зеркало из https://github.com/Azure/ARO-RP.git
370 строки
14 KiB
Makefile
370 строки
14 KiB
Makefile
SHELL = /bin/bash
|
|
TAG ?= $(shell git describe --exact-match 2>/dev/null)
|
|
COMMIT = $(shell git rev-parse --short=7 HEAD)$(shell [[ $$(git status --porcelain) = "" ]] || echo -dirty)
|
|
ARO_IMAGE_BASE = ${RP_IMAGE_ACR}.azurecr.io/aro
|
|
E2E_FLAGS ?= -test.v --ginkgo.v --ginkgo.timeout 180m --ginkgo.flake-attempts=2 --ginkgo.junit-report=e2e-report.xml
|
|
E2E_LABEL ?= !smoke
|
|
GO_FLAGS ?= -tags=containers_image_openpgp,exclude_graphdriver_btrfs,exclude_graphdriver_devicemapper
|
|
NO_CACHE ?= true
|
|
|
|
export GOFLAGS=$(GO_FLAGS)
|
|
|
|
# fluentbit version must also be updated in RP code, see pkg/util/version/const.go
|
|
MARINER_VERSION = 20240301
|
|
FLUENTBIT_VERSION = 1.9.10
|
|
FLUENTBIT_IMAGE ?= ${RP_IMAGE_ACR}.azurecr.io/fluentbit:$(FLUENTBIT_VERSION)-cm$(MARINER_VERSION)
|
|
AUTOREST_VERSION = 3.6.3
|
|
AUTOREST_IMAGE = quay.io/openshift-on-azure/autorest:${AUTOREST_VERSION}
|
|
GATEKEEPER_VERSION = v3.15.1
|
|
GOTESTSUM = gotest.tools/gotestsum@v1.11.0
|
|
|
|
# Golang version go mod tidy compatibility
|
|
GOLANG_VERSION ?= 1.21
|
|
|
|
ifneq ($(shell uname -s),Darwin)
|
|
export CGO_CFLAGS=-Dgpgme_off_t=off_t
|
|
endif
|
|
|
|
ifeq ($(TAG),)
|
|
VERSION = $(COMMIT)
|
|
else
|
|
VERSION = $(TAG)
|
|
endif
|
|
|
|
# default to registry.access.redhat.com for build images on local builds and CI builds without $RP_IMAGE_ACR set.
|
|
ifeq ($(RP_IMAGE_ACR),arointsvc)
|
|
REGISTRY = arointsvc.azurecr.io
|
|
else ifeq ($(RP_IMAGE_ACR),arosvc)
|
|
REGISTRY = arosvc.azurecr.io
|
|
else ifeq ($(RP_IMAGE_ACR),)
|
|
REGISTRY = registry.access.redhat.com
|
|
else
|
|
REGISTRY = $(RP_IMAGE_ACR)
|
|
endif
|
|
|
|
RP_IMAGE_LOCAL ?= aro
|
|
ARO_PORTAL_BUILD_IMAGE ?= $(RP_IMAGE_LOCAL)-portal-build
|
|
ARO_BUILDER_IMAGE ?= $(RP_IMAGE_LOCAL)-builder
|
|
ARO_IMAGE ?= $(ARO_IMAGE_BASE):$(VERSION)
|
|
GATEKEEPER_IMAGE ?= ${REGISTRY}/gatekeeper:$(GATEKEEPER_VERSION)
|
|
|
|
.PHONY: check-release
|
|
check-release:
|
|
# Check that VERSION is a valid tag when building an official release (when RELEASE=true).
|
|
ifeq ($(RELEASE), true)
|
|
ifeq ($(TAG), $(VERSION))
|
|
@echo Building release version $(VERSION)
|
|
else
|
|
$(error $(shell git describe --exact-match) Ensure there is an annotated tag (git tag -a) for git commit $(COMMIT))
|
|
endif
|
|
endif
|
|
|
|
.PHONY: build-all
|
|
build-all:
|
|
go build ./...
