-
Notifications
You must be signed in to change notification settings - Fork 64
/
quickstart.sh
executable file
·270 lines (230 loc) · 8.67 KB
/
quickstart.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
#!/usr/bin/env bash
set -euo pipefail
# This will be set to 1 if we instruct the user to manually verify signatures,
# when they have GPG but don't have the public key of the signer. Would be super
# confusing to tell the user to use files that we've cleaned up.
DO_CLEANUP=0
# shellcheck disable=SC2015
color_title=$(tput setaf 7 && tput bold || true)
color_dim=$(tput setaf 8 || true)
color_good=$(tput setaf 2 || true)
color_bad=$(tput setaf 1 || true)
color_warn=$(tput setaf 3 || true)
color_reset=$(tput sgr0 || true)
repo=https://repo1.maven.org/maven2
usage() {
cat <<EOF
${color_title}$0${color_reset}
Downloads the latest version of the Zipkin Server executable jar
${color_title}$0 GROUP:ARTIFACT:VERSION:CLASSIFIER TARGET${color_reset}
Downloads the "VERSION" version of GROUP:ARTIFACT with classifier "CLASSIFIER"
to path "TARGET" on the local file system. "VERSION" can take the special value
"LATEST", in which case the latest Zipkin release will be used. For example:
${color_title}$0 io.zipkin.aws:zipkin-autoconfigure-collector-kinesis:LATEST:module kinesis.jar${color_reset}
downloads the latest version of the artifact with group "io.zipkin.aws",
artifact id "zipkin-autoconfigure-collector-kinesis", and classifier "module"
to PWD/kinesis.jar
EOF
}
welcome() {
cat <<EOF
${color_title}Thank you for trying Zipkin!${color_reset}
This installer is provided as a quick-start helper, so you can try Zipkin out
without a lengthy installation process.
EOF
}
farewell() {
local artifact_classifier="$1"; shift
local filename="$1"; shift
if [[ "$artifact_classifier" = 'exec' ]]; then
cat <<EOF
${color_good}
You can now run the downloaded executable jar:
java -jar $filename
${color_reset}
EOF
else
cat << EOF
${color_good}
The downloaded artifact is now available at $filename.${color_reset}
EOF
fi
}
cleanup() {
local base_filename="$1"; shift
if [[ "$DO_CLEANUP" -eq 0 ]]; then
printf '\n%s\n' "${color_title}Cleaning up checksum and signature files${color_reset}"
execute_and_log rm -f "$base_filename"{.md5,.asc}
DO_CLEANUP=1
fi
}
handle_shutdown() {
local status=$?
local base_filename="$1"; shift
if [[ $status -eq 0 ]]; then
cleanup "$base_filename"
else
cat <<EOF
${color_bad}
It looks like quick-start setup has failed. Please run the command again
with the debug flag like below, and open an issue on
https://github.com/openzipkin/openzipkin.github.io/issues/new. Make sure
to include the full output of the run.
${color_reset}
\\curl -sSL https://zipkin.io/quickstart.sh | bash -sx -- $@
In the meanwhile, you can manually download and run the latest executable jar
from the following URL:
https://search.maven.org/remote_content?g=io.zipkin&a=zipkin-server&v=LATEST&c=exec
EOF
fi
}
execute_and_log() {
local command=("$@")
printf >&2 '%s\n' "${color_dim}> ${command[*]}${color_reset}"
eval "${command[@]}"
}
fetch() {
url="$1"; shift
target="$1"; shift
execute_and_log curl -fL -o "'$target'" "'$url'"
}
fetch_latest_version() {
local artifact_group="$1"; shift
local artifact_id="$1"; shift
local url="${repo}/${artifact_group_with_slashes}/${artifact_id}/maven-metadata.xml"
versions=$(curl -sSL $url | sed -n '/<version>/s/.*<version>\([^<]*\)<\/version>.*/\1/p')
IFS=$'\n' version_array=($versions)
found_version=false
for ((i=${#version_array[@]}-1; i>=0; i--)); do
version=${version_array[i]}
if [[ $version =~ ^[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]$ ]]; then
printf "%s\n" "$version"
found_version=true
break
fi
done
if [ "$found_version" = false ]; then
cat <<EOF
${color_bad}Cannot found any valid Zipkin release version number; this script is confused. Bailing out. ${color_reset}
EOF
exit 1
fi
}
artifact_part() {
local index="$1"; shift
local artifact="$1"; shift
local parts
IFS=':' read -ra parts <<< "$artifact"
if [[ "${#parts[@]}" -lt $((index + 1)) ]]; then
printf ''
else
printf '%s' "${parts[$index]}"
fi
}
verify_version_number() {
if [[ ! "$1" =~ ^[[:digit:]+\.[[:digit:]]+\.[[:digit:]]+$ ]]; then
cat <<EOF
${color_bad}The target version is "$1". That doesn't look like a valid Zipkin release version
number; this script is confused. Bailing out.
