Skip to content

Commit 030fc05

Browse files
ilia-shipitsinerik-bershelvpolikarpov-akvelon
authored
[windows] split docker install into 3 scripts (#8688)
* [windows] split docker install into 3 scripts the idea is to end with 1 script per 1 component for better observability * Update images/win/scripts/Installers/Install-Docker-Compose.ps1 Co-authored-by: Erik Bershel <110455084+erik-bershel@users.noreply.github.com> * Update images/win/scripts/Installers/Install-Docker-WinCred.ps1 Co-authored-by: Vasilii Polikarpov <126792224+vpolikarpov-akvelon@users.noreply.github.com> * fix test --------- Co-authored-by: Erik Bershel <110455084+erik-bershel@users.noreply.github.com> Co-authored-by: Vasilii Polikarpov <126792224+vpolikarpov-akvelon@users.noreply.github.com>
1 parent 98c6d29 commit 030fc05

File tree

6 files changed

+76
-54
lines changed

6 files changed

+76
-54
lines changed
Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
################################################################################
2+
## File: Install-Docker-Compose.ps1
3+
## Desc: Install Docker Compose.
4+
## Supply chain security: Docker Compose v1 - by package manager
5+
################################################################################
6+
7+
Write-Host "Install-Package Docker-Compose v1"
8+
$versionToInstall = Get-LatestChocoPackageVersion -TargetVersion "1.29" -PackageName "docker-compose"
9+
Choco-Install -PackageName docker-compose -ArgumentList "--version=$versionToInstall"
10+
11+
Write-Host "Install-Package Docker-Compose v2"
12+
$dockerComposev2Url = "https://github.com/docker/compose/releases/latest/download/docker-compose-windows-x86_64.exe"
13+
$cliPluginsDir = "C:\ProgramData\docker\cli-plugins"
14+
New-Item -Path $cliPluginsDir -ItemType Directory
15+
Start-DownloadWithRetry -Url $dockerComposev2Url -Name docker-compose.exe -DownloadPath $cliPluginsDir
16+
17+
Invoke-PesterTests -TestFile "Docker" -TestName "DockerCompose"
Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
################################################################################
2+
## File: Install-Docker-WinCred.ps1
3+
## Desc: Install Docker credential helper.
4+
## Supply chain security: checksum validation
5+
################################################################################
6+
7+
#region functions
8+
function Get-DockerWincredHash {
9+
Param (
10+
[Parameter(Mandatory = $True)]
11+
[string] $Release
12+
)
13+
14+
$hashURL = "https://github.com/docker/docker-credential-helpers/releases/download/${Release}/checksums.txt"
15+
(Invoke-RestMethod -Uri $hashURL).ToString().Split("`n").Where({ $_ -ilike "*docker-credential-wincred-${Release}.windows-amd64.exe*" }).Split(' ')[0]
16+
}
17+
#endregion
18+
19+
Write-Host "Install docker-wincred"
20+
$dockerCredLatestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/docker/docker-credential-helpers/releases/latest"
21+
$dockerCredDownloadUrl = $dockerCredLatestRelease.assets.browser_download_url -match "docker-credential-wincred-.+\.exe" | Select-Object -First 1
22+
Start-DownloadWithRetry -Url $dockerCredDownloadUrl -DownloadPath "C:\Windows\System32" -Name "docker-credential-wincred.exe"
23+
24+
#region Supply chain security
25+
$distributor_file_hash = Get-DockerWincredHash -Release $dockerCredLatestRelease.name
26+
$local_file_hash = (Get-FileHash -Path 'C:\Windows\System32\docker-credential-wincred.exe' -Algorithm SHA256).Hash
27+
28+
if ($local_file_hash -ne $distributor_file_hash) {
29+
Write-Host "hash must be equal to: ${distributor_file_hash}"
30+
Write-Host "actual hash is: ${local_file_hash}"
31+
throw 'Checksum verification failed, please rerun install'
32+
}
33+
#endregion
34+
35+
Invoke-PesterTests -TestFile "Docker" -TestName "DockerWinCred"

images/win/scripts/Installers/Install-Docker.ps1

Lines changed: 2 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -3,23 +3,8 @@
33
## Desc: Install Docker.
44
## Must be an independent step because it requires a restart before we
55
## can continue.
6-
## Supply chain security: (docker-wincred) checksum validation
76
################################################################################
87

9-
#region functions
10-
Function Get-DockerWincredHash
11-
{
12-
Param (
13-
[Parameter(Mandatory = $True)]
14-
[string] $Release
15-
)
16-
17-
$hashURL = "https://github.com/docker/docker-credential-helpers/releases/download/${Release}/checksums.txt "
18-
(Invoke-RestMethod -Uri $hashURL).ToString().Split("`n").Where({ $_ -ilike "*docker-credential-wincred-${Release}.windows-amd64.exe*" }).Split(' ')[0]
19-
20-
}
21-
#endregion
22-
238
Write-Host "Get latest Moby release"
249
$mobyLatestReleaseVersion = (Invoke-RestMethod -Uri "https://api.github.com/repos/moby/moby/releases/latest").tag_name.Trim("v")
2510
$dockerceUrl = "https://download.docker.com/win/static/stable/x86_64/"
@@ -55,32 +40,6 @@ if ($LastExitCode -ne 0) {
5540
# https://github.com/Azure/azure-cli/issues/18766
5641
New-Item -ItemType SymbolicLink -Path "C:\Windows\SysWOW64\docker.exe" -Target "C:\Windows\System32\docker.exe"
5742

58-
Write-Host "Install-Package Docker-Compose v1"
59-
$versionToInstall = Get-LatestChocoPackageVersion -TargetVersion "1.29" -PackageName "docker-compose"
60-
Choco-Install -PackageName docker-compose -ArgumentList "--version=$versionToInstall"
61-
62-
Write-Host "Install-Package Docker-Compose v2"
63-
$dockerComposev2Url = "https://github.com/docker/compose/releases/latest/download/docker-compose-windows-x86_64.exe"
64-
$cliPluginsDir = "C:\ProgramData\docker\cli-plugins"
65-
New-Item -Path $cliPluginsDir -ItemType Directory
66-
Start-DownloadWithRetry -Url $dockerComposev2Url -Name docker-compose.exe -DownloadPath $cliPluginsDir
67-
68-
Write-Host "Install docker-wincred"
69-
$dockerCredLatestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/docker/docker-credential-helpers/releases/latest"
70-
$dockerCredDownloadUrl = $dockerCredLatestRelease.assets.browser_download_url -match "docker-credential-wincred-.+\.exe" | Select-Object -First 1
71-
Start-DownloadWithRetry -Url $dockerCredDownloadUrl -DownloadPath "C:\Windows\System32" -Name "docker-credential-wincred.exe"
72-
73-
#region Supply chain security
74-
$distributor_file_hash = Get-DockerWincredHash -Release $dockerCredLatestRelease.name
75-
$local_file_hash = (Get-FileHash -Path 'C:\Windows\System32\docker-credential-wincred.exe' -Algorithm SHA256).Hash
76-
77-
if ($local_file_hash -ne $distributor_file_hash) {
78-
Write-Host "hash must be equal to: ${distributor_file_hash}"
79-
Write-Host "actual hash is: ${local_file_hash}"
80-
throw 'Checksum verification failed, please rerun install'
81-
}
82-
#endregion
83-
8443
Write-Host "Download docker images"
8544
$dockerImages = (Get-ToolsetContent).docker.images
8645
foreach ($dockerImage in $dockerImages) {
@@ -93,4 +52,5 @@ foreach ($dockerImage in $dockerImages) {
9352
}
9453
}
9554

96-
Invoke-PesterTests -TestFile "Docker"
55+
Invoke-PesterTests -TestFile "Docker" -TestName "Docker"
56+
Invoke-PesterTests -TestFile "Docker" -TestName "DockerImages"

images/win/scripts/Tests/Docker.Tests.ps1

Lines changed: 18 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,31 @@
11
Describe "Docker" {
2-
It "<ToolName>" -TestCases @(
3-
@{ ToolName = "docker" }
4-
@{ ToolName = "docker-compose" }
5-
) {
6-
"$ToolName --version" | Should -ReturnZeroExitCode
2+
It "docker is installed" {
3+
"docker --version" | Should -ReturnZeroExitCode
74
}
85

9-
It "docker-wincred" {
10-
"docker-credential-wincred version" | Should -ReturnZeroExitCode
6+
It "docker service is up" {
7+
"docker images" | Should -ReturnZeroExitCode
8+
}
9+
10+
It "docker symlink" {
11+
"C:\Windows\SysWOW64\docker.exe ps" | Should -ReturnZeroExitCode
12+
}
13+
}
14+
15+
Describe "DockerCompose" {
16+
It "docker-compose is installed" {
17+
"docker-compose --version" | Should -ReturnZeroExitCode
1118
}
1219

1320
It "docker compose v2" {
1421
"docker compose version" | Should -ReturnZeroExitCode
1522
}
1623

17-
It "docker service is up" {
18-
"docker images" | Should -ReturnZeroExitCode
19-
}
24+
}
2025

21-
It "docker symlink" {
22-
"C:\Windows\SysWOW64\docker.exe ps" | Should -ReturnZeroExitCode
26+
Describe "DockerWinCred" {
27+
It "docker-wincred" {
28+
"docker-credential-wincred version" | Should -ReturnZeroExitCode
2329
}
2430
}
2531

images/win/windows2019.json

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -170,6 +170,8 @@
170170
"scripts": [
171171
"{{ template_dir }}/scripts/Installers/Install-VCRedist.ps1",
172172
"{{ template_dir }}/scripts/Installers/Install-Docker.ps1",
173+
"{{ template_dir }}/scripts/Installers/Install-Docker-WinCred.ps1",
174+
"{{ template_dir }}/scripts/Installers/Install-Docker-Compose.ps1",
173175
"{{ template_dir }}/scripts/Installers/Install-PowershellCore.ps1",
174176
"{{ template_dir }}/scripts/Installers/Install-WebPlatformInstaller.ps1"
175177
]

images/win/windows2022.json

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,8 @@
155155
"type": "powershell",
156156
"scripts": [
157157
"{{ template_dir }}/scripts/Installers/Install-Docker.ps1",
158+
"{{ template_dir }}/scripts/Installers/Install-Docker-WinCred.ps1",
159+
"{{ template_dir }}/scripts/Installers/Install-Docker-Compose.ps1",
158160
"{{ template_dir }}/scripts/Installers/Install-PowershellCore.ps1",
159161
"{{ template_dir }}/scripts/Installers/Install-WebPlatformInstaller.ps1"
160162
]

0 commit comments

Comments
 (0)