2021-02-18 10:27:10 +00:00
# set the shell to bash always
2020-12-21 19:31:28 +00:00
SHELL := /bin/bash
2021-02-18 10:27:10 +00:00
# set make and shell flags to exit on errors
MAKEFLAGS += --warn-undefined-variables
2020-12-21 19:31:28 +00:00
.SHELLFLAGS := -euo pipefail -c
2021-02-18 10:27:10 +00:00
2021-07-21 15:00:43 +00:00
ARCH = amd64 arm64
BUILD_ARGS ?=
2021-02-18 10:27:10 +00:00
# default target is build
2020-12-21 19:31:28 +00:00
.DEFAULT_GOAL := all
2021-02-18 10:27:10 +00:00
.PHONY : all
2021-07-21 15:00:43 +00:00
all : $( addprefix build -,$ ( ARCH ) )
2021-02-18 10:27:10 +00:00
# Image registry for build/push image targets
2022-01-21 20:05:37 +00:00
export IMAGE_REGISTRY ?= ghcr.io/external-secrets/external-secrets
2021-12-29 12:02:56 +00:00
2022-02-10 17:12:13 +00:00
BUNDLE_DIR ?= deploy/crds
CRD_DIR ?= config/crds
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
HELM_DIR ?= deploy/charts/external-secrets
2021-12-29 12:02:56 +00:00
TF_DIR ?= terraform
2021-02-18 10:27:10 +00:00
OUTPUT_DIR ?= bin
2020-11-23 14:21:01 +00:00
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
i f e q ( , $( shell go env GOBIN ) )
GOBIN = $( shell go env GOPATH) /bin
e l s e
GOBIN = $( shell go env GOBIN)
e n d i f
2021-02-18 10:27:10 +00:00
# check if there are any existing `git tag` values
i f e q ( $( shell git tag ) , )
# no tags found - default to initial tag `v0.0.0`
2022-01-21 20:05:37 +00:00
export VERSION := $( shell echo " v0.0.0- $$ (git rev-list HEAD --count)-g $$ (git describe --dirty --always) " | sed 's/-/./2' | sed 's/-/./2' )
2021-02-18 10:27:10 +00:00
e l s e
# use tags
2022-01-21 20:05:37 +00:00
export VERSION := $( shell git describe --dirty --always --tags --exclude 'helm*' | sed 's/-/./2' | sed 's/-/./2' )
2021-02-18 10:27:10 +00:00
e n d i f
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Colors
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
BLUE := $( shell printf "\033[34m" )
YELLOW := $( shell printf "\033[33m" )
RED := $( shell printf "\033[31m" )
GREEN := $( shell printf "\033[32m" )
CNone := $( shell printf "\033[0m" )
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Logger
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
TIME_LONG = ` date +%Y-%m-%d' ' %H:%M:%S`
TIME_SHORT = ` date +%H:%M:%S`
TIME = $( TIME_SHORT)
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
INFO = echo ${ TIME } ${ BLUE } [ .. ] ${ CNone }
WARN = echo ${ TIME } ${ YELLOW } [ WARN] ${ CNone }
ERR = echo ${ TIME } ${ RED } [ FAIL] ${ CNone }
OK = echo ${ TIME } ${ GREEN } [ OK ] ${ CNone }
FAIL = ( echo ${ TIME } ${ RED } [ FAIL] ${ CNone } && false )
2020-11-23 14:21:01 +00:00
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Conformance
2020-11-23 14:21:01 +00:00
2021-10-25 18:06:11 +00:00
reviewable : generate helm .generate lint ## Ensure a PR is ready for review.
2021-02-18 10:27:10 +00:00
@go mod tidy
2021-10-25 18:06:11 +00:00
check-diff : reviewable ## Ensure branch is clean.