|
|
|
|
.PHONY: aro
|
|
aro: check-release generate
|
|
go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro
|
|
|
|
.PHONY: runlocal-rp
|
|
runlocal-rp:
|
|
go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro rp
|
|
|
|
.PHONY: az
|
|
az: pyenv
|
|
. pyenv/bin/activate && \
|
|
cd python/az/aro && \
|
|
python3 ./setup.py bdist_egg && \
|
|
python3 ./setup.py bdist_wheel || true && \
|
|
rm -f ~/.azure/commandIndex.json # https://github.com/Azure/azure-cli/issues/14997
|
|
|
|
.PHONY: azext-aro
|
|
azext-aro:
|
|
docker build --platform=linux/amd64 . -f Dockerfile.ci-azext-aro --no-cache=$(NO_CACHE) -t azext-aro:latest
|
|
|
|
.PHONY: clean
|
|
clean:
|
|
rm -rf python/az/aro/{aro.egg-info,build,dist} aro
|
|
find python -type f -name '*.pyc' -delete
|
|
find python -type d -name __pycache__ -delete
|
|
find -type d -name 'gomock_reflect_[0-9]*' -exec rm -rf {} \+ 2>/dev/null
|
|
|
|
.PHONY: client
|
|
client: generate
|
|
hack/build-client.sh "${AUTOREST_IMAGE}" 2020-04-30 2021-09-01-preview 2022-04-01 2022-09-04 2023-04-01 2023-07-01-preview 2023-09-04 2023-11-22 2024-08-12-preview
|
|
|
|
.PHONY: ci-rp
|
|
ci-rp: fix-macos-vendor
|
|
docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --target portal-build --no-cache=$(NO_CACHE) -t $(ARO_PORTAL_BUILD_IMAGE)
|
|
docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --target builder --cache-from $(ARO_PORTAL_BUILD_IMAGE) -t $(ARO_BUILDER_IMAGE)
|
|
docker build . -f Dockerfile.ci-rp --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --cache-from $(ARO_BUILDER_IMAGE) -t $(RP_IMAGE_LOCAL)
|
|
|
|
.PHONY: ci-tunnel
|
|
ci-tunnel: fix-macos-vendor
|
|
docker build . -f Dockerfile.ci-tunnel --ulimit=nofile=4096:4096 --build-arg REGISTRY=$(REGISTRY) --build-arg ARO_VERSION=$(VERSION) --no-cache=$(NO_CACHE) -t aro-tunnel:$(VERSION)
|
|
|
|
.PHONY: ci-clean
|
|
ci-clean:
|
|
docker image prune --all --filter="label=aro-*=true"
|
|
|
|
# TODO: hard coding dev-config.yaml is clunky; it is also probably convenient to
|
|
# override COMMIT.
|
|
.PHONY: deploy
|
|
deploy:
|
|
go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro deploy dev-config.yaml ${LOCATION}
|
|
|
|
.PHONY: dev-config.yaml
|
|
dev-config.yaml:
|
|
go run ./hack/gendevconfig >dev-config.yaml
|
|
|
|
.PHONY: discoverycache
|
|
discoverycache:
|
|
$(MAKE) admin.kubeconfig
|
|
KUBECONFIG=admin.kubeconfig go run ./hack/gendiscoverycache
|
|
$(MAKE) generate
|
|
|
|
.PHONY: fix-macos-vendor
|
|
fix-macos-vendor:
|
|
ifeq ($(shell uname -s),Darwin)
|
|
mv ./vendor/github.com/Microsoft ./vendor/github.com/temp-microsoft && mv ./vendor/github.com/temp-microsoft ./vendor/github.com/microsoft || true
|
|
endif
|
|
|
|
.PHONY: generate
|
|
generate:
|
|
go generate ./...
