MishkaInstaller.Installer.Downloader (Mishka installer v0.1.6)

Copy Markdown View Source

The MishkaInstaller.Installer.Downloader module downloads a pre-built artifact — a tar.gz that contains a compiled ebin directory (ebin/*.beam + ebin/<app>.app).

It deliberately does not download source to be compiled at runtime. Compiling cannot work in a production release (no Mix/Hex/source/_build), so the publisher is expected to attach the already compiled artifact (typically a GitHub release asset, a CDN, or any URL).

Supported sources:

  • :url — a direct artifact URL (a GitHub release asset URL, an S3/CDN link, ...).
  • :github_tag — resolve the asset of a specific release tag via the GitHub API.
  • :github_latest_release — resolve the asset of the latest release via the GitHub API.

Security considerations

It is important to remember that all of the functionalities contained within this section must be implemented at the high access level, and they should not directly take any input from the user. Ensure that you include the required safety measures.

A downloaded artifact is loaded as code with full node privileges; only download from trusted sources and verify its provenance/integrity before activation.

Summary

Types

download_type()
error_return()
okey_return()
pkg()

Functions

download(arg1, pkg)

Downloads a pre-built artifact (a tar.gz containing the compiled ebin) from the given source.

Types

download_type()

@type download_type() :: :url | :github_tag | :github_latest_release

error_return()

@type error_return() ::
  {:error, [%{action: atom(), field: atom(), message: String.t()}]}

okey_return()

@type okey_return() :: {:ok, binary()}

pkg()

@type pkg() ::
  %{path: String.t()}
  | %{path: String.t(), tag: String.t()}
  | %{path: String.t(), asset: String.t()}

Functions

download(arg1, pkg)

@spec download(download_type(), pkg()) :: okey_return() | error_return()

Downloads a pre-built artifact (a tar.gz containing the compiled ebin) from the given source.

Security considerations

It is important to remember that all of the functionalities contained within this section must be implemented at the high access level, and they should not directly take any input from the user. Ensure that you include the required safety measures.

Example:

download(:url, %{path: "https://github.com/owner/repo/releases/download/0.1.0/app-0.1.0-ebin.tar.gz"})
download(:github_tag, %{path: "owner/repo", tag: "0.1.0"})
download(:github_tag, %{path: "owner/repo", tag: "0.1.0", asset: "app-ebin.tar.gz"})
download(:github_latest_release, %{path: "owner/repo"})