This repository has been archived by the owner on Aug 16, 2024. It is now read-only.
forked from replicatedhq/kots
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
194 lines (159 loc) · 6.61 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
include Makefile.build.mk
CURRENT_USER := $(if $(GITHUB_USER),$(GITHUB_USER),$(shell id -u -n))
MINIO_TAG ?= 0.20240406.052602-r0
RQLITE_TAG ?= 8.23.1-r0
DEX_TAG ?= 2.39.1-r0
LVP_TAG ?= v0.6.1
define sendMetrics
@if [ -z "${PROJECT_NAME}" ]; then \
echo "PROJECT_NAME not defined"; \
exit 1; \
fi
@curl -X POST "https://api.datadoghq.com/api/v1/series" \
-H "Content-Type: text/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-d "{\"series\": [{\"metric\": \"build.time\",\"points\": [[$$(date +%s), $$(expr $$(date +%s) - $$(cat start-time))]],\"tags\": [\"service:${PROJECT_NAME}\"]}]}"
endef
.PHONY: capture-start-time
capture-start-time:
@echo $$(date +%s) > start-time
.PHONY: report-metric
report-metric:
@$(if ${DD_API_KEY}, $(call sendMetrics))
@rm start-time
.PHONY: test
test:
if [ -n "$(RUN)" ]; then \
go test $(TEST_BUILDFLAGS) ./pkg/... ./cmd/... -coverprofile cover.out -run $(RUN); \
else \
go test $(TEST_BUILDFLAGS) ./pkg/... ./cmd/... -coverprofile cover.out; \
fi
.PHONY: e2e
e2e:
${MAKE} -C e2e
.PHONY: integration-cli
integration-cli:
go build ${LDFLAGS} -o bin/kots-integration ./integration
.PHONY: ci-test
ci-test:
go test $(TEST_BUILDFLAGS) ./pkg/... ./cmd/... ./integration/... -coverprofile cover.out
.PHONY: kots
kots: PROJECT_NAME = kots
kots: capture-start-time kots-real report-metric
.PHONY: kots-real
kots-real:
go build ${LDFLAGS} -o bin/kots $(BUILDFLAGS) github.com/replicatedhq/kots/cmd/kots
.PHONY: fmt
fmt:
go fmt ./pkg/... ./cmd/...
.PHONY: vet
vet:
go vet $(BUILDFLAGS) ./pkg/... ./cmd/...
.PHONY: gosec
gosec:
go get github.com/securego/gosec/cmd/gosec
$(GOPATH)/bin/gosec ./...
.PHONY: mock
mock:
go install github.com/golang/mock/[email protected]
mockgen -source=pkg/store/store_interface.go -destination=pkg/store/mock/mock.go
mockgen -source=pkg/handlers/interface.go -destination=pkg/handlers/mock/mock.go
mockgen -source=pkg/operator/client/client_interface.go -destination=pkg/operator/client/mock/mock.go
.PHONY: build
build: PROJECT_NAME = kotsadm
build: capture-start-time build-real report-metric
.PHONY: build-real
build-real:
mkdir -p web/dist
touch web/dist/THIS_IS_OKTETO # we need this for go:embed, but it's not actually used in dev
go build ${LDFLAGS} ${GCFLAGS} -v -o bin/kotsadm $(BUILDFLAGS) ./cmd/kotsadm
.PHONY: run
run:
./bin/kotsadm api
.PHONY: okteto-dev
okteto-dev:
## We download all go modules, instead of putting them in the container. This will
## use the PVC that everyone has, and will build a cache.
##
## We also run `make build` here because the initial compilation is slow and
## this enabled `okteto up` to do all of the long-running stuff and give the user
## a pretty good env right after
@go mod download -x
@make build
@printf "\n\n To build and run api, run: \n\n # make build run\n\n"
# Debugging
.PHONY: debug-build
debug-build:
go build ${LDFLAGS} ${GCFLAGS} $(BUILDFLAGS) -v -o ./bin/kotsadm-debug ./cmd/kotsadm
.PHONY: debug
debug: debug-build
LOG_LEVEL=$(LOG_LEVEL) dlv --listen=:2345 --headless=true --api-version=2 exec ./bin/kotsadm-debug api
.PHONY: build-ttl.sh
build-ttl.sh: kots build
source .image.env && ${MAKE} -C web build-kotsadm
docker build -f deploy/Dockerfile -t ttl.sh/${CURRENT_USER}/kotsadm:24h .
