mirror of
https://github.com/larksuite/cli.git
synced 2026-07-08 18:13:01 +08:00
Replace the embedded bootstrap manifest with a typed OAPI call to GET /open-apis/security_plugin/v1/sec_cli/manifest, resolving the download URL per-platform/per-arch against the live release set. TAT auth flows through the existing credential chain; an x-tt-env header is injected when LARKSUITE_CLI_X_TT_ENV is set, for BOE routing. Drop the standalone `sec install` verb — `sec run --auto-install` (default on) makes it redundant. Add a persistent --verbose / -v flag on the sec parent, inherited by every subcommand, that emits step-by-step trace output on stderr. bootstrap.json and bootstrap.go remain in-tree as dead code; they will be removed in a follow-up cleanup.
34 lines
1.0 KiB
Go
34 lines
1.0 KiB
Go
// Copyright (c) 2026 Lark Technologies Pte. Ltd.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package sec
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/larksuite/cli/internal/cmdutil"
|
|
intsec "github.com/larksuite/cli/internal/sec"
|
|
)
|
|
|
|
// installer wires up an internal/sec.Installer using the Factory's HTTP client,
|
|
// the default platform paths, and a lazy OAPI-client provider used to fetch
|
|
// the install manifest. APIClientFunc is a method value, not an eager call —
|
|
// commands that short-circuit (or that never install, like sec status / sec
|
|
// stop) avoid decrypting credentials from the keychain. Every cmd/sec
|
|
// subcommand starts here.
|
|
func installer(f *cmdutil.Factory) (*intsec.Installer, *intsec.Paths, error) {
|
|
paths, err := intsec.DefaultPaths()
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("resolve sec paths: %w", err)
|
|
}
|
|
httpClient, err := f.HttpClient()
|
|
if err != nil {
|
|
return nil, nil, fmt.Errorf("resolve http client: %w", err)
|
|
}
|
|
return &intsec.Installer{
|
|
Paths: paths,
|
|
HTTPClient: httpClient,
|
|
APIClientFunc: f.NewAPIClient,
|
|
}, paths, nil
|
|
}
|