-
Notifications
You must be signed in to change notification settings - Fork 0
/
GNUmakefile
64 lines (52 loc) · 2.36 KB
/
GNUmakefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
DEV_DIR:=./terraform
# dvlint options
DVLINT_RULE_PACK:=@ping-identity/dvlint-base-rule-pack
DVLINT_EXCLUDE_RULES:=dv-rule-logo-001
DVLINT_INCLUDE_RULES:=
DVLINT_IGNORE_RULES:=dv-rule-annotations-001,dv-rule-empty-flow-001
default: devcheck
check-for-terraform:
@command -v terraform >/dev/null 2>&1 || { echo >&2 "'terraform' is required but not installed. Aborting."; exit 1; }
fmt: check-for-terraform
@echo "==> Formatting Terraform code with terraform fmt..."
@terraform fmt -recursive .
fmt-check: check-for-terraform
@echo "==> Checking Terraform code with terraform fmt..."
@terraform fmt -recursive -check .
tflint:
@echo "==> Checking Terraform code with tflint..."
@command -v tflint >/dev/null 2>&1 || { echo >&2 "'tflint' is required but not installed. Aborting."; exit 1; }
@tflint --recursive
dvlint:
@echo "==> Checking DaVinci Flows with dvlint..."
@command -v jq >/dev/null 2>&1 || { echo >&2 "'jq' is required but not installed. Aborting."; exit 1; }
@command -v dvlint >/dev/null 2>&1 || { echo >&2 "'dvlint' is required but not installed. Aborting."; exit 1; }
@find . -name '*.json' | while read -r file; do \
if jq -e -r '.companyId' $$file >/dev/null; then \
dvlint -f $$file \
--rulePacks "$(DVLINT_RULE_PACK)" \
--excludeRule "$(DVLINT_EXCLUDE_RULES)" \
--ignoreRule "$(DVLINT_IGNORE_RULES)" \
--includeRule "$(DVLINT_INCLUDE_RULES)" \
|| exit 1; \
fi; \
done
validate: check-for-terraform
@echo "==> Validating Terraform code with terraform validate..."
@if [ -d "./$(DEV_DIR)" ]; then \
terraform -chdir=$(DEV_DIR) validate; \
fi
trivy:
@echo "==> Checking Terraform code with trivy..."
@command -v trivy >/dev/null 2>&1 || { echo >&2 "'trivy' is required but not installed. Aborting."; exit 1; }
@trivy config ./
shell-files:
@echo "==> Checking and formatting shell scripts..."
@command -v shfmt >/dev/null 2>&1 || { echo >&2 "'shfmt' is required but not installed. Aborting."; exit 1; }
@command -v shellcheck >/dev/null 2>&1 || { echo >&2 "'shellcheck' is required but not installed. Aborting."; exit 1; }
@echo "==> Formatting shell scripts with shfmt..."
@shfmt -w -i 4 -sr -ci ./scripts/
@echo "==> Checking shell scripts with shellcheck..."
@shellcheck --exclude=SC1090,SC1091 ./scripts/*.sh
devcheck: fmt fmt-check validate tflint dvlint trivy shell-files
.PHONY: devcheck fmt fmt-check validate tflint dvlint trivy