This repository has been archived by the owner on Jul 11, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 276
/
Copy pathMakefile
304 lines (237 loc) · 11.7 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
#!make
TARGETS := darwin/amd64 darwin/arm64 linux/amd64 linux/arm64 windows/amd64
BINNAME ?= osm
DIST_DIRS := find * -type d -exec
CTR_REGISTRY ?= openservicemesh
CTR_TAG ?= latest-main
VERIFY_TAGS ?= false
GOPATH = $(shell go env GOPATH)
GOBIN = $(GOPATH)/bin
GOX = go run github.com/mitchellh/gox
SHA256 = sha256sum
ifeq ($(shell uname),Darwin)
SHA256 = shasum -a 256
endif
VERSION ?= dev
BUILD_DATE ?=
GIT_SHA=$$(git rev-parse HEAD)
BUILD_DATE_VAR := github.com/openservicemesh/osm/pkg/version.BuildDate
BUILD_VERSION_VAR := github.com/openservicemesh/osm/pkg/version.Version
BUILD_GITCOMMIT_VAR := github.com/openservicemesh/osm/pkg/version.GitCommit
DOCKER_GO_VERSION = 1.19
DOCKER_GO_BASE_IMAGE = golang:$(DOCKER_GO_VERSION)
DOCKER_FINAL_BASE_IMAGE = gcr.io/distroless/static
DOCKER_GO_BUILD_FLAGS =
DOCKER_BUILDX_PLATFORM ?= linux/$(shell go env GOARCH)
DOCKER_BUILDX_PLATFORM_OSM_CROSS ?= linux/amd64,linux/arm64
# Value for the --output flag on docker buildx build.
# https://docs.docker.com/engine/reference/commandline/buildx_build/#output
DOCKER_BUILDX_OUTPUT ?= type=registry
CGO_ENABLED = 0
ifeq ($(FIPS),1)
CGO_ENABLED = 1
DOCKER_GO_BASE_IMAGE = mcr.microsoft.com/oss/go/microsoft/golang:$(DOCKER_GO_VERSION)-fips-cbl-mariner2.0
DOCKER_FINAL_BASE_IMAGE = mcr.microsoft.com/cbl-mariner/distroless/base:2.0
DOCKER_GO_BUILD_FLAGS = -tags fips
endif
LDFLAGS ?= "-X $(BUILD_DATE_VAR)=$(BUILD_DATE) -X $(BUILD_VERSION_VAR)=$(VERSION) -X $(BUILD_GITCOMMIT_VAR)=$(GIT_SHA) -s -w"
# These two values are combined and passed to go test
GO_TEST_FLAGS ?=
E2E_FLAGS ?= -installType=KindCluster
E2E_FLAGS_DEFAULT := -test.v -ginkgo.v -ginkgo.progress -ctrRegistry $(CTR_REGISTRY) -osmImageTag $(CTR_TAG)
# Installed Go version
# This is the version of Go going to be used to compile this project.
# It will be compared with the minimum requirements for OSM.
GO_VERSION_MAJOR = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1)
GO_VERSION_MINOR = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
GO_VERSION_PATCH = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f3)
ifeq ($(GO_VERSION_PATCH),)
GO_VERSION_PATCH := 0
endif
check-env:
ifndef CTR_REGISTRY
$(error CTR_REGISTRY environment variable is not defined; see the .env.example file for more information; then source .env)
endif
ifndef CTR_TAG
$(error CTR_TAG environment variable is not defined; see the .env.example file for more information; then source .env)
endif
.PHONY: build-osm-all
build-osm-all: build-osm docker-build-osm
.PHONY: build-osm
build-osm: cmd/cli/chart.tgz
CGO_ENABLED=0 go build -v -o ./bin/osm -ldflags ${LDFLAGS} ./cmd/cli
cmd/cli/chart.tgz: scripts/generate_chart/generate_chart.go $(shell find charts/osm)
go run $< > $@
.PHONY: clean-osm
clean-osm:
@rm -rf bin/osm
.PHONY: codegen
codegen:
./codegen/gen-crd-client.sh
.PHONY: chart-readme
chart-readme:
go run github.com/norwoodj/helm-docs/cmd/helm-docs -c charts -t charts/osm/README.md.gotmpl
.PHONY: chart-check-readme
chart-check-readme: chart-readme
@git diff --exit-code charts/osm/README.md || { echo "----- Please commit the changes made by 'make chart-readme' -----"; exit 1; }
.PHONY: helm-lint
helm-lint:
@helm lint charts/osm/ || { echo "----- Schema validation failed for OSM chart values -----"; exit 1; }
.PHONY: chart-checks
chart-checks: chart-check-readme helm-lint
.PHONY: check-mocks
check-mocks:
@go run ./mockspec/generate.go
@git diff --exit-code || { echo "----- Please commit the changes made by 'go run ./mockspec/generate.go' -----"; exit 1; }
.PHONY: check-codegen
check-codegen:
@./codegen/gen-crd-client.sh
@git diff --exit-code || { echo "----- Please commit the changes made by './codegen/gen-crd-client.sh' -----"; exit 1; }
.PHONY: go-checks
go-checks: go-lint go-fmt go-mod-tidy check-mocks check-codegen
.PHONY: go-vet
go-vet:
go vet ./...
.PHONY: go-lint
go-lint: embed-files-test
docker run --rm -v $$(pwd):/app -w /app golangci/golangci-lint:latest golangci-lint run --config .golangci.yml
.PHONY: go-fmt
go-fmt:
go fmt ./...
.PHONY: go-mod-tidy
go-mod-tidy:
./scripts/go-mod-tidy.sh
.PHONY: go-test
go-test: cmd/cli/chart.tgz
./scripts/go-test.sh
.PHONY: go-test-coverage
go-test-coverage: embed-files
./scripts/test-w-coverage.sh
.PHONY: go-benchmark
go-benchmark: embed-files
./scripts/go-benchmark.sh
.PHONY: kind-up
kind-up:
./scripts/kind-with-registry.sh
.PHONY: tilt-up
tilt-up: kind-up
tilt up
.PHONY: kind-reset
kind-reset:
kind delete cluster --name osm
.PHONY: test-e2e
test-e2e: DOCKER_BUILDX_OUTPUT=type=docker
test-e2e: docker-build-osm build-osm docker-build-tcp-echo-server
go test $(GO_TEST_FLAGS) ./tests/e2e $(E2E_FLAGS_DEFAULT) $(E2E_FLAGS)
.env:
cp .env.example .env
.PHONY: kind-demo
kind-demo: export CTR_REGISTRY=localhost:5000
kind-demo: .env kind-up clean-osm
./demo/run-osm-demo.sh
.PHONE: build-bookwatcher
build-bookwatcher:
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o ./demo/bin/bookwatcher/bookwatcher ./demo/cmd/bookwatcher
DEMO_TARGETS = bookbuyer bookthief bookstore bookwarehouse tcp-echo-server tcp-client
# docker-build-bookbuyer, etc
DOCKER_DEMO_TARGETS = $(addprefix docker-build-, $(DEMO_TARGETS))
.PHONY: $(DOCKER_DEMO_TARGETS)
$(DOCKER_DEMO_TARGETS): NAME=$(@:docker-build-%=%)
$(DOCKER_DEMO_TARGETS):
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/$(NAME):$(CTR_TAG) -f dockerfiles/Dockerfile.demo --build-arg GO_VERSION=$(DOCKER_GO_VERSION) --build-arg BINARY=$(NAME) .
.PHONY: docker-build-demo
docker-build-demo: $(DOCKER_DEMO_TARGETS)
.PHONY: docker-build-init
docker-build-init:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/init:$(CTR_TAG) - < dockerfiles/Dockerfile.init
.PHONY: docker-build-osm-controller
docker-build-osm-controller:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-controller:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-controller --build-arg GO_BASE_IMAGE=$(DOCKER_GO_BASE_IMAGE) --build-arg FINAL_BASE_IMAGE=$(DOCKER_FINAL_BASE_IMAGE) --build-arg LDFLAGS=$(LDFLAGS) --build-arg CGO_ENABLED=$(CGO_ENABLED) --build-arg GO_BUILD_FLAGS="$(DOCKER_GO_BUILD_FLAGS)" .
.PHONY: docker-build-osm-injector
docker-build-osm-injector:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-injector:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-injector --build-arg GO_BASE_IMAGE=$(DOCKER_GO_BASE_IMAGE) --build-arg FINAL_BASE_IMAGE=$(DOCKER_FINAL_BASE_IMAGE) --build-arg LDFLAGS=$(LDFLAGS) --build-arg CGO_ENABLED=$(CGO_ENABLED) --build-arg GO_BUILD_FLAGS="$(DOCKER_GO_BUILD_FLAGS)" .
.PHONY: docker-build-osm-crds
docker-build-osm-crds:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-crds:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-crds ./cmd/osm-bootstrap/crds
.PHONY: docker-build-osm-bootstrap
docker-build-osm-bootstrap:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-bootstrap:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-bootstrap --build-arg GO_BASE_IMAGE=$(DOCKER_GO_BASE_IMAGE) --build-arg FINAL_BASE_IMAGE=$(DOCKER_FINAL_BASE_IMAGE) --build-arg LDFLAGS=$(LDFLAGS) --build-arg CGO_ENABLED=$(CGO_ENABLED) --build-arg GO_BUILD_FLAGS="$(DOCKER_GO_BUILD_FLAGS)" .
.PHONY: docker-build-osm-preinstall
docker-build-osm-preinstall:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-preinstall:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-preinstall --build-arg GO_BASE_IMAGE=$(DOCKER_GO_BASE_IMAGE) --build-arg FINAL_BASE_IMAGE=$(DOCKER_FINAL_BASE_IMAGE) --build-arg LDFLAGS=$(LDFLAGS) --build-arg CGO_ENABLED=$(CGO_ENABLED) --build-arg GO_BUILD_FLAGS="$(DOCKER_GO_BUILD_FLAGS)" .
.PHONY: docker-build-osm-healthcheck
docker-build-osm-healthcheck:
docker buildx build --builder osm --platform=$(DOCKER_BUILDX_PLATFORM) -o $(DOCKER_BUILDX_OUTPUT) -t $(CTR_REGISTRY)/osm-healthcheck:$(CTR_TAG) -f dockerfiles/Dockerfile.osm-healthcheck --build-arg GO_BASE_IMAGE=$(DOCKER_GO_BASE_IMAGE) --build-arg FINAL_BASE_IMAGE=$(DOCKER_FINAL_BASE_IMAGE) --build-arg LDFLAGS=$(LDFLAGS) --build-arg CGO_ENABLED=$(CGO_ENABLED) --build-arg GO_BUILD_FLAGS="$(DOCKER_GO_BUILD_FLAGS)" .
