2022-08-31 04:22:46 +00:00
.DEFAULT_GOAL : build -all
2019-05-29 21:44:21 +00:00
2022-08-30 15:30:28 +00:00
############
# DEFAULTS #
############
GIT_VERSION := $( shell git describe --match "v[0-9]*" --tags $( git rev-list --tags --max-count= 1) )
GIT_VERSION_DEV := $( shell git describe --match "[0-9].[0-9]-dev*" )
GIT_BRANCH := $( shell git branch | grep \* | cut -d ' ' -f2)
GIT_HASH := $( GIT_BRANCH) /$( shell git log -1 --pretty= format:"%H" )
TIMESTAMP := $( shell date '+%Y-%m-%d_%I:%M:%S%p' )
VERSION ?= $( shell git describe --match "v[0-9]*" )
REGISTRY ?= ghcr.io
REPO = $( REGISTRY) /kyverno
IMAGE_TAG_LATEST_DEV = $( shell git describe --match "[0-9].[0-9]-dev*" | cut -d '-' -f-2)
IMAGE_TAG_DEV = $( GIT_VERSION_DEV)
IMAGE_TAG ?= $( GIT_VERSION)
K8S_VERSION ?= $( shell kubectl version --short | grep -i server | cut -d" " -f3 | cut -c2-)
TEST_GIT_BRANCH ?= main
KIND_IMAGE ?= kindest/node:v1.24.0
2022-08-31 08:06:12 +00:00
KIND_NAME ?= kind
2022-08-31 04:22:46 +00:00
GOOS ?= $( shell go env GOOS)
GOARCH ?= $( shell go env GOARCH)
2022-03-07 09:43:36 +00:00
2022-08-25 16:59:24 +00:00
#########
# TOOLS #
#########
TOOLS_DIR := $( PWD) /.tools
KIND := $( TOOLS_DIR) /kind
KIND_VERSION := v0.14.0
CONTROLLER_GEN := $( TOOLS_DIR) /controller-gen
CONTROLLER_GEN_VERSION := v0.9.1-0.20220629131006-1878064c4cdf
2022-09-01 06:14:56 +00:00
CLIENT_GEN := $( TOOLS_DIR) /client-gen
LISTER_GEN := $( TOOLS_DIR) /lister-gen
INFORMER_GEN := $( TOOLS_DIR) /informer-gen
CODE_GEN_VERSION := v0.19.0
2022-08-25 16:59:24 +00:00
GEN_CRD_API_REFERENCE_DOCS := $( TOOLS_DIR) /gen-crd-api-reference-docs
GEN_CRD_API_REFERENCE_DOCS_VERSION := latest
GO_ACC := $( TOOLS_DIR) /go-acc
GO_ACC_VERSION := latest
KUSTOMIZE := $( TOOLS_DIR) /kustomize
KUSTOMIZE_VERSION := latest
GOIMPORTS := $( TOOLS_DIR) /goimports
GOIMPORTS_VERSION := latest
HELM_DOCS := $( TOOLS_DIR) /helm-docs
2022-09-01 23:03:14 +00:00
HELM_DOCS_VERSION := v1.11.0
2022-08-25 16:59:24 +00:00
KO := $( TOOLS_DIR) /ko
KO_VERSION := v0.12.0
2022-09-01 06:14:56 +00:00
TOOLS := $( KIND) $( CONTROLLER_GEN) $( CLIENT_GEN) $( LISTER_GEN) $( INFORMER_GEN) $( GEN_CRD_API_REFERENCE_DOCS) $( GO_ACC) $( KUSTOMIZE) $( GOIMPORTS) $( HELM_DOCS) $( KO)
2022-08-30 14:06:30 +00:00
i f e q ( $( GOOS ) , d a r w i n )
SED := gsed
e l s e
SED := sed
e n d i f
2022-08-25 16:59:24 +00:00
$(KIND) :
@GOBIN= $( TOOLS_DIR) go install sigs.k8s.io/kind@$( KIND_VERSION)
$(CONTROLLER_GEN) :
@GOBIN= $( TOOLS_DIR) go install sigs.k8s.io/controller-tools/cmd/controller-gen@$( CONTROLLER_GEN_VERSION)
2022-09-01 06:14:56 +00:00
$(CLIENT_GEN) :
@GOBIN= $( TOOLS_DIR) go install k8s.io/code-generator/cmd/client-gen@$( CODE_GEN_VERSION)
$(LISTER_GEN) :
@GOBIN= $( TOOLS_DIR) go install k8s.io/code-generator/cmd/lister-gen@$( CODE_GEN_VERSION)
$(INFORMER_GEN) :
@GOBIN= $( TOOLS_DIR) go install k8s.io/code-generator/cmd/informer-gen@$( CODE_GEN_VERSION)
2022-08-25 16:59:24 +00:00
$(GEN_CRD_API_REFERENCE_DOCS) :
@GOBIN= $( TOOLS_DIR) go install github.com/ahmetb/gen-crd-api-reference-docs@$( GEN_CRD_API_REFERENCE_DOCS_VERSION)
$(GO_ACC) :
@GOBIN= $( TOOLS_DIR) go install github.com/ory/go-acc@$( GO_ACC_VERSION)
$(KUSTOMIZE) :
@GOBIN= $( TOOLS_DIR) go install sigs.k8s.io/kustomize/kustomize/v4@$( KUSTOMIZE_VERSION)
$(GOIMPORTS) :
@GOBIN= $( TOOLS_DIR) go install golang.org/x/tools/cmd/goimports@$( GOIMPORTS_VERSION)
$(HELM_DOCS) :
@GOBIN= $( TOOLS_DIR) go install github.com/norwoodj/helm-docs/cmd/helm-docs@$( HELM_DOCS_VERSION)
$(KO) :
@GOBIN= $( TOOLS_DIR) go install github.com/google/ko@$( KO_VERSION)
.PHONY : install -tools
install-tools : $( TOOLS ) ## Install tools
.PHONY : clean -tools
2022-08-30 15:30:28 +00:00
clean-tools : ## Remove installed tools
2022-08-25 16:59:24 +00:00
@rm -rf $( TOOLS_DIR)
2022-08-26 07:23:04 +00:00
#################
# BUILD (LOCAL) #
#################
CMD_DIR := ./cmd
KYVERNO_DIR := $( CMD_DIR) /kyverno
KYVERNOPRE_DIR := $( CMD_DIR) /initContainer
CLI_DIR := $( CMD_DIR) /cli/kubectl-kyverno
2022-08-30 15:30:28 +00:00
KYVERNO_BIN := $( KYVERNO_DIR) /kyverno
KYVERNOPRE_BIN := $( KYVERNOPRE_DIR) /kyvernopre
CLI_BIN := $( CLI_DIR) /kubectl-kyverno
2022-08-26 07:23:04 +00:00
PACKAGE ?= github.com/kyverno/kyverno
CGO_ENABLED ?= 0
LD_FLAGS = " -s -w -X $( PACKAGE) /pkg/version.BuildVersion= $( GIT_VERSION) -X $( PACKAGE) /pkg/version.BuildHash= $( GIT_HASH) -X $( PACKAGE) /pkg/version.BuildTime= $( TIMESTAMP) "
LD_FLAGS_DEV = " -s -w -X $( PACKAGE) /pkg/version.BuildVersion= $( GIT_VERSION_DEV) -X $( PACKAGE) /pkg/version.BuildHash= $( GIT_HASH) -X $( PACKAGE) /pkg/version.BuildTime= $( TIMESTAMP) "
.PHONY : fmt
fmt : ## Run go fmt
2022-08-30 04:59:08 +00:00
@go fmt ./...
