Skip to content

docs: fix binary download URLs to match release artifact naming #2129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dgageot merged 1 commit into from
Mar 16, 2026
Merged

docs: fix binary download URLs to match release artifact naming #2129

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 5 additions & 3 deletions docs/getting-started/installation/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,10 @@ Download [prebuilt binary releases](https://github.com/docker/docker-agent/relea
### macOS / Linux

```bash
# Download the latest release (adjust URL for your platform)
curl -L https://github.com/docker/docker-agent/releases/latest/download/docker-agent-$(uname -s)-$(uname -m) -o docker-agent
# Download the latest release
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
Copy link

@docker-agent docker-agent bot Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 MEDIUM: No validation of OS and ARCH variables

The script directly uses OS and ARCH variables without validating they contain expected values. If uname -s returns an unsupported OS (e.g., FreeBSD, SunOS), the download URL will be malformed.

Impact: Users on unsupported platforms get a 404 error instead of a clear message about platform support.

Recommendation: Add validation after setting the variables:

OS=$(uname -s | tr '[:upper:]' '[:lower:]')
ARCH=$(uname -m)
case "$ARCH" in
  x86_64) ARCH=amd64;;
  aarch64|arm64) ARCH=arm64;;
  *) echo "Error: Unsupported architecture: $ARCH"; exit 1;;
esac

# Validate OS
case "$OS" in
  linux|darwin) ;;
  *) echo "Error: Unsupported OS: $OS (supported: linux, darwin)"; exit 1;;
esac

ARCH=$(uname -m); case "$ARCH" in x86_64) ARCH=amd64;; aarch64) ARCH=arm64;; esac
Copy link

@docker-agent docker-agent bot Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 MEDIUM: Missing default case in architecture detection

The case statement only handles x86_64 and aarch64, but doesn't have a default case for unsupported architectures. While macOS ARM returns arm64 (which works because it's already the correct Go arch name), other platforms might return unexpected values like i686, armv7l, etc.

Impact: Users on unsupported platforms will get a confusing 404 error instead of a clear "unsupported platform" message.

Recommendation: Add a default case:

ARCH=$(uname -m)
case "$ARCH" in
  x86_64) ARCH=amd64;;
  aarch64|arm64) ARCH=arm64;;
  *) echo "Error: Unsupported architecture: $ARCH"; exit 1;;
esac

curl -L "https://github.com/docker/docker-agent/releases/latest/download/docker-agent-${OS}-${ARCH}" -o docker-agent
Copy link

@docker-agent docker-agent bot Mar 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔴 HIGH: Missing error handling for curl download failure

The curl command has no error checking. If the download fails (network issue, 404 error, release not published), the script will continue executing chmod +x and sudo mv on a potentially non-existent or corrupted file.

Security risk: This could install a broken binary or, in a MITM attack scenario, blindly install malicious content with sudo privileges.

Recommendation: Add error handling:

curl -fL "https://github.com/docker/docker-agent/releases/latest/download/docker-agent-${OS}-${ARCH}" -o docker-agent || {
  echo "Error: Failed to download docker-agent for ${OS}-${ARCH}"
  exit 1
}
# Verify the file exists and has content
[ -s docker-agent ] || { echo "Error: Downloaded file is empty"; exit 1; }
chmod +x docker-agent
sudo mv docker-agent /usr/local/bin/

chmod +x docker-agent
sudo mv docker-agent /usr/local/bin/
docker-agent version
Expand All @@ -63,7 +65,7 @@ docker agent version

### Windows

Download `docker-agent-Windows-amd64.exe` from the [releases page](https://github.com/docker/docker-agent/releases), rename it to `docker-agent.exe` and add it to your PATH. Alternatively you can move it to `~/.docker/cli-plugins`
Download `docker-agent-windows-amd64.exe` from the [releases page](https://github.com/docker/docker-agent/releases), rename it to `docker-agent.exe` and add it to your PATH. Alternatively you can move it to `~/.docker/cli-plugins`

## Build from Source

Expand Down
Loading