Skip to content

feat: add VS Code installation script following spilled coffee principle #1275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
atxtechbro wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: add VS Code installation script following spilled coffee principle #1275

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7e71d07
feat: add VS Code installation script following spilled coffee principle
atxtechbro Sep 3, 2025
4b4a2f3
fix: wire VS Code installation into automated setup flow
atxtechbro Sep 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -569,6 +569,20 @@ else
fi
echo -e "${DIVIDER}"

# VS Code setup (for read-only code browsing, complementing tmux + Claude Code workflow)
echo "Setting up VS Code..."
if [[ -f "$DOT_DEN/utils/install-vscode.sh" ]]; then
source "$DOT_DEN/utils/install-vscode.sh"
install_vscode || {
echo -e "${YELLOW}Failed to setup VS Code. You can install it manually later.${NC}"
echo "VS Code is optional - used for read-only code browsing alongside the primary tmux workflow."
}
else
echo -e "${YELLOW}VS Code installation script not found at $DOT_DEN/utils/install-vscode.sh${NC}"
echo -e "${BLUE}VS Code is optional and can be installed manually if needed for code browsing.${NC}"
fi
echo -e "${DIVIDER}"

# urlview setup (for tmux URL extraction)
echo "Setting up urlview (tmux URL extraction utility)..."
if [[ -f "$DOT_DEN/utils/install-urlview.sh" ]]; then
Expand Down
133 changes: 133 additions & 0 deletions utils/install-vscode.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
#!/bin/bash
# VS Code Installation Utility
# Automated installation following the spilled coffee principle

# Source common logging functions
if [[ -n "${BASH_SOURCE[0]:-}" ]]; then
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
else
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
fi
source "${SCRIPT_DIR}/logging.sh"

Comment on lines +11 to +12
Copy link
Copy Markdown
Contributor

@amazon-q-developer amazon-q-developer bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding a trap to handle script interruption and cleanup any temporary files. This ensures proper cleanup even if the script is interrupted.

Suggested change
source "${SCRIPT_DIR}/logging.sh"
# Setup cleanup trap
cleanup() {
rm -f packages.microsoft.gpg "${TEMP_GPG:-}" "${TEMP_GPG:-}.gpg" 2>/dev/null
}
trap cleanup EXIT
log_info "Installing VS Code..."

install_vscode() {
log_info "Setting up VS Code..."

# Check if VS Code is already installed
if command -v code &> /dev/null; then
CURRENT_VERSION=$(code --version 2>/dev/null | head -n1)
log_success "Already installed: $CURRENT_VERSION"
return 0
fi

log_info "Installing VS Code..."

if [[ "$OSTYPE" == "darwin"* ]]; then
# macOS installation via Homebrew
if command -v brew &> /dev/null; then
log_info "Using Homebrew..."
if brew install --cask visual-studio-code; then
log_success "Installed via Homebrew"
else
log_error "Homebrew install failed"
return 1
fi
else
log_error "Homebrew not found"
return 1
Comment on lines +35 to +37
Copy link
Copy Markdown
Contributor

@amazon-q-developer amazon-q-developer bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The dependency installation should include error checking. If the package manager fails to install dependencies, the script continues without proper error handling.

Suggested change
else
log_error "Homebrew not found"
return 1
# Install dependencies
if ! sudo apt-get update; then
log_error "Failed to update package lists"
return 1
fi
if ! sudo apt-get install -y wget gpg apt-transport-https; then
log_error "Failed to install required dependencies"
return 1
fi

fi

elif [[ "$OSTYPE" == "linux-gnu"* ]]; then
Copy link
Copy Markdown
Contributor

@amazon-q-developer amazon-q-developer bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The wget command should include error handling to detect and handle download failures. This could lead to installation proceeding with an invalid or incomplete GPG key.

# Linux installation using official Microsoft repository
if command -v apt &> /dev/null; then
# Ubuntu/Debian/Linux Mint
log_info "Using apt with Microsoft repository..."

# Install dependencies
sudo apt-get update
sudo apt-get install -y wget gpg apt-transport-https
Comment on lines +40 to +48
Copy link
Copy Markdown
Contributor

@amazon-q-developer amazon-q-developer bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛑 [Security Vulnerability]: The GPG key is downloaded and stored in an insecure manner. The temporary file is created in the current directory and could be tampered with before being installed1. Consider using a secure temporary directory with proper permissions.

Suggested change
elif [[ "$OSTYPE" == "linux-gnu"* ]]; then
# Linux installation using official Microsoft repository
if command -v apt &> /dev/null; then
# Ubuntu/Debian/Linux Mint
log_info "Using apt with Microsoft repository..."
# Install dependencies
sudo apt-get update
sudo apt-get install -y wget gpg apt-transport-https
# Add Microsoft GPG key using mktemp for secure temporary file handling
TEMP_GPG=$(mktemp)
wget -qO "$TEMP_GPG"
gpg --dearmor < "$TEMP_GPG" > "${TEMP_GPG}.gpg"
sudo install -D -o root -g root -m 644 "${TEMP_GPG}.gpg" /etc/apt/keyrings/packages.microsoft.gpg
rm -f "$TEMP_GPG" "${TEMP_GPG}.gpg"

Footnotes

  1. CWE-379: Creation of Temporary File in Directory with Insecure Permissions - https://cwe.mitre.org/data/definitions/379.html


# Add Microsoft GPG key
wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > packages.microsoft.gpg
sudo install -D -o root -g root -m 644 packages.microsoft.gpg /etc/apt/keyrings/packages.microsoft.gpg

# Add VS Code repository
echo "deb [arch=amd64,arm64,armhf signed-by=/etc/apt/keyrings/packages.microsoft.gpg] https://packages.microsoft.com/repos/code stable main" | \
sudo tee /etc/apt/sources.list.d/vscode.list > /dev/null

# Clean up temporary GPG file
rm -f packages.microsoft.gpg

# Update and install VS Code
sudo apt-get update
if sudo apt-get install -y code; then
log_success "Installed via apt"
else
log_error "apt install failed"
return 1
fi

elif command -v pacman &> /dev/null; then
# Arch Linux
log_info "Using pacman..."
if sudo pacman -S --noconfirm code; then
log_success "Installed via pacman"
else
log_error "pacman install failed"
return 1
fi

elif command -v dnf &> /dev/null; then
# Fedora/RHEL
log_info "Using dnf with Microsoft repository..."

# Import Microsoft GPG key
sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc

# Add VS Code repository
echo -e "[code]\nname=Visual Studio Code\nbaseurl=https://packages.microsoft.com/yumrepos/vscode\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" | \
sudo tee /etc/yum.repos.d/vscode.repo > /dev/null

# Install VS Code
if sudo dnf install -y code; then
log_success "Installed via dnf"
else
log_error "dnf install failed"
return 1
fi

elif command -v snap &> /dev/null; then
# Fallback to Snap if available
log_info "Using snap..."
if sudo snap install code --classic; then
log_success "Installed via snap"
else
log_error "snap install failed"
return 1
fi

else
Comment on lines +108 to +109
Copy link
Copy Markdown
Contributor

@amazon-q-developer amazon-q-developer bot Sep 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The version verification could be more robust. Consider adding a minimum version check to ensure compatibility with the dotfiles setup.

Suggested change
else
# Verify installation and version
if command -v code &> /dev/null; then
NEW_VERSION=$(code --version 2>/dev/null | head -n1)
if [[ -z "$NEW_VERSION" ]]; then
log_error "Failed to get VS Code version"
return 1
fi
# Compare version (optional: adjust minimum version as needed)
if ! echo "$NEW_VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+'; then
log_error "Invalid version format: $NEW_VERSION"
return 1
fi
log_success "VS Code installed successfully: $NEW_VERSION"
log_info "You can now use 'code .' to open VS Code in the current directory"
return 0

log_error "No supported package manager found"
return 1
fi
else
log_error "Unsupported operating system: $OSTYPE"
return 1
fi

# Verify installation
if command -v code &> /dev/null; then
NEW_VERSION=$(code --version 2>/dev/null | head -n1)
log_success "VS Code installed successfully: $NEW_VERSION"
log_info "You can now use 'code .' to open VS Code in the current directory"
return 0
else
log_error "Installation verification failed"
return 1
fi
}

# Run installation if script is executed directly
if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
install_vscode
fi