2022-08-26 07:23:04 +00:00
.PHONY : vet
vet : ## Run go vet
2022-08-30 04:59:08 +00:00
@go vet ./...
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
$(KYVERNO_BIN) : fmt vet
@CGO_ENABLED= $( CGO_ENABLED) GOOS = $( GOOS) go build -o $( KYVERNO_BIN) -ldflags= $( LD_FLAGS) $( KYVERNO_DIR)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
$(KYVERNOPRE_BIN) : fmt vet
@CGO_ENABLED= $( CGO_ENABLED) GOOS = $( GOOS) go build -o $( KYVERNOPRE_BIN) -ldflags= $( LD_FLAGS) $( KYVERNOPRE_DIR)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
$(CLI_BIN) : fmt vet
@CGO_ENABLED= $( CGO_ENABLED) GOOS = $( GOOS) go build -o $( CLI_BIN) -ldflags= $( LD_FLAGS) $( CLI_DIR)
2022-08-26 07:23:04 +00:00
.PHONY : build -kyvernopre
2022-08-30 15:30:28 +00:00
build-kyvernopre : $( KYVERNOPRE_BIN ) ## Build kyvernopre binary
2022-08-26 07:23:04 +00:00
2022-09-01 10:16:36 +00:00
.PHONY : build -kyverno
build-kyverno : $( KYVERNO_BIN ) ## Build kyverno binary
2022-08-26 07:23:04 +00:00
.PHONY : build -cli
2022-09-01 10:16:36 +00:00
build-cli : $( CLI_BIN ) ## Build cli binary
2022-08-26 07:23:04 +00:00
2022-09-01 10:16:36 +00:00
build-all : build -kyvernopre build -kyverno build -cli ## Build all binaries
2022-08-26 07:23:04 +00:00
##############
# BUILD (KO) #
##############
2022-08-31 10:41:58 +00:00
PLATFORMS := linux/amd64,linux/arm64,linux/s390x
2022-09-01 01:04:47 +00:00
LOCAL_PLATFORM := linux/$( GOARCH)
2022-08-30 15:30:28 +00:00
KO_TAGS := latest,$( IMAGE_TAG)
KO_TAGS_DEV := latest,$( IMAGE_TAG_DEV)
KYVERNOPRE_IMAGE := kyvernopre
2022-08-30 14:06:30 +00:00
KYVERNO_IMAGE := kyverno
CLI_IMAGE := kyverno-cli
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -build -kyvernopre
ko-build-kyvernopre : $( KO ) ## Build kyvernopre local image (with ko)
2022-09-01 01:04:47 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = ko.local $( KO) build $( KYVERNOPRE_DIR) --preserve-import-paths --tags= $( KO_TAGS_DEV) --platform= $( LOCAL_PLATFORM)
2022-08-26 07:23:04 +00:00
.PHONY : ko -build -kyverno
2022-08-30 15:30:28 +00:00
ko-build-kyverno : $( KO ) ## Build kyverno local image (with ko)
2022-09-01 01:04:47 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = ko.local $( KO) build $( KYVERNO_DIR) --preserve-import-paths --tags= $( KO_TAGS_DEV) --platform= $( LOCAL_PLATFORM)
2022-08-26 07:23:04 +00:00
.PHONY : ko -build -cli
2022-09-01 10:16:36 +00:00
ko-build-cli : $( KO ) ## Build cli local image (with ko)
2022-09-01 01:04:47 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = ko.local $( KO) build $( CLI_DIR) --preserve-import-paths --tags= $( KO_TAGS_DEV) --platform= $( LOCAL_PLATFORM)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -build -all
ko-build-all : ko -build -kyvernopre ko -build -kyverno ko -build -cli ## Build all local images (with ko)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
################
# PUBLISH (KO) #
################
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
REPO_KYVERNOPRE := $( REPO) /$( KYVERNOPRE_IMAGE)
REPO_KYVERNO := $( REPO) /$( KYVERNO_IMAGE)
REPO_CLI := $( REPO) /$( CLI_IMAGE)
REGISTRY_USERNAME ?= dummy
INITC_KIND_IMAGE := ko.local/github.com/kyverno/kyverno/cmd/initcontainer
KYVERNO_KIND_IMAGE := ko.local/github.com/kyverno/kyverno/cmd/kyverno
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -login
ko-login : $( KO )
@$( KO) login $( REGISTRY) --username $( REGISTRY_USERNAME) --password $( REGISTRY_PASSWORD)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -kyvernopre
2022-09-01 10:16:36 +00:00
ko-publish-kyvernopre : ko -login ## Build and publish kyvernopre image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS) KO_DOCKER_REPO = $( REPO_KYVERNOPRE) $( KO) build $( KYVERNOPRE_DIR) --bare --tags= $( KO_TAGS) --platform= $( PLATFORMS)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -kyverno
2022-09-01 10:16:36 +00:00
ko-publish-kyverno : ko -login ## Build and publish kyverno image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS) KO_DOCKER_REPO = $( REPO_KYVERNO) $( KO) build $( KYVERNO_DIR) --bare --tags= $( KO_TAGS) --platform= $( PLATFORMS)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -cli
2022-09-01 10:16:36 +00:00
ko-publish-cli : ko -login ## Build and publish cli image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS) KO_DOCKER_REPO = $( REPO_CLI) $( KO) build $( CLI_DIR) --bare --tags= $( KO_TAGS) --platform= $( PLATFORMS)
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -kyvernopre -dev
2022-09-01 10:16:36 +00:00
ko-publish-kyvernopre-dev : ko -login ## Build and publish kyvernopre dev image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = $( REPO_KYVERNOPRE) $( KO) build $( KYVERNOPRE_DIR) --bare --tags= $( KO_TAGS_DEV) --platform= $( PLATFORMS)
