MangoPig/Dot-Zsh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Verify Go bootstrap tarball

Browse Source
This commit is contained in:
MangoPig
2026-06-02 12:21:03 +01:00
parent 348ef2a0e7
commit f2be49aaac
1 changed files with 75 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
Scripts/go.sh
View File

@@ -12,6 +12,7 @@ NC='\033[0m'
export GVM_ROOT="$HOME/.programming/go" export GVM_ROOT="$HOME/.programming/go"
BOOTSTRAP_GO="$GVM_ROOT/bootstrap" BOOTSTRAP_GO="$GVM_ROOT/bootstrap"
GO_BOOTSTRAP_VERSION="1.20.5"
OS_NAME="$(uname -s)" OS_NAME="$(uname -s)"
ARCH="$(uname -m)" ARCH="$(uname -m)"
@@ -42,6 +43,79 @@ case "$OS_NAME" in
;; ;;
esac esac
GO_BOOTSTRAP_FILENAME="go${GO_BOOTSTRAP_VERSION}.${GO_BOOTSTRAP_OS}-${GO_BOOTSTRAP_ARCH}.tar.gz"
GO_BOOTSTRAP_URL="https://go.dev/dl/${GO_BOOTSTRAP_FILENAME}"
GO_RELEASE_METADATA_URL="https://go.dev/dl/?mode=json&include=all"
sha256_file() {
local file_path="$1"
if command -v sha256sum >/dev/null 2>&1; then
sha256sum "$file_path" | awk '{print $1}'
elif command -v shasum >/dev/null 2>&1; then
shasum -a 256 "$file_path" | awk '{print $1}'
else
echo -e "${RED} ERROR:${NC} No SHA256 tool found (need sha256sum or shasum)."
exit 1
fi
}
get_go_release_sha256() {
python3 - "$GO_RELEASE_METADATA_URL" "$GO_BOOTSTRAP_FILENAME" <<'PY'
import json
import sys
import urllib.request
metadata_url = sys.argv[1]
target_filename = sys.argv[2]
with urllib.request.urlopen(metadata_url, timeout=30) as response:
releases = json.load(response)
for release in releases:
for file_info in release.get("files", []):
if file_info.get("filename") == target_filename:
print(file_info.get("sha256", ""))
raise SystemExit(0)
raise SystemExit(1)
PY
}
download_and_verify_go_bootstrap() {
local destination_path="$1"
local expected_sha256=""
local actual_sha256=""
local temp_tarball=""
temp_tarball="$(mktemp "${TMPDIR:-/tmp}/go-bootstrap.XXXXXX")"
cleanup_go_bootstrap_download() {
rm -f "$temp_tarball"
}
trap cleanup_go_bootstrap_download RETURN
echo -e "${BLUE} LOG:${YELLOW} Downloading pinned Bootstrap Go ${GO_BOOTSTRAP_VERSION}...${NC}"
curl -fsSL "$GO_BOOTSTRAP_URL" -o "$temp_tarball"
expected_sha256="$(get_go_release_sha256)"
if [ -z "$expected_sha256" ]; then
echo -e "${RED} ERROR:${NC} Could not find official SHA256 for ${GO_BOOTSTRAP_FILENAME}."
exit 1
fi
actual_sha256="$(sha256_file "$temp_tarball")"
if [ "$actual_sha256" != "$expected_sha256" ]; then
echo -e "${RED} ERROR:${NC} Bootstrap Go checksum mismatch for ${GO_BOOTSTRAP_FILENAME}."
echo -e "${RED} ERROR:${NC} Expected: ${expected_sha256}"
echo -e "${RED} ERROR:${NC} Actual: ${actual_sha256}"
exit 1
fi
tar -C "$destination_path" -xzf "$temp_tarball" --strip-components=1
}
echo -e "${BLUE} LOG:${YELLOW} Setting up Go and GVM in ${GVM_ROOT}...${NC}" echo -e "${BLUE} LOG:${YELLOW} Setting up Go and GVM in ${GVM_ROOT}...${NC}"
if [ ! -d "$GVM_ROOT/scripts" ]; then if [ ! -d "$GVM_ROOT/scripts" ]; then
@@ -66,12 +140,8 @@ else
fi fi
if [ ! -d "$BOOTSTRAP_GO" ]; then if [ ! -d "$BOOTSTRAP_GO" ]; then
echo -e "${BLUE} LOG:${YELLOW} Downloading Bootstrap Go...${NC}"
mkdir -p "$BOOTSTRAP_GO" mkdir -p "$BOOTSTRAP_GO"
download_and_verify_go_bootstrap "$BOOTSTRAP_GO"
wget -q "https://go.dev/dl/go1.20.5.${GO_BOOTSTRAP_OS}-${GO_BOOTSTRAP_ARCH}.tar.gz" -O /tmp/go-bootstrap.tar.gz
tar -C "$BOOTSTRAP_GO" -xzf /tmp/go-bootstrap.tar.gz --strip-components=1
rm /tmp/go-bootstrap.tar.gz
echo -e "${GREEN} SUCCESS:${NC} Bootstrap Go installed." echo -e "${GREEN} SUCCESS:${NC} Bootstrap Go installed."
else else