Download and install a plugin. Install from GitGuardian (requires authentication): ggshield plugin install tokenscanner ggshield plugin install tokenscanner --version 0.1.0 Install from a local wheel file: ggshield plugin install ./path/to/plugin.whl In
(
ctx: click.Context,
plugin_source: str,
version: Optional[str],
sha256: Optional[str],
allow_unsigned: bool,
**kwargs: Any,
)
| 92 | @add_common_options() |
| 93 | @click.pass_context |
| 94 | def install_cmd( |
| 95 | ctx: click.Context, |
| 96 | plugin_source: str, |
| 97 | version: Optional[str], |
| 98 | sha256: Optional[str], |
| 99 | allow_unsigned: bool, |
| 100 | **kwargs: Any, |
| 101 | ) -> None: |
| 102 | """ |
| 103 | Download and install a plugin. |
| 104 | |
| 105 | Install from GitGuardian (requires authentication): |
| 106 | |
| 107 | ggshield plugin install tokenscanner |
| 108 | |
| 109 | ggshield plugin install tokenscanner --version 0.1.0 |
| 110 | |
| 111 | Install from a local wheel file: |
| 112 | |
| 113 | ggshield plugin install ./path/to/plugin.whl |
| 114 | |
| 115 | Install from a URL: |
| 116 | |
| 117 | ggshield plugin install https://example.com/plugin.whl |
| 118 | |
| 119 | ggshield plugin install https://example.com/plugin.whl --sha256 abc123... |
| 120 | |
| 121 | Install from a GitHub release: |
| 122 | |
| 123 | ggshield plugin install https://github.com/owner/repo/releases/download/v1.0.0/plugin.whl |
| 124 | |
| 125 | Install from a GitHub Actions artifact (requires GITHUB_TOKEN): |
| 126 | |
| 127 | ggshield plugin install https://github.com/owner/repo/actions/runs/123/artifacts/456 |
| 128 | """ |
| 129 | # Signature verification is strict by default. The only override is the |
| 130 | # explicit per-command --allow-unsigned flag. |
| 131 | signature_mode = ( |
| 132 | SignatureVerificationMode.WARN |
| 133 | if allow_unsigned |
| 134 | else SignatureVerificationMode.STRICT |
| 135 | ) |
| 136 | |
| 137 | source_type = detect_source_type(plugin_source) |
| 138 | |
| 139 | if source_type == PluginSourceType.GITHUB_ARTIFACT: |
| 140 | _install_from_github_artifact(ctx, plugin_source, signature_mode) |
| 141 | elif source_type == PluginSourceType.GITHUB_RELEASE: |
| 142 | _install_from_github_release(ctx, plugin_source, sha256, signature_mode) |
| 143 | elif source_type == PluginSourceType.URL: |
| 144 | _install_from_url(ctx, plugin_source, sha256, signature_mode) |
| 145 | elif source_type == PluginSourceType.LOCAL_FILE: |
| 146 | _install_from_local_wheel(ctx, plugin_source, signature_mode) |
| 147 | else: |
| 148 | _install_from_gitguardian(ctx, plugin_source, version, signature_mode) |
| 149 | |
| 150 | |
| 151 | def _install_from_gitguardian( |
nothing calls this directly
no test coverage detected