forked from bank-vaults/bank-vaults
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
181 lines (144 loc) · 6.11 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
# A Self-Documenting Makefile: http://marmelab.com/blog/2016/02/29/auto-documented-makefile.html
OS = $(shell uname)
DOCKER_BUILD_EXTRA_ARGS ?=
# Export HOST_NETWORK=1 if you want to build the docker images with host network (useful when using some VPNs)
ifeq (${HOST_NETWORK}, 1)
DOCKER_BUILD_EXTRA_ARGS += --network host
endif
# Project variables
PACKAGE = github.com/banzaicloud/bank-vaults
BINARY_NAME ?= bank-vaults
DOCKER_REGISTRY ?= ghcr.io/backmarket-oss
DOCKER_IMAGE = ${DOCKER_REGISTRY}/bank-vaults
WEBHOOK_DOCKER_IMAGE = ${DOCKER_REGISTRY}/vault-secrets-webhook
OPERATOR_DOCKER_IMAGE = ${DOCKER_REGISTRY}/vault-operator
VAULT_ENV_DOCKER_IMAGE = ${DOCKER_REGISTRY}/vault-env
# Build variables
BUILD_DIR ?= build
BUILD_PACKAGE = ${PACKAGE}/cmd/...
VERSION ?= $(shell echo `git symbolic-ref -q --short HEAD || git describe --tags --exact-match` | tr '[/]' '-')
COMMIT_HASH ?= $(shell git rev-parse --short HEAD 2>/dev/null)
BUILD_DATE ?= $(shell date +%FT%T%z)
LDFLAGS += -X main.version=${VERSION} -X main.commitHash=${COMMIT_HASH} -X main.buildDate=${BUILD_DATE}
export CGO_ENABLED ?= 1
export GOOS = $(shell go env GOOS)
ifeq (${VERBOSE}, 1)
GOARGS += -v
endif
# Docker variables
DOCKER_TAG ?= ${VERSION}
# Dependency versions
GOTESTSUM_VERSION = 0.4.0
GOLANGCI_VERSION = 1.50.1
LICENSEI_VERSION = 0.3.1
CODE_GENERATOR_VERSION = 0.19.3
CONTROLLER_GEN_VERSION = v0.4.1
GOLANG_VERSION = 1.19.2
## include "generic" targets
include main-targets.mk
.PHONY: up
up: ## Set up the development environment
.PHONY: down
down: clean ## Destroy the development environment
.PHONY: reset
reset: down up ## Reset the development environment
.PHONY: build-release
build-release: LDFLAGS += -w
build-release: build ## Build a binary without debug information
.PHONY: build-debug
build-debug: GOARGS += -gcflags "all=-N -l"
build-debug: BINARY_NAME_SUFFIX += debug
build-debug: build ## Build a binary with remote debugging capabilities
.PHONY: docker
docker: ## Build a Docker image
docker build ${DOCKER_BUILD_EXTRA_ARGS} -t ${DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile .
ifeq (${DOCKER_LATEST}, 1)
docker tag ${DOCKER_IMAGE}:${DOCKER_TAG} ${DOCKER_IMAGE}:latest
endif
.PHONY: image
image: ## Build an OCI image with buildah
buildah bud -t ${DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile .
ifeq (${IMAGE_LATEST}, 1)
buildah tag ${DOCKER_IMAGE}:${DOCKER_TAG} ${DOCKER_IMAGE}:latest
endif
.PHONY: docker-webhook
docker-webhook: ## Build a Docker-webhook image
docker build ${DOCKER_BUILD_EXTRA_ARGS} -t ${WEBHOOK_DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile.webhook .
ifeq (${DOCKER_LATEST}, 1)
docker tag ${WEBHOOK_DOCKER_IMAGE}:${DOCKER_TAG} ${WEBHOOK_DOCKER_IMAGE}:latest
endif
.PHONY: image-webhook
image-webhook: ## Build a webhook OCI image
buildah bud -t ${WEBHOOK_DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile.webhook .
