certificates/Makefile

182 lines
4.7 KiB
Makefile

PKG?=github.com/smallstep/certificates/cmd/step-ca
BINNAME?=step-ca
# Set V to 1 for verbose output from the Makefile
Q=$(if $V,,@)
PREFIX?=
SRC=$(shell find . -type f -name '*.go' -not -path "./vendor/*")
GOOS_OVERRIDE ?=
all: lint test build
ci: testcgo build
.PHONY: all ci
#########################################
# Bootstrapping
#########################################
bootstra%:
$Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin latest
$Q go install golang.org/x/vuln/cmd/govulncheck@latest
$Q go install gotest.tools/gotestsum@latest
$Q go install github.com/goreleaser/goreleaser@latest
$Q go install github.com/sigstore/cosign/v2/cmd/cosign@latest
.PHONY: bootstra%
#################################################
# Determine the type of `push` and `version`
#################################################
# GITHUB Actions
ifdef GITHUB_REF
VERSION ?= $(shell echo $(GITHUB_REF) | sed 's/^refs\/tags\///')
NOT_RC := $(shell echo $(VERSION) | grep -v -e -rc)
ifeq ($(NOT_RC),)
PUSHTYPE := release-candidate
else
PUSHTYPE := release
endif
else
VERSION ?= $(shell [ -d .git ] && git describe --tags --always --dirty="-dev")
# If we are not in an active git dir then try reading the version from .VERSION.
# .VERSION contains a slug populated by `git archive`.
VERSION := $(or $(VERSION),$(shell ./.version.sh .VERSION))
PUSHTYPE := branch
endif
VERSION := $(shell echo $(VERSION) | sed 's/^v//')
ifdef V
$(info GITHUB_REF is $(GITHUB_REF))
$(info VERSION is $(VERSION))
$(info PUSHTYPE is $(PUSHTYPE))
endif
#########################################
# Build
#########################################
DATE := $(shell date -u '+%Y-%m-%d %H:%M UTC')
LDFLAGS := -ldflags='-w -X "main.Version=$(VERSION)" -X "main.BuildTime=$(DATE)"'
GOFLAGS := CGO_ENABLED=0
# Check for programs required for a CGO build
check_gcc := $(shell command -v gcc 2> /dev/null)
# pkg-config is run by the go-piv build on Linux, to discover
# properties of pcsclite library.
# See https://github.com/go-piv/piv-go/blob/5418a1a438791fc94745accde6c0f3cafac93311/piv/pcsc_unix.go#L23
check_pkgconfig := $(shell command -v pkg-config 2> /dev/null)
ifeq (,$(findstring CGO_ENABLED=0,$(GOFLAGS)))
ifeq (,$(check_gcc))
$(error "Please install gcc before building with cgo enabled.")
endif
UNAME_S := $(shell uname -s)
ifeq ($(UNAME_S),Linux)
ifeq (,$(check_pkgconfig))
$(error "Please install pkg-config before building with cgo enabled.")
endif
endif
endif
download:
$Q go mod download
build: $(PREFIX)bin/$(BINNAME)
@echo "Build Complete!"
$(PREFIX)bin/$(BINNAME): download $(call rwildcard,*.go)
$Q mkdir -p $(@D)
$Q $(GOOS_OVERRIDE) $(GOFLAGS) go build -v -o $(PREFIX)bin/$(BINNAME) $(LDFLAGS) $(PKG)
# Target to force a build of step-ca without running tests
simple: build
.PHONY: download build simple
#########################################
# Go generate
#########################################
generate:
$Q go generate ./...
.PHONY: generate
#########################################
# Test
#########################################
test: testdefault testtpmsimulator combinecoverage
testdefault:
$Q $(GOFLAGS) gotestsum -- -coverprofile=defaultcoverage.out -short -covermode=atomic ./...
testtpmsimulator:
$Q CGO_ENALBED=1 gotestsum -- -coverprofile=tpmsimulatorcoverage.out -short -covermode=atomic -tags tpmsimulator ./acme
testcgo:
$Q gotestsum -- -coverprofile=coverage.out -short -covermode=atomic ./...
combinecoverage:
cat defaultcoverage.out tpmsimulatorcoverage.out > coverage.out
.PHONY: test testdefault testtpmsimulator testcgo combinecoverage
integrate: integration
integration: bin/$(BINNAME)
$Q $(GOFLAGS) gotestsum -- -tags=integration ./integration/...
.PHONY: integrate integration
#########################################
# Linting
#########################################
fmt:
$Q goimports -l -w $(SRC)
lint: SHELL:=/bin/bash
lint:
$Q LOG_LEVEL=error golangci-lint run --config <(curl -s https://raw.githubusercontent.com/smallstep/workflows/master/.golangci.yml) --timeout=30m
$Q govulncheck ./...
.PHONY: fmt lint
#########################################
# Install
#########################################
INSTALL_PREFIX?=/usr/
install: $(PREFIX)bin/$(BINNAME)
$Q install -D $(PREFIX)bin/$(BINNAME) $(DESTDIR)$(INSTALL_PREFIX)bin/$(BINNAME)
uninstall:
$Q rm -f $(DESTDIR)$(INSTALL_PREFIX)/bin/$(BINNAME)
.PHONY: install uninstall
#########################################
# Clean
#########################################
clean:
ifneq ($(BINNAME),"")
$Q rm -f bin/$(BINNAME)
endif
.PHONY: clean
#########################################
# Dev
#########################################
run:
$Q go run cmd/step-ca/main.go $(shell step path)/config/ca.json
.PHONY: run