SHELL = /bin/bash TAG ?= $(shell git describe --exact-match 2>/dev/null) COMMIT = $(shell git rev-parse --short=7 HEAD)$(shell [[ $$(git status --porcelain) = "" ]] || echo -dirty) ARO_IMAGE_BASE = ${RP_IMAGE_ACR}.azurecr.io/aro E2E_FLAGS ?= -test.v --ginkgo.v --ginkgo.timeout 180m --ginkgo.flake-attempts=2 --ginkgo.junit-report=e2e-report.xml E2E_LABEL ?= !smoke GO_FLAGS ?= -tags=containers_image_openpgp,exclude_graphdriver_btrfs,exclude_graphdriver_devicemapper NO_CACHE ?= true export GOFLAGS=$(GO_FLAGS) # fluentbit version must also be updated in RP code, see pkg/util/version/const.go MARINER_VERSION = 20240301 FLUENTBIT_VERSION = 1.9.10 FLUENTBIT_IMAGE ?= ${RP_IMAGE_ACR}.azurecr.io/fluentbit:$(FLUENTBIT_VERSION)-cm$(MARINER_VERSION) AUTOREST_VERSION = 3.6.3 AUTOREST_IMAGE = quay.io/openshift-on-azure/autorest:${AUTOREST_VERSION} GATEKEEPER_VERSION = v3.15.1 GOTESTSUM = gotest.tools/gotestsum@v1.11.0 # Golang version go mod tidy compatibility GOLANG_VERSION ?= 1.21 ifneq ($(shell uname -s),Darwin) export CGO_CFLAGS=-Dgpgme_off_t=off_t endif ifeq ($(TAG),) VERSION = $(COMMIT) else VERSION = $(TAG) endif # default to registry.access.redhat.com for build images on local builds and CI builds without $RP_IMAGE_ACR set. ifeq ($(RP_IMAGE_ACR),arointsvc) REGISTRY = arointsvc.azurecr.io else ifeq ($(RP_IMAGE_ACR),arosvc) REGISTRY = arosvc.azurecr.io else ifeq ($(RP_IMAGE_ACR),) REGISTRY = registry.access.redhat.com else REGISTRY = $(RP_IMAGE_ACR) endif RP_IMAGE_LOCAL ?= aro ARO_PORTAL_BUILD_IMAGE ?= $(RP_IMAGE_LOCAL)-portal-build ARO_BUILDER_IMAGE ?= $(RP_IMAGE_LOCAL)-builder ARO_IMAGE ?= $(ARO_IMAGE_BASE):$(VERSION) GATEKEEPER_IMAGE ?= ${REGISTRY}/gatekeeper:$(GATEKEEPER_VERSION) .PHONY: check-release check-release: # Check that VERSION is a valid tag when building an official release (when RELEASE=true). ifeq ($(RELEASE), true) ifeq ($(TAG), $(VERSION)) @echo Building release version $(VERSION) else $(error $(shell git describe --exact-match) Ensure there is an annotated tag (git tag -a) for git commit $(COMMIT)) endif endif .PHONY: build-all build-all: go build ./... .PHONY: aro aro: check-release generate go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro .PHONY: runlocal-rp runlocal-rp: go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro rp .PHONY: az az: pyenv . pyenv/bin/activate && \ cd python/az/aro && \ python3 ./setup.py bdist_egg && \ python3 ./setup.py bdist_wheel || true && \ rm -f ~/.azure/commandIndex.json # https://github.com/Azure/azure-cli/issues/14997 .PHONY: azext-aro azext-aro: docker build --platform=linux/amd64 . -f Dockerfile.ci-azext-aro --no-cache=$(NO_CACHE) -t azext-aro:latest .PHONY: clean clean: rm -rf python/az/aro/{aro.egg-info,build,dist} aro find python -type f -name '*.pyc' -delete find python -type d -name __pycache__ -delete find -type d -name 'gomock_reflect_[0-9]*' -exec rm -rf {} \+ 2>/dev/null .PHONY: client client: generate hack/build-client.sh "${AUTOREST_IMAGE}" 2020-04-30 2021-09-01-preview 2022-04-01 2022-09-04 2023-04-01 2023-07-01-preview 2023-09-04 2023-11-22 2024-08-12-preview .PHONY: ci-rp ci-rp: fix-macos-vendor docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --target portal-build --no-cache=$(NO_CACHE) -t $(ARO_PORTAL_BUILD_IMAGE) docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --target builder --cache-from $(ARO_PORTAL_BUILD_IMAGE) -t $(ARO_BUILDER_IMAGE) docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --cache-from $(ARO_BUILDER_IMAGE) -t $(RP_IMAGE_LOCAL) .PHONY: ci-tunnel ci-tunnel: fix-macos-vendor docker build . -f Dockerfile.ci-tunnel --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --no-cache=$(NO_CACHE) -t aro-tunnel:$(VERSION) .PHONY: ci-clean ci-clean: docker image prune --all --filter="label=aro-*=true" # TODO: hard coding dev-config.yaml is clunky; it is also probably convenient to # override COMMIT. .PHONY: deploy deploy: go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro deploy dev-config.yaml ${LOCATION} .PHONY: dev-config.yaml dev-config.yaml: go run ./hack/gendevconfig >dev-config.yaml .PHONY: discoverycache discoverycache: $(MAKE) admin.kubeconfig KUBECONFIG=admin.kubeconfig go run ./hack/gendiscoverycache $(MAKE) generate .PHONY: fix-macos-vendor fix-macos-vendor: ifeq ($(shell uname -s),Darwin) mv ./vendor/github.com/Microsoft ./vendor/github.com/temp-microsoft && mv ./vendor/github.com/temp-microsoft ./vendor/github.com/microsoft || true endif .PHONY: generate generate: go generate ./... # TODO: This does not work outside of GOROOT. We should replace all usage of the # clientset with controller-runtime so we don't need to generate it. .PHONY: generate-operator-apiclient generate-operator-apiclient: go run ./vendor/k8s.io/code-generator/cmd/client-gen --clientset-name versioned --input-base ./pkg/operator/apis --input aro.openshift.io/v1alpha1,preview.aro.openshift.io/v1alpha1 --output-package ./pkg/operator/clientset --go-header-file ./hack/licenses/boilerplate.go.txt gofmt -s -w ./pkg/operator/clientset go run ./vendor/golang.org/x/tools/cmd/goimports -local=github.com/Azure/ARO-RP -e -w ./pkg/operator/clientset ./pkg/operator/apis .PHONY: generate-guardrails generate-guardrails: cd pkg/operator/controllers/guardrails/policies && ./scripts/generate.sh > /dev/null .PHONY: generate-kiota generate-kiota: kiota generate --clean-output -l go -o ./pkg/util/graph/graphsdk -n "github.com/Azure/ARO-RP/pkg/util/graph/graphsdk" -d hack/graphsdk/openapi.yaml -c GraphBaseServiceClient --additional-data=False --backing-store=True find ./pkg/util/graph/graphsdk -type f -name "*.go" -exec sed -i'' -e 's\github.com/azure/aro-rp\github.com/Azure/ARO-RP\g' {} + gofmt -s -w pkg/util/graph/graphsdk go run ./vendor/golang.org/x/tools/cmd/goimports -w -local=github.com/Azure/ARO-RP pkg/util/graph/graphsdk go run ./hack/validate-imports pkg/util/graph/graphsdk go run ./hack/licenses -dirs ./pkg/util/graph/graphsdk .PHONY: init-contrib init-contrib: install -v hack/git/hooks/* .git/hooks/ .PHONY: image-aro-multistage image-aro-multistage: docker build --platform=linux/amd64 --network=host --no-cache -f Dockerfile.aro-multistage -t $(ARO_IMAGE) --build-arg REGISTRY=$(REGISTRY) . .PHONY: image-autorest image-autorest: docker build --platform=linux/amd64 --network=host --no-cache --build-arg AUTOREST_VERSION="${AUTOREST_VERSION}" --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.autorest -t ${AUTOREST_IMAGE} . .PHONY: image-fluentbit image-fluentbit: docker build --platform=linux/amd64 --network=host --build-arg VERSION=$(FLUENTBIT_VERSION) --build-arg MARINER_VERSION=$(MARINER_VERSION) -f Dockerfile.fluentbit -t $(FLUENTBIT_IMAGE) . .PHONY: image-proxy image-proxy: docker pull $(REGISTRY)/ubi8/ubi-minimal docker build --platform=linux/amd64 --no-cache -f Dockerfile.proxy -t $(REGISTRY)/proxy:latest --build-arg REGISTRY=$(REGISTRY) . .PHONY: image-gatekeeper image-gatekeeper: docker build --platform=linux/amd64 --network=host --build-arg GATEKEEPER_VERSION=$(GATEKEEPER_VERSION) --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.gatekeeper -t $(GATEKEEPER_IMAGE) . .PHONY: publish-image-aro-multistage publish-image-aro-multistage: image-aro-multistage docker push $(ARO_IMAGE) ifeq ("${RP_IMAGE_ACR}-$(BRANCH)","arointsvc-master") docker tag $(ARO_IMAGE) arointsvc.azurecr.io/aro:latest docker push arointsvc.azurecr.io/aro:latest endif .PHONY: publish-image-autorest publish-image-autorest: image-autorest docker push ${AUTOREST_IMAGE} .PHONY: publish-image-fluentbit publish-image-fluentbit: image-fluentbit docker push $(FLUENTBIT_IMAGE) .PHONY: publish-image-proxy publish-image-proxy: image-proxy docker push ${RP_IMAGE_ACR}.azurecr.io/proxy:latest .PHONY: publish-image-gatekeeper publish-image-gatekeeper: image-gatekeeper docker push $(GATEKEEPER_IMAGE) .PHONY: image-e2e image-e2e: docker build --platform=linux/amd64 --network=host --no-cache -f Dockerfile.aro-e2e -t $(ARO_IMAGE) --build-arg REGISTRY=$(REGISTRY) . .PHONY: publish-image-e2e publish-image-e2e: image-e2e docker push $(ARO_IMAGE) .PHONY: extract-aro-docker extract-aro-docker: hack/ci-utils/extractaro.sh ${ARO_IMAGE} .PHONY: proxy proxy: CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/proxy .PHONY: run-portal run-portal: go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro portal .PHONY: build-portal build-portal: cd portal/v2 && npm install && npm run build .PHONY: pyenv pyenv: python3 -m venv pyenv . pyenv/bin/activate && \ pip install -U pip && \ pip install -r requirements.txt && \ azdev setup -r . .PHONY: secrets secrets: @[ "${SECRET_SA_ACCOUNT_NAME}" ] || ( echo ">> SECRET_SA_ACCOUNT_NAME is not set"; exit 1 ) rm -rf secrets az storage blob download -n secrets.tar.gz -c secrets -f secrets.tar.gz --account-name ${SECRET_SA_ACCOUNT_NAME} >/dev/null tar -xzf secrets.tar.gz rm secrets.tar.gz .PHONY: secrets-update secrets-update: @[ "${SECRET_SA_ACCOUNT_NAME}" ] || ( echo ">> SECRET_SA_ACCOUNT_NAME is not set"; exit 1 ) tar -czf secrets.tar.gz secrets az storage blob upload -n secrets.tar.gz -c secrets -f secrets.tar.gz --overwrite --account-name ${SECRET_SA_ACCOUNT_NAME} >/dev/null rm secrets.tar.gz .PHONY: tunnel tunnel: go run ./hack/tunnel $(shell az network public-ip show -g ${RESOURCEGROUP} -n rp-pip --query 'ipAddress') .PHONY: e2e.test e2e.test: go test ./test/e2e/... -tags e2e,codec.safe -c -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" -o e2e.test .PHONY: e2etools e2etools: CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/cluster CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/db CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/portalauth CGO_ENABLED=0 go build ./hack/jq .PHONY: test-e2e test-e2e: e2e.test ./e2e.test $(E2E_FLAGS) --ginkgo.label-filter="$(E2E_LABEL)" .PHONY: test-go test-go: generate build-all validate-go lint-go unit-test-go .PHONY: validate-go validate-go: gofmt -s -w cmd hack pkg test go run ./vendor/golang.org/x/tools/cmd/goimports -w -local=github.com/Azure/ARO-RP cmd hack pkg test go run ./hack/validate-imports cmd hack pkg test go run ./hack/licenses @[ -z "$$(ls pkg/util/*.go 2>/dev/null)" ] || (echo error: go files are not allowed in pkg/util, use a subpackage; exit 1) @[ -z "$$(find -name "*:*")" ] || (echo error: filenames with colons are not allowed on Windows, please rename; exit 1) @sha256sum --quiet -c .sha256sum || (echo error: client library is stale, please run make client; exit 1) go test -tags e2e -run ^$$ ./test/e2e/... .PHONY: validate-go-action validate-go-action: go run ./hack/licenses -validate -ignored-go vendor,pkg/client,.git -ignored-python python/client,python/az/aro/azext_aro/aaz,vendor,.git go run ./hack/validate-imports cmd hack pkg test @[ -z "$$(ls pkg/util/*.go 2>/dev/null)" ] || (echo error: go files are not allowed in pkg/util, use a subpackage; exit 1) @[ -z "$$(find -name "*:*")" ] || (echo error: filenames with colons are not allowed on Windows, please rename; exit 1) @sha256sum --quiet -c .sha256sum || (echo error: client library is stale, please run make client; exit 1) .PHONY: validate-fips validate-fips: hack/fips/validate-fips.sh ./aro .PHONY: unit-test-go unit-test-go: go run ${GOTESTSUM} --format pkgname --junitfile report.xml -- -coverprofile=cover.out ./... .PHONY: unit-test-go-coverpkg unit-test-go-coverpkg: go run ${GOTESTSUM} --format pkgname --junitfile report.xml -- -coverpkg=./... -coverprofile=cover_coverpkg.out ./... .PHONY: lint-go lint-go: hack/lint-go.sh .PHONY: lint-admin-portal lint-admin-portal: docker build --platform=linux/amd64 --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.portal_lint . -t linter:latest --no-cache docker run --platform=linux/amd64 -t --rm linter:latest .PHONY: test-python test-python: pyenv az . pyenv/bin/activate && \ azdev linter && \ azdev style && \ hack/unit-test-python.sh .PHONY: shared-cluster-login shared-cluster-login: @oc login $(shell az aro show -g sre-shared-cluster -n sre-shared-cluster -ojson --query apiserverProfile.url) \ -u kubeadmin \ -p $(shell az aro list-credentials -g sre-shared-cluster -n sre-shared-cluster -ojson --query "kubeadminPassword") .PHONY: shared-cluster-create shared-cluster-create: ./hack/shared-cluster.sh create .PHONY: shared-cluster-delete shared-cluster-delete: ./hack/shared-cluster.sh delete .PHONY: unit-test-python unit-test-python: hack/unit-test-python.sh .PHONY: admin.kubeconfig admin.kubeconfig: hack/get-admin-kubeconfig.sh /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCEGROUP}/providers/Microsoft.RedHatOpenShift/openShiftClusters/${CLUSTER} >admin.kubeconfig .PHONY: aks.kubeconfig aks.kubeconfig: hack/get-admin-aks-kubeconfig.sh .PHONY: go-tidy go-tidy: # Run go mod tidy - add missing and remove unused modules. go mod tidy -compat=${GOLANG_VERSION} .PHONY: go-vendor go-vendor: # Run go mod vendor - only modules that are used in the source code will be vendored in (make vendored copy of dependencies). go mod vendor .PHONY: go-verify go-verify: go-tidy go-vendor # Run go mod verify - verify dependencies have expected content go mod verify .PHONY: vendor vendor: # See comments in the script for background on why we need it hack/update-go-module-dependencies.sh $(MAKE) go-verify .PHONY: install-go-tools install-go-tools: go install ${GOTESTSUM}