${color_reset}
EOF
exit 1
fi
}
verify_checksum() {
local url="$1"; shift
local filename="$1"; shift
printf '\n%s\n' "${color_title}Verifying checksum...${color_reset}"
# Fetch the .md5 file even if md5sum is not on the path
# This lets us verify its GPG signature later on, and the user might have another way of checksum verification
fetch "$url.md5" "$filename.md5"
if command -v md5sum >/dev/null 2>&1; then
execute_and_log "md5sum -c <<< \"\$(cat $filename.md5) $filename\""
printf '%s\n' "${color_good}Checksum for ${filename} passes verification${color_reset}"
else
printf '%s\n' "${color_warn}md5sum not found on path, skipping checksum verification${color_reset}"
fi
}
verify_signature() {
local url="$1"; shift
local filename="$1"; shift
printf '\n%s\n' "${color_title}Verifying GPG signature of $filename...${color_reset}"
# Trust OpenZipkin's key
local gpg_key='FF31B515'
if command -v gpg >/dev/null 2>&1; then
fetch "$url.asc" "$filename.asc"
if gpg --list-keys "$gpg_key" >/dev/null 2>&1; then
execute_and_log gpg --verify "$filename.asc" "$filename"
printf '%s\n' "${color_good}GPG signature for ${filename} passes verification${color_reset}"
else
cat <<EOF
${color_warn}
GPG signing key is not known, skipping signature verification.
Use the following commands to manually verify the signature of $filename:
gpg --keyserver keyserver.ubuntu.com --recv $gpg_key
# Optionally trust the key via 'gpg --edit-key $gpg_key', then typing 'trust',
# choosing a trust level, and exiting the interactive GPG session by 'quit'
gpg --verify $filename.asc $filename
${color_reset}
EOF
DO_CLEANUP=1
fi
else
printf '%s\n' "${color_warn}gpg not found on path, skipping checksum verification${color_reset}"
fi
}
main() {
local artifact_group=io.zipkin
local artifact_id=zipkin-server
local artifact_version=LATEST
local artifact_version_lowercase=latest
local artifact_classifier=exec
local artifact_group_with_slashes
local artifact_url
if [[ $# -eq 0 ]]; then
local filename="zipkin.jar"
# shellcheck disable=SC2064
trap "handle_shutdown \"$filename\" $*" EXIT
elif [[ "$1" = '-h' || "$1" = '--help' ]]; then
usage
exit
elif [[ $# -eq 2 ]]; then
local artifact="$1"
local filename="$2"
# shellcheck disable=SC2064
trap "handle_shutdown \"$filename\" $*" EXIT
artifact_group="$(artifact_part 0 "$artifact")"
artifact_id="$(artifact_part 1 "$artifact")"
artifact_version="$(artifact_part 2 "$artifact")"
artifact_classifier="$(artifact_part 3 "$artifact")"
else
usage
exit 1
fi
if [[ -n "$artifact_classifier" ]]; then
artifact_classifier_suffix="-$artifact_classifier"
else
artifact_classifier_suffix=''
fi
welcome
if [ "${artifact_group}" = 'io.zipkin.java' ]; then
printf '%s\n' "${color_warn}You've requested the server's old group name: 'io.zipkin.java'. Please update links to the current group 'io.zipkin'...${color_reset}"
artifact_group=io.zipkin
fi
artifact_group_with_slashes="${artifact_group//.//}"
artifact_version_lowercase="$(tr '[:upper:]' '[:lower:]' <<< "$artifact_version")"
if [ "${artifact_version_lowercase}" = 'latest' ]; then
printf '%s\n' "${color_title}Fetching version number of latest ${artifact_group}:${artifact_id} release...${color_reset}"
artifact_version="$(fetch_latest_version "$artifact_group" "$artifact_id")"
fi
verify_version_number "$artifact_version"
printf '%s\n\n' "${color_good}Latest release of ${artifact_group}:${artifact_id} seems to be ${artifact_version}${color_reset}"
printf '%s\n' "${color_title}Downloading $artifact_group:$artifact_id:$artifact_version:$artifact_classifier to $filename...${color_reset}"
artifact_url="${repo}/${artifact_group_with_slashes}/${artifact_id}/$artifact_version/${artifact_id}-${artifact_version}${artifact_classifier_suffix}.jar"
fetch "$artifact_url" "$filename"
verify_checksum "$artifact_url" "$filename"
verify_signature "$artifact_url" "$filename"
cleanup "$filename"
farewell "$artifact_classifier" "$filename"
}
main "$@"