forked from Talend/vault-sidecar-injector
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakefile
135 lines (121 loc) · 4.98 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
SHELL=/bin/bash
RELEASE_VERSION:=$(shell cat VERSION_RELEASE)
OVAI_VERSION:=$(shell cat VERSION_OVAI)
CHART_VERSION:=$(shell cat VERSION_CHART)
OWNER:=asaintsever
REPO:=open-vault-agent-injector
TARGET_WEBHOOK:=target/vaultinjector-webhook
TARGET_ENV:=target/vaultinjector-env
IMAGE_FQIN:=asaintsever/open-vault-agent-injector
# Inject OVAI version into code at build time
LDFLAGS=-ldflags "-X=main.VERSION=$(OVAI_VERSION)"
.SILENT: ; # No need for @
.ONESHELL: ; # Single shell for a target (required to properly use local variables)
.PHONY: all clean test build-ovai-webhook build-ovai-env build package image image-from-build release
.DEFAULT_GOAL := build
all: release
clean:
rm -f target/*
test: # for detailed outputs, run 'make test VERBOSE=true'
if [ -z ${OFFLINE} ] || [ ${OFFLINE} != true ];then \
echo "Running tests ..."; \
echo ">> for detailed outputs, run 'make test VERBOSE=true' <<"; \
go test -mod=mod -v ./...; \
else \
echo "Running tests using local vendor folder (ie offline build) ..."; \
echo ">> for detailed outputs, run 'make test VERBOSE=true' <<"; \
go test -mod=vendor -v ./...; \
fi
build-ovai-webhook: clean test # run 'make build-ovai-webhook OFFLINE=true' to build from vendor folder
if [ -z ${OFFLINE} ] || [ ${OFFLINE} != true ];then \
echo "Building ovai-webhook ..."; \
GOOS=linux GOARCH=amd64 go build $(LDFLAGS) -mod=mod -a -o $(TARGET_WEBHOOK) ./cmd/vaultinjector-webhook; \
else \
echo "Building ovai-webhook using local vendor folder (ie offline build) ..."; \
GOOS=linux GOARCH=amd64 go build $(LDFLAGS) -mod=vendor -a -o $(TARGET_WEBHOOK) ./cmd/vaultinjector-webhook; \
fi
cd target && sha512sum vaultinjector-webhook > vaultinjector-webhook.sha512
build-ovai-env: # run 'make build-ovai-env OFFLINE=true' to build from vendor folder
if [ -z ${OFFLINE} ] || [ ${OFFLINE} != true ];then \
echo "Building ovai-env ..."; \
GOOS=linux GOARCH=amd64 go build -mod=mod -a -o $(TARGET_ENV) ./cmd/vaultinjector-env; \
else \
echo "Building ovai-env using local vendor folder (ie offline build) ..."; \
GOOS=linux GOARCH=amd64 go build -mod=vendor -a -o $(TARGET_ENV) ./cmd/vaultinjector-env; \
fi
cd target && sha512sum vaultinjector-env > vaultinjector-env.sha512
build: build-ovai-webhook build-ovai-env
package:
set -e
mkdir -p target && cd target
echo "Archive Helm chart ..."
mkdir -p open-vault-agent-injector && cp -R ../README.md ../deploy/helm/* ./open-vault-agent-injector
sed -i "s/version: 0.0.0/version: ${CHART_VERSION}/;s/appVersion: 0.0.0/appVersion: ${OVAI_VERSION}/" ./open-vault-agent-injector/Chart.yaml
sed -i "s/tag: \"latest\" # OVAI image tag/tag: \"${OVAI_VERSION}\" # OVAI image tag/" ./open-vault-agent-injector/values.yaml
helm package open-vault-agent-injector
rm -R open-vault-agent-injector
helm lint ./open-vault-agent-injector-*.tgz --debug
image:
echo "Build image using Go container and multi-stage build ..."
docker build -t ${IMAGE_FQIN}:${OVAI_VERSION} .
docker tag ${IMAGE_FQIN}:${OVAI_VERSION} ${IMAGE_FQIN}
image-from-build: build
echo "Build image from local build ..."
docker build -f Dockerfile.local -t ${IMAGE_FQIN}:${OVAI_VERSION} .
docker tag ${IMAGE_FQIN}:${OVAI_VERSION} ${IMAGE_FQIN}
release: image-from-build package
read -p "Publish image (y/n)? " answer
case $$answer in \
y|Y ) \
docker login; \
docker push ${IMAGE_FQIN}:${OVAI_VERSION}; \
if [ "$$?" -ne 0 ]; then \
echo "Unable to publish image"; \
exit 1; \
fi; \
;; \
* ) \
echo "Image not published"; \
;; \
esac
cd target
echo "Releasing artifacts ..."
read -p "- Github user name to use for release: " username
echo "- Creating release"
id=$$(curl -u $$username -s -X POST "https://api.github.com/repos/${OWNER}/${REPO}/releases" -d '{"tag_name": "v'${RELEASE_VERSION}'", "name": "v'${RELEASE_VERSION}'", "draft": true, "body": ""}' | jq '.id')
if [ "$$?" -ne 0 ]; then \
echo "Unable to create release"; \
echo $$id; \
exit 1; \
fi
echo "- Release id=$$id"
echo
echo "- Publishing release binary"
for asset_file in $(shell ls ./target); do \
asset_absolute_path=$$(realpath $$asset_file); \
echo "Adding file $$asset_absolute_path"; \
echo; \
asset_filename=$$(basename $$asset_absolute_path); \
curl -u $$username -s --data-binary @"$$asset_absolute_path" -H "Content-Type: application/octet-stream" "https://uploads.github.com/repos/${OWNER}/${REPO}/releases/$$id/assets?name=$$asset_filename"; \
if [ "$$?" -ne 0 ]; then \
echo "Unable to publish binary $$asset_absolute_path"; \
exit 1; \
fi; \
echo; \
done
echo
echo
read -p "- Confirm release ok at https://api.github.com/repos/${OWNER}/${REPO}/releases/$$id (y/[n])? " answer
case $$answer in \
y|Y ) \
curl -u $$username -s -X PATCH "https://api.github.com/repos/${OWNER}/${REPO}/releases/$$id" -d '{"draft": false}'; \
if [ "$$?" -ne 0 ]; then \
echo "Unable to finish release"; \
exit 1; \
fi; \
;; \
* ) \
curl -u $$username -s -X DELETE "https://api.github.com/repos/${OWNER}/${REPO}/releases/$$id"; \
echo "Aborted"; \
;; \
esac