-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
147 lines (115 loc) · 4.99 KB
/
Makefile
File metadata and controls
147 lines (115 loc) · 4.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
.PHONY: build container container-security cross-platform debug release test unit-test integration-test redis-integration-test test-all go-version coverage fmt lint deps security clean dev-setup
include version
.DEFAULT_GOAL := help
CI ?= false
COLOR_CYAN := \033[36m
COLOR_RESET := \033[0m
COLOR_GREEN := \033[32m
COLOR_RED := \033[31m
USERNAME := darthfork
TARGET := promgithub
SRC := ./...
LDFLAGS := -X main.Version=$(VERSION) -s -w
LDFLAGS_DBG := -X main.enableDebug=true -X main.Version=$(VERSION)
BUILDDIR := build
ARCHS := amd64 arm64
PLATFORMS := linux/amd64,linux/arm64
CHART_SOURCE := helm/promgithub
CONTAINER_REGISTRY := ghcr.io/$(USERNAME)/$(TARGET)
CHART_REGISTRY := oci://ghcr.io/$(USERNAME)/$(TARGET)-charts
CHART_VERSION := $(shell grep 'version:' $(CHART_SOURCE)/Chart.yaml | tail -n1 | awk '{ print $$2 }')
build: ## Build promgithub service binary
build: CGO_ENABLED := 0
build: deps mkdir
@go build -ldflags "$(LDFLAGS)" -o $(BUILDDIR)/$(TARGET) $(SRC)
debug: ## Build promgithub service binary with debug information
debug: LDFLAGS := $(LDFLAGS_DBG)
debug: TARGET := $(TARGET)-debug
debug: build
test: unit-test integration-test redis-integration-test ## Run the full Go test suite
unit-test: PROMGITHUB_WEBHOOK_SECRET := test-secret
unit-test: ## Run unit tests
@echo "${COLOR_GREEN}Running Unit Tests..${COLOR_RESET}"
@go test -v $(SRC)
integration-test: PROMGITHUB_WEBHOOK_SECRET := test-secret
integration-test: ## Run integration tests
@echo "${COLOR_GREEN}Running Integration Tests..${COLOR_RESET}"
@go test -tags=integration -v $(SRC)
redis-integration-test: PROMGITHUB_WEBHOOK_SECRET := test-secret
redis-integration-test: ## Run Redis-backed integration tests against PROMGITHUB_REDIS_ADDR
@echo "${COLOR_GREEN}Running Redis Integration Tests..${COLOR_RESET}"
@go test -tags='integration redis' -run '^TestRedisIntegration' -v $(SRC)
coverage: ## Run unit tests with coverage
@echo "${COLOR_GREEN}Running Coverage Checks..${COLOR_RESET}"
@go test -race -coverprofile=coverage.out -covermode=atomic $(SRC)
@go tool cover -html=coverage.out -o coverage.html
lint: ## Lint golang source files
@echo "${COLOR_GREEN}Running Linter Checks..${COLOR_RESET}"
@golangci-lint run -v --config=./.golangci.yaml
fmt: ## Format golang source files
@go fmt $(SRC)
deps: ## Install/update dependencies
@go mod tidy
@go mod verify
@go mod download
install_tools: deps ## Install development tooling
@./utils/install_tools.sh
container: ## Build promgithub service container
@docker build --progress=plain -t $(CONTAINER_REGISTRY):$(VERSION) .
package-helm-chart: mkdir ## Package promgithub helm chart
@helm package $(CHART_SOURCE) -d $(BUILDDIR)
build-cross-platform-binaries: mkdir
@set -e; for GOARCH in $(ARCHS); do \
echo "${COLOR_GREEN}Building $(TARGET)-linux-$$GOARCH-$(VERSION)${COLOR_RESET}"; \
GOOS=linux GOARCH=$$GOARCH TARGET=$(TARGET)-linux-$$GOARCH-$(VERSION) $(MAKE) build; \
done
build-cross-platform-container: ci-check
@docker buildx build \
--platform $(PLATFORMS)\
-t $(CONTAINER_REGISTRY):$(VERSION) \
--cache-from type=gha,scope=$(TARGET) \
--cache-to type=gha,mode=max,scope=$(TARGET) \
. --push
release-helm-chart: ci-check package-helm-chart
@helm push $(BUILDDIR)/$(TARGET)-$(CHART_VERSION).tgz $(CHART_REGISTRY)
create-github-release: ci-check
@gh release create v$(VERSION) \
--title "$(TARGET)-v$(VERSION)" \
--generate-notes \
$(BUILDDIR)/*
security: mkdir ## Run comprehensive security checks
@echo "${COLOR_GREEN}Running vulnerability checks...${COLOR_RESET}"
@govulncheck $(SRC)
@echo "${COLOR_GREEN}Running static security analysis...${COLOR_RESET}"
@gosec -conf=.gosec.json -fmt=sarif -out=build/gosec-report.sarif $(SRC)
container-security: mkdir ## Run container security scan
@echo "${COLOR_GREEN}Running container security scan...${COLOR_RESET}"
@trivy image --format json --output build/trivy-report.json $(CONTAINER_REGISTRY):$(VERSION)
test-all: test coverage security lint ## Run all tests and checks
dev-setup: deps setup-commit-hooks ## Setup development environment
@echo "Development environment ready"
release: ## Create cross-platform binaries, containers, helm chart and release to Github (CI only)
release: ci-check
release: build-cross-platform-binaries
release: build-cross-platform-container
release: release-helm-chart
release: create-github-release
setup-commit-hooks:
@mkdir -p .git/hooks
@cp .github/hooks/* .git/hooks/
go-version:
@grep '^go ' go.mod | awk '{print $$2}'
help:
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' Makefile\
| awk 'BEGIN {FS = ":.*?## "}; {printf "${COLOR_CYAN}%-20s${COLOR_RESET} %s\n", $$1, $$2}'
mkdir:
@mkdir -p $(BUILDDIR)
ci-check:
@if [ "$(CI)" = "false" ]; then \
printf "${COLOR_RED}Error: This target is only intended for CI builds\n\n${COLOR_RESET}"; \
printf "${COLOR_RESET}To override this lock, run ${COLOR_GREEN}\"CI=true make <your-target>\" \n\n${COLOR_RESET}"; \
exit 1 >/dev/null 2>&1; \
fi
clean: ## Clean build directory
@rm -rf $(BUILDDIR)
@rm -f coverage.out coverage.html