|
|
|
|
# TODO: This does not work outside of GOROOT. We should replace all usage of the
|
|
# clientset with controller-runtime so we don't need to generate it.
|
|
.PHONY: generate-operator-apiclient
|
|
generate-operator-apiclient:
|
|
go run ./vendor/k8s.io/code-generator/cmd/client-gen --clientset-name versioned --input-base ./pkg/operator/apis --input aro.openshift.io/v1alpha1,preview.aro.openshift.io/v1alpha1 --output-package ./pkg/operator/clientset --go-header-file ./hack/licenses/boilerplate.go.txt
|
|
gofmt -s -w ./pkg/operator/clientset
|
|
go run ./vendor/golang.org/x/tools/cmd/goimports -local=github.com/Azure/ARO-RP -e -w ./pkg/operator/clientset ./pkg/operator/apis
|
|
|
|
.PHONY: generate-guardrails
|
|
generate-guardrails:
|
|
cd pkg/operator/controllers/guardrails/policies && ./scripts/generate.sh > /dev/null
|
|
|
|
.PHONY: generate-kiota
|
|
generate-kiota:
|
|
kiota generate --clean-output -l go -o ./pkg/util/graph/graphsdk -n "github.com/Azure/ARO-RP/pkg/util/graph/graphsdk" -d hack/graphsdk/openapi.yaml -c GraphBaseServiceClient --additional-data=False --backing-store=True
|
|
find ./pkg/util/graph/graphsdk -type f -name "*.go" -exec sed -i'' -e 's\github.com/azure/aro-rp\github.com/Azure/ARO-RP\g' {} +
|
|
gofmt -s -w pkg/util/graph/graphsdk
|
|
go run ./vendor/golang.org/x/tools/cmd/goimports -w -local=github.com/Azure/ARO-RP pkg/util/graph/graphsdk
|
|
go run ./hack/validate-imports pkg/util/graph/graphsdk
|
|
go run ./hack/licenses -dirs ./pkg/util/graph/graphsdk
|
|
|
|
.PHONY: init-contrib
|
|
init-contrib:
|
|
install -v hack/git/hooks/* .git/hooks/
|
|
|
|
.PHONY: image-aro-multistage
|
|
image-aro-multistage:
|
|
docker build --platform=linux/amd64 --network=host --no-cache -f Dockerfile.aro-multistage -t $(ARO_IMAGE) --build-arg REGISTRY=$(REGISTRY) .
|
|
|
|
.PHONY: image-autorest
|
|
image-autorest:
|
|
docker build --platform=linux/amd64 --network=host --no-cache --build-arg AUTOREST_VERSION="${AUTOREST_VERSION}" --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.autorest -t ${AUTOREST_IMAGE} .
|
|
|
|
.PHONY: image-fluentbit
|
|
image-fluentbit:
|
|
docker build --platform=linux/amd64 --network=host --build-arg VERSION=$(FLUENTBIT_VERSION) --build-arg MARINER_VERSION=$(MARINER_VERSION) -f Dockerfile.fluentbit -t $(FLUENTBIT_IMAGE) .
|
|
|
|
.PHONY: image-proxy
|
|
image-proxy:
|
|
docker pull $(REGISTRY)/ubi8/ubi-minimal
|
|
docker build --platform=linux/amd64 --no-cache -f Dockerfile.proxy -t $(REGISTRY)/proxy:latest --build-arg REGISTRY=$(REGISTRY) .
|
|
|
|
.PHONY: image-gatekeeper
|
|
image-gatekeeper:
|
|
docker build --platform=linux/amd64 --network=host --build-arg GATEKEEPER_VERSION=$(GATEKEEPER_VERSION) --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.gatekeeper -t $(GATEKEEPER_IMAGE) .
|
|
|
|
.PHONY: publish-image-aro-multistage
|
|
publish-image-aro-multistage: image-aro-multistage
|
|
docker push $(ARO_IMAGE)
|
|
ifeq ("${RP_IMAGE_ACR}-$(BRANCH)","arointsvc-master")
|
|
docker tag $(ARO_IMAGE) arointsvc.azurecr.io/aro:latest
|
|
docker push arointsvc.azurecr.io/aro:latest
|
|
endif
|
|
|
|
.PHONY: publish-image-autorest
|
|
publish-image-autorest: image-autorest
|
|
docker push ${AUTOREST_IMAGE}
|
|
|
|
.PHONY: publish-image-fluentbit
|
|
publish-image-fluentbit: image-fluentbit
|
|
docker push $(FLUENTBIT_IMAGE)
|
|
|
|
.PHONY: publish-image-proxy
|
|
publish-image-proxy: image-proxy
|
|
docker push ${RP_IMAGE_ACR}.azurecr.io/proxy:latest
|
|
|
|
.PHONY: publish-image-gatekeeper
|
|
publish-image-gatekeeper: image-gatekeeper
|
|
docker push $(GATEKEEPER_IMAGE)
|
|
|
|
.PHONY: image-e2e
|
|
image-e2e:
|
|
docker build --platform=linux/amd64 --network=host --no-cache -f Dockerfile.aro-e2e -t $(ARO_IMAGE) --build-arg REGISTRY=$(REGISTRY) .