docker push ttl.sh/${CURRENT_USER}/kotsadm:24h
.PHONY: all-ttl.sh
all-ttl.sh: build-ttl.sh
source .image.env && IMAGE=ttl.sh/${CURRENT_USER}/kotsadm-migrations:24h make -C migrations build_schema
docker pull kotsadm/minio:${MINIO_TAG}
docker tag kotsadm/minio:${MINIO_TAG} ttl.sh/${CURRENT_USER}/minio:${MINIO_TAG}
docker push ttl.sh/${CURRENT_USER}/minio:${MINIO_TAG}
docker pull kotsadm/rqlite:${RQLITE_TAG}
docker tag kotsadm/rqlite:${RQLITE_TAG} ttl.sh/${CURRENT_USER}/rqlite:${RQLITE_TAG}
docker push ttl.sh/${CURRENT_USER}/rqlite:${RQLITE_TAG}
.PHONY: kotsadm-bundle
kotsadm-bundle:
skopeo copy --all --dest-tls-verify=false docker://kotsadm/kotsadm:${GIT_TAG} docker://${BUNDLE_REGISTRY}/kotsadm:${GIT_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/kotsadm-migrations:${GIT_TAG} docker://${BUNDLE_REGISTRY}/kotsadm-migrations:${GIT_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/dex:${DEX_TAG} docker://${BUNDLE_REGISTRY}/dex:${DEX_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/minio:${MINIO_TAG} docker://${BUNDLE_REGISTRY}/minio:${MINIO_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/rqlite:${RQLITE_TAG} docker://${BUNDLE_REGISTRY}/rqlite:${RQLITE_TAG}
skopeo copy --all --dest-tls-verify=false docker://replicated/local-volume-provider:${LVP_TAG} docker://${BUNDLE_REGISTRY}/local-volume-provider:${LVP_TAG}
go run ./scripts/create-airgap-file.go true
.PHONY: kotsadm-bundle-nominio
kotsadm-bundle-nominio:
skopeo copy --all --dest-tls-verify=false docker://kotsadm/kotsadm:${GIT_TAG} docker://${BUNDLE_REGISTRY}/kotsadm:${GIT_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/kotsadm-migrations:${GIT_TAG} docker://${BUNDLE_REGISTRY}/kotsadm-migrations:${GIT_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/dex:${DEX_TAG} docker://${BUNDLE_REGISTRY}/dex:${DEX_TAG}
skopeo copy --all --dest-tls-verify=false docker://kotsadm/rqlite:${RQLITE_TAG} docker://${BUNDLE_REGISTRY}/rqlite:${RQLITE_TAG}
skopeo copy --all --dest-tls-verify=false docker://replicated/local-volume-provider:${LVP_TAG} docker://${BUNDLE_REGISTRY}/local-volume-provider:${LVP_TAG}
go run ./scripts/create-airgap-file.go false
.PHONY: cache
cache:
docker build -f hack/dev/skaffoldcache.Dockerfile . -t kotsadm:cache
.PHONY: init-sbom
init-sbom:
mkdir -p sbom/spdx
.PHONY: install-spdx-sbom-generator
install-spdx-sbom-generator: init-sbom
ifeq (,$(shell command -v spdx-sbom-generator))
./scripts/install-sbom-generator.sh
SPDX_GENERATOR=./sbom/spdx-sbom-generator
else
SPDX_GENERATOR=$(shell command -v spdx-sbom-generator)
endif
sbom/spdx/bom-go-mod.spdx: install-spdx-sbom-generator
$(SPDX_GENERATOR) -o ./sbom/spdx
sbom/kots-sbom.tgz: sbom/spdx/bom-go-mod.spdx
tar -czf sbom/kots-sbom.tgz sbom/spdx/*.spdx
sbom: sbom/kots-sbom.tgz
cosign sign-blob -key ./cosign.key sbom/kots-sbom.tgz > ./sbom/kots-sbom.tgz.sig
cosign public-key -key ./cosign.key -outfile ./sbom/key.pub
# npm packages scans are ignored(only go modules are scanned)
.PHONY: scan
scan:
trivy fs \
--scanners vuln \
--exit-code=1 \
--severity="CRITICAL,HIGH,MEDIUM" \
--ignore-unfixed \
--skip-dirs .github \
--skip-files actions/version-tag/package-lock.json \
--skip-files web/yarn.lock \
--skip-dirs web/node_modules \
--ignorefile .trivyignore \
./
.PHONY: generate-kubectl-versions
generate-kubectl-versions:
node .github/actions/kubectl-versions/dist/index.js