Text file src/github.com/sigstore/rekor/Makefile

Documentation: github.com/sigstore/rekor

     1#
     2# Copyright 2021 The Sigstore Authors.
     3#
     4# Licensed under the Apache License, Version 2.0 (the "License");
     5# you may not use this file except in compliance with the License.
     6# You may obtain a copy of the License at
     7#
     8#     http://www.apache.org/licenses/LICENSE-2.0
     9#
    10# Unless required by applicable law or agreed to in writing, software
    11# distributed under the License is distributed on an "AS IS" BASIS,
    12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13# See the License for the specific language governing permissions and
    14# limitations under the License.
    15
    16.PHONY: all test clean clean-gen lint gosec ko ko-local cross-cli gocovmerge
    17
    18all: rekor-cli rekor-server
    19
    20include Makefile.swagger
    21
    22OPENAPIDEPS = openapi.yaml $(shell find pkg/types -iname "*.json")
    23SRCS = $(shell find cmd -iname "*.go") $(shell find pkg -iname "*.go"|grep -v pkg/generated) pkg/generated/restapi/configure_rekor_server.go $(SWAGGER_GEN)
    24TOOLS_DIR := hack/tools
    25TOOLS_BIN_DIR := $(abspath $(TOOLS_DIR)/bin)
    26BIN_DIR := $(abspath $(ROOT_DIR)/bin)
    27FUZZ_DURATION ?= 10s
    28
    29PROJECT_ID ?= projectsigstore
    30RUNTIME_IMAGE ?= gcr.io/distroless/static
    31# Set version variables for LDFLAGS
    32GIT_VERSION ?= $(shell git describe --tags --always --dirty)
    33GIT_HASH ?= $(shell git rev-parse HEAD)
    34DATE_FMT = +%Y-%m-%dT%H:%M:%SZ
    35SOURCE_DATE_EPOCH ?= $(shell git log -1 --pretty=%ct)
    36ifdef SOURCE_DATE_EPOCH
    37    BUILD_DATE ?= $(shell date -u -d "@$(SOURCE_DATE_EPOCH)" "$(DATE_FMT)" 2>/dev/null || date -u -r "$(SOURCE_DATE_EPOCH)" "$(DATE_FMT)" 2>/dev/null || date -u "$(DATE_FMT)")
    38else
    39    BUILD_DATE ?= $(shell date "$(DATE_FMT)")
    40endif
    41GIT_TREESTATE = "clean"
    42DIFF = $(shell git diff --quiet >/dev/null 2>&1; if [ $$? -eq 1 ]; then echo "1"; fi)
    43ifeq ($(DIFF), 1)
    44    GIT_TREESTATE = "dirty"
    45endif
    46
    47KO_PREFIX ?= gcr.io/projectsigstore
    48export KO_DOCKER_REPO=$(KO_PREFIX)
    49REKOR_YAML ?= rekor-$(GIT_VERSION).yaml
    50GHCR_PREFIX ?= ghcr.io/sigstore/rekor
    51GOBIN ?= $(shell go env GOPATH)/bin
    52
    53# Binaries
    54SWAGGER := $(TOOLS_BIN_DIR)/swagger
    55GO-FUZZ-BUILD := $(TOOLS_BIN_DIR)/go-fuzz-build
    56GOCOVMERGE := $(TOOLS_BIN_DIR)/gocovmerge
    57
    58REKOR_LDFLAGS=-X sigs.k8s.io/release-utils/version.gitVersion=$(GIT_VERSION) \
    59              -X sigs.k8s.io/release-utils/version.gitCommit=$(GIT_HASH) \
    60              -X sigs.k8s.io/release-utils/version.gitTreeState=$(GIT_TREESTATE) \
    61              -X sigs.k8s.io/release-utils/version.buildDate=$(BUILD_DATE)
    62
    63CLI_LDFLAGS=$(REKOR_LDFLAGS)
    64SERVER_LDFLAGS=$(REKOR_LDFLAGS)
    65
    66Makefile.swagger: $(SWAGGER) $(OPENAPIDEPS)
    67	$(SWAGGER) validate openapi.yaml
    68	$(SWAGGER) generate client -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --additional-initialism=TUF --additional-initialism=DSSE
    69	$(SWAGGER) generate server -f openapi.yaml -q -r COPYRIGHT.txt -t pkg/generated --exclude-main -A rekor_server --flag-strategy=pflag --default-produces application/json --additional-initialism=TUF --additional-initialism=DSSE
    70	@echo "# This file is generated after swagger runs as part of the build; do not edit!" > Makefile.swagger
    71	@echo "SWAGGER_GEN=`find pkg/generated/client pkg/generated/models pkg/generated/restapi -iname '*.go' | grep -v 'configure_rekor_server' | sort -d | tr '\n' ' ' | sed 's/ $$//'`" >> Makefile.swagger;
    72
    73lint:
    74	$(GOBIN)/golangci-lint run -v ./...
    75
    76gosec:
    77	$(GOBIN)/gosec ./...
    78
    79rekor-cli: $(SRCS)
    80	CGO_ENABLED=0 go build -trimpath -ldflags "$(CLI_LDFLAGS)" -o rekor-cli ./cmd/rekor-cli
    81
    82rekor-server: $(SRCS)
    83	CGO_ENABLED=0 go build -trimpath -ldflags "$(SERVER_LDFLAGS)" -o rekor-server ./cmd/rekor-server
    84
    85backfill-redis: $(SRCS)
    86	CGO_ENABLED=0 go build -trimpath -ldflags "$(SERVER_LDFLAGS)" -o backfill-redis ./cmd/backfill-redis
    87
    88test:
    89	go test ./...
    90
    91gocovmerge: $(GOCOVMERGE)
    92
    93clean:
    94	rm -rf dist
    95	rm -rf hack/tools/bin
    96	rm -rf rekor-cli rekor-server
    97	rm -f *fuzz.zip
    98
    99clean-gen: clean
   100	rm -rf $(SWAGGER_GEN)
   101
   102up:
   103	docker-compose -f docker-compose.yml build --build-arg SERVER_LDFLAGS="$(SERVER_LDFLAGS)"
