mirror of
https://github.com/cloudnativelabs/kube-router.git
synced 2026-05-04 22:26:16 +02:00
c869af25a3
* build: Dependency bumps to prep for release 2.9.0 * fix(typos): Update typos config to match IZ on txt files in testdata * chore(lint): Address issues from newer versions of golangci-lint * fix(dockerfile): Update iptables-wrapper install according to updated installation instructions
334 lines
15 KiB
Makefile
334 lines
15 KiB
Makefile
NAME?=kube-router
|
|
GOARCH?=$(shell go env GOARCH)
|
|
DEV_SUFFIX?=-git
|
|
OSX=$(filter Darwin,$(shell uname))
|
|
BUILD_DATE?=$(shell date +%Y-%m-%dT%H:%M:%S%z)
|
|
IMG_NAMESPACE?=cloudnativelabs
|
|
GIT_COMMIT=$(shell git describe --tags --dirty)
|
|
GIT_BRANCH?=$(shell git rev-parse --abbrev-ref HEAD)
|
|
IMG_TAG?=$(if $(IMG_TAG_PREFIX),$(IMG_TAG_PREFIX)-)$(if $(ARCH_TAG_PREFIX),$(ARCH_TAG_PREFIX)-)$(GIT_BRANCH)
|
|
MANIFEST_TAG?=$(if $(IMG_TAG_PREFIX),$(IMG_TAG_PREFIX)-)$(GIT_BRANCH)
|
|
RELEASE_TAG?=$(GOARCH)-$(shell git describe --exact-match || echo -n)
|
|
REGISTRY?=$(if $(IMG_FQDN),$(IMG_FQDN)/$(IMG_NAMESPACE)/$(NAME),$(IMG_NAMESPACE)/$(NAME))
|
|
REGISTRY_DEV?=$(REGISTRY)$(DEV_SUFFIX)
|
|
IN_DOCKER_GROUP=$(filter docker,$(shell groups))
|
|
IS_ROOT=$(filter 0,$(shell id -u))
|
|
DOCKER=$(if $(or $(IN_DOCKER_GROUP),$(IS_ROOT),$(OSX)),docker,sudo docker)
|
|
MAKEFILE_DIR=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
|
|
UPSTREAM_IMPORT_PATH=$(GOPATH)/src/github.com/cloudnativelabs/kube-router/
|
|
BUILD_IN_DOCKER?=true
|
|
# See Versions: https://hub.docker.com/_/golang
|
|
DOCKER_BUILD_IMAGE?=golang:1.25.9-alpine3.23@sha256:5caaf1cca9dc351e13deafbc3879fd4754801acba8653fa9540cea125d01a71f
|
|
## These variables are used by the Dockerfile as the bases for building and creating the runtime container
|
|
## During CI these come from .github/workflows/ci.yaml below we define for local builds as well
|
|
GO_CACHE?=$(shell go env GOCACHE)
|
|
GO_MOD_CACHE?=$(shell go env GOMODCACHE)
|
|
BUILDTIME_BASE?=$(DOCKER_BUILD_IMAGE)
|
|
# See Versions: https://hub.docker.com/_/alpine
|
|
RUNTIME_BASE?=alpine:3.23.4@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11
|
|
# See Versions: https://hub.docker.com/r/golangci/golangci-lint/tags
|
|
DOCKER_LINT_IMAGE?=golangci/golangci-lint:v2.11.4@sha256:67dfc9eeeb0eb13fc1a36329c2c378197dc561f1edf1a7792e3f771606bb0e15
|
|
# See Versions: https://hub.docker.com/r/tmknom/markdownlint/tags
|
|
DOCKER_MARKDOWNLINT_IMAGE?=tmknom/markdownlint:0.45.0@sha256:a9509a9d50a82781aa4cd0a48f182da55233071fb19454bc70cecc2782359c3c
|
|
# See Versions: https://hub.docker.com/_/node
|
|
DOCKER_DOCTOC_IMAGE?=node:alpine@sha256:bdf2cca6fe3dabd014ea60163eca3f0f7015fbd5c7ee1b0e9ccb4ced6eb02ef4
|
|
# See Versions: https://www.npmjs.com/package/doctoc
|
|
DOCTOC_VERSION=2.4.1
|
|
# See Versions: https://github.com/crate-ci/typos/releases
|
|
TYPOS_VERSION=v1.45.2
|
|