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -kyverno -dev
2022-09-01 10:16:36 +00:00
ko-publish-kyverno-dev : ko -login ## Build and publish kyverno dev image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = $( REPO_KYVERNO) $( KO) build $( KYVERNO_DIR) --bare --tags= $( KO_TAGS_DEV) --platform= $( PLATFORMS)
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -cli -dev
2022-09-01 10:16:36 +00:00
ko-publish-cli-dev : ko -login ## Build and publish cli dev image (with ko)
2022-08-31 10:41:58 +00:00
@LD_FLAGS= $( LD_FLAGS_DEV) KO_DOCKER_REPO = $( REPO_CLI) $( KO) build $( CLI_DIR) --bare --tags= $( KO_TAGS_DEV) --platform= $( PLATFORMS)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -all
2022-09-01 10:16:36 +00:00
ko-publish-all : ko -publish -kyvernopre ko -publish -kyverno ko -publish -cli ## Build and publish all images (with ko)
2022-08-26 07:23:04 +00:00
2022-08-30 15:30:28 +00:00
.PHONY : ko -publish -all -dev
2022-09-01 10:16:36 +00:00
ko-publish-all-dev : ko -publish -kyvernopre -dev ko -publish -kyverno -dev ko -publish -cli -dev ## Build and publish all dev images (with ko)
2022-08-26 07:23:04 +00:00
2022-08-30 14:06:30 +00:00
##################
2022-08-31 04:22:46 +00:00
# UTILS (DOCKER) #
2022-08-30 14:06:30 +00:00
##################
2019-05-23 04:41:24 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -get -kyvernopre -digest
2022-09-01 10:16:36 +00:00
docker-get-kyvernopre-digest : ## Get kyvernopre image digest (with docker)
2022-08-31 04:22:46 +00:00
@docker buildx imagetools inspect --raw $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG) | perl -pe 'chomp if eof' | openssl dgst -sha256 | sed 's/^.* //'
.PHONY : docker -get -kyvernopre -digest -dev
2022-09-01 10:16:36 +00:00
docker-get-kyvernopre-digest-dev : ## Get kyvernopre dev image digest (with docker)
2022-08-31 04:22:46 +00:00
@docker buildx imagetools inspect --raw $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG_DEV) | perl -pe 'chomp if eof' | openssl dgst -sha256 | sed 's/^.* //'
.PHONY : docker -get -kyverno -digest
2022-09-01 10:16:36 +00:00
docker-get-kyverno-digest : ## Get kyverno image digest (with docker)
2022-08-31 04:22:46 +00:00
@docker buildx imagetools inspect --raw $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG) | perl -pe 'chomp if eof' | openssl dgst -sha256 | sed 's/^.* //'
.PHONY : docker -get -kyverno -digest -dev
2022-09-01 10:16:36 +00:00
docker-get-kyverno-digest-dev : ## Get kyverno dev image digest (with docker)
2022-08-31 04:22:46 +00:00
@docker buildx imagetools inspect --raw $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG_DEV) | perl -pe 'chomp if eof' | openssl dgst -sha256 | sed 's/^.* //'
2022-08-30 14:06:30 +00:00
.PHONY : docker -buildx -builder
2022-08-26 07:23:04 +00:00
docker-buildx-builder :
if ! docker buildx ls | grep -q kyverno; then \
docker buildx create --name kyverno --use; \
fi
2022-08-31 04:22:46 +00:00
##################
# BUILD (DOCKER) #
##################
.PHONY : docker -build -kyvernopre
2022-09-01 10:16:36 +00:00
docker-build-kyvernopre : docker -buildx -builder ## Build kyvernopre local image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNOPRE_DIR) /Dockerfile --progress plain --load --platform $( LOCAL_PLATFORM) --tag $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -build -kyverno
2022-09-01 10:16:36 +00:00
docker-build-kyverno : docker -buildx -builder ## Build kyverno local image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNO_DIR) /Dockerfile --progress plain --load --platform $( LOCAL_PLATFORM) --tag $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -build -cli
2022-09-01 10:16:36 +00:00
docker-build-cli : docker -buildx -builder ## Build cli local image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( CLI_DIR) /Dockerfile --progress plain --load --platform $( LOCAL_PLATFORM) --tag $( REPO) /$( CLI_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-31 04:22:46 +00:00
.PHONY : docker -build -all
docker-build-all : docker -build -kyvernopre docker -build -kyverno docker -build -cli ## Build all local images (with docker)
####################
# PUBLISH (DOCKER) #
####################
.PHONY : docker -publish -kyvernopre
2022-09-01 10:16:36 +00:00
docker-publish-kyvernopre : docker -buildx -builder ## Build and publish kyvernopre image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNOPRE_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) --tag $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -kyvernopre -dev
2022-09-01 10:16:36 +00:00
docker-publish-kyvernopre-dev : docker -buildx -builder ## Build and publish kyvernopre dev image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNOPRE_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) \
2022-08-30 15:30:28 +00:00
--tag $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG_DEV) --tag $( REPO) /$( KYVERNOPRE_IMAGE) :$( IMAGE_TAG_LATEST_DEV) -latest --tag $( REPO) /$( KYVERNOPRE_IMAGE) :latest \
2022-08-30 14:06:30 +00:00
. --build-arg LD_FLAGS = $( LD_FLAGS_DEV)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -kyverno
2022-09-01 10:16:36 +00:00
docker-publish-kyverno : docker -buildx -builder ## Build and publish kyverno image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNO_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) --tag $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -kyverno -dev
2022-09-01 10:16:36 +00:00
docker-publish-kyverno-dev : docker -buildx -builder ## Build and publish kyverno dev image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( KYVERNO_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) \
2022-08-30 14:06:30 +00:00
--tag $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG_DEV) --tag $( REPO) /$( KYVERNO_IMAGE) :$( IMAGE_TAG_LATEST_DEV) -latest --tag $( REPO) /$( KYVERNO_IMAGE) :latest \
. --build-arg LD_FLAGS = $( LD_FLAGS_DEV)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -cli
2022-09-01 10:16:36 +00:00
docker-publish-cli : docker -buildx -builder ## Build and publish cli image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( CLI_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) --tag $( REPO) /$( CLI_IMAGE) :$( IMAGE_TAG) . --build-arg LD_FLAGS = $( LD_FLAGS)
2022-08-26 07:23:04 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -cli -dev
2022-09-01 10:16:36 +00:00
docker-publish-cli-dev : docker -buildx -builder ## Build and publish cli dev image (with docker)
2022-08-31 10:41:58 +00:00
@docker buildx build --file $( CLI_DIR) /Dockerfile --progress plain --push --platform $( PLATFORMS) \
2022-08-31 04:22:46 +00:00
--tag $( REPO) /$( CLI_IMAGE) :$( IMAGE_TAG_DEV) --tag $( REPO) /$( CLI_IMAGE) :$( IMAGE_TAG_LATEST_DEV) -latest --tag $( REPO) /$( CLI_IMAGE) :latest \
. --build-arg LD_FLAGS = $( LD_FLAGS_DEV)
2021-02-08 03:46:50 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -all
2022-09-01 10:16:36 +00:00
docker-publish-all : docker -publish -kyvernopre docker -publish -kyverno docker -publish -cli ## Build and publish all images (with docker)
2019-06-05 01:05:10 +00:00
2022-08-31 04:22:46 +00:00
.PHONY : docker -publish -all -dev
2022-09-01 10:16:36 +00:00
docker-publish-all-dev : docker -publish -kyvernopre -dev docker -publish -kyverno -dev docker -publish -cli -dev ## Build and publish all dev images (with docker)
2020-08-06 06:26:31 +00:00
2022-08-31 14:19:37 +00:00
###########
# CODEGEN #
###########
2022-09-01 06:14:56 +00:00
GOPATH_SHIM := ${ PWD } /.gopath
PACKAGE_SHIM := $( GOPATH_SHIM) /src/$( PACKAGE)
OUT_PACKAGE := $( PACKAGE) /pkg/client
INPUT_DIRS := $( PACKAGE) /api/kyverno/v1,$( PACKAGE) /api/kyverno/v1beta1,$( PACKAGE) /api/kyverno/v1alpha2,$( PACKAGE) /api/policyreport/v1alpha2
CLIENTSET_PACKAGE := $( OUT_PACKAGE) /clientset
LISTERS_PACKAGE := $( OUT_PACKAGE) /listers
INFORMERS_PACKAGE := $( OUT_PACKAGE) /informers
$(GOPATH_SHIM) :
@echo Create gopath shim...
@mkdir -p $( GOPATH_SHIM)
.INTERMEDIATE : $( PACKAGE_SHIM )
$(PACKAGE_SHIM) : $( GOPATH_SHIM )
@echo Create package shim...
@mkdir -p $( GOPATH_SHIM) /src/github.com/kyverno && ln -s -f ${ PWD } $( PACKAGE_SHIM)
.PHONY : codegen -client -clientset
codegen-client-clientset : $( PACKAGE_SHIM ) $( CLIENT_GEN ) ## Generate clientset
@echo Generate clientset...
@GOPATH= $( GOPATH_SHIM) $( CLIENT_GEN) --go-header-file ./scripts/boilerplate.go.txt --clientset-name versioned --output-package $( CLIENTSET_PACKAGE) --input-base "" --input $( INPUT_DIRS)
.PHONY : codegen -client -listers
codegen-client-listers : $( PACKAGE_SHIM ) $( LISTER_GEN ) ## Generate listers
@echo Generate listers...
@GOPATH= $( GOPATH_SHIM) $( LISTER_GEN) --go-header-file ./scripts/boilerplate.go.txt --output-package $( LISTERS_PACKAGE) --input-dirs $( INPUT_DIRS)
.PHONY : codegen -client -informers
codegen-client-informers : $( PACKAGE_SHIM ) $( INFORMER_GEN ) ## Generate informers
@echo Generate informers...
@GOPATH= $( GOPATH_SHIM) $( INFORMER_GEN) --go-header-file ./scripts/boilerplate.go.txt --output-package $( INFORMERS_PACKAGE) --input-dirs $( INPUT_DIRS) --versioned-clientset-package $( CLIENTSET_PACKAGE) /versioned --listers-package $( LISTERS_PACKAGE)
.PHONY : codegen -client -all
codegen-client-all : codegen -client -clientset codegen -client -listers codegen -client -informers ## Generate clientset, listers and informers
2022-08-31 14:19:37 +00:00
.PHONY : codegen -crds -kyverno
2022-09-01 10:16:36 +00:00
codegen-crds-kyverno : $( CONTROLLER_GEN ) ## Generate kyverno CRDs
2022-09-01 06:14:56 +00:00
@echo Generate kyverno crds...
