-
Notifications
You must be signed in to change notification settings - Fork 197
/
Makefile
180 lines (149 loc) · 6.36 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# Set the default goal
.DEFAULT_GOAL := build
MAKEFLAGS += --no-print-directory
DOCKER ?= docker
KIND ?= kind
export KUBECONFIG ?= ${HOME}/.kube/config
# Active module mode, as we use Go modules to manage dependencies
export GO111MODULE=on
GOPATH=$(shell go env GOPATH)
GOBIN=$(GOPATH)/bin
GINKGO=$(GOBIN)/ginkgo
SOURCES := $(shell find . -name '*.go')
IMAGE_TAG := dev
STARBOARD_CLI_IMAGE := aquasec/starboard:$(IMAGE_TAG)
STARBOARD_OPERATOR_IMAGE := aquasec/starboard-operator:$(IMAGE_TAG)
STARBOARD_SCANNER_AQUA_IMAGE := aquasec/starboard-scanner-aqua:$(IMAGE_TAG)
#STARBOARD_OPERATOR_IMAGE_UBI8 := aquasec/starboard-operator:$(IMAGE_TAG)-ubi8
#STARBOARD_OPERATOR_IMAGE_UBI8_FIPS := aquasec/starboard-operator:$(IMAGE_TAG)-ubi8-fips
MKDOCS_IMAGE := aquasec/mkdocs-material:starboard
MKDOCS_PORT := 8000
.PHONY: all
all: build
.PHONY: build
build: build-starboard-cli build-starboard-operator build-starboard-scanner-aqua
## Builds the starboard binary
build-starboard-cli: $(SOURCES)
CGO_ENABLED=0 go build -o ./bin/starboard ./cmd/starboard/main.go
## Builds the starboard-operator binary
build-starboard-operator: $(SOURCES)
CGO_ENABLED=0 GOOS=linux go build -o ./bin/starboard-operator ./cmd/starboard-operator/main.go
## Builds the starboard-operator binary
build-starboard-operator-fips: $(SOURCES)
CGO_ENABLED=0 GOOS=linux GOEXPERIMENT=boringcrypto go build -tags fipsonly -o ./bin/starboard-operator-fips ./cmd/starboard-operator/main.go
## Builds the scanner-aqua binary
build-starboard-scanner-aqua: $(SOURCES)
CGO_ENABLED=0 GOOS=linux go build -o ./bin/starboard-scanner-aqua ./cmd/scanner-aqua/main.go
.PHONY: get-ginkgo
## Installs Ginkgo CLI
get-ginkgo:
@go install github.com/onsi/ginkgo/ginkgo
.PHONY: get-qtc
## Installs quicktemplate compiler
get-qtc:
@go install github.com/valyala/quicktemplate/qtc
.PHONY: compile-templates
## Converts quicktemplate files (*.qtpl) into Go code
compile-templates: get-qtc
$(GOBIN)/qtc
.PHONY: test
## Runs both unit and integration tests
test: unit-tests itests-starboard itests-starboard-operator
.PHONY: unit-tests
## Runs unit tests with code coverage enabled
unit-tests: $(SOURCES)
go test -v -short -race -timeout 30s -coverprofile=coverage.txt ./...
