helperdist

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 11, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package helperdist resolves the signed fleetbox-helper binary the darwin client drives: it returns a locally pre-staged helper named by the FLEETBOX_HELPER environment variable, or downloads the checksum-pinned helper for this platform into ~/.fleetbox/bin, strips its Gatekeeper quarantine, and makes it executable.

It mirrors how the Linux backend already fetches cloud-hypervisor (ADR-0011): the helper is delivered at first use, cached and verified, not embedded in the module. The download is version-stamped so a client always runs the exact helper its protocol matches, and an empty catalog checksum is rejected — a binary that runs with the virtualization entitlement must never be used unverified (ADR-0017, R5). The FLEETBOX_HELPER override serves both the offline/air-gapped escape hatch and the dev bootstrap (the Makefile points it at the locally built, ad-hoc-signed helper).

Index

Constants

View Source 
const EnvHelper = "FLEETBOX_HELPER"

EnvHelper names a pre-staged helper binary to use instead of downloading. It bypasses the catalog and the checksum pin, so the bind handshake's protocol check is what guards against pointing it at a stale build (ADR-0017, R5).

Variables

This section is empty.

Functions

func Ensure 

func Ensure(st *store.Store) (string, error)

Ensure returns the path to a runnable fleetbox-helper. It prefers the FLEETBOX_HELPER override, otherwise downloads, verifies, de-quarantines, and chmods the catalog helper for this platform into the store's bin directory.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.