2022-08-31 14:19:37 +00:00
@$( CONTROLLER_GEN) crd paths = ./api/kyverno/... crd:crdVersions= v1 output:dir= ./config/crds
.PHONY : codegen -crds -report
codegen-crds-report : $( CONTROLLER_GEN ) ## Generate policy reports CRDs
2022-09-01 06:14:56 +00:00
@echo Generate policy reports crds...
2022-08-31 14:19:37 +00:00
@$( CONTROLLER_GEN) crd paths = ./api/policyreport/... crd:crdVersions= v1 output:dir= ./config/crds
.PHONY : codegen -crds -all
codegen-crds-all : codegen -crds -kyverno codegen -crds -report ## Generate all CRDs
.PHONY : codegen -deepcopy -kyverno
2022-09-01 10:16:36 +00:00
codegen-deepcopy-kyverno : $( CONTROLLER_GEN ) $( GOIMPORTS ) ## Generate kyverno deep copy functions
2022-09-01 06:14:56 +00:00
@echo Generate kyverno deep copy functions...
2022-08-31 14:19:37 +00:00
@$( CONTROLLER_GEN) object:headerFile= "scripts/boilerplate.go.txt" paths = "./api/kyverno/..." && $( GOIMPORTS) -w ./api/kyverno
.PHONY : codegen -deepcopy -report
codegen-deepcopy-report : $( CONTROLLER_GEN ) $( GOIMPORTS ) ## Generate policy reports deep copy functions
2022-09-01 06:14:56 +00:00
@echo Generate policy reports deep copy functions...
2022-08-31 14:19:37 +00:00
@$( CONTROLLER_GEN) object:headerFile= "scripts/boilerplate.go.txt" paths = "./api/policyreport/..." && $( GOIMPORTS) -w ./api/policyreport
.PHONY : codegen -deepcopy -all
codegen-deepcopy-all : codegen -deepcopy -kyverno codegen -deepcopy -report ## Generate all deep copy functions
2022-09-01 11:23:31 +00:00
.PHONY : codegen -api -docs
codegen-api-docs : $( PACKAGE_SHIM ) $( GEN_CRD_API_REFERENCE_DOCS ) ## Generate API docs
@echo Generate api docs...
@rm -rf docs/crd && mkdir -p docs/crd
@GOPATH= $( GOPATH_SHIM) $( GEN_CRD_API_REFERENCE_DOCS) -v 6 -api-dir ./api/kyverno/v1alpha2 -config docs/config.json -template-dir docs/template -out-file docs/crd/v1alpha2/index.html
@GOPATH= $( GOPATH_SHIM) $( GEN_CRD_API_REFERENCE_DOCS) -v 6 -api-dir ./api/kyverno/v1beta1 -config docs/config.json -template-dir docs/template -out-file docs/crd/v1beta1/index.html
@GOPATH= $( GOPATH_SHIM) $( GEN_CRD_API_REFERENCE_DOCS) -v 6 -api-dir ./api/kyverno/v1 -config docs/config.json -template-dir docs/template -out-file docs/crd/v1/index.html
2022-08-31 14:19:37 +00:00
.PHONY : codegen -all
2022-09-01 11:23:31 +00:00
codegen-all : codegen -deepcopy -all codegen -crds -all codegen -client -all codegen -api -docs ## Generate clientset, listers, informers, all CRDs, deep copy functions and API docs
2022-08-31 14:19:37 +00:00
2022-09-02 09:49:35 +00:00
##################
# VERIFY CODEGEN #
##################
.PHONY : verify -crds
verify-crds : codegen -crds -all ## Check CRDs are up to date
@git --no-pager diff config
@echo 'If this test fails, it is because the git diff is non-empty after running "make codegen-crds-all".'
@echo 'To correct this, locally run "make codegen-crds-all", commit the changes, and re-run tests.'
@git diff --quiet --exit-code config
.PHONY : verify -client
verify-client : codegen -client -all ## Check client is up to date
@git --no-pager diff pkg/client
@echo 'If this test fails, it is because the git diff is non-empty after running "make codegen-client-all".'
@echo 'To correct this, locally run "make codegen-client-all", commit the changes, and re-run tests.'
@git diff --quiet --exit-code pkg/client
.PHONY : verify -deepcopy
verify-deepcopy : codegen -deepcopy -all ## Check deepcopy functions are up to date
@git --no-pager diff api
@echo 'If this test fails, it is because the git diff is non-empty after running "make codegen-deepcopy-all".'
@echo 'To correct this, locally run "make codegen-deepcopy-all", commit the changes, and re-run tests.'
@git diff --quiet --exit-code api
.PHONY : verify -api -docs
verify-api-docs : codegen -api -docs ## Check api reference docs are up to date
@git --no-pager diff docs
@echo 'If this test fails, it is because the git diff is non-empty after running "make generate-api-docs".'
@echo 'To correct this, locally run "make generate-api-docs", commit the changes, and re-run tests.'