ifeq (${IMAGE_LATEST}, 1)
buildah tag ${WEBHOOK_DOCKER_IMAGE}:${DOCKER_TAG} ${WEBHOOK_DOCKER_IMAGE}:latest
endif
.PHONY: docker-vault-env
docker-vault-env: ## Build a Docker-vault-env image
docker build -t ${VAULT_ENV_DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile.vault-env .
ifeq (${DOCKER_LATEST}, 1)
docker tag ${VAULT_ENV_DOCKER_IMAGE}:${DOCKER_TAG} ${VAULT_ENV_DOCKER_IMAGE}:latest
endif
.PHONY: image-vault-env
image-vault-env: ## Build an OCI vault-env image
buildah bud -t ${VAULT_ENV_DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile.vault-env .
ifeq (${IMAGE_LATEST}, 1)
buildah tag ${VAULT_ENV_DOCKER_IMAGE}:${DOCKER_TAG} ${VAULT_ENV_DOCKER_IMAGE}:latest
endif
.PHONY: docker-push
docker-push: ## Push a Docker image
docker push ${DOCKER_IMAGE}:${DOCKER_TAG}
ifeq (${DOCKER_LATEST}, 1)
docker push ${DOCKER_IMAGE}:latest
endif
.PHONY: docker-operator
docker-operator: ## Build a Docker image for the Operator
docker build ${DOCKER_BUILD_EXTRA_ARGS} -t ${OPERATOR_DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile.operator .
ifeq (${DOCKER_LATEST}, 1)
docker tag ${OPERATOR_DOCKER_IMAGE}:${DOCKER_TAG} ${OPERATOR_DOCKER_IMAGE}:latest
endif
.PHONY: docker-operator-push
docker-operator-push: ## Push a Docker image for the Operator
docker push ${OPERATOR_DOCKER_IMAGE}:${DOCKER_TAG}
ifeq (${DOCKER_LATEST}, 1)
docker push ${OPERATOR_DOCKER_IMAGE}:latest
endif
.PHONY: test-%
test-%: ## Run a specific test suite
@${MAKE} VERBOSE=0 GOTAGS=$* test
release-%: ## Release a new version
git tag -m 'Release $*' $*
@echo "Version updated to $*!"
@echo
@echo "To push the changes execute the following:"
@echo
@echo "git push; git push origin $*"
.PHONY: patch
patch: ## Release a new patch version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1"."$$2"."$$3+1}')
.PHONY: minor
minor: ## Release a new minor version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1"."$$2+1".0"}')
.PHONY: major
major: ## Release a new major version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1+1".0.0"}')
.PHONY: operator-up
operator-up:
kubectl replace -f operator/deploy/crd.yaml || kubectl create -f operator/deploy/crd.yaml
kubectl apply -f operator/deploy/rbac.yaml
OPERATOR_NAME=vault-dev go run operator/cmd/manager/main.go -verbose
.PHONY: operator-down
operator-down:
kubectl delete -f operator/deploy/crd.yaml
kubectl delete -f operator/deploy/rbac.yaml
.PHONY: webhook-forward
webhook-forward: ## Install the webhook chart and kurun to port-forward the local webhook into Kubernetes
kubectl create namespace vault-infra --dry-run -o yaml | kubectl apply -f -
kubectl label namespaces vault-infra name=vault-infra --overwrite
helm upgrade --install vault-secrets-webhook charts/vault-secrets-webhook --namespace vault-infra --set replicaCount=0 --set podsFailurePolicy=Fail --set secretsFailurePolicy=Fail --set configMapMutation=true --set configMapFailurePolicy=Fail
kurun port-forward localhost:8443 --namespace vault-infra --servicename vault-secrets-webhook --tlssecret vault-secrets-webhook-webhook-tls
.PHONY: webhook-run ## Run run the webhook locally
webhook-run:
KUBERNETES_NAMESPACE=vault-infra go run ./cmd/vault-secrets-webhook
.PHONY: webhook-up ## Run the webhook and `kurun port-forward` in foreground. Use with make -j webhook-up
webhook-up: webhook-run webhook-forward