tsf-cli/Makefile at main · redhat-appstudio/tsf-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
APP = tsf

BIN_DIR ?= ./bin
BIN ?= $(BIN_DIR)/$(APP)
IMAGE_FQN ?= tsf:latest

# Primary source code directories.
CMD ?= ./cmd

# Golang general flags for build and testing.
GOFLAGS ?= -v
GOFLAGS_TEST ?= -failfast -v -cover
CGO_ENABLED ?= 0
CGO_LDFLAGS ?=

# Determine the appropriate tar command based on the operating system.
UNAME_S := $(shell uname -s)
ifeq ($(UNAME_S),Darwin)
	TAR := gtar
else
	TAR := tar
endif

# Directory with the installer resources, scripts, Helm Charts, etc.
INSTALLER_DIR ?= ./installer
# Tarball with the installer resources.
INSTALLER_TARBALL ?= $(INSTALLER_DIR)/installer.tar
# Data to include in the tarball.
INSTALLER_TARBALL_DATA ?= $(shell find -L $(INSTALLER_DIR) -type f \
	! -path "$(INSTALLER_TARBALL)" \
	! -name embed.go \
)

# Version will be set at build time via git describe
VERSION ?= $(shell \
	if [ -n "$(GITHUB_REF_NAME)" ]; then echo "${GITHUB_REF_NAME}"; \
	else git describe --tags --always || echo "v0.0.0-SNAPSHOT"; \
	fi)

# Commit will be set at build time via git commit hash
COMMIT_ID ?= $(shell git rev-parse HEAD)

# Modules to ignore in govulncheck (space-separated).
GOVULNCHECK_IGNORE_MODULES ?= stdlib toolchain
# Vulnerability IDs to ignore in govulncheck (space-separated).
GOVULNCHECK_IGNORE_IDS ?= GO-2026-4514

.EXPORT_ALL_VARIABLES:

.DEFAULT_GOAL := build

#
# Help
#

# Lists available targets with descriptions (default target is marked with *).
.PHONY: help
help:
	@echo "Usage: make [target]"
	@echo ""
	@echo "Targets:"
	@echo "  build*                 Builds the application executable with installer resources embedded (default)"
	@echo "  debug                  Builds the application executable with debugging enabled"
	@echo "  run                    Runs the application (use ARGS=... for arguments)"
	@echo "  installer-tarball      Creates a tarball with all resources required for installation"
	@echo "  image                  Builds the container image (uses Podman by default)"
	@echo "  image-podman           Builds the container image with Podman"
	@echo "  lint                   Runs golangci-lint on the codebase"
	@echo "  security               Runs all security checks (govulncheck)"
	@echo "  govulncheck            Runs Go vulnerability check"
	@echo ""
	@echo "  * = default when running 'make' with no target"

#
# Build and Run
#

# Builds the application executable with installer resources embedded.
.PHONY: $(BIN)
$(BIN): installer-tarball
$(BIN):
	@echo "# Building '$(BIN)'"
	@[ -d $(BIN_DIR) ] || mkdir -p $(BIN_DIR)
	go build -ldflags "-X main.version=$(VERSION) -X main.commitID=$(COMMIT_ID)" -o $(BIN) $(CMD)

.PHONY: build
build: $(BIN)

# Builds the application executable with debugging enabled.
.PHONY: debug
debug: GOFLAGS = "-gcflags=all=-N -l"
debug: $(BIN)

# Runs the application with arbitrary ARGS.
.PHONY: run
run: installer-tarball
	go run $(CMD) $(ARGS)

#
# Installer Tarball
#

# Creates a tarball with all resources required for the installation process.
.PHONY: installer-tarball
installer-tarball: $(INSTALLER_TARBALL)
$(INSTALLER_TARBALL): $(INSTALLER_TARBALL_DATA)
	@echo "# Generating '$(INSTALLER_TARBALL)'"
	@test -f "$(INSTALLER_TARBALL)" && rm -f "$(INSTALLER_TARBALL)" || true
	@$(TAR) -C "$(INSTALLER_DIR)" -cpf "$(INSTALLER_TARBALL)" \
	$(shell echo "$(INSTALLER_TARBALL_DATA)" | sed "s:\./installer/:./:g")

#
# Container Image
#

# By default builds the container image using Podman.
image: image-podman

# Builds the container image with Podman.
image-podman:
	@echo "# Building '$(IMAGE_FQN)'..."
	podman build --build-arg COMMIT_ID=$(COMMIT_ID) --build-arg VERSION_ID=$(VERSION) --tag="$(IMAGE_FQN)" .

#
# Lint
#

# Uses golangci-lint to inspect the code base.
.PHONY: lint
lint:
	@which golangci-lint &>/dev/null || \
		go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest &>/dev/null
	golangci-lint run ./...

#
# Security
#

# Runs Go vulnerability check via govulncheck. GOFLAGS is cleared to prevent
# "-v" verbose build output from corrupting the JSON stream parsed by jq.
.PHONY: govulncheck
govulncheck: GOFLAGS =
govulncheck:
	@hack/govulncheck.sh

# Runs all security checks.
.PHONY: security
security: govulncheck