   104	docker-compose -f docker-compose.yml up
   105
   106debug:
   107	docker-compose -f docker-compose.yml -f docker-compose.debug.yml build --build-arg SERVER_LDFLAGS="$(SERVER_LDFLAGS)" rekor-server-debug
   108	docker-compose -f docker-compose.yml -f docker-compose.debug.yml up rekor-server-debug
   109
   110ko:
   111	# rekor-server
   112	LDFLAGS="$(SERVER_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   113	KO_DOCKER_REPO=$(KO_PREFIX)/rekor-server ko resolve --bare \
   114		--platform=all --tags $(GIT_VERSION) --tags $(GIT_HASH) \
   115		--image-refs rekorServerImagerefs --filename config/ > $(REKOR_YAML)
   116
   117	# rekor-cli
   118	LDFLAGS="$(CLI_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   119	ko publish --base-import-paths \
   120		--platform=all --tags $(GIT_VERSION) --tags $(GIT_HASH) \
   121		--image-refs rekorCliImagerefs github.com/sigstore/rekor/cmd/rekor-cli
   122
   123	# backfill-redis
   124	LDFLAGS="$(SERVER_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   125	ko publish --base-import-paths \
   126		--platform=all --tags $(GIT_VERSION) --tags $(GIT_HASH) \
   127		--image-refs bRedisImagerefs github.com/sigstore/rekor/cmd/backfill-redis
   128
   129deploy:
   130	LDFLAGS="$(SERVER_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) ko apply -f config/
   131
   132e2e:
   133	go test -c -tags=e2e ./tests
   134	go test -c -tags=e2e ./pkg/pki/x509
   135	go test -c -tags=e2e ./pkg/pki/tuf
   136	go test -c -tags=e2e ./pkg/types/rekord
   137
   138.PHONY: sign-keyless-ci
   139sign-keyless-ci: ko
   140	cosign sign --yes -a GIT_HASH=$(GIT_HASH) $(KO_DOCKER_REPO)/rekor-server:$(GIT_HASH)
   141	cosign sign --yes -a GIT_HASH=$(GIT_HASH) $(KO_DOCKER_REPO)/rekor-cli:$(GIT_HASH)
   142
   143.PHONY: ko-local
   144ko-local:
   145	KO_DOCKER_REPO=ko.local LDFLAGS="$(SERVER_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   146	ko publish --base-import-paths \
   147		--tags $(GIT_VERSION) --tags $(GIT_HASH) --image-refs rekorImagerefs \
   148		github.com/sigstore/rekor/cmd/rekor-server
   149
   150	KO_DOCKER_REPO=ko.local LDFLAGS="$(CLI_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   151	ko publish --base-import-paths \
   152		--tags $(GIT_VERSION) --tags $(GIT_HASH) --image-refs cliImagerefs \
   153		github.com/sigstore/rekor/cmd/rekor-cli
   154
   155	KO_DOCKER_REPO=ko.local LDFLAGS="$(SERVER_LDFLAGS)" GIT_HASH=$(GIT_HASH) GIT_VERSION=$(GIT_VERSION) \
   156	ko publish --base-import-paths \
   157		--tags $(GIT_VERSION) --tags $(GIT_HASH) --image-refs redisImagerefs \
   158		github.com/sigstore/rekor/cmd/backfill-redis
   159
   160.PHONY: fuzz
   161# This runs the fuzz tests for a short period of time to ensure they don't crash.
   162fuzz:
   163	go test -fuzz FuzzCreateEntryIDFromParts -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   164	go test -fuzz FuzzGetUUIDFromIDString -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   165	go test -fuzz FuzzGetTreeIDFromIDString -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   166	go test -fuzz FuzzPadToTreeIDLen -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   167	go test -fuzz FuzzReturnEntryIDString -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   168	go test -fuzz FuzzTreeID -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   169	go test -fuzz FuzzValidateUUID -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   170	go test -fuzz FuzzValidateTreeID -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   171	go test -fuzz FuzzValidateEntryID -fuzztime $(FUZZ_DURATION) ./pkg/sharding
   172
   173## --------------------------------------
   174## Tooling Binaries
   175## --------------------------------------
   176
   177$(GO-FUZZ-BUILD): $(TOOLS_DIR)/go.mod
   178	cd $(TOOLS_DIR); go build -trimpath -tags=tools -o $(TOOLS_BIN_DIR)/go-fuzz-build github.com/dvyukov/go-fuzz/go-fuzz-build
   179
   180$(SWAGGER): $(TOOLS_DIR)/go.mod
   181	cd $(TOOLS_DIR); go build -trimpath -tags=tools -o $(TOOLS_BIN_DIR)/swagger github.com/go-swagger/go-swagger/cmd/swagger
   182
   183$(GOCOVMERGE): $(TOOLS_DIR)/go.mod
   184	cd $(TOOLS_DIR); go build -trimpath -tags=tools -o $(TOOLS_BIN_DIR)/gocovmerge github.com/wadey/gocovmerge
   185
   186##################
   187# help
   188##################
   189
   190help: # Display help
   191	@awk -F ':|##' \
   192		'/^[^\t].+?:.*?##/ (\
   193			printf "\033[36m%-30s\033[0m %s\n", $$1, $$NF \
   194		)' $(MAKEFILE_LIST) | sort
   195
   196include release/release.mk

View as plain text