简体   繁体   English

如何使用Powershell下载脚本文件然后通过传入参数执行它?

[英]How to use Powershell to download a script file then execute it with passing in arguments?

I usually have this command to run some powershell script: 我通常有这个命令来运行一些powershell脚本:

& ".\\NuGet\\NuGet Package and Publish.ps1" -Version $env:appveyor_build_version -NuGet "C:\\Tools\\NuGet\\nuget.exe" -apiKey $env:apiKey

works fine but the script is found locally on my server. 工作正常但脚本在我的服务器本地找到。

I'm hoping to say: run this script with arguments, etc.. fine .. but the script is located as a GIST or in some GitHub public repo. 我希望这样说:用参数运行这个脚本等等......很好..但脚本位于GIST或某些GitHub公共仓库中。

Is this possible? 这可能吗?

In the linux world, this is commonly referred to as 'piping to bash' 在linux世界中,这通常被称为“管道到bash”

Here is an example that installs chef taken from the chef documentation 这是一个安装厨师文档的厨师的例子

curl -L https://omnitruck.chef.io/install.sh | sudo bash

The same thing can be done with powershell 使用PowerShell可以完成同样的事情

. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install

iwr is shorthand for Invoke-WebRequest and iex is short for Invoke-Expression iwrInvoke-WebRequest简写, iexInvoke-Expression缩写

Since you specifically asked about passing in arguments, here is an example with args. 由于您特别询问了传递参数,以下是args的示例。

. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -channel current -project chefdk

You can look at the powershell script for a clearer understanding how it works. 您可以查看powershell脚本,以便更清楚地了解它的工作原理。

Basically host your powershell script as a github gist, then in the script wrap everything in a module 基本上将您的powershell脚本作为github gist托管,然后在脚本中包装模块中的所有内容

new-module -name foobar -scriptblock {


  Function Foo() {

  }
  Function Bar() {

  }
  Function Install-Project() {
    param (
      [string]$project = 'chef',
      [string]$channel = 'stable'
    )
    Foo
    Bar
  }

  set-alias install -value Install-Project

  export-modulemember -function 'Foo','Bar' -alias 'install'
}

Best practices 最佳做法

'Piping to bash' is controversial because it is theoretically possible for attacker to intercept and replace your script with their own if you aren't careful. “管道打击”是有争议的,因为如果你不小心的话,攻击者理论上可以拦截和替换你自己的脚本。

  • Only install scripts you control or fully trust 仅安装您控制或完全信任的脚本
  • Use permalinks or verify hashes of file you download 使用永久链接或验证您下载的文件的哈希值
  • Only download from https 仅从https下载

If I understood the question correctly, this is what worked for me: 如果我正确理解了这个问题,这对我有用:

(new-object net.webclient).DownloadFile('https://gist.githubusercontent.com/AndrewSav/c4fb71ae1b379901ad90/raw/23f2d8d5fb8c9c50342ac431cc0360ce44465308/SO33205298','local.ps1')
./local.ps1 "parameter title"

Output: 输出:

Called with parameter: parameter title 使用参数:参数标题调用

This is downloading and executing this gist: https://gist.github.com/AndrewSav/c4fb71ae1b379901ad90 这是下载并执行这个要点: https//gist.github.com/AndrewSav/c4fb71ae1b379901ad90

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM