-
Notifications
You must be signed in to change notification settings - Fork 171
/
Makefile
224 lines (174 loc) · 12 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
# SPDX-License-Identifier: Apache-2.0
# SPDX-FileCopyrightText: 2021-Present The Zarf Authors
# Provide a default value for the operating system architecture used in tests, e.g. " APPLIANCE_MODE=true|false make test-e2e ARCH=arm64"
ARCH ?= amd64
######################################################################################
# Figure out which Zarf binary we should use based on the operating system we are on
ZARF_BIN := ./build/zarf
BUILD_CLI_FOR_SYSTEM := build-cli-linux-amd
ifeq ($(OS),Windows_NT)
ZARF_BIN := $(addsuffix .exe,$(ZARF_BIN))
BUILD_CLI_FOR_SYSTEM := build-cli-windows-amd
else
UNAME_S := $(shell uname -s)
UNAME_P := $(shell uname -p)
ifneq ($(UNAME_S),Linux)
ifeq ($(UNAME_S),Darwin)
ZARF_BIN := $(addsuffix -mac,$(ZARF_BIN))
endif
ifeq ($(UNAME_P),i386)
ZARF_BIN := $(addsuffix -intel,$(ZARF_BIN))
BUILD_CLI_FOR_SYSTEM = build-cli-mac-intel
endif
ifeq ($(UNAME_P),arm)
ZARF_BIN := $(addsuffix -apple,$(ZARF_BIN))
BUILD_CLI_FOR_SYSTEM = build-cli-mac-apple
endif
endif
endif
CLI_VERSION ?= $(if $(shell git describe --tags),$(shell git describe --tags),"UnknownVersion")
BUILD_ARGS := -s -w -X github.com/zarf-dev/zarf/src/config.CLIVersion=$(CLI_VERSION)
K8S_MODULES_VER=$(subst ., ,$(subst v,,$(shell go list -f '{{.Version}}' -m k8s.io/client-go)))
K8S_MODULES_MAJOR_VER=$(shell echo $$(($(firstword $(K8S_MODULES_VER)) + 1)))
K8S_MODULES_MINOR_VER=$(word 2,$(K8S_MODULES_VER))
K8S_MODULES_PATCH_VER=$(word 3,$(K8S_MODULES_VER))
K9S_VERSION=$(shell go list -f '{{.Version}}' -m github.com/derailed/k9s)
CRANE_VERSION=$(shell go list -f '{{.Version}}' -m github.com/google/go-containerregistry)
SYFT_VERSION=$(shell go list -f '{{.Version}}' -m github.com/anchore/syft)
ARCHIVER_VERSION=$(shell go list -f '{{.Version}}' -m github.com/mholt/archiver/v3)
HELM_VERSION=$(shell go list -f '{{.Version}}' -m helm.sh/helm/v3)
BUILD_ARGS += -X helm.sh/helm/v3/pkg/lint/rules.k8sVersionMajor=$(K8S_MODULES_MAJOR_VER)
BUILD_ARGS += -X helm.sh/helm/v3/pkg/lint/rules.k8sVersionMinor=$(K8S_MODULES_MINOR_VER)
BUILD_ARGS += -X helm.sh/helm/v3/pkg/chartutil.k8sVersionMajor=$(K8S_MODULES_MAJOR_VER)
BUILD_ARGS += -X helm.sh/helm/v3/pkg/chartutil.k8sVersionMinor=$(K8S_MODULES_MINOR_VER)
BUILD_ARGS += -X k8s.io/component-base/version.gitVersion=v$(K8S_MODULES_MAJOR_VER).$(K8S_MODULES_MINOR_VER).$(K8S_MODULES_PATCH_VER)
BUILD_ARGS += -X github.com/derailed/k9s/cmd.version=$(K9S_VERSION)
BUILD_ARGS += -X github.com/google/go-containerregistry/cmd/crane/cmd.Version=$(CRANE_VERSION)
BUILD_ARGS += -X github.com/zarf-dev/zarf/src/cmd/tools.syftVersion=$(SYFT_VERSION)
BUILD_ARGS += -X github.com/zarf-dev/zarf/src/cmd/tools.archiverVersion=$(ARCHIVER_VERSION)
BUILD_ARGS += -X github.com/zarf-dev/zarf/src/cmd/tools.helmVersion=$(HELM_VERSION)
GIT_SHA := $(if $(shell git rev-parse HEAD),$(shell git rev-parse HEAD),"")
BUILD_DATE := $(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
BUILD_ARGS += -X k8s.io/component-base/version.gitCommit=$(GIT_SHA)
BUILD_ARGS += -X k8s.io/component-base/version.buildDate=$(BUILD_DATE)
.DEFAULT_GOAL := build
.PHONY: help
help: ## Display this help information
@grep -E '^[a-zA-Z0-9_-]+:.*?## .*$$' $(MAKEFILE_LIST) \
| sort | awk 'BEGIN {FS = ":.*?## "}; \
{printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
clean: ## Clean the build directory
rm -rf build
destroy: ## Run `zarf destroy` on the current cluster
$(ZARF_BIN) destroy --confirm --remove-components
rm -fr build
# Note: the path to the main.go file is not used due to https://github.com/golang/go/issues/51831#issuecomment-1074188363
.PHONY: build
build: ## Build the Zarf CLI for the machines OS and architecture
go mod tidy
$(MAKE) $(BUILD_CLI_FOR_SYSTEM)
build-cli-linux-amd: ## Build the Zarf CLI for Linux on AMD64
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf .
build-cli-linux-arm: ## Build the Zarf CLI for Linux on ARM
CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm .
build-cli-mac-intel: ## Build the Zarf CLI for macOS on AMD64
GOOS=darwin GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-intel .
build-cli-mac-apple: ## Build the Zarf CLI for macOS on ARM
GOOS=darwin GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-mac-apple .
build-cli-windows-amd: ## Build the Zarf CLI for Windows on AMD64
GOOS=windows GOARCH=amd64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf.exe . ## Build the Zarf CLI for Windows on AMD64
build-cli-windows-arm: ## Build the Zarf CLI for Windows on ARM
GOOS=windows GOARCH=arm64 go build -ldflags="$(BUILD_ARGS)" -o build/zarf-arm.exe . ## Build the Zarf CLI for Windows on ARM
build-cli-linux: build-cli-linux-amd build-cli-linux-arm ## Build the Zarf CLI for Linux on AMD64 and ARM
build-cli: build-cli-linux-amd build-cli-linux-arm build-cli-mac-intel build-cli-mac-apple build-cli-windows-amd build-cli-windows-arm ## Build the CLI
docs-and-schema: ## Generate the Zarf Documentation and Schema
ZARF_CONFIG=hack/empty-config.toml go run main.go internal gen-cli-docs
hack/schema/create-zarf-schema.sh
init-package-with-agent: build build-local-agent-image init-package
lint-packages-and-examples: build ## Recursively lint all zarf.yaml files in the repo except for those dedicated to tests
hack/lint-all-zarf-packages.sh $(ZARF_BIN) false
# INTERNAL: a shim used to build the agent image only if needed on Windows using the `test` command
init-package-local-agent:
@test "$(AGENT_IMAGE_TAG)" != "local" || $(MAKE) build-local-agent-image
build-local-agent-image: ## Build the Zarf agent image to be used in a locally built init package
@ if [ "$(ARCH)" = "amd64" ] && [ ! -s ./build/zarf ]; then $(MAKE) build-cli-linux-amd; fi
@ if [ "$(ARCH)" = "amd64" ]; then cp build/zarf build/zarf-linux-amd64; fi
@ if [ "$(ARCH)" = "arm64" ] && [ ! -s ./build/zarf-arm ]; then $(MAKE) build-cli-linux-arm; fi
@ if [ "$(ARCH)" = "arm64" ]; then cp build/zarf-arm build/zarf-linux-arm64; fi
docker buildx build --load --platform linux/$(ARCH) --tag ghcr.io/zarf-dev/zarf/agent:local .
@ if [ "$(ARCH)" = "amd64" ]; then rm build/zarf-linux-amd64; fi
@ if [ "$(ARCH)" = "arm64" ]; then rm build/zarf-linux-arm64; fi
init-package: ## Create the zarf init package (must `brew install coreutils` on macOS and have `docker` first)
@test -s $(ZARF_BIN) || $(MAKE)
$(ZARF_BIN) package create -o build -a $(ARCH) --confirm .
# INTERNAL: used to build a release version of the init package with a specific agent image
release-init-package:
$(ZARF_BIN) package create -o build -a $(ARCH) --set AGENT_IMAGE_TAG=$(AGENT_IMAGE_TAG) --confirm .
# INTERNAL: used to build an iron bank version of the init package with an ib version of the registry image
ib-init-package:
@test -s $(ZARF_BIN) || $(MAKE)
$(ZARF_BIN) package create -o build -a $(ARCH) --confirm . \
--set REGISTRY_IMAGE_DOMAIN="registry1.dso.mil/" \
--set REGISTRY_IMAGE="ironbank/opensource/docker/registry-v2" \
--set REGISTRY_IMAGE_TAG="2.8.3"
# INTERNAL: used to publish the init package
publish-init-package:
$(ZARF_BIN) package publish build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst oci://$(REPOSITORY_URL)
$(ZARF_BIN) package publish . oci://$(REPOSITORY_URL)
build-examples: ## Build all of the example packages
@test -s $(ZARF_BIN) || $(MAKE)
@test -s ./build/zarf-package-dos-games-$(ARCH)-1.0.0.tar.zst || $(ZARF_BIN) package create examples/dos-games -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-manifests-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/manifests -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-component-actions-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/component-actions -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-component-choice-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/component-choice -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-variables-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/variables --set NGINX_VERSION=1.23.3 -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-kiwix-$(ARCH)-3.5.0.tar || $(ZARF_BIN) package create examples/kiwix -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-git-data-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/git-data -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-helm-charts-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/helm-charts -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-podinfo-flux-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/podinfo-flux -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-argocd-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/argocd -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-yolo-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/yolo -o build -a $(ARCH) --confirm
build-injector-linux: ## Build the Zarf injector for AMD64 and ARM64
docker run --rm --user "$(id -u)":"$(id -g)" -v $$PWD/src/injector:/usr/src/zarf-injector -w /usr/src/zarf-injector rust:1.71.0-bookworm make build-injector-linux list-sizes
## NOTE: Requires an existing cluster or the env var APPLIANCE_MODE=true
.PHONY: test-e2e
test-e2e: test-e2e-without-cluster test-e2e-with-cluster ## Run all of the core Zarf CLI E2E tests (builds any deps that aren't present)
.PHONY: test-e2e-with-cluster
test-e2e-with-cluster: build-examples ## Run all of the core Zarf CLI E2E tests that DO require a cluster (builds any deps that aren't present)
@test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package
cd src/test/e2e && go test ./main_test.go ./[2-9]*.go -failfast -v -timeout 35m
.PHONY: test-e2e-without-cluster
test-e2e-without-cluster: build-examples ## Run all of the core Zarf CLI E2E tests that DO NOT require a cluster (builds any deps that aren't present)
@test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package
cd src/test/e2e && go test ./main_test.go ./[01]* -failfast -v -timeout 35m
## NOTE: Requires an existing cluster
.PHONY: test-external
test-external: ## Run the Zarf CLI E2E tests for an external registry and cluster
@test -s $(ZARF_BIN) || $(MAKE)
@test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package
@test -s ./build/zarf-package-podinfo-flux-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/podinfo-flux -o build -a $(ARCH) --confirm
@test -s ./build/zarf-package-argocd-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/argocd -o build -a $(ARCH) --confirm
cd src/test/external && go test -failfast -v -timeout 30m
## NOTE: Requires an existing cluster and
.PHONY: test-upgrade
test-upgrade: ## Run the Zarf CLI E2E tests for an external registry and cluster
@test -s $(ZARF_BIN) || $(MAKE)
[ -n "$(shell zarf version)" ] || (echo "Zarf must be installed prior to the upgrade test" && exit 1)
[ -n "$(shell zarf package list 2>&1 | grep test-upgrade-package)" ] || (echo "Zarf must be initialized and have the 6.3.3 upgrade-test package installed prior to the upgrade test" && exit 1)
@test -s "zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" || zarf package create src/test/upgrade/ --set PODINFO_VERSION=6.3.4 --confirm
cd src/test/upgrade && go test -failfast -v -timeout 30m
.PHONY: test-unit
test-unit: ## Run unit tests
go test -failfast -v -coverprofile=coverage.out -covermode=atomic $$(go list ./... | grep -v '^github.com/zarf-dev/zarf/src/test')
# INTERNAL: used to test that a dev has ran `make docs-and-schema` in their PR
test-docs-and-schema:
$(MAKE) docs-and-schema
hack/check-zarf-docs-and-schema.sh
# INTERNAL: used to test for new CVEs that may have been introduced
test-cves:
go run main.go tools sbom scan . -o json --exclude './site' --exclude './examples' | grype --fail-on low
cve-report: ## Create a CVE report for the current project (must `brew install grype` first)
@test -d ./build || mkdir ./build
go run main.go tools sbom scan . -o json --exclude './site' --exclude './examples' | grype -o template -t hack/grype.tmpl > build/zarf-known-cves.csv
lint-go: ## Run golang-ci-lint to lint the go code (must `brew install golangci-lint` first)
golangci-lint run