-
Notifications
You must be signed in to change notification settings - Fork 0
/
cipd.ps1
129 lines (111 loc) · 3.92 KB
/
cipd.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# Copyright (c) 2016 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Note: to run this on e.g. OSX for adhoc testing or debugging in case Windows
# is not around:
#
# pwsh cipd.ps1 \
# -CipdBinary _cipd.exe \
# -BackendURL https://chrome-infra-packages.appspot.com \
# -VersionFile ./cipd_client_version
# file _cipd.exe
Param(
# Path to download the CIPD binary to.
[parameter(Mandatory=$true)][string]$CipdBinary,
# E.g. "https://chrome-infra-packages.appspot.com".
[parameter(Mandatory=$true)][string]$BackendURL,
# Path to the cipd_client_version file with the client version.
[parameter(Mandatory=$true)][string]$VersionFile
)
$DepotToolsPath = Split-Path $MyInvocation.MyCommand.Path -Parent
if ([System.IntPtr]::Size -eq 8) {
$Platform = "windows-amd64"
} else {
$Platform = "windows-386"
}
# Put depot_tool's git revision into the user agent string.
try {
$DepotToolsVersion = &git -C $DepotToolsPath rev-parse HEAD 2>&1
if ($LastExitCode -eq 0) {
$UserAgent = "depot_tools/$DepotToolsVersion"
} else {
$UserAgent = "depot_tools/???"
}
} catch [System.Management.Automation.CommandNotFoundException] {
$UserAgent = "depot_tools/no_git/???"
}
$Env:CIPD_HTTP_USER_AGENT_PREFIX = $UserAgent
# Tries to delete the file, ignoring errors. Used for best-effort cleanups.
function Delete-If-Possible($path) {
try {
[System.IO.File]::Delete($path)
} catch {
$err = $_.Exception.Message
echo "Warning: error when deleting $path - $err. Ignoring."
}
}
# Returns the expected SHA256 hex digest for the given platform reading it from
# *.digests file.
function Get-Expected-SHA256($platform) {
$digestsFile = $VersionFile+".digests"
foreach ($line in Get-Content $digestsFile) {
if ($line -match "^([0-9a-z\-]+)\s+sha256\s+([0-9a-f]+)$") {
if ($Matches[1] -eq $platform) {
return $Matches[2]
}
}
}
throw "No SHA256 digests for $platform in $digestsFile"
}
# Returns SHA256 hex digest of a binary file at the given path.
function Get-Actual-SHA256($path) {
# Note: we don't use Get-FileHash to be compatible with PowerShell v3.0
$file = [System.IO.File]::Open($path, [System.IO.FileMode]::Open)
try {
$algo = New-Object System.Security.Cryptography.SHA256Managed
$hash = $algo.ComputeHash($file)
} finally {
$file.Close()
}
$hex = ""
foreach ($byte in $hash) {
$hex += $byte.ToString("x2")
}
return $hex
}
$ExpectedSHA256 = Get-Expected-SHA256 $Platform
$Version = (Get-Content $VersionFile).Trim()
$URL = "$BackendURL/client?platform=$Platform&version=$Version"
# Grab a lock to prevent simultaneous processes from stepping on each other.
# This depends on "exclusive write" file sharing mode used by OpenWrite.
$CipdLockPath = Join-Path $DepotToolsPath -ChildPath ".cipd_client.lock"
$CipdLockFile = $null
while ($CipdLockFile -eq $null) {
try {
$CipdLockFile = [System.IO.File]::OpenWrite($CipdLockPath)
} catch [System.IO.IOException] {
echo "CIPD bootstrap lock is held, trying again after delay..."
Start-Sleep -s 1
}
}
# Fetch the binary now that the lock is ours.
$TmpPath = $CipdBinary + ".tmp"
try {
echo "Downloading CIPD client for $Platform from $URL..."
$wc = (New-Object System.Net.WebClient)
$wc.Headers.Add("User-Agent", $UserAgent)
try {
$wc.DownloadFile($URL, $TmpPath)
} catch {
throw "Failed to download the file, check your network connection"
}
$ActualSHA256 = Get-Actual-SHA256 $TmpPath
if ($ActualSHA256 -ne $ExpectedSHA256) {
throw "Invalid SHA256 digest: $ActualSHA256 != $ExpectedSHA256"
}
Move-Item -LiteralPath $TmpPath -Destination $CipdBinary -Force
} finally {
$CipdLockFile.Close()
Delete-If-Possible $CipdLockPath
Delete-If-Possible $TmpPath
}