OSM_TARGETS = init osm-controller osm-injector osm-crds osm-bootstrap osm-preinstall osm-healthcheck
DOCKER_OSM_TARGETS = $(addprefix docker-build-, $(OSM_TARGETS))
.PHONY: docker-build-osm
docker-build-osm: $(DOCKER_OSM_TARGETS)
.PHONY: buildx-context
buildx-context:
@if ! docker buildx ls | grep -q "^osm "; then docker buildx create --name osm --driver-opt network=host; fi
check-image-exists-%: NAME=$(@:check-image-exists-%=%)
check-image-exists-%:
@if [ "$(VERIFY_TAGS)" = "true" ]; then scripts/image-exists.sh $(CTR_REGISTRY)/$(NAME):$(CTR_TAG); fi
$(foreach target,$(OSM_TARGETS) $(DEMO_TARGETS),$(eval docker-build-$(target): check-image-exists-$(target) buildx-context))
docker-digest-%: NAME=$(@:docker-digest-%=%)
docker-digest-%:
@docker buildx imagetools inspect $(CTR_REGISTRY)/$(NAME):$(CTR_TAG) --raw | $(SHA256) | awk '{print "$(NAME): sha256:"$$1}'
.PHONY: docker-digests-osm
docker-digests-osm: $(addprefix docker-digest-, $(OSM_TARGETS))
.PHONY: docker-build
docker-build: docker-build-osm docker-build-demo
.PHONY: docker-build-cross-osm docker-build-cross-demo docker-build-cross
docker-build-cross-osm: DOCKER_BUILDX_PLATFORM=$(DOCKER_BUILDX_PLATFORM_OSM_CROSS)
docker-build-cross-osm: docker-build-osm
docker-build-cross-demo: DOCKER_BUILDX_PLATFORM=linux/amd64,windows/amd64,linux/arm64
docker-build-cross-demo: docker-build-demo
docker-build-cross: docker-build-cross-osm docker-build-cross-demo
.PHONY: embed-files
embed-files: cmd/cli/chart.tgz
.PHONY: embed-files-test
embed-files-test:
./scripts/generate-dummy-embed.sh
.PHONY: build-ci
build-ci: embed-files
CGO_ENABLED=$(CGO_ENABLED) go build -v $(GO_BUILD_FLAGS) ./...
.PHONY: trivy-ci-setup
trivy-ci-setup:
wget https://github.com/aquasecurity/trivy/releases/download/v0.23.0/trivy_0.23.0_Linux-64bit.tar.gz
tar zxvf trivy_0.23.0_Linux-64bit.tar.gz
echo $$(pwd) >> $(GITHUB_PATH)
# Show all vulnerabilities in logs
trivy-scan-verbose-%: NAME=$(@:trivy-scan-verbose-%=%)
trivy-scan-verbose-%:
trivy image "$(CTR_REGISTRY)/$(NAME):$(CTR_TAG)"
# Exit if vulnerability exists
trivy-scan-fail-%: NAME=$(@:trivy-scan-fail-%=%)
trivy-scan-fail-%:
trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "$(CTR_REGISTRY)/$(NAME):$(CTR_TAG)"
.PHONY: trivy-scan-images trivy-scan-images-fail trivy-scan-images-verbose
trivy-scan-images-verbose: $(addprefix trivy-scan-verbose-, $(OSM_TARGETS))
trivy-scan-images-fail: $(addprefix trivy-scan-fail-, $(OSM_TARGETS))
trivy-scan-images: trivy-scan-images-verbose trivy-scan-images-fail
.PHONY: shellcheck
shellcheck:
shellcheck -x $(shell find . -name '*.sh')
.PHONY: install-git-pre-push-hook
install-git-pre-push-hook:
./scripts/install-git-pre-push-hook.sh
# -------------------------------------------
# release targets below
# -------------------------------------------
.PHONY: build-cross
build-cross: cmd/cli/chart.tgz
GO111MODULE=on CGO_ENABLED=0 $(GOX) -ldflags $(LDFLAGS) -parallel=5 -output="_dist/{{.OS}}-{{.Arch}}/$(BINNAME)" -osarch='$(TARGETS)' ./cmd/cli
.PHONY: dist
dist:
( \
cd _dist && \
$(DIST_DIRS) cp ../LICENSE {} \; && \
$(DIST_DIRS) cp ../README.md {} \; && \
$(DIST_DIRS) tar -zcf osm-${VERSION}-{}.tar.gz {} \; && \
$(DIST_DIRS) zip -r osm-${VERSION}-{}.zip {} \; && \
$(SHA256) osm-* > sha256sums.txt \
)
.PHONY: release-artifacts
release-artifacts: build-cross dist