InstallWithOptions installs a plugin with options.
(i Installer, opts Options)
| 72 | |
| 73 | // InstallWithOptions installs a plugin with options. |
| 74 | func InstallWithOptions(i Installer, opts Options) (*VerificationResult, error) { |
| 75 | |
| 76 | if err := os.MkdirAll(filepath.Dir(i.Path()), 0755); err != nil { |
| 77 | return nil, err |
| 78 | } |
| 79 | if _, pathErr := os.Stat(i.Path()); !os.IsNotExist(pathErr) { |
| 80 | slog.Warn("plugin already exists", slog.String("path", i.Path()), slog.Any("error", pathErr)) |
| 81 | return nil, errors.New("plugin already exists") |
| 82 | } |
| 83 | |
| 84 | var result *VerificationResult |
| 85 | |
| 86 | // If verification is requested, check if installer supports it |
| 87 | if opts.Verify { |
| 88 | verifier, ok := i.(Verifier) |
| 89 | if !ok || !verifier.SupportsVerification() { |
| 90 | return nil, errors.New("--verify is only supported for plugin tarballs (.tgz files)") |
| 91 | } |
| 92 | |
| 93 | // Get verification data (works for both memory and file-based installers) |
| 94 | archiveData, provData, filename, err := verifier.GetVerificationData() |
| 95 | if err != nil { |
| 96 | return nil, fmt.Errorf("failed to get verification data: %w", err) |
| 97 | } |
| 98 | |
| 99 | // Check if provenance data exists |
| 100 | if len(provData) == 0 { |
| 101 | return nil, errors.New("plugin verification failed: no provenance file (.prov) found") |
| 102 | } |
| 103 | |
| 104 | // Provenance data exists - verify the plugin |
| 105 | verification, err := plugin.VerifyPlugin(archiveData, provData, filename, opts.Keyring) |
| 106 | if err != nil { |
| 107 | return nil, fmt.Errorf("plugin verification failed: %w", err) |
| 108 | } |
| 109 | |
| 110 | // Collect verification info |
| 111 | result = &VerificationResult{ |
| 112 | SignedBy: make([]string, 0), |
| 113 | Fingerprint: fmt.Sprintf("%X", verification.SignedBy.PrimaryKey.Fingerprint), |
| 114 | FileHash: verification.FileHash, |
| 115 | } |
| 116 | for name := range verification.SignedBy.Identities { |
| 117 | result.SignedBy = append(result.SignedBy, name) |
| 118 | } |
| 119 | } |
| 120 | |
| 121 | if err := i.Install(); err != nil { |
| 122 | return nil, err |
| 123 | } |
| 124 | |
| 125 | return result, nil |
| 126 | } |
| 127 | |
| 128 | // Update updates a plugin. |
| 129 | func Update(i Installer) error { |
searching dependent graphs…