@git diff --quiet --exit-code docs
.PHONY : verify -codegen
verify-codegen : verify -crds verify -client verify -deepcopy verify -api -docs verify -helm ## Verify all generated code and docs are up to date
2022-08-30 14:06:30 +00:00
##################################
# KYVERNO
##################################
.PHONY : unused -package -check
unused-package-check :
@echo "------------------"
@echo "--> Check unused packages for the all kyverno components"
@echo "------------------"
@tidy= $$ ( go mod tidy) ; \
if [ -n " $$ {tidy} " ] ; then \
echo "go mod tidy checking failed!" ; echo " $$ {tidy} " ; echo; \
fi
2020-08-21 16:45:04 +00:00
##################################
2022-08-25 18:32:40 +00:00
# Create e2e Infrastructure
2020-08-21 16:45:04 +00:00
##################################
2020-08-11 16:32:51 +00:00
2022-03-25 16:08:38 +00:00
.PHONY : kind -e 2e -cluster
2022-08-25 16:59:24 +00:00
kind-e2e-cluster : $( KIND ) ## Create kind cluster for e2e tests
$( KIND) create cluster --image= $( KIND_IMAGE)
2022-03-25 16:08:38 +00:00
2022-08-26 07:23:04 +00:00
# TODO(eddycharly): $(REPO) is wrong, it is always ghcr.io/kyverno in the source
2022-03-25 16:08:38 +00:00
.PHONY : e 2e -kustomize
2022-08-25 16:59:24 +00:00
e2e-kustomize : $( KUSTOMIZE ) ## Build kustomize manifests for e2e tests
2022-03-25 16:08:38 +00:00
cd config && \
2022-08-30 15:30:28 +00:00
$( KUSTOMIZE) edit set image $( REPO) /$( KYVERNOPRE_IMAGE) = $( INITC_KIND_IMAGE) :$( IMAGE_TAG_DEV) && \
2022-08-26 07:23:04 +00:00
$( KUSTOMIZE) edit set image $( REPO) /$( KYVERNO_IMAGE) = $( KYVERNO_KIND_IMAGE) :$( IMAGE_TAG_DEV)
$( KUSTOMIZE) build config/ -o config/install.yaml
.PHONY : e 2e -init -container
2022-08-30 15:30:28 +00:00
e2e-init-container : kind -e 2e -cluster | ko -build -kyvernopre
2022-08-30 04:59:08 +00:00
$( KIND) load docker-image $( INITC_KIND_IMAGE) :$( IMAGE_TAG_DEV)
2022-08-26 07:23:04 +00:00
.PHONY : e 2e -kyverno -container
2022-08-30 15:30:28 +00:00
e2e-kyverno-container : kind -e 2e -cluster | ko -build -kyverno
2022-08-30 04:59:08 +00:00
$( KIND) load docker-image $( KYVERNO_KIND_IMAGE) :$( IMAGE_TAG_DEV)
2022-03-25 16:08:38 +00:00
2022-08-25 18:32:40 +00:00
.PHONY : create -e 2e -infrastructure
2022-08-26 07:23:04 +00:00
create-e2e-infrastructure : e 2e -init -container e 2e -kyverno -container e 2e -kustomize | ## Setup infrastructure for e2e tests
2020-08-11 00:16:13 +00:00
2019-11-18 19:41:37 +00:00
##################################
2021-04-08 23:14:08 +00:00
# Testing & Code-Coverage
2019-11-18 19:41:37 +00:00
##################################
2019-06-07 18:50:12 +00:00
CODE_COVERAGE_FILE := coverage
CODE_COVERAGE_FILE_TXT := $( CODE_COVERAGE_FILE) .txt
CODE_COVERAGE_FILE_HTML := $( CODE_COVERAGE_FILE) .html
2022-04-28 12:30:23 +00:00
test : test -clean test -unit test -e 2e ## Clean tests cache then run unit and e2e tests
2021-09-27 01:30:53 +00:00
2022-04-28 12:30:23 +00:00
test-clean : ## Clean tests cache
2021-09-27 01:30:53 +00:00
@echo " cleaning test cache"
go clean -testcache ./...
2021-07-10 01:01:46 +00:00
2022-02-24 15:34:12 +00:00
.PHONY : test -cli
2022-05-25 14:26:22 +00:00
test-cli : test -cli -policies test -cli -local test -cli -local -mutate test -cli -local -generate test -cli -test -case -selector -flag test -cli -registry
2022-02-24 15:34:12 +00:00
.PHONY : test -cli -policies
2022-08-30 15:30:28 +00:00
test-cli-policies : $( CLI_BIN )
@$( CLI_BIN) test https://github.com/kyverno/policies/$( TEST_GIT_BRANCH)
2022-02-24 15:34:12 +00:00
.PHONY : test -cli -local
2022-08-30 15:30:28 +00:00
test-cli-local : $( CLI_BIN )
@$( CLI_BIN) test ./test/cli/test
2022-02-24 15:34:12 +00:00
.PHONY : test -cli -local -mutate
2022-08-30 15:30:28 +00:00
test-cli-local-mutate : $( CLI_BIN )
@$( CLI_BIN) test ./test/cli/test-mutate
2022-02-24 15:34:12 +00:00
2022-05-25 14:26:22 +00:00
.PHONY : test -cli -local -generate
2022-08-30 15:30:28 +00:00
test-cli-local-generate : $( CLI_BIN )
@$( CLI_BIN) test ./test/cli/test-generate
2022-05-25 14:26:22 +00:00
2022-03-09 07:40:53 +00:00
.PHONY : test -cli -test -case -selector -flag
2022-08-30 15:30:28 +00:00
test-cli-test-case-selector-flag : $( CLI_BIN )
@$( CLI_BIN) test ./test/cli/test --test-case-selector "policy=disallow-latest-tag, rule=require-image-tag, resource=test-require-image-tag-pass"
2021-07-10 01:01:46 +00:00
2022-03-16 04:26:47 +00:00
.PHONY : test -cli -registry
2022-08-30 15:30:28 +00:00
test-cli-registry : $( CLI_BIN )
@$( CLI_BIN) test ./test/cli/registry --registry
2022-03-16 04:26:47 +00:00
2022-04-28 12:30:23 +00:00
test-unit : $( GO_ACC ) ## Run unit tests
2019-06-07 18:50:12 +00:00
@echo " running unit tests"
2022-08-25 16:59:24 +00:00
$( GO_ACC) ./... -o $( CODE_COVERAGE_FILE_TXT)
2019-06-07 18:50:12 +00:00
2022-03-28 14:01:27 +00:00
code-cov-report : ## Generate code coverage report
2019-06-07 18:50:12 +00:00
@echo " generating code coverage report"
2022-03-14 08:21:27 +00:00
GO111MODULE = on go test -v -coverprofile= coverage.out ./...
go tool cover -func= coverage.out -o $( CODE_COVERAGE_FILE_TXT)
go tool cover -html= coverage.out -o $( CODE_COVERAGE_FILE_HTML)
2020-06-04 18:45:37 +00:00
2020-08-06 05:16:10 +00:00
# Test E2E
test-e2e :
2022-08-31 09:58:27 +00:00
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/verifyimages -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/metrics -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/mutate -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/generate -v
2020-08-06 05:16:10 +00:00
2021-07-27 06:49:28 +00:00
test-e2e-local :
2021-10-29 16:13:20 +00:00
kubectl apply -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/github/rbac.yaml
2021-07-27 06:49:28 +00:00
kubectl port-forward -n kyverno service/kyverno-svc-metrics 8000:8000 &
2022-08-31 09:58:27 +00:00
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/verifyimages -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/metrics -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/mutate -v
E2E = ok K8S_VERSION = $( K8S_VERSION) go test ./test/e2e/generate -v
2021-07-27 06:49:28 +00:00
kill $!
2022-02-04 06:47:36 +00:00
helm-test-values :
sed -i -e "s|nameOverride:.*|nameOverride: kyverno|g" charts/kyverno/values.yaml
sed -i -e "s|fullnameOverride:.*|fullnameOverride: kyverno|g" charts/kyverno/values.yaml
sed -i -e "s|namespace:.*|namespace: kyverno|g" charts/kyverno/values.yaml
2022-08-25 18:32:40 +00:00
sed -i -e " s|tag: # replaced in e2e tests.*|tag: $( IMAGE_TAG_DEV) | " charts/kyverno/values.yaml
sed -i -e " s|repository: ghcr.io/kyverno/kyvernopre # init: replaced in e2e tests|repository: $( INITC_KIND_IMAGE) | " charts/kyverno/values.yaml
sed -i -e " s|repository: ghcr.io/kyverno/kyverno # kyverno: replaced in e2e tests|repository: $( KYVERNO_KIND_IMAGE) | " charts/kyverno/values.yaml
2022-02-04 06:47:36 +00:00
2022-03-14 15:12:29 +00:00
.PHONY : kustomize -crd
2022-08-25 16:59:24 +00:00
kustomize-crd : $( KUSTOMIZE ) ## Create install.yaml
2021-04-08 23:14:08 +00:00
# Create CRD for helm deployment Helm
2022-09-02 11:36:01 +00:00
$( KUSTOMIZE) build ./config/release | $( KUSTOMIZE) cfg grep kind = CustomResourceDefinition | $( SED) -e "1i{{- if .Values.installCRDs }}" -e '$$a{{- end }}' > ./charts/kyverno/templates/crds.yaml
2020-06-05 20:44:47 +00:00
# Generate install.yaml that have all resources for kyverno
2022-08-25 16:59:24 +00:00
$( KUSTOMIZE) build ./config > ./config/install.yaml
2020-06-05 20:44:47 +00:00
# Generate install_debug.yaml that for developer testing
2022-08-25 16:59:24 +00:00
$( KUSTOMIZE) build ./config/debug > ./config/install_debug.yaml
2020-08-12 14:54:45 +00:00
2020-10-07 18:12:31 +00:00
# guidance https://github.com/kyverno/kyverno/wiki/Generate-a-Release
2020-11-29 08:37:36 +00:00
release :
2022-08-25 16:59:24 +00:00
$( KUSTOMIZE) build ./config > ./config/install.yaml
$( KUSTOMIZE) build ./config/release > ./config/release/install.yaml
2020-08-14 19:21:06 +00:00
2021-08-10 16:07:46 +00:00
release-notes :
2021-08-12 16:58:25 +00:00
@bash -c 'while IFS= read -r line ; do if [[ "$$line" == "## "* && "$$line" != "## $(VERSION)" ]]; then break ; fi; echo "$$line"; done < "CHANGELOG.md"' \
2021-08-10 16:07:46 +00:00
true
2022-02-25 16:22:00 +00:00
##################################
# HELM
##################################
Extend Pod Security Admission (#4364)
* init commit for pss
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* add test for Volume Type control
* add test for App Armor control except ExemptProfile. Fix PSS profile check in EvaluatePSS()
* remove unused code, still a JMESPATH problem with app armor ExemptProfile()
* test for Host Process / Host Namespaces controls
* test for Privileged containers controls
* test for HostPathVolume control
* test for HostPorts control
* test for HostPorts control
* test for SELinux control
* test for Proc mount type control
* Set to baseline
* test for Seccomp control
* test for Sysctl control
* test for Privilege escalation control
* test for Run as non root control
* test for Restricted Seccomp control
* Add problems to address
* add solutions to problems
* Add validate rule for PSA
* api.Version --> string. latest by default
* Exclude all values for a restrictedField
* add tests for kyverno engine
* code to be used to match kyverno rule's namespace
* Refacto pkg/pss
* fix multiple problems: not matching containers, add contains methods, select the right container when we have the same exclude.RestrictedField for multiple containers:
* EvaluatePod
* Use EvaluatePod in kyverno engine
* Set pod instead of container in context to use full Jmespath. e.g.: securityContext.capabilities.add --> spec.containers[*].securityContext.capabilities.add
* Check if PSSCheckResult matched at least one exclude value
* add tests for engine
* fix engine validation test
* config
* update go.mod and go.sum
* crds
* Check validate value: add PodSecurity
* exclude all restrictedFields when we only specify the controlName
* ExemptProfile(): check if exclud.RestrictedField matches at least one restrictedField.path
* handle containers, initContainers, ephemeralContainers when we only specify the controlName (all restrictedFields are excluded)
* refacto pks/pss/evaluate.go and add pkg/engine/validation_test.go
* add all controls with containers in restrictedFields as comments
* add tests for capabilities and privileged containers and fix some errors
* add tests for host ports control
* add tests for proc mount control
* add tests for privilege escalation control
* add tests for capabilities control
* remove comments
* new algo
* refacto algo, working. Add test for hostProcess control
* remove unused code
* fix getPodWithNotMatchingContainers(), add tests for host namespaces control
* refacto ExemptProfile()
* get values for a specific container. add test for SELinuxOptions control
* fix allowedValues for SELinuxOptions
* add tests for seccompProfile_baseline control
* refacto checkContainers(), add test for seccomp control
* add test for running as non root control
* add some tests for runAsUser control, have to update current PSA version
* add sysctls control
* add allowed values for restrictedVolumes control
