profilex-cli 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -0
- package/package.json +1 -1
- package/scripts/postinstall.js +36 -1
package/README.md
CHANGED
|
@@ -14,3 +14,5 @@ Configuration:
|
|
|
14
14
|
|
|
15
15
|
- `PROFILEX_REPO`: override GitHub repo for releases (default: `derekurban/profilex-cli`)
|
|
16
16
|
- `PROFILEX_VERIFY_SIGNATURES`: set `0` to disable signature verification (default: `1`)
|
|
17
|
+
- `PROFILEX_COSIGN_VERSION`: cosign version used if cosign is not on PATH (default: `v2.5.3`)
|
|
18
|
+
- `PROFILEX_COSIGN_CACHE_DIR`: optional cache dir for downloaded cosign binaries (default Windows: `%LOCALAPPDATA%\\profilex\\cache\\cosign`)
|
package/package.json
CHANGED
package/scripts/postinstall.js
CHANGED
|
@@ -100,6 +100,17 @@ function defaultCosignIdentityRegex(repo) {
|
|
|
100
100
|
return `^https://github.com/${repo}/.github/workflows/release.yml@refs/tags/.*$`;
|
|
101
101
|
}
|
|
102
102
|
|
|
103
|
+
function defaultCosignCacheDir(platform) {
|
|
104
|
+
if (platform === "windows") {
|
|
105
|
+
const localAppData = process.env.LOCALAPPDATA;
|
|
106
|
+
if (localAppData && localAppData.trim() !== "") {
|
|
107
|
+
return path.join(localAppData, "profilex", "cache", "cosign");
|
|
108
|
+
}
|
|
109
|
+
return path.join(os.homedir(), "AppData", "Local", "profilex", "cache", "cosign");
|
|
110
|
+
}
|
|
111
|
+
return path.join(os.homedir(), ".cache", "profilex", "cosign");
|
|
112
|
+
}
|
|
113
|
+
|
|
103
114
|
async function ensureCosign(tempDir, platform, arch) {
|
|
104
115
|
const existing = cp.spawnSync("cosign", ["version"], { stdio: "ignore" });
|
|
105
116
|
if (!existing.error && existing.status === 0) {
|
|
@@ -109,10 +120,34 @@ async function ensureCosign(tempDir, platform, arch) {
|
|
|
109
120
|
const cosignVersion = process.env.PROFILEX_COSIGN_VERSION || "v2.5.3";
|
|
110
121
|
const suffix = platform === "windows" ? ".exe" : "";
|
|
111
122
|
const asset = `cosign-${platform}-${arch}${suffix}`;
|
|
112
|
-
const outFile = path.join(tempDir, asset);
|
|
123
|
+
const outFile = path.join(tempDir, `${asset}.download`);
|
|
124
|
+
const cacheRoot = process.env.PROFILEX_COSIGN_CACHE_DIR || defaultCosignCacheDir(platform);
|
|
125
|
+
const cacheFile = path.join(cacheRoot, cosignVersion, asset);
|
|
126
|
+
try {
|
|
127
|
+
if (fs.existsSync(cacheFile) && fs.statSync(cacheFile).size > 0) {
|
|
128
|
+
console.log(`[profilex-npm] using cached cosign ${cosignVersion}`);
|
|
129
|
+
return cacheFile;
|
|
130
|
+
}
|
|
131
|
+
if (fs.existsSync(cacheFile)) {
|
|
132
|
+
fs.rmSync(cacheFile, { force: true });
|
|
133
|
+
}
|
|
134
|
+
} catch {
|
|
135
|
+
// Fall through to download path.
|
|
136
|
+
}
|
|
113
137
|
const url = `https://github.com/sigstore/cosign/releases/download/${cosignVersion}/${asset}`;
|
|
114
138
|
console.log(`[profilex-npm] cosign not found; downloading ${cosignVersion}`);
|
|
115
139
|
await fetchToFile(url, outFile);
|
|
140
|
+
try {
|
|
141
|
+
fs.mkdirSync(path.dirname(cacheFile), { recursive: true });
|
|
142
|
+
fs.copyFileSync(outFile, cacheFile);
|
|
143
|
+
if (platform !== "windows") {
|
|
144
|
+
fs.chmodSync(cacheFile, 0o755);
|
|
145
|
+
}
|
|
146
|
+
console.log(`[profilex-npm] cached cosign ${cosignVersion}`);
|
|
147
|
+
return cacheFile;
|
|
148
|
+
} catch {
|
|
149
|
+
// If caching fails, still use downloaded binary from temp dir.
|
|
150
|
+
}
|
|
116
151
|
if (platform !== "windows") {
|
|
117
152
|
fs.chmodSync(outFile, 0o755);
|
|
118
153
|
}
|