.PHONY: itests-starboard
## Runs integration tests for Starboard CLI with code coverage enabled
itests-starboard: check-kubeconfig get-ginkgo
@$(GINKGO) \
-coverprofile=coverage.txt \
-coverpkg=github.com/aquasecurity/starboard/pkg/cmd,\
github.com/aquasecurity/starboard/pkg/plugin,\
github.com/aquasecurity/starboard/pkg/kube,\
github.com/aquasecurity/starboard/pkg/kubebench,\
github.com/aquasecurity/starboard/pkg/kubehunter,\
github.com/aquasecurity/starboard/pkg/plugin/trivy,\
github.com/aquasecurity/starboard/pkg/plugin/polaris,\
github.com/aquasecurity/starboard/pkg/plugin/conftest,\
github.com/aquasecurity/starboard/pkg/configauditreport,\
github.com/aquasecurity/starboard/pkg/vulnerabilityreport \
./itest/starboard
.PHONY: itests-starboard-operator
## Runs integration tests for Starboard Operator with code coverage enabled
itests-starboard-operator: check-kubeconfig get-ginkgo
@$(GINKGO) \
-coverprofile=coverage.txt \
-coverpkg=github.com/aquasecurity/starboard/pkg/operator,\
github.com/aquasecurity/starboard/pkg/operator/predicate,\
github.com/aquasecurity/starboard/pkg/operator/controller,\
github.com/aquasecurity/starboard/pkg/plugin,\
github.com/aquasecurity/starboard/pkg/plugin/trivy,\
github.com/aquasecurity/starboard/pkg/plugin/polaris,\
github.com/aquasecurity/starboard/pkg/plugin/conftest,\
github.com/aquasecurity/starboard/pkg/configauditreport,\
github.com/aquasecurity/starboard/pkg/vulnerabilityreport,\
github.com/aquasecurity/starboard/pkg/kubebench \
./itest/starboard-operator
.PHONY: integration-operator-conftest
integration-operator-conftest: check-kubeconfig get-ginkgo
@$(GINKGO) \
-coverprofile=coverage.txt \
-coverpkg=github.com/aquasecurity/starboard/pkg/operator,\
github.com/aquasecurity/starboard/pkg/operator/predicate,\
github.com/aquasecurity/starboard/pkg/operator/controller,\
github.com/aquasecurity/starboard/pkg/plugin,\
github.com/aquasecurity/starboard/pkg/plugin/conftest,\
github.com/aquasecurity/starboard/pkg/configauditreport \
./itest/starboard-operator/configauditreport/conftest
.PHONY: check-kubeconfig
check-kubeconfig:
ifndef KUBECONFIG
$(error Environment variable KUBECONFIG is not set)
else
@echo "KUBECONFIG=${KUBECONFIG}"
endif
## Removes build artifacts
clean:
@rm -r ./bin 2> /dev/null || true
@rm -r ./dist 2> /dev/null || true
## Builds Docker images for all binaries
docker-build: \
docker-build-starboard-cli \
docker-build-starboard-operator \
docker-build-starboard-operator-ubi8 \
docker-build-starboard-scanner-aqua
## Builds Docker image for Starboard CLI
docker-build-starboard-cli: build-starboard-cli
$(DOCKER) build --no-cache -t $(STARBOARD_CLI_IMAGE) -f build/starboard/Dockerfile bin
## Builds Docker image for Starboard operator
docker-build-starboard-operator: build-starboard-operator
$(DOCKER) build --no-cache -t $(STARBOARD_OPERATOR_IMAGE) -f build/starboard-operator/Dockerfile bin
## Builds Docker image for Starboard operator ubi8
docker-build-starboard-operator-fips: build-starboard-operator-fips
$(DOCKER) build --no-cache -f build/starboard-operator/Dockerfile.fips.ubi8 -t $(STARBOARD_OPERATOR_IMAGE_UBI8_FIPS) bin
## Builds Docker image for Starboard operator ubi8
docker-build-starboard-operator-ubi8: build-starboard-operator
$(DOCKER) build --no-cache -f build/starboard-operator/Dockerfile.ubi8 -t $(STARBOARD_OPERATOR_IMAGE_UBI8) bin
## Builds Docker image for Aqua scanner
docker-build-starboard-scanner-aqua: build-starboard-scanner-aqua
$(DOCKER) build --no-cache -t $(STARBOARD_SCANNER_AQUA_IMAGE) -f build/scanner-aqua/Dockerfile bin
kind-load-images: \
docker-build-starboard-operator \
docker-build-starboard-operator-ubi8
$(KIND) load docker-image \
$(STARBOARD_OPERATOR_IMAGE) \
$(STARBOARD_OPERATOR_IMAGE_UBI8)
## Runs MkDocs development server to preview the documentation page
mkdocs-serve:
$(DOCKER) build -t $(MKDOCS_IMAGE) -f build/mkdocs-material/Dockerfile bin
$(DOCKER) run --name mkdocs-serve --rm -v $(PWD):/docs -p $(MKDOCS_PORT):8000 $(MKDOCS_IMAGE)
.PHONY: \
clean \
docker-build \
docker-build-starboard-cli \
docker-build-starboard-operator \
docker-build-starboard-operator-ubi8 \
docker-build-starboard-scanner-aqua \
kind-load-images \
mkdocs-serve