From c7974386c7f05f2da9b06fac9adf675ddb57c336 Mon Sep 17 00:00:00 2001
From: Bill Bucher <51128275+bbucher-sigsci@users.noreply.github.com>
Date: Wed, 30 Jun 2021 16:09:36 -0500
Subject: [PATCH] Adding optional override for the agent download url (#12)

* Giving customers the option to override the download url used to download the agent. If SIGSCI_INTERNAL_AGENT_DOWNLOAD_URL is set, use the value for the url.

* - fix bad download url
- remove extra fi

* add note on env var relationships.

Co-authored-by: bbucher-sigsci <bbucher@fastly.com>
---
 README.md           |  4 ++++
 lib/sigsci-agent.sh | 52 +++++++++++++++++++++++++++------------------
 2 files changed, 35 insertions(+), 21 deletions(-)

diff --git a/README.md b/README.md
index 2e97174..eca82fc 100644
--- a/README.md
+++ b/README.md
@@ -45,6 +45,10 @@ To configure the Signal Sciences agent the following environment variables must
 
 `SIGSCI_SERVER_HOSTNAME` (optional)
 
+`SIGSCI_AGENT_DOWNLOAD_URL` (optional, NOTE: This needs to be a fully qualified http(s) path to a tar, gzipped agent file)
+
+**_NOTE: If SIGSCI_AGENT_DOWNLOAD_URL is set, then SIGSCI_AGENT_VERSION will be ignored, and SIGSCI_DISABLE_CHECKSUM_INTEGRITY_CHECK will be implied._**
+
 Set environment variables using the `cf` command:
 
 `cf set-env YOUR-APP <variable name> "<value>"`
diff --git a/lib/sigsci-agent.sh b/lib/sigsci-agent.sh
index f91554c..3022c9c 100644
--- a/lib/sigsci-agent.sh
+++ b/lib/sigsci-agent.sh
@@ -87,38 +87,49 @@ then
 
   ## install agent
 
-  # if agent version not specified then get the latest version.
-  if [ -z $SIGSCI_AGENT_VERSION ]
+  # if a specific download url is provided, we can bypass version-determination logic
+  if [ -z $SIGSCI_AGENT_DOWNLOAD_URL ]
   then
-    SIGSCI_AGENT_VERSION=$(curl -s -L --retry 45 --retry-delay 2 https://dl.signalsciences.net/sigsci-agent/VERSION)
-  fi
-
-  # check if version exists.
-  STATUS=$(curl -s --retry 45 --retry-delay 2 -o /dev/null -w "%{http_code}" https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/VERSION)
-  if [ $STATUS -ne 200 ]
-  then
-
-    # if we don't get a 200 response, skip agent installation.
-    (>&2 echo "-----> SigSci Agent version ${SIGSCI_AGENT_VERSION} not found or network unavailable after 90 seconds!")
-    (>&2 echo "-----> SIGSCI AGENT WILL NOT BE INSTALLED!")
+    # if agent version not specified then get the latest version.
+    if [ -z $SIGSCI_AGENT_VERSION ]
+    then
+      SIGSCI_AGENT_VERSION=$(curl -s -L --retry 45 --retry-delay 2 "https://dl.signalsciences.net/sigsci-agent/VERSION")
+    fi
 
-  else
-    echo "-----> Downloading sigsci-agent"
-    curl -s --retry 45 --retry-delay 2 -o sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/linux/sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz > /dev/null
+    # check if version exists.
+    STATUS=$(curl -s --retry 45 --retry-delay 2 -o /dev/null -w "%{http_code}" "https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/VERSION")
 
-    if [ -z $SIGSCI_DISABLE_CHECKSUM_INTEGRITY_CHECK ]
+    if [ $STATUS -ne 200 ]
     then
-        curl -s --retry 45 --retry-delay 2 -o sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz.sha256 https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/linux/sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz.sha256 > /dev/null
+      # if we don't get a 200 response, skip agent installation.
+      (>&2 echo "-----> SigSci Agent version ${SIGSCI_AGENT_VERSION} not found or network unavailable after 90 seconds!")
+      (>&2 echo "-----> SIGSCI AGENT WILL NOT BE INSTALLED!")
+    else
+      echo "-----> Downloading sigsci-agent"
+      curl -s --retry 45 --retry-delay 2 -o sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz "https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/linux/sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz" > /dev/null
+
+      if [ -z $SIGSCI_DISABLE_CHECKSUM_INTEGRITY_CHECK ]
+      then
+        curl -s --retry 45 --retry-delay 2 -o sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz.sha256 "https://dl.signalsciences.net/sigsci-agent/${SIGSCI_AGENT_VERSION}/linux/sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz.sha256" > /dev/null
 
         # validate the gzip file
         if [[ "$(shasum -c sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz.sha256)" != *"OK"* ]]
         then
             (>&2 echo "-----> sigsci-agent not installed because checksum integrity check failed")
             exit 1
+        else
+          # shasum expects to find the agent tar.gz file with the version in the name. Rename the file if shasum check passes so that the name is consistent regardless of where the file was downloaded from
+          mv sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz sigsci-agent.tar.gz
         fi
+      fi
+    fi
+    else
+      # download the agent tar.gz from a custom url
+      echo "-----> Downloading SigSci Agent from ${SIGSCI_AGENT_DOWNLOAD_URL}"
+      curl -s --retry 45 --retry-delay 2 -o sigsci-agent.tar.gz $SIGSCI_AGENT_DOWNLOAD_URL > /dev/null
     fi
 
-    tar -xzf "sigsci-agent_${SIGSCI_AGENT_VERSION}.tar.gz"
+    tar -xzf "sigsci-agent.tar.gz"
     mv sigsci-agent "${SIGSCI_DIR}/bin/sigsci-agent"
     echo "-----> Finished installing sigsci-agent"
 
@@ -237,11 +248,10 @@ EOT
         health_check &
       fi
     fi
-  fi
 
 else
   (>&2 echo "-----> Signal Sciences access keys not set. Agent not starting!!!")
   (>&2 echo "-----> To enable the Signal Sciences agent please set the following environment variables:")
   (>&2 echo "-----> SIGSCI_ACCESSKEYID")
   (>&2 echo "-----> SIGSCI_SECRETACCESSKEY")
-fi
+fi
\ No newline at end of file