# See Versions: https://github.com/osrg/gobgp/releases
|
|
GOBGP_VERSION=v4.4.0
|
|
QEMU_IMAGE?=multiarch/qemu-user-static:7.2.0-1@sha256:fe60359c92e86a43cc87b3d906006245f77bfc0565676b80004cc666e4feb9f0
|
|
# See Versions: https://github.com/goreleaser/goreleaser/releases
|
|
GORELEASER_VERSION=v2.15.4
|
|
# See Versions: https://github.com/anchore/grype/releases
|
|
GRYPE_VERSION=v0.111.1
|
|
GRYPE_IMAGE?=anchore/grype:$(GRYPE_VERSION)
|
|
# See Versions: https://github.com/containernetworking/plugins/releases
|
|
CNI_VERSION=v1.9.1
|
|
UID?=$(shell id -u)
|
|
ifeq ($(GOARCH), arm)
|
|
ARCH_TAG_PREFIX=$(GOARCH)
|
|
FILE_ARCH=ARM
|
|
DOCKER_ARCH=arm32v6/
|
|
else ifeq ($(GOARCH), arm64)
|
|
ARCH_TAG_PREFIX=$(GOARCH)
|
|
FILE_ARCH=ARM aarch64
|
|
DOCKER_ARCH=arm64v8/
|
|
else ifeq ($(GOARCH), s390x)
|
|
ARCH_TAG_PREFIX=$(GOARCH)
|
|
FILE_ARCH=IBM S/390
|
|
DOCKER_ARCH=s390x/
|
|
else ifeq ($(GOARCH), ppc64le)
|
|
ARCH_TAG_PREFIX=$(GOARCH)
|
|
FILE_ARCH=64-bit PowerPC
|
|
DOCKER_ARCH=ppc64le/
|
|
else ifeq ($(GOARCH), riscv64)
|
|
ARCH_TAG_PREFIX=$(GOARCH)
|
|
FILE_ARCH=UCB RISC-V, RVC, double-float ABI
|
|
DOCKER_ARCH=riscv64/
|
|
else
|
|
ARCH_TAG_PREFIX=amd64
|
|
FILE_ARCH=x86-64
|
|
DOCKER_ARCH=
|
|
endif
|
|
$(info Building for GOARCH=$(GOARCH))
|
|
all: doctoc lint test-pretty kube-router container ## Default target. Lints code, runs tests, builds binaries and images.
|
|
|
|
kube-router:
|
|
@echo Starting kube-router binary build.
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
|
|
sh -c \
|
|
'GOARCH=$(GOARCH) CGO_ENABLED=0 go build \
|
|
-ldflags "-X github.com/cloudnativelabs/kube-router/v2/pkg/version.Version=$(GIT_COMMIT) -X github.com/cloudnativelabs/kube-router/v2/pkg/version.BuildDate=$(BUILD_DATE)" \
|
|
-o kube-router cmd/kube-router/kube-router.go'
|
|
else
|
|
GOARCH=$(GOARCH) CGO_ENABLED=0 go build \
|
|
-ldflags "-X github.com/cloudnativelabs/kube-router/v2/pkg/version.Version=$(GIT_COMMIT) -X github.com/cloudnativelabs/kube-router/v2/pkg/version.BuildDate=$(BUILD_DATE)" \
|
|
-o kube-router cmd/kube-router/kube-router.go
|
|
endif
|
|
@echo Finished kube-router binary build.
|
|
|
|
test: gofmt ## Runs code quality pipelines (gofmt, tests, coverage, etc)
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
|
|
sh -c \
|
|
'CGO_ENABLED=0 go test -v -timeout 30s github.com/cloudnativelabs/kube-router/v2/cmd/kube-router/ github.com/cloudnativelabs/kube-router/v2/...'
|
|
else
|
|
go test -v -timeout 30s github.com/cloudnativelabs/kube-router/v2/cmd/kube-router/ github.com/cloudnativelabs/kube-router/v2/...
|
|
endif
|
|
|
|
test-pretty: gofmt ## Runs code quality pipelines (gofmt, tests, coverage, etc)
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
|
|
sh -c \
|
|
'CGO_ENABLED=0 go tool gotestsum --format gotestdox -- -timeout 30s github.com/cloudnativelabs/kube-router/v2/cmd/kube-router/ github.com/cloudnativelabs/kube-router/v2/...'
|
|
else
|
|
go tool gotestsum --format gotestdox -- -timeout 30s github.com/cloudnativelabs/kube-router/v2/cmd/kube-router/ github.com/cloudnativelabs/kube-router/v2/...
|
|
endif
|
|
|
|
lint: gofmt markdownlint spellcheck
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_LINT_IMAGE) \
|
|
bash -c \
|
|
'golangci-lint run ./...'
|
|
else
|
|
golangci-lint run ./...
|
|
endif
|
|
|
|
markdownlint:
|
|
$(DOCKER) run -v $(PWD):/work $(DOCKER_MARKDOWNLINT_IMAGE) -- README.md docs
|
|
|
|
doctoc: ## Regenerates table of contents in docs that have doctoc markers.
|
|
$(DOCKER) run --rm -v $(PWD):/work -w /work $(DOCKER_DOCTOC_IMAGE) npx doctoc@$(DOCTOC_VERSION) docs/ --github --maxlevel 3 --notitle --update-only
|
|
|
|
spellcheck: ## Checks for spelling mistakes in code and documentation.
|
|
$(DOCKER) run --rm -v $(PWD):/work -w /work $(RUNTIME_BASE) sh -c \
|
|
'wget -qO- https://github.com/crate-ci/typos/releases/download/$(TYPOS_VERSION)/typos-$(TYPOS_VERSION)-x86_64-unknown-linux-musl.tar.gz | tar xz -C /usr/local/bin && typos'
|
|
|
|
run: kube-router ## Runs "kube-router --help".
|
|
./kube-router --help
|
|
|
|
container: kube-router gobgp multiarch-binverify cni-download ## Builds a Docker container image.
|
|
@echo Starting kube-router container image build for $(GOARCH) on $(shell go env GOHOSTARCH)
|
|
@if [ "$(GOARCH)" != "$(shell go env GOHOSTARCH)" ]; then \
|
|
echo "Using qemu to build non-native container"; \
|
|
$(DOCKER) run --rm --privileged $(QEMU_IMAGE) --reset -p yes; \
|
|
fi
|
|
$(DOCKER) build -t "$(REGISTRY_DEV):$(subst /,,$(IMG_TAG))" -f Dockerfile --build-arg ARCH="$(DOCKER_ARCH)" \
|
|
--build-arg BUILDTIME_BASE="$(BUILDTIME_BASE)" --build-arg RUNTIME_BASE="$(RUNTIME_BASE)" .
|
|
@if [ "$(GIT_BRANCH)" = "master" ]; then \
|
|
$(DOCKER) tag "$(REGISTRY_DEV):$(IMG_TAG)" "$(REGISTRY_DEV)"; \
|
|
fi
|
|
@echo Finished kube-router container image build.
|
|
|
|
scan: container ## Scans the locally built container image for HIGH and CRITICAL CVEs using Grype.
|
|
@echo Starting CVE scan of $(REGISTRY_DEV):$(subst /,,$(IMG_TAG))
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run --rm \
|
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
|
-v $(PWD):/work \
|
|
-w /work \
|
|
$(GRYPE_IMAGE) \
|
|
"$(REGISTRY_DEV):$(subst /,,$(IMG_TAG))" --fail-on high
|
|
else
|
|
grype "$(REGISTRY_DEV):$(subst /,,$(IMG_TAG))" --fail-on high
|
|
endif
|
|
@echo Finished CVE scan.
|
|
|
|
docker-login: ## Logs into a docker registry using {DOCKER,QUAY}_{USERNAME,PASSWORD} variables.
|
|
@echo Starting docker login target.
|
|
@if [ -n "$(DOCKER_USERNAME)" ] && [ -n "$(DOCKER_PASSWORD)" ]; then \
|
|
echo Starting DockerHub registry login.; \
|
|
$(DOCKER) login -u="$(value DOCKER_USERNAME)" -p="$(value DOCKER_PASSWORD)"; \
|
|
echo Finished DockerHub registry login.; \
|
|
fi
|
|
|
|
@if [ -n "$(QUAY_USERNAME)" ] && [ -n "$(QUAY_PASSWORD)" ]; then \
|
|
echo Starting quay.io registry login.; \
|
|
$(DOCKER) login -u="$(value QUAY_USERNAME)" -p="$(value QUAY_PASSWORD)" quay.io; \
|
|
echo Finished quay.io registry login.; \
|
|
fi
|
|
@echo Finished docker login target.
