forked from TrueCloudLab/certificates
182 lines
4.7 KiB
Makefile
182 lines
4.7 KiB
Makefile
PKG?=github.com/smallstep/certificates/cmd/step-ca
|
|
BINNAME?=step-ca
|
|
|
|
# Set V to 1 for verbose output from the Makefile
|
|
Q=$(if $V,,@)
|
|
PREFIX?=
|
|
SRC=$(shell find . -type f -name '*.go' -not -path "./vendor/*")
|
|
GOOS_OVERRIDE ?=
|
|
|
|
all: lint test build
|
|
|
|
ci: testcgo build
|
|
|
|
.PHONY: all ci
|
|
|
|
#########################################
|
|
# Bootstrapping
|
|
#########################################
|
|
|
|
bootstra%:
|
|
$Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin latest
|
|
$Q go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
$Q go install gotest.tools/gotestsum@latest
|
|
$Q go install github.com/goreleaser/goreleaser@latest
|
|
$Q go install github.com/sigstore/cosign/v2/cmd/cosign@latest
|
|
|
|
.PHONY: bootstra%
|
|
|
|
#################################################
|
|
# Determine the type of `push` and `version`
|
|
#################################################
|
|
|
|
# GITHUB Actions
|
|
ifdef GITHUB_REF
|
|
VERSION ?= $(shell echo $(GITHUB_REF) | sed 's/^refs\/tags\///')
|
|
NOT_RC := $(shell echo $(VERSION) | grep -v -e -rc)
|
|
ifeq ($(NOT_RC),)
|
|
PUSHTYPE := release-candidate
|
|
else
|
|
PUSHTYPE := release
|
|
endif
|
|
else
|
|
VERSION ?= $(shell [ -d .git ] && git describe --tags --always --dirty="-dev")
|
|
# If we are not in an active git dir then try reading the version from .VERSION.
|
|
# .VERSION contains a slug populated by `git archive`.
|
|
VERSION := $(or $(VERSION),$(shell ./.version.sh .VERSION))
|
|
PUSHTYPE := branch
|
|
endif
|
|
|
|
VERSION := $(shell echo $(VERSION) | sed 's/^v//')
|
|
|
|
ifdef V
|
|
$(info GITHUB_REF is $(GITHUB_REF))
|
|
$(info VERSION is $(VERSION))
|
|
$(info PUSHTYPE is $(PUSHTYPE))
|
|
endif
|
|
|
|
#########################################
|
|
# Build
|
|
#########################################
|
|
|
|
DATE := $(shell date -u '+%Y-%m-%d %H:%M UTC')
|
|
LDFLAGS := -ldflags='-w -X "main.Version=$(VERSION)" -X "main.BuildTime=$(DATE)"'
|
|
GOFLAGS := CGO_ENABLED=0
|
|
|
|
# Check for programs required for a CGO build
|
|
check_gcc := $(shell command -v gcc 2> /dev/null)
|
|
# pkg-config is run by the go-piv build on Linux, to discover
|
|
# properties of pcsclite library.
|
|
# See https://github.com/go-piv/piv-go/blob/5418a1a438791fc94745accde6c0f3cafac93311/piv/pcsc_unix.go#L23
|
|
check_pkgconfig := $(shell command -v pkg-config 2> /dev/null)
|
|
|
|
ifeq (,$(findstring CGO_ENABLED=0,$(GOFLAGS)))
|
|
ifeq (,$(check_gcc))
|
|
$(error "Please install gcc before building with cgo enabled.")
|
|
endif
|
|
UNAME_S := $(shell uname -s)
|
|
ifeq ($(UNAME_S),Linux)
|
|
ifeq (,$(check_pkgconfig))
|
|
$(error "Please install pkg-config before building with cgo enabled.")
|
|
endif
|
|
endif
|
|
endif
|
|
|
|
download:
|
|
$Q go mod download
|
|
|
|
build: $(PREFIX)bin/$(BINNAME)
|
|
@echo "Build Complete!"
|
|
|
|
$(PREFIX)bin/$(BINNAME): download $(call rwildcard,*.go)
|
|
$Q mkdir -p $(@D)
|
|
$Q $(GOOS_OVERRIDE) $(GOFLAGS) go build -v -o $(PREFIX)bin/$(BINNAME) $(LDFLAGS) $(PKG)
|
|
|
|
# Target to force a build of step-ca without running tests
|
|
simple: build
|
|
|
|
.PHONY: download build simple
|
|
|
|
#########################################
|
|
# Go generate
|
|
#########################################
|
|
|
|
generate:
|
|
$Q go generate ./...
|
|
|
|
.PHONY: generate
|
|
|
|
#########################################
|
|
# Test
|
|
#########################################
|
|
test: testdefault testtpmsimulator combinecoverage
|
|
|
|
testdefault:
|
|
$Q $(GOFLAGS) gotestsum -- -coverprofile=defaultcoverage.out -short -covermode=atomic ./...
|
|
|
|
testtpmsimulator:
|
|
$Q CGO_ENALBED=1 gotestsum -- -coverprofile=tpmsimulatorcoverage.out -short -covermode=atomic -tags tpmsimulator ./acme
|
|
|
|
testcgo:
|
|
$Q gotestsum -- -coverprofile=coverage.out -short -covermode=atomic ./...
|
|
|
|
combinecoverage:
|
|
cat defaultcoverage.out tpmsimulatorcoverage.out > coverage.out
|
|
|
|
.PHONY: test testdefault testtpmsimulator testcgo combinecoverage
|
|
|
|
integrate: integration
|
|
|
|
integration: bin/$(BINNAME)
|
|
$Q $(GOFLAGS) gotestsum -- -tags=integration ./integration/...
|
|
|
|
.PHONY: integrate integration
|
|
|
|
#########################################
|
|
# Linting
|
|
#########################################
|
|
|
|
fmt:
|
|
$Q goimports -l -w $(SRC)
|
|
|
|
lint: SHELL:=/bin/bash
|
|
lint:
|
|
$Q LOG_LEVEL=error golangci-lint run --config <(curl -s https://raw.githubusercontent.com/smallstep/workflows/master/.golangci.yml) --timeout=30m
|
|
$Q govulncheck ./...
|
|
|
|
.PHONY: fmt lint
|
|
|
|
#########################################
|
|
# Install
|
|
#########################################
|
|
|
|
INSTALL_PREFIX?=/usr/
|
|
|
|
install: $(PREFIX)bin/$(BINNAME)
|
|
$Q install -D $(PREFIX)bin/$(BINNAME) $(DESTDIR)$(INSTALL_PREFIX)bin/$(BINNAME)
|
|
|
|
uninstall:
|
|
$Q rm -f $(DESTDIR)$(INSTALL_PREFIX)/bin/$(BINNAME)
|
|
|
|
.PHONY: install uninstall
|
|
|
|
#########################################
|
|
# Clean
|
|
#########################################
|
|
|
|
clean:
|
|
ifneq ($(BINNAME),"")
|
|
$Q rm -f bin/$(BINNAME)
|
|
endif
|
|
|
|
.PHONY: clean
|
|
|
|
#########################################
|
|
# Dev
|
|
#########################################
|
|
|
|
run:
|
|
$Q go run cmd/step-ca/main.go $(shell step path)/config/ca.json
|
|
|
|
.PHONY: run
|
|
|