2021-02-18 10:27:10 +00:00
@$( INFO) checking that branch is clean
2021-05-18 16:37:16 +00:00
@test -z " $$ (git status --porcelain) " || ( echo " $$ (git status --porcelain) " && $( FAIL) )
2021-02-18 10:27:10 +00:00
@$( OK) branch is clean
# ====================================================================================
# Golang
.PHONY : test
test : generate ## Run tests
@$( INFO) go test unit-tests
2021-07-12 18:27:48 +00:00
go test -race -v $( shell go list ./... | grep -v e2e) -coverprofile cover.out
2021-04-24 23:39:06 +00:00
@$( OK) go test unit-tests
.PHONY : test .e 2e
test.e2e : generate ## Run e2e tests
@$( INFO) go test e2e-tests
$( MAKE) -C ./e2e test
2022-01-21 20:05:37 +00:00
@$( OK) go test e2e-tests
2021-02-18 10:27:10 +00:00
2021-12-29 12:02:56 +00:00
.PHONY : test .e 2e .managed
2022-01-21 20:05:37 +00:00
test.e2e.managed : generate ## Run e2e tests managed
@$( INFO) go test e2e-tests-managed
2021-12-29 12:02:56 +00:00
$( MAKE) -C ./e2e test.managed
2022-01-21 20:05:37 +00:00
@$( OK) go test e2e-tests-managed
2021-12-29 12:02:56 +00:00
2021-02-18 10:27:10 +00:00
.PHONY : build
2022-01-17 20:44:33 +00:00
build : $( addprefix build -,$ ( ARCH ) ) ## Build binary
2021-07-21 15:00:43 +00:00
.PHONY : build -%
build-% : generate ## Build binary for the specified arch
@$( INFO) go build $*
@CGO_ENABLED= 0 GOOS = linux GOARCH = $* \
go build -o '$(OUTPUT_DIR)/external-secrets-linux-$*' main.go
2022-02-13 12:14:41 +00:00
@$( OK) go build $*
2020-11-23 14:21:01 +00:00
2021-10-25 18:06:11 +00:00
lint.check : ## Check install of golanci-lint
2020-12-21 19:31:28 +00:00
@if ! golangci-lint --version > /dev/null 2>& 1; then \
2021-07-23 15:58:22 +00:00
echo -e "\033[0;33mgolangci-lint is not installed: run \`\033[0;32mmake lint.install\033[0m\033[0;33m\` or install it from https://golangci-lint.run\033[0m" ; \
2020-12-21 19:31:28 +00:00
exit 1; \
fi
2021-10-25 18:06:11 +00:00
lint.install : ## Install golangci-lint to the go bin dir
2020-12-21 19:31:28 +00:00
@if ! golangci-lint --version > /dev/null 2>& 1; then \
echo "Installing golangci-lint" ; \
2021-10-27 21:35:55 +00:00
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $( GOBIN) v1.42.1; \
2020-12-21 19:31:28 +00:00
fi
2021-10-25 18:06:11 +00:00
lint : lint .check ## Run golangci-lint
2020-12-21 19:31:28 +00:00
@if ! golangci-lint run; then \
echo -e "\033[0;33mgolangci-lint failed: some checks can be fixed with \`\033[0;32mmake fmt\033[0m\033[0;33m\`\033[0m" ; \
exit 1; \
fi
2021-10-20 23:21:21 +00:00
@$( OK) Finished linting
2020-12-21 19:31:28 +00:00
2021-10-25 18:06:11 +00:00
fmt : lint .check ## Ensure consistent code style
2021-02-18 10:27:10 +00:00
@go mod tidy
@go fmt ./...
@golangci-lint run --fix > /dev/null 2>& 1 || true
@$( OK) Ensured consistent code style
2020-12-22 19:12:39 +00:00
2021-03-27 22:14:54 +00:00
generate : ## Generate code and crds
@go run sigs.k8s.io/controller-tools/cmd/controller-gen object:headerFile= "hack/boilerplate.go.txt" paths = "./..."
2022-02-10 17:12:13 +00:00
@go run sigs.k8s.io/controller-tools/cmd/controller-gen crd paths = "./..." output:crd:artifacts:config= $( CRD_DIR) /bases
2021-02-18 10:27:10 +00:00
# Remove extra header lines in generated CRDs
2022-02-10 17:12:13 +00:00
@for i in $( CRD_DIR) /bases/*.yaml; do \
2022-01-17 20:44:33 +00:00
tail -n +2 <" $$ i " >" $$ i.bkp " && \
2021-02-18 10:27:10 +00:00
cp " $$ i.bkp " " $$ i " && \
rm " $$ i.bkp " ; \
done
2022-02-11 11:18:39 +00:00
@yq e '.spec.conversion.strategy = "Webhook" | .spec.conversion.webhook.conversionReviewVersions = ["v1"] | .spec.conversion.webhook.clientConfig.caBundle = "Cg==" | .spec.conversion.webhook.clientConfig.service.name = "kubernetes" | .spec.conversion.webhook.clientConfig.service.namespace = "default" | .spec.conversion.webhook.clientConfig.service.path = "/convert"' $( CRD_DIR) /bases/* > $( BUNDLE_DIR) /bundle.yaml
