forked from aquasecurity/trivy-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
164 lines (130 loc) · 5.09 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# Set the default goal
.DEFAULT_GOAL := build
MAKEFLAGS += --no-print-directory
DOCKER ?= docker
KIND ?= kind
export KUBECONFIG ?= ${HOME}/.kube/config
# Active module mode, as we use Go modules to manage dependencies
export GO111MODULE=on
GOPATH=$(shell go env GOPATH)
GOBIN=$(GOPATH)/bin
GINKGO=$(GOBIN)/ginkgo
SOURCES := $(shell find . -name '*.go')
IMAGE_TAG := 0.4.2
TRIVY_OPERATOR_IMAGE := drdkorg/trivy-operator:$(IMAGE_TAG)
TRIVY_OPERATOR_IMAGE_UBI8 := aquasecurity/trivy-operator:$(IMAGE_TAG)-ubi8
MKDOCS_IMAGE := aquasec/mkdocs-material:trivy-operator
MKDOCS_PORT := 8000
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION = 1.24.2
.PHONY: all
all: build
.PHONY: build
build: build-trivy-operator
## Builds the trivy-operator binary
build-trivy-operator: $(SOURCES)
GOARCH=amd64 CGO_ENABLED=0 GOOS=linux go build -o ./bin/trivy-operator ./cmd/trivy-operator/main.go
.PHONY: get-ginkgo
## Installs Ginkgo CLI
get-ginkgo:
@go install github.com/onsi/ginkgo/v2/ginkgo
.PHONY: get-qtc
## Installs quicktemplate compiler
get-qtc:
@go install github.com/valyala/quicktemplate/qtc
.PHONY: compile-templates
## Converts quicktemplate files (*.qtpl) into Go code
compile-templates: get-qtc
$(GOBIN)/qtc
.PHONY: test
test: $(SOURCES) generate-all envtest ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" \
go test -v -short -race -timeout 30s -coverprofile=coverage.txt ./...
.PHONY: itests-trivy-operator
## Runs integration tests for Trivy Operator with code coverage enabled
itests-trivy-operator: check-kubeconfig get-ginkgo
@$(GINKGO) \
-coverprofile=coverage.txt \
-coverpkg=github.com/aquasecurity/trivy-operator/pkg/operator,\
github.com/aquasecurity/trivy-operator/pkg/operator/predicate,\
github.com/aquasecurity/trivy-operator/pkg/operator/controller,\
github.com/aquasecurity/trivy-operator/pkg/plugin,\
github.com/aquasecurity/trivy-operator/pkg/plugin/trivy,\
github.com/aquasecurity/trivy-operator/pkg/configauditreport,\
github.com/aquasecurity/trivy-operator/pkg/vulnerabilityreport \
./itest/trivy-operator
.PHONY: check-kubeconfig
check-kubeconfig:
ifndef KUBECONFIG
$(error Environment variable KUBECONFIG is not set)
else
@echo "KUBECONFIG=${KUBECONFIG}"
endif
## Removes build artifacts
clean:
@rm -r ./bin 2> /dev/null || true
@rm -r ./dist 2> /dev/null || true
## Builds Docker images for all binaries
docker-build: \
docker-build-trivy-operator \
docker-build-trivy-operator-ubi8
## Builds Docker image for trivy-operator
docker-build-trivy-operator: build-trivy-operator
$(DOCKER) build --no-cache -t $(TRIVY_OPERATOR_IMAGE) -f build/trivy-operator/Dockerfile bin
## Builds Docker image for trivy-operator ubi8
docker-build-trivy-operator-ubi8: build-trivy-operator
$(DOCKER) build --no-cache -f build/trivy-operator/Dockerfile.ubi8 -t $(TRIVY_OPERATOR_IMAGE_UBI8) bin
kind-load-images: \
docker-build-trivy-operator \
docker-build-trivy-operator-ubi8
$(KIND) load docker-image \
$(TRIVY_OPERATOR_IMAGE) \
$(TRIVY_OPERATOR_IMAGE_UBI8)
## Runs MkDocs development server to preview the documentation page
mkdocs-serve:
$(DOCKER) build -t $(MKDOCS_IMAGE) -f build/mkdocs-material/Dockerfile bin
$(DOCKER) run --name mkdocs-serve --rm -v $(PWD):/docs -p $(MKDOCS_PORT):8000 $(MKDOCS_IMAGE)
$(GOBIN)/labeler:
go install github.com/knqyf263/labeler@latest
.PHONY: label
label: $(GOBIN)/labeler
labeler apply misc/triage/labels.yaml -r aquasecurity/trivy-operator -l 5
## Location to install dependencies to
LOCALBIN ?= $(shell pwd)/bin
$(LOCALBIN):
mkdir -p $(LOCALBIN)
## Tool Binaries
CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
ENVTEST ?= $(LOCALBIN)/setup-envtest
## Tool Versions
CONTROLLER_TOOLS_VERSION ?= v0.9.2
.PHONY: controller-gen
controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary.
$(CONTROLLER_GEN): $(LOCALBIN)
GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION)
.PHONY: envtest
envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
$(ENVTEST): $(LOCALBIN)
GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
.PHONY: verify-generated
verify-generated: generate-all
./hack/verify-generated.sh
.PHONY: generate
generate: controller-gen
$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./pkg/..." +rbac:roleName=trivy-operator output:rbac:artifacts:config=deploy/helm/generated
.PHONY: manifests
manifests: controller-gen
# We must "allow dangerous types" because the API currently includes fields using floating point data types
$(CONTROLLER_GEN) crd:allowDangerousTypes=true paths="./pkg/apis/..." output:crd:artifacts:config=deploy/crd
mv deploy/crd/aquasecurity.github.io_clustercompliancedetailreports.yaml deploy/compliance
mv deploy/crd/aquasecurity.github.io_clustercompliancereports.yaml deploy/compliance
./hack/update-static.yaml.sh
.PHONY: generate-all
generate-all: generate manifests
.PHONY: \
clean \
docker-build \
docker-build-trivy-operator \
docker-build-trivy-operator-ubi8 \
kind-load-images \
mkdocs-serve