@@ -5,13 +5,16 @@ set -euo pipefail
55DEBUG=" ${1:- false} "
66MAX_ATTEMPTS=10
77
8+ # Global variables used across platform-specific installation logic
9+ attempt=0
10+ version=" "
811
912if [[ " ${DEBUG} " = " true"
1013then
1114 set -x
1215fi
1316
14- gitleaks_cmd=$( command -v gitleaks ~ /.local/bin/ gitleaks | head -1 || true)
17+ gitleaks_cmd=$( command -v gitleaks 2> /dev/null || find ~ /.local/bin -name gitleaks -executable 2> /dev/null | head -1 || true)
1518arch=" $( uname) $( uname -m) "
1619platform=$( echo " $arch " | tr ' [:upper:]' ' [:lower:]' )
1720if [[ " $platform " =~ mingw.* || " $platform " =~ cygwin.* || " $platform " =~ msys.* ]]; then
3134fi
3235
3336if [[ -n " $gitleaks_cmd " ; then
34- version=" $( gitleaks --version 2> /dev/null || true) "
37+ version=" $( $gitleaks_cmd --version 2> /dev/null || true) "
3538 if [[ -n " $version " ; then
3639 echo " ::notice::Detected ${gitleaks_cmd} version ${version} on ${platform} ."
3740 exit 0
41+ else
42+ echo " ::warning::Found gitleaks at ${gitleaks_cmd} but version check failed. Will attempt to reinstall."
43+ # Clear gitleaks_cmd to force reinstallation
44+ gitleaks_cmd=" "
3845 fi
39- else
46+ fi
47+
48+ # Installation logic (runs if no working gitleaks found)
49+ if [[ -z " $gitleaks_cmd " ; then
4050 if [[ " $OSTYPE " == " darwin" * ]]; then
4151 brew install gitleaks
4252 gitleaks_cmd=$( command -v gitleaks)
43- version=" $( gitleaks --version || true) "
53+ version=" $( $gitleaks_cmd --version || true) "
4454 elif [[ " $OSTYPE " == " linux" * || " $OSTYPE " == " msys" * ]]; then
45- attempt=0
55+ # Function to fetch version using gh CLI
56+ fetch_version_with_gh () {
57+ if command -v gh > /dev/null 2>&1 ; then
58+ local version_tag
59+ version_tag=" $( gh release view --repo gitleaks/gitleaks --json tagName -q .tagName 2> /dev/null || true) "
60+ if [[ -n " $version_tag " ; then
61+ echo " ${version_tag# v} "
62+ return 0
63+ fi
64+ fi
65+ return 1
66+ }
67+
68+ # Function to fetch version using curl as fallback
69+ fetch_version_with_curl () {
70+ local version_tag
71+ version_tag=" $( curl -s --fail --connect-timeout 10 --max-time 30 \
72+ " https://api.github.com/repos/gitleaks/gitleaks/releases/latest"
73+ | grep -o ' "tag_name": *"[^"]*"'
74+ | grep -o ' v[^"]*' || true) "
75+ if [[ -n " $version_tag " ; then
76+ echo " ${version_tag# v} "
77+ return 0
78+ fi
79+ return 1
80+ }
81+
4682 while [[ $attempt -lt $MAX_ATTEMPTS ]]; do
47- # Not using curl+jq because jq is not available on Windows github runners
48- version_tag=" $( gh release view --repo gitleaks/gitleaks --json tagName -q .tagName) "
49- version=" ${version_tag# v} "
50- if [[ -n " $version " ; then
83+ attempt=$(( attempt + 1 ))
84+ echo " Attempt $attempt to fetch Gitleaks version..."
85+
86+ # Try gh first, then curl as fallback
87+ if version=" $( fetch_version_with_gh) " ; then
88+ echo " ::notice::Successfully fetched version $version using gh CLI"
5189 break
90+ elif version=" $( fetch_version_with_curl) " ; then
91+ echo " ::notice::Successfully fetched version $version using curl fallback"
92+ break
93+ else
94+ if [[ $attempt -lt $MAX_ATTEMPTS ]]; then
95+ delay=$(( 10 + attempt * 5 ))
96+ echo " ::warning::Attempt $attempt failed to fetch version. Retrying in $delay seconds..."
97+ sleep $delay
98+ else
99+ echo " ::error::Failed to fetch Gitleaks version after $MAX_ATTEMPTS attempts."
100+ exit 3
101+ fi
52102 fi
53- attempt=$(( attempt + 1 ))
54- delay=$(( 10 + attempt * 10 ))
55- echo " ::warning::Attempt $attempt failed to fetch version, retrying in $delay seconds. stdout: ${version_tag} "
56- sleep $delay
57103 done
58104 mkdir -p ~ /.local/bin
59105 if [[ " $OSTYPE " == " msys" * ]]; then
0 commit comments