blob: b7b53fcbd209958efee08024676287810c9b1cc6 [file] [log] [blame]
#!/usr/bin/env python
# Copyright 2017 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Wrapper script to install Xcode. For use on the bots.
Installing Xcode requires sudo. This script will be whitelisted in /etc/sudoers
so that we can easily update Xcode on our bots.
import argparse
import hashlib
import logging
import os
import subprocess
import sys
# List of sha256 hashes of Xcode package file
# Contents/Resources/Packages/XcodeSystemResources.pkg
# Xcode versions 8A218a-1, 8A218a-2
# Xcode versions 8B62-1, 8C1002-1
# Xcode versions 8E2002-1
# Xcode versions 9M136h-1
# Xcode versions 9M137d-1
def main():
parser = argparse.ArgumentParser(
description='Wrapper script to install Xcode.')
help='Path to Xcode package to install.',
args = parser.parse_args()
if not os.path.isfile(args.package_path):
logging.critical('Path %s is not a file.' % args.package_path)
return 1
sha256 = hashlib.sha256()
with open(args.package_path, 'rb') as f:
for chunk in iter(lambda:, b''):
sha256_hash = sha256.hexdigest()
if sha256_hash not in WHITELISTED_PACKAGES:
logging.critical('Attempted to install a non-whitelisted Xcode package.')
return 1
pipe = subprocess.Popen(
['/usr/sbin/installer', '-pkg', args.package_path, '-target', '/'],
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = pipe.communicate()
for line in stdout.splitlines():
for line in stderr.splitlines():
return pipe.returncode
if __name__ == '__main__':