core-devops/setup.bat at dev · host-uk/core-devops · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
@echo off
setlocal enabledelayedexpansion
REM Quick setup script for Windows
REM Run as Administrator: setup.bat
REM
REM SECURITY: This script validates environment before executing
REM to prevent path manipulation attacks.

echo === Host UK Developer Workspace Setup ===
echo.

REM Check for admin rights
net session >nul 2>&1
if !errorlevel! neq 0 (
    echo ERROR: Please run this script as Administrator
    echo Right-click and select "Run as administrator"
    pause
    exit /b 1
)

REM === SECURITY: Validate LOCALAPPDATA ===
REM Ensure LOCALAPPDATA is set and appears to be within user profile
if "%LOCALAPPDATA%"=="" (
    echo ERROR: LOCALAPPDATA environment variable is not set
    goto :error
)

if "%USERPROFILE%"=="" (
    echo ERROR: USERPROFILE environment variable is not set
    goto :error
)

REM Check that LOCALAPPDATA starts with USERPROFILE (basic validation)
REM This prevents redirection attacks where LOCALAPPDATA points elsewhere
echo !LOCALAPPDATA! | findstr /i /b /c:"!USERPROFILE!" >nul
if !errorlevel! neq 0 (
    echo ERROR: LOCALAPPDATA does not appear to be within user profile
    echo LOCALAPPDATA: !LOCALAPPDATA!
    echo USERPROFILE: !USERPROFILE!
    echo This may indicate a path manipulation attack. Aborting.
    goto :error
)

REM Validate paths don't contain suspicious characters that could enable injection
REM Blocks: < > | & ^ ` %% (shell metacharacters)
echo !LOCALAPPDATA! | findstr /r "[<>|&^`]" >nul
if !errorlevel! equ 0 (
    echo ERROR: LOCALAPPDATA contains invalid shell characters
    goto :error
)
REM Check for percent signs (both single and double)
set "TEMP_CHECK=!LOCALAPPDATA!"
set "TEMP_CHECK=!TEMP_CHECK:%%=!"
if not "!TEMP_CHECK!"=="!LOCALAPPDATA!" (
    echo ERROR: LOCALAPPDATA contains percent signs
    goto :error
)

REM === Install dependencies ===
echo Installing dependencies...
call powershell -ExecutionPolicy Bypass -File "%~dp0scripts\install-deps.ps1"
if !errorlevel! neq 0 goto :error

REM === Install core CLI ===
echo.
echo Installing core CLI...
call powershell -ExecutionPolicy Bypass -File "%~dp0scripts\install-core.ps1"
if !errorlevel! neq 0 goto :error

REM === Validate install path before use ===
set "CORE_PATH=!LOCALAPPDATA!\Programs\core"

REM Verify the path exists and is a directory (not a symlink to elsewhere)
if not exist "!CORE_PATH!\core.exe" (
    echo ERROR: core.exe not found at !CORE_PATH!\core.exe
    goto :error
)

REM Check if it's a symlink/junction using fsutil (more reliable than attributes)
fsutil reparsepoint query "!CORE_PATH!" >nul 2>&1
if !errorlevel! equ 0 (
    echo ERROR: Install directory is a reparse point (symlink or junction^)
    echo This may indicate a symlink attack. Aborting.
    goto :error
)

REM Fallback: also check attributes for symlink indicator
for %%F in ("!CORE_PATH!") do (
    set "ATTRS=%%~aF"
)
echo !ATTRS! | findstr /c:"l" >nul
if !errorlevel! equ 0 (
    echo ERROR: Install directory appears to be a symbolic link
    echo This may indicate a symlink attack. Aborting.
    goto :error
)

REM Refresh PATH for this session
set "PATH=%PATH%;!CORE_PATH!"

REM === Run doctor ===
echo.
echo === Verifying environment ===
call "!CORE_PATH!\core.exe" doctor
if !errorlevel! neq 0 (
    echo WARNING: core doctor reported issues
)

REM === Clone repos ===
echo.
echo === Cloning repositories ===
call "!CORE_PATH!\core.exe" setup
if !errorlevel! neq 0 goto :error

echo.
echo === Setup complete! ===
echo Run 'core health' to check status
pause
endlocal
exit /b 0

:error
echo.
echo Setup failed! Check the error above.
pause
endlocal
exit /b 1