|
|
|
|
push: container docker-login ## Pushes a Docker container image to a registry.
|
|
@echo Starting kube-router container image push.
|
|
$(DOCKER) push "$(REGISTRY_DEV):$(subst /,,$(IMG_TAG))"
|
|
@echo Finished kube-router container image push.
|
|
|
|
push-manifest:
|
|
@echo Starting kube-router manifest push.
|
|
./manifest-tool push from-args \
|
|
--platforms linux/amd64,linux/arm64,linux/arm,linux/s390x,linux/ppc64le \
|
|
--template "$(REGISTRY_DEV):ARCH-$(MANIFEST_TAG)" \
|
|
--target "$(REGISTRY_DEV):$(MANIFEST_TAG)"
|
|
|
|
push-release: push
|
|
@echo Starting kube-router release container image push.
|
|
@test -n "$(RELEASE_TAG)"
|
|
$(DOCKER) tag "$(REGISTRY_DEV):$(IMG_TAG)" "$(REGISTRY):$(RELEASE_TAG)"
|
|
$(DOCKER) push "$(REGISTRY)"
|
|
@echo Finished kube-router release container image push.
|
|
|
|
push-manifest-release:
|
|
@echo Starting kube-router manifest push.
|
|
./manifest-tool push from-args \
|
|
--platforms linux/amd64,linux/arm64,linux/arm,linux/s390x,linux/ppc64le \
|
|
--template "$(REGISTRY):ARCH-${RELEASE_TAG}" \
|
|
--target "$(REGISTRY):$(RELEASE_TAG)"
|
|
|
|
./manifest-tool push from-args \
|
|
--platforms linux/amd64,linux/arm64,linux/arm,linux/s390x,linux/ppc64le \
|
|
--template "$(REGISTRY):ARCH-${RELEASE_TAG}" \
|
|
--target "$(REGISTRY):latest"
|
|
|
|
github-release:
|
|
@echo Starting kube-router GitHub release creation.
|
|
@[ -n "$(value GITHUB_TOKEN)" ] && \
|
|
GITHUB_TOKEN=$(value GITHUB_TOKEN); \
|
|
curl -sL https://git.io/goreleaser | VERSION=$(GORELEASER_VERSION) bash
|
|
@echo Finished kube-router GitHub release creation.
|
|
|
|
release: push-release github-release ## Pushes a release to DockerHub and GitHub
|
|
@echo Finished kube-router release target.
|
|
|
|
clean: ## Removes the kube-router binary and Docker images
|
|
rm -f kube-router
|
|
rm -f gobgp
|
|
rm -rf cni-download
|
|
if [ $(shell $(DOCKER) images -q $(REGISTRY_DEV):$(IMG_TAG) 2> /dev/null) ]; then \
|
|
$(DOCKER) rmi $(REGISTRY_DEV):$(IMG_TAG); \
|
|
fi
|
|
gofmt: ## Tells you what files need to be gofmt'd.
|
|
gofmt -l -s $(shell find . -not \( \( -wholename '*/vendor/*' \) -prune \) -name '*.go')
|
|
|
|
gofmt-fix: ## Fixes files that need to be gofmt'd.
|
|
gofmt -s -w $(shell find . -not \( \( -wholename '*/vendor/*' \) -prune \) -name '*.go')
|
|
goimports -w $(shell find . -not \( \( -wholename '*/vendor/*' \) -prune \) -name '*.go')
|
|
|
|
# List of all file_moq.go files which would need to be regenerated
|
|
# from file.go if changed
|
|
gomoqs: ./pkg/controllers/proxy/linux_networking_moq.go ./pkg/utils/iptables_moq.go
|
|
|
|
# file_moq.go file is generated from file.go "//go:generate moq ..." in-file
|
|
# annotation, as it needs to know which interfaces to create mock stubs for
|
|
%_moq.go: %.go
|
|
rm -f $(*)_moq.go
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
|
|
sh -c 'go generate -v $(*).go && chown $(UID) $(*)_moq.go'
|
|
else
|
|
go generate -v $(*).go
|
|
endif
|
|
|
|
gobgp:
|
|
@echo Building gobgp
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run -v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router $(DOCKER_BUILD_IMAGE) \
|
|
sh -c \
|
|
'CGO_ENABLED=0 GOARCH=$(GOARCH) GOOS=linux go install github.com/osrg/gobgp/v4/cmd/gobgp@$(GOBGP_VERSION) && if [ ${GOARCH} != $$(go env GOHOSTARCH) ]; then PREFIX=linux_${GOARCH}; fi && cp $$(go env GOPATH)/bin/$${PREFIX}/gobgp .'
|
|
else
|
|
CGO_ENABLED=0 GOARCH=$(GOARCH) GOOS=linux go install github.com/osrg/gobgp/v4/cmd/gobgp@$(GOBGP_VERSION) && if [ ${GOARCH} != $$(go env GOHOSTARCH) ]; then PREFIX=linux_${GOARCH}; fi && cp $$(go env GOPATH)/bin/$${PREFIX}/gobgp .
|
|
endif
|
|
@echo Finished building gobgp.
|
|
|
|
multiarch-binverify:
|
|
@echo 'Verifying kube-router gobgp for ARCH=$(FILE_ARCH) ...'
|
|
@[ `file kube-router gobgp| cut -d, -f2 |grep -cw "$(FILE_ARCH)"` -eq 2 ]
|
|
|
|
cni-download:
|
|
@echo Downloading CNI Plugins for $(GOARCH)
|
|
curl -L -o cni-plugins-$(GOARCH).tgz \
|
|
https://github.com/containernetworking/plugins/releases/download/$(CNI_VERSION)/cni-plugins-linux-$(GOARCH)-$(CNI_VERSION).tgz
|
|
mkdir -p cni-download
|
|
tar -xf cni-plugins-$(GOARCH).tgz -C cni-download
|
|
rm -f cni-plugins-$(GOARCH).tgz
|
|
|
|
update-deps: ## Updates all dependency versions, resolves digests, and pins SHAs.
|
|
@echo Starting dependency update.
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run --rm \
|
|
-v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router/build/dependency-updater \
|
|
-e GITHUB_TOKEN=$(GITHUB_TOKEN) \
|
|
-e GH_TOKEN=$(GH_TOKEN) \
|
|
$(DOCKER_BUILD_IMAGE) \
|
|
sh -c 'go run . --all --project-root=/go/src/github.com/cloudnativelabs/kube-router'
|
|
else
|
|
cd $(MAKEFILE_DIR)build/dependency-updater && go run . --all --project-root=$(MAKEFILE_DIR)
|
|
endif
|
|
@echo Finished dependency update.
|
|
|
|
update-deps-dry: ## Shows what dependency updates would be made without applying them.
|
|
@echo Starting dependency update dry-run.
|
|
ifeq "$(BUILD_IN_DOCKER)" "true"
|
|
$(DOCKER) run --rm \
|
|
-v $(PWD):/go/src/github.com/cloudnativelabs/kube-router \
|
|
-v $(GO_CACHE):/root/.cache/go-build \
|
|
-v $(GO_MOD_CACHE):/go/pkg/mod \
|
|
-w /go/src/github.com/cloudnativelabs/kube-router/build/dependency-updater \
|
|
-e GITHUB_TOKEN=$(GITHUB_TOKEN) \
|
|
-e GH_TOKEN=$(GH_TOKEN) \
|
|
$(DOCKER_BUILD_IMAGE) \
|
|
sh -c 'go run . --all --dry-run --project-root=/go/src/github.com/cloudnativelabs/kube-router'
|
|
else
|
|
cd $(MAKEFILE_DIR)build/dependency-updater && go run . --all --dry-run --project-root=$(MAKEFILE_DIR)
|
|
endif
|
|
@echo Finished dependency update dry-run.
|
|
|
|
prep-release: update-deps doctoc lint test-pretty kube-router container scan ## Prepares for a release: updates deps, runs all checks, builds, and scans for CVEs.
|
|
@echo Finished prep-release. Review any dependency changes and commit before tagging.
|
|
|
|
# http://marmelab.com/blog/2016/02/29/auto-documented-makefile.html
|
|
help:
|
|
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | \
|
|
awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-22s\033[0m %s\n", $$1, $$2}'
|
|
|
|
.PHONY: clean container run release goreleaser push gofmt gofmt-fix gomoqs scan
|
|
.PHONY: test test-pretty lint docker-login push-manifest push-manifest-release
|
|
.PHