diff --git a/scripts/install.sh b/scripts/install.sh index 15f84f6..5f0bdd7 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# Fail-safe bash mode (only if bash is used) +# Fail-safe bash mode if [ -n "$BASH_VERSION" ]; then set -euo pipefail else @@ -26,38 +26,72 @@ case "$OS" in *) echo "Unsupported OS: $OS" >&2; exit 1 ;; esac -# === Download-URL zusammensetzen === -BINARY_FILE="${BINARY_NAME}-${OS}-${ARCH}" -DOWNLOAD_URL="${REPO_URL}/${BINARY_FILE}" +# === Datei- und URL-Namen === +BASE_NAME="${BINARY_NAME}-${OS}-${ARCH}" +ZST_NAME="${BASE_NAME}.zst" +ZST_URL="${REPO_URL}/${ZST_NAME}" +BIN_URL="${REPO_URL}/${BASE_NAME}" echo "📦 Installing ${BINARY_NAME} for ${OS}/${ARCH}..." -echo "🌐 Downloading from: ${DOWNLOAD_URL}" -# === Binary herunterladen === -TMP_FILE=$(mktemp) -curl -fsSL "${DOWNLOAD_URL}" -o "${TMP_FILE}" -chmod +x "${TMP_FILE}" - -# === SHA256-Check === -TMP_HASH=$(mktemp) -curl -fsSL "${DOWNLOAD_URL}.sha256" -o "$TMP_HASH" -EXPECTED_HASH=$(cut -d ' ' -f1 "$TMP_HASH") -ACTUAL_HASH=$(openssl dgst -sha256 "$TMP_FILE" | awk '{print $2}') - -if [ "$EXPECTED_HASH" != "$ACTUAL_HASH" ]; then - echo "⚠️ Checksum mismatch!" - echo "Expected: $EXPECTED_HASH" - echo "Actual: $ACTUAL_HASH" - exit 1 +USE_ZSTD=false +if command -v zstd >/dev/null; then + echo "✅ 'zstd' found – will use compressed .zst archive" + USE_ZSTD=true fi -# === Installation === +TMP_DIR=$(mktemp -d) +cleanup() { + rm -rf "$TMP_DIR" +} +trap cleanup EXIT + +if [ "$USE_ZSTD" = true ]; then + echo "🌐 Downloading: ${ZST_URL}" + curl -fsSL "$ZST_URL" -o "$TMP_DIR/${ZST_NAME}" + echo "🌐 Downloading checksum: ${ZST_URL}.sha256" + curl -fsSL "$ZST_URL.sha256" -o "$TMP_DIR/zst.sha256" + + EXPECTED_HASH=$(cut -d ' ' -f1 "$TMP_DIR/zst.sha256") + ACTUAL_HASH=$(openssl dgst -sha256 "$TMP_DIR/${ZST_NAME}" | awk '{print $2}') + + if [ "$EXPECTED_HASH" != "$ACTUAL_HASH" ]; then + echo "⚠️ Checksum mismatch for .zst archive!" + echo "Expected: $EXPECTED_HASH" + echo "Actual: $ACTUAL_HASH" + exit 1 + fi + + echo "📥 Decompressing..." + zstd -d -q "$TMP_DIR/${ZST_NAME}" -o "$TMP_DIR/${BASE_NAME}" + TMP_FILE="$TMP_DIR/${BASE_NAME}" + +else + echo "🌐 Downloading uncompressed binary: ${BIN_URL}" + curl -fsSL "$BIN_URL" -o "$TMP_DIR/${BASE_NAME}" + echo "🌐 Downloading checksum: ${BIN_URL}.sha256" + curl -fsSL "$BIN_URL.sha256" -o "$TMP_DIR/binary.sha256" + + EXPECTED_HASH=$(cut -d ' ' -f1 "$TMP_DIR/binary.sha256") + ACTUAL_HASH=$(openssl dgst -sha256 "$TMP_DIR/${BASE_NAME}" | awk '{print $2}') + + if [ "$EXPECTED_HASH" != "$ACTUAL_HASH" ]; then + echo "⚠️ Checksum mismatch!" + echo "Expected: $EXPECTED_HASH" + echo "Actual: $ACTUAL_HASH" + exit 1 + fi + + TMP_FILE="$TMP_DIR/${BASE_NAME}" +fi + +chmod +x "$TMP_FILE" echo "🚀 Installing to ${INSTALL_PATH}/${BINARY_NAME}" if [ -w "$INSTALL_PATH" ]; then - install -m 755 "${TMP_FILE}" "${INSTALL_PATH}/${BINARY_NAME}" + install -m 755 "$TMP_FILE" "${INSTALL_PATH}/${BINARY_NAME}" else - sudo install -m 755 "${TMP_FILE}" "${INSTALL_PATH}/${BINARY_NAME}" + sudo install -m 755 "$TMP_FILE" "${INSTALL_PATH}/${BINARY_NAME}" fi echo "✅ Installation complete: $(command -v ${BINARY_NAME})" -"${BINARY_NAME}" --version || true \ No newline at end of file +"${BINARY_NAME}" --version || true