2021-03-27 22:14:54 +00:00
@$( OK) Finished generating deepcopy and crds
2020-12-21 19:31:28 +00:00
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Local Utility
# This is for running out-of-cluster locally, and is for convenience.
# For more control, try running the binary directly with different arguments.
2021-10-25 18:06:11 +00:00
run : generate ## Run app locally (without a k8s cluster)
2021-02-18 10:27:10 +00:00
go run ./main.go
2021-10-25 18:06:11 +00:00
manifests : helm .generate ## Generate manifests from helm chart
2021-03-27 22:14:54 +00:00
mkdir -p $( OUTPUT_DIR) /deploy/manifests
helm template external-secrets $( HELM_DIR) -f deploy/manifests/helm-values.yaml > $( OUTPUT_DIR) /deploy/manifests/external-secrets.yaml
2021-10-25 18:06:11 +00:00
crds.install : generate ## Install CRDs into a cluster. This is for convenience
2022-02-10 20:00:52 +00:00
kubectl apply -f $( BUNDLE_DIR)
2021-02-18 10:27:10 +00:00
2021-10-25 18:06:11 +00:00
crds.uninstall : ## Uninstall CRDs from a cluster. This is for convenience
2022-02-10 20:00:52 +00:00
kubectl delete -f $( BUNDLE_DIR)
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Helm Chart
helm.docs : ## Generate helm docs
2021-05-27 18:09:10 +00:00
@cd $( HELM_DIR) ; \
docker run --rm -v $( shell pwd ) /$( HELM_DIR) :/helm-docs -u $( shell id -u) jnorwood/helm-docs:v1.5.0
2021-02-18 10:27:10 +00:00
2021-03-27 22:14:54 +00:00
HELM_VERSION ?= $( shell helm show chart $( HELM_DIR) | grep 'version:' | sed 's/version: //g' )
2021-02-18 10:27:10 +00:00
helm.build : helm .generate ## Build helm chart
@$( INFO) helm package
@helm package $( HELM_DIR) --dependency-update --destination $( OUTPUT_DIR) /chart
2021-03-27 22:14:54 +00:00
@mv $( OUTPUT_DIR) /chart/external-secrets-$( HELM_VERSION) .tgz $( OUTPUT_DIR) /chart/external-secrets.tgz
2021-02-18 10:27:10 +00:00
@$( OK) helm package
2022-03-28 12:36:33 +00:00
helm.generate :
# Split the generated bundle yaml file to inject control flags
@for i in $( BUNDLE_DIR) /*.yaml; do \
yq -Ns '"$(HELM_DIR)/templates/crds/" + .spec.names.singular' " $$ i " ; \
done
2021-02-18 10:27:10 +00:00
# Add helm if statement for controlling the install of CRDs
2022-03-28 12:36:33 +00:00
@for i in $( HELM_DIR) /templates/crds/*.yml; do \
2022-03-29 00:22:50 +00:00
export CRDS_FLAG_NAME = " create $$ (yq '.spec.names.kind' $$ i) " ; \
cp " $$ i " " $$ i.bkp " ; \
if [ [ " $$ CRDS_FLAG_NAME " = = *"Cluster" * ] ] ; then \
echo " {{- if and (.Values.installCRDs) (.Values.crds. $$ CRDS_FLAG_NAME) }} " > " $$ i " ; \
else \
echo "{{- if .Values.installCRDs }}" > " $$ i " ; \
fi ; \
2021-02-18 10:27:10 +00:00
cat " $$ i.bkp " >> " $$ i " && \
echo "{{- end }}" >> " $$ i " && \
2022-03-28 12:36:33 +00:00
rm " $$ i.bkp " && \
mv " $$ i " " $$ {i%.yml}.yaml " ; \
2021-02-18 10:27:10 +00:00
done
@$( OK) Finished generating helm chart files
2021-03-01 07:31:02 +00:00
# ====================================================================================
# Documentation
.PHONY : docs
2021-10-25 18:06:11 +00:00
docs : generate ## Generate docs
2021-03-01 07:31:02 +00:00
$( MAKE) -C ./hack/api-docs build
2022-02-01 13:44:34 +00:00
.PHONY : docs .publish
docs.publish : generate ## Generate and deploys docs
$( MAKE) -C ./hack/api-docs build.publish
2022-02-08 10:00:10 +00:00
.PHONY : docs .serve
docs.serve : ## Serve docs
2021-03-01 07:31:02 +00:00
$( MAKE) -C ./hack/api-docs serve
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Build Artifacts
2021-10-25 21:12:11 +00:00
build.all : docker .build helm .build ## Build all artifacts (docker image, helm chart)
2021-02-18 10:27:10 +00:00
2021-07-21 15:00:43 +00:00
docker.build : $( addprefix build -,$ ( ARCH ) ) ## Build the docker image
2021-02-18 10:27:10 +00:00
@$( INFO) docker build
2021-03-21 21:39:26 +00:00
@docker build . $( BUILD_ARGS) -t $( IMAGE_REGISTRY) :$( VERSION)
2021-02-18 10:27:10 +00:00
@$( OK) docker build
2021-10-25 18:06:11 +00:00
docker.push : ## Push the docker image to the registry
2021-02-18 10:27:10 +00:00
@$( INFO) docker push
@docker push $( IMAGE_REGISTRY) :$( VERSION)
@$( OK) docker push
2022-01-21 20:05:37 +00:00
# RELEASE_TAG is tag to promote. Default is promoting to main branch, but can be overriden
2021-02-18 10:27:10 +00:00
# to promote a tag to a specific version.
RELEASE_TAG ?= main
SOURCE_TAG ?= $( VERSION)
2021-10-25 18:06:11 +00:00
docker.promote : ## Promote the docker image to the registry
2021-07-21 15:00:43 +00:00
@$( INFO) promoting $( SOURCE_TAG) to $( RELEASE_TAG)
docker manifest inspect $( IMAGE_REGISTRY) :$( SOURCE_TAG) > .tagmanifest
for digest in $$ ( jq -r '.manifests[].digest' < .tagmanifest) ; do \
docker pull $( IMAGE_REGISTRY) @$$ digest; \
done
docker manifest create $( IMAGE_REGISTRY) :$( RELEASE_TAG) \
$$ ( jq -j '"--amend $(IMAGE_REGISTRY)@" + .manifests[].digest + " "' < .tagmanifest)
docker manifest push $( IMAGE_REGISTRY) :$( RELEASE_TAG)
@$( OK) docker push $( RELEASE_TAG) \
2021-02-18 10:27:10 +00:00
2022-03-19 20:07:50 +00:00
docker.sign : ## Sign
@$( INFO) signing $( IMAGE_REGISTRY) :$( RELEASE_TAG)
crane digest $( IMAGE_REGISTRY) :$( RELEASE_TAG) > .digest
cosign sign $( IMAGE_REGISTRY) @$$ ( cat .digest)
@$( OK) cosign sign $( IMAGE_REGISTRY) :$( RELEASE_TAG)
2021-12-29 12:02:56 +00:00
# ====================================================================================
# Terraform
2022-01-21 20:05:37 +00:00
tf.plan.% : ## Runs terrform plan for a provider
@cd $( TF_DIR) /$* ; \
2021-12-29 12:02:56 +00:00
terraform init; \
2022-01-21 20:05:37 +00:00
terraform plan
2021-12-29 12:02:56 +00:00
2022-01-21 20:05:37 +00:00
tf.apply.% : ## Runs terrform apply for a provider
@cd $( TF_DIR) /$* ; \
2021-12-29 12:02:56 +00:00
terraform init; \
terraform apply -auto-approve
2022-01-21 20:05:37 +00:00
tf.destroy.% : ## Runs terrform destroy for a provider
@cd $( TF_DIR) /$* ; \
2021-12-29 12:02:56 +00:00
terraform init; \
terraform destroy -auto-approve
2022-01-21 20:05:37 +00:00
tf.show.% : ## Runs terrform show for a provider and outputs to a file
@cd $( TF_DIR) /$* ; \
2021-12-29 12:02:56 +00:00
terraform init; \
terraform plan -out tfplan.binary; \
terraform show -json tfplan.binary > plan.json
2021-02-18 10:27:10 +00:00
# ====================================================================================
# Help
# only comments after make target name are shown as help text
2021-10-25 18:06:11 +00:00
help : ## Displays this help message
2021-02-18 10:27:10 +00:00
@echo -e " $$ (grep -hE '^\S+:.*##' $( MAKEFILE_LIST) | sed -e 's/:.*##\s*/:/' -e 's/^\(.\+\):\(.*\)/\\x1b[36m\1\\x1b[m:\2/' | column -c2 -t -s : | sort) "