* add some tests for appArmor, volume types controls
* add tests for volume types control
* add tests for hostPath volume control
* finish merge conflicts and add tests for runAsUser
* update charts and crds
* exclude.images optional
* change volume types control exclude values
* add appAmor control
* fix: did not match any exclude value for pod-level restrictedFields
* create autogen for validate.PodSecurity
* clean code, remove logs
* fix sonatype lift errors
* fix sonatype lift errors: duplication
* fix crash in pkg/policy/validate/ tests and unmarshall errors for pkg/engine tests
* beginning of autogen implement for validate.exclude
* Autogen for validation.PodSecurity
* working autogen with simple tests
* change validate.PodSecurity failure response format
* make codegen
* fix lint errors, remove debug prints
* fix tags
* fix tags
* fix crash when deleting pods matching validate.podSecurity rule. Only check validatePodSecurity() when it's not a delete request
* Changes requested
* Changes requested 2
* Changes requested 3
* Changes requested 4
* Changes requested and make codegen
* fix host namespaces control
* fix lint
* fix codegen error
* update docs/crd/v1/index.html
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* fix path
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update crd schema
Signed-off-by: ShutingZhao <shuting@nirmata.com>
* update charts/kyverno/templates/crds.yaml
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: ShutingZhao <shuting@nirmata.com>
2022-08-31 09:16:31 +00:00
# .PHONY: gen-helm-docs
2022-02-25 16:22:00 +00:00
.PHONY : gen -helm -docs
2022-08-31 04:22:46 +00:00
gen-helm-docs : ## Generate Helm docs
2022-09-01 23:03:14 +00:00
@docker run -v ${ PWD } :/work -w /work jnorwood/helm-docs:v1.11.0 -s file
2022-03-08 15:10:53 +00:00
2022-03-10 15:07:48 +00:00
.PHONY : gen -helm
gen-helm : gen -helm -docs kustomize -crd ## Generate Helm charts stuff
.PHONY : verify -helm
verify-helm : gen -helm ## Check Helm charts are up to date
2022-09-02 09:49:35 +00:00
@git --no-pager diff charts
2022-03-10 15:07:48 +00:00
@echo 'If this test fails, it is because the git diff is non-empty after running "make gen-helm".'
@echo 'To correct this, locally run "make gen-helm", commit the changes, and re-run tests.'
2022-09-02 09:49:35 +00:00
@git diff --quiet --exit-code charts
2022-03-16 13:48:31 +00:00
2022-08-31 08:06:12 +00:00
########
# KIND #
########
2022-03-16 13:48:31 +00:00
2022-08-31 08:06:12 +00:00
.PHONY : kind -create -cluster
2022-09-01 10:16:36 +00:00
kind-create-cluster : $( KIND ) ## Create kind cluster
2022-08-31 08:06:12 +00:00
@$( KIND) create cluster --name $( KIND_NAME) --image $( KIND_IMAGE)
2022-04-04 20:16:45 +00:00
2022-08-31 08:06:12 +00:00
.PHONY : kind -delete -cluster
2022-09-01 10:16:36 +00:00
kind-delete-cluster : $( KIND ) ## Delete kind cluster
2022-08-31 08:06:12 +00:00
@$( KIND) delete cluster --name $( KIND_NAME)
.PHONY : kind -load -kyvernopre
2022-09-01 10:16:36 +00:00
kind-load-kyvernopre : $( KIND ) ko -build -kyvernopre ## Build kyvernopre image and load it in kind cluster
2022-08-31 08:06:12 +00:00
@$( KIND) load docker-image --name $( KIND_NAME) $( INITC_KIND_IMAGE) :$( IMAGE_TAG_DEV)
.PHONY : kind -load -kyverno
2022-09-01 10:16:36 +00:00
kind-load-kyverno : $( KIND ) ko -build -kyverno ## Build kyverno image and load it in kind cluster
2022-08-31 08:06:12 +00:00
@$( KIND) load docker-image --name $( KIND_NAME) $( KYVERNO_KIND_IMAGE) :$( IMAGE_TAG_DEV)
.PHONY : kind -load -all
2022-09-01 10:16:36 +00:00
kind-load-all : kind -load -kyvernopre kind -load -kyverno ## Build images and load them in kind cluster
2022-08-31 08:06:12 +00:00
.PHONY : kind -deploy -kyverno
2022-09-01 10:16:36 +00:00
kind-deploy-kyverno : kind -load -all ## Build images, load them in kind cluster and deploy kyverno helm chart
2022-08-31 08:06:12 +00:00
@helm upgrade --install kyverno --namespace kyverno --wait --create-namespace ./charts/kyverno \
2022-08-25 18:32:40 +00:00
--set image.repository= $( KYVERNO_KIND_IMAGE) \
2022-04-04 20:16:45 +00:00
--set image.tag= $( IMAGE_TAG_DEV) \
2022-08-25 18:32:40 +00:00
--set initImage.repository= $( INITC_KIND_IMAGE) \
2022-04-04 20:16:45 +00:00
--set initImage.tag= $( IMAGE_TAG_DEV) \
2022-08-25 15:01:43 +00:00
--set extraArgs = { --autogenInternals= true}
2022-08-31 08:06:12 +00:00
.PHONY : kind -deploy -kyverno -policies
kind-deploy-kyverno-policies : ## Deploy kyverno-policies helm chart
@helm upgrade --install kyverno-policies --namespace kyverno --create-namespace ./charts/kyverno-policies
.PHONY : kind -deploy -all
2022-09-01 10:16:36 +00:00
kind-deploy-all : | kind -deploy -kyverno kind -deploy -kyverno -policies ## Build images, load them in kind cluster and deploy helm charts
2022-08-31 08:06:12 +00:00
########
# HELP #
########
.PHONY : help
help : ## Shows the available commands
2022-09-01 10:16:36 +00:00
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $( MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-40s\033[0m %s\n", $$1, $$2}'