linting).
|
||||
//go:embed scripts/bootstrap_windows.ps1
|
||||
windowsScript string
|
||||
//go:embed scripts/bootstrap_linux.sh
|
||||
linuxScript string
|
||||
//go:embed scripts/bootstrap_darwin.sh
|
||||
darwinScript string
|
||||
|
||||
// A mapping of operating-system ($GOOS) to architecture ($GOARCH)
|
||||
// to agent install and run script. ${DOWNLOAD_URL} is replaced
|
||||
|
|
|
|||
|
|
@ -0,0 +1,10 @@
|
|||
#!/usr/bin/env sh
|
||||
set -eux pipefail
|
||||
BINARY_DIR=$(mktemp -d -t coder.XXXXXX)
|
||||
BINARY_NAME=coder
|
||||
cd "$BINARY_DIR"
|
||||
curl -fsSL --compressed "${ACCESS_URL}bin/coder-darwin-${ARCH}" -o "${BINARY_NAME}"
|
||||
chmod +x $BINARY_NAME
|
||||
export CODER_AGENT_AUTH="${AUTH_TYPE}"
|
||||
export CODER_AGENT_URL="${ACCESS_URL}"
|
||||
exec ./$BINARY_NAME agent
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
#!/usr/bin/env sh
|
||||
set -eux pipefail
|
||||
BINARY_DIR=$(mktemp -d -t coder.XXXXXX)
|
||||
BINARY_NAME=coder
|
||||
BINARY_URL=${ACCESS_URL}bin/coder-linux-${ARCH}
|
||||
cd "$BINARY_DIR"
|
||||
if command -v curl >/dev/null 2>&1; then
|
||||
curl -fsSL --compressed "${BINARY_URL}" -o "${BINARY_NAME}"
|
||||
elif command -v wget >/dev/null 2>&1; then
|
||||
wget -q "${BINARY_URL}" -O "${BINARY_NAME}"
|
||||
elif command -v busybox >/dev/null 2>&1; then
|
||||
busybox wget -q "${BINARY_URL}" -O "${BINARY_NAME}"
|
||||
else
|
||||
echo "error: no download tool found, please install curl, wget or busybox wget"
|
||||
exit 1
|
||||
fi
|
||||
chmod +x $BINARY_NAME
|
||||
export CODER_AGENT_AUTH="${AUTH_TYPE}"
|
||||
export CODER_AGENT_URL="${ACCESS_URL}"
|
||||
exec ./$BINARY_NAME agent
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
# On Windows, VS Code Remote requires a parent process of the
|
||||
# executing shell to be named "sshd", otherwise it fails. See:
|
||||
# https://github.com/microsoft/vscode-remote-release/issues/5699
|
||||
$ProgressPreference = "SilentlyContinue"
|
||||
Invoke-WebRequest -Uri ${ACCESS_URL}bin/coder-windows-${ARCH}.exe -OutFile $env:TEMP\sshd.exe
|
||||
Set-MpPreference -DisableRealtimeMonitoring $true -ExclusionPath $env:TEMP\sshd.exe
|
||||
$env:CODER_AGENT_AUTH = "${AUTH_TYPE}"
|
||||
$env:CODER_AGENT_URL = "${ACCESS_URL}"
|
||||
Start-Process -FilePath $env:TEMP\sshd.exe -ArgumentList "agent" -PassThru
|
||||
Loading…
Reference in New Issue