|
|
|
|
.PHONY: publish-image-e2e
|
|
publish-image-e2e: image-e2e
|
|
docker push $(ARO_IMAGE)
|
|
|
|
.PHONY: extract-aro-docker
|
|
extract-aro-docker:
|
|
hack/ci-utils/extractaro.sh ${ARO_IMAGE}
|
|
|
|
.PHONY: proxy
|
|
proxy:
|
|
CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/proxy
|
|
|
|
.PHONY: run-portal
|
|
run-portal:
|
|
go run -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./cmd/aro portal
|
|
|
|
.PHONY: build-portal
|
|
build-portal:
|
|
cd portal/v2 && npm install && npm run build
|
|
|
|
.PHONY: pyenv
|
|
pyenv:
|
|
python3 -m venv pyenv
|
|
. pyenv/bin/activate && \
|
|
pip install -U pip && \
|
|
pip install -r requirements.txt && \
|
|
azdev setup -r .
|
|
|
|
.PHONY: secrets
|
|
secrets:
|
|
@[ "${SECRET_SA_ACCOUNT_NAME}" ] || ( echo ">> SECRET_SA_ACCOUNT_NAME is not set"; exit 1 )
|
|
rm -rf secrets
|
|
az storage blob download -n secrets.tar.gz -c secrets -f secrets.tar.gz --account-name ${SECRET_SA_ACCOUNT_NAME} >/dev/null
|
|
tar -xzf secrets.tar.gz
|
|
rm secrets.tar.gz
|
|
|
|
.PHONY: secrets-update
|
|
secrets-update:
|
|
@[ "${SECRET_SA_ACCOUNT_NAME}" ] || ( echo ">> SECRET_SA_ACCOUNT_NAME is not set"; exit 1 )
|
|
tar -czf secrets.tar.gz secrets
|
|
az storage blob upload -n secrets.tar.gz -c secrets -f secrets.tar.gz --overwrite --account-name ${SECRET_SA_ACCOUNT_NAME} >/dev/null
|
|
rm secrets.tar.gz
|
|
|
|
.PHONY: tunnel
|
|
tunnel:
|
|
go run ./hack/tunnel $(shell az network public-ip show -g ${RESOURCEGROUP} -n rp-pip --query 'ipAddress')
|
|
|
|
.PHONY: e2e.test
|
|
e2e.test:
|
|
go test ./test/e2e/... -tags e2e,codec.safe -c -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" -o e2e.test
|
|
|
|
.PHONY: e2etools
|
|
e2etools:
|
|
CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/cluster
|
|
CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/db
|
|
CGO_ENABLED=0 go build -ldflags "-X github.com/Azure/ARO-RP/pkg/util/version.GitCommit=$(VERSION)" ./hack/portalauth
|
|
CGO_ENABLED=0 go build ./hack/jq
|
|
|
|
.PHONY: test-e2e
|
|
test-e2e: e2e.test
|
|
./e2e.test $(E2E_FLAGS) --ginkgo.label-filter="$(E2E_LABEL)"
|
|
|
|
.PHONY: test-go
|
|
test-go: generate build-all validate-go lint-go unit-test-go
|
|
|
|
.PHONY: validate-go
|
|
validate-go:
|
|
gofmt -s -w cmd hack pkg test
|
|
go run ./vendor/golang.org/x/tools/cmd/goimports -w -local=github.com/Azure/ARO-RP cmd hack pkg test
|
|
go run ./hack/validate-imports cmd hack pkg test
|
|
go run ./hack/licenses
|
|
@[ -z "$$(ls pkg/util/*.go 2>/dev/null)" ] || (echo error: go files are not allowed in pkg/util, use a subpackage; exit 1)
|
|
@[ -z "$$(find -name "*:*")" ] || (echo error: filenames with colons are not allowed on Windows, please rename; exit 1)
|
|
@sha256sum --quiet -c .sha256sum || (echo error: client library is stale, please run make client; exit 1)
|
|
go test -tags e2e -run ^$$ ./test/e2e/...
