-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[windows] split docker install into 3 scripts (#8688)
* [windows] split docker install into 3 scripts the idea is to end with 1 script per 1 component for better observability * Update images/win/scripts/Installers/Install-Docker-Compose.ps1 Co-authored-by: Erik Bershel <110455084+erik-bershel@users.noreply.github.com> * Update images/win/scripts/Installers/Install-Docker-WinCred.ps1 Co-authored-by: Vasilii Polikarpov <126792224+vpolikarpov-akvelon@users.noreply.github.com> * fix test --------- Co-authored-by: Erik Bershel <110455084+erik-bershel@users.noreply.github.com> Co-authored-by: Vasilii Polikarpov <126792224+vpolikarpov-akvelon@users.noreply.github.com>
- Loading branch information
1 parent
98c6d29
commit 030fc05
Showing
6 changed files
with
76 additions
and
54 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
################################################################################ | ||
## File: Install-Docker-Compose.ps1 | ||
## Desc: Install Docker Compose. | ||
## Supply chain security: Docker Compose v1 - by package manager | ||
################################################################################ | ||
|
||
Write-Host "Install-Package Docker-Compose v1" | ||
$versionToInstall = Get-LatestChocoPackageVersion -TargetVersion "1.29" -PackageName "docker-compose" | ||
Choco-Install -PackageName docker-compose -ArgumentList "--version=$versionToInstall" | ||
|
||
Write-Host "Install-Package Docker-Compose v2" | ||
$dockerComposev2Url = "https://github.com/docker/compose/releases/latest/download/docker-compose-windows-x86_64.exe" | ||
$cliPluginsDir = "C:\ProgramData\docker\cli-plugins" | ||
New-Item -Path $cliPluginsDir -ItemType Directory | ||
Start-DownloadWithRetry -Url $dockerComposev2Url -Name docker-compose.exe -DownloadPath $cliPluginsDir | ||
|
||
Invoke-PesterTests -TestFile "Docker" -TestName "DockerCompose" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
################################################################################ | ||
## File: Install-Docker-WinCred.ps1 | ||
## Desc: Install Docker credential helper. | ||
## Supply chain security: checksum validation | ||
################################################################################ | ||
|
||
#region functions | ||
function Get-DockerWincredHash { | ||
Param ( | ||
[Parameter(Mandatory = $True)] | ||
[string] $Release | ||
) | ||
|
||
$hashURL = "https://github.com/docker/docker-credential-helpers/releases/download/${Release}/checksums.txt" | ||
(Invoke-RestMethod -Uri $hashURL).ToString().Split("`n").Where({ $_ -ilike "*docker-credential-wincred-${Release}.windows-amd64.exe*" }).Split(' ')[0] | ||
} | ||
#endregion | ||
|
||
Write-Host "Install docker-wincred" | ||
$dockerCredLatestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/docker/docker-credential-helpers/releases/latest" | ||
$dockerCredDownloadUrl = $dockerCredLatestRelease.assets.browser_download_url -match "docker-credential-wincred-.+\.exe" | Select-Object -First 1 | ||
Start-DownloadWithRetry -Url $dockerCredDownloadUrl -DownloadPath "C:\Windows\System32" -Name "docker-credential-wincred.exe" | ||
|
||
#region Supply chain security | ||
$distributor_file_hash = Get-DockerWincredHash -Release $dockerCredLatestRelease.name | ||
$local_file_hash = (Get-FileHash -Path 'C:\Windows\System32\docker-credential-wincred.exe' -Algorithm SHA256).Hash | ||
|
||
if ($local_file_hash -ne $distributor_file_hash) { | ||
Write-Host "hash must be equal to: ${distributor_file_hash}" | ||
Write-Host "actual hash is: ${local_file_hash}" | ||
throw 'Checksum verification failed, please rerun install' | ||
} | ||
#endregion | ||
|
||
Invoke-PesterTests -TestFile "Docker" -TestName "DockerWinCred" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters