#!/bin/sh # install.sh — installer for acp (agent-cred-proxy). # # curl -fsSL https://agent-cred-proxy.vikrantpogula.com/install.sh | sh # # Downloads the right static binary for your OS/arch, verifies its SHA-256 # checksum, and installs it to a bin directory on your PATH. POSIX sh; no # dependencies beyond curl (or wget) and a sha256 tool. # # Environment overrides: # ACP_INSTALL_DIR target directory (default: ~/.local/bin, or /usr/local/bin if writable) # ACP_BASE_URL download base (default: https://agent-cred-proxy.vikrantpogula.com) set -eu BASE_URL="${ACP_BASE_URL:-https://agent-cred-proxy.vikrantpogula.com}" BIN_NAME="acp" info() { printf '\033[0;36m==>\033[0m %s\n' "$1" >&2; } warn() { printf '\033[0;33mwarning:\033[0m %s\n' "$1" >&2; } err() { printf '\033[0;31merror:\033[0m %s\n' "$1" >&2; exit 1; } # --- detect OS --------------------------------------------------------------- os="$(uname -s)" case "$os" in Linux) OS="linux" ;; Darwin) OS="darwin" ;; *) err "unsupported OS '$os'. On Windows, run in PowerShell: irm ${BASE_URL}/install.ps1 | iex" ;; esac # --- detect arch ------------------------------------------------------------- arch="$(uname -m)" case "$arch" in x86_64|amd64) ARCH="amd64" ;; arm64|aarch64) ARCH="arm64" ;; *) err "unsupported architecture '$arch'. See ${BASE_URL}/#downloads for manual options." ;; esac ASSET="${BIN_NAME}-${OS}-${ARCH}" URL="${BASE_URL}/dl/${ASSET}" SUM_URL="${URL}.sha256" # --- pick a downloader ------------------------------------------------------- if command -v curl >/dev/null 2>&1; then dl() { curl -fsSL "$1" -o "$2"; } dls() { curl -fsSL "$1"; } elif command -v wget >/dev/null 2>&1; then dl() { wget -qO "$2" "$1"; } dls() { wget -qO - "$1"; } else err "need curl or wget to download" fi # --- choose install dir ------------------------------------------------------ if [ -n "${ACP_INSTALL_DIR:-}" ]; then DIR="$ACP_INSTALL_DIR" elif [ -w "/usr/local/bin" ] 2>/dev/null; then DIR="/usr/local/bin" else DIR="${HOME}/.local/bin" fi mkdir -p "$DIR" || err "cannot create install dir: $DIR" # --- download ---------------------------------------------------------------- TMP="$(mktemp -d "${TMPDIR:-/tmp}/acp-install.XXXXXX")" trap 'rm -rf "$TMP"' EXIT TMP_BIN="${TMP}/${BIN_NAME}" info "downloading ${ASSET}" dl "$URL" "$TMP_BIN" || err "download failed: $URL" # --- verify checksum (best effort — fail closed if the sum file exists) ------- if EXPECTED="$(dls "$SUM_URL" 2>/dev/null)"; then EXPECTED="$(printf '%s' "$EXPECTED" | awk '{print $1}')" if command -v sha256sum >/dev/null 2>&1; then ACTUAL="$(sha256sum "$TMP_BIN" | awk '{print $1}')" elif command -v shasum >/dev/null 2>&1; then ACTUAL="$(shasum -a 256 "$TMP_BIN" | awk '{print $1}')" else ACTUAL="" warn "no sha256 tool found; skipping checksum verification" fi if [ -n "$ACTUAL" ]; then [ "$ACTUAL" = "$EXPECTED" ] || err "checksum mismatch (expected $EXPECTED, got $ACTUAL)" info "checksum verified" fi else warn "no checksum published for ${ASSET}; skipping verification" fi # --- install ----------------------------------------------------------------- chmod +x "$TMP_BIN" DEST="${DIR}/${BIN_NAME}" if mv "$TMP_BIN" "$DEST" 2>/dev/null; then : elif command -v sudo >/dev/null 2>&1; then info "elevating with sudo to write $DEST" sudo mv "$TMP_BIN" "$DEST" else err "cannot write to $DIR (set ACP_INSTALL_DIR to a writable path)" fi info "installed ${BIN_NAME} -> ${DEST}" # --- PATH hint --------------------------------------------------------------- case ":${PATH}:" in *":${DIR}:"*) : ;; *) warn "${DIR} is not on your PATH. Add it, e.g.:" printf ' echo '\''export PATH="%s:$PATH"'\'' >> ~/.profile\n' "$DIR" >&2 ;; esac printf '\n' "$DEST" version 2>/dev/null || true printf '\nNext: %s configure (opens the setup UI) then %s start (docs: %s)\n' "$BIN_NAME" "$BIN_NAME" "$BASE_URL" >&2