|
|
|
|
.PHONY: validate-go-action
|
|
validate-go-action:
|
|
go run ./hack/licenses -validate -ignored-go vendor,pkg/client,.git -ignored-python python/client,python/az/aro/azext_aro/aaz,vendor,.git
|
|
go run ./hack/validate-imports cmd hack pkg test
|
|
@[ -z "$$(ls pkg/util/*.go 2>/dev/null)" ] || (echo error: go files are not allowed in pkg/util, use a subpackage; exit 1)
|
|
@[ -z "$$(find -name "*:*")" ] || (echo error: filenames with colons are not allowed on Windows, please rename; exit 1)
|
|
@sha256sum --quiet -c .sha256sum || (echo error: client library is stale, please run make client; exit 1)
|
|
|
|
.PHONY: validate-fips
|
|
validate-fips:
|
|
hack/fips/validate-fips.sh ./aro
|
|
|
|
.PHONY: unit-test-go
|
|
unit-test-go:
|
|
go run ${GOTESTSUM} --format pkgname --junitfile report.xml -- -coverprofile=cover.out ./...
|
|
|
|
.PHONY: unit-test-go-coverpkg
|
|
unit-test-go-coverpkg:
|
|
go run ${GOTESTSUM} --format pkgname --junitfile report.xml -- -coverpkg=./... -coverprofile=cover_coverpkg.out ./...
|
|
|
|
.PHONY: lint-go
|
|
lint-go:
|
|
hack/lint-go.sh
|
|
|
|
.PHONY: lint-admin-portal
|
|
lint-admin-portal:
|
|
docker build --platform=linux/amd64 --build-arg REGISTRY=$(REGISTRY) -f Dockerfile.portal_lint . -t linter:latest --no-cache
|
|
docker run --platform=linux/amd64 -t --rm linter:latest
|
|
|
|
.PHONY: test-python
|
|
test-python: pyenv az
|
|
. pyenv/bin/activate && \
|
|
azdev linter && \
|
|
azdev style && \
|
|
hack/unit-test-python.sh
|
|
|
|
.PHONY: shared-cluster-login
|
|
shared-cluster-login:
|
|
@oc login $(shell az aro show -g sre-shared-cluster -n sre-shared-cluster -ojson --query apiserverProfile.url) \
|
|
-u kubeadmin \
|
|
-p $(shell az aro list-credentials -g sre-shared-cluster -n sre-shared-cluster -ojson --query "kubeadminPassword")
|
|
|
|
.PHONY: shared-cluster-create
|
|
shared-cluster-create:
|
|
./hack/shared-cluster.sh create
|
|
|
|
.PHONY: shared-cluster-delete
|
|
shared-cluster-delete:
|
|
./hack/shared-cluster.sh delete
|
|
|
|
.PHONY: unit-test-python
|
|
unit-test-python:
|
|
hack/unit-test-python.sh
|
|
|
|
.PHONY: admin.kubeconfig
|
|
admin.kubeconfig:
|
|
hack/get-admin-kubeconfig.sh /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCEGROUP}/providers/Microsoft.RedHatOpenShift/openShiftClusters/${CLUSTER} >admin.kubeconfig
|
|
|
|
.PHONY: aks.kubeconfig
|
|
aks.kubeconfig:
|
|
hack/get-admin-aks-kubeconfig.sh
|
|
|
|
.PHONY: go-tidy
|
|
go-tidy: # Run go mod tidy - add missing and remove unused modules.
|
|
go mod tidy -compat=${GOLANG_VERSION}
|
|
|
|
.PHONY: go-vendor
|
|
go-vendor: # Run go mod vendor - only modules that are used in the source code will be vendored in (make vendored copy of dependencies).
|
|
go mod vendor
|
|
|
|
.PHONY: go-verify
|
|
go-verify: go-tidy go-vendor # Run go mod verify - verify dependencies have expected content
|
|
go mod verify
|
|
|
|
.PHONY: vendor
|
|
vendor:
|
|
# See comments in the script for background on why we need it
|
|
hack/update-go-module-dependencies.sh
|
|
$(MAKE) go-verify
|
|
|
|
.PHONY: install-go-tools
|
|
install-go-tools:
|
|
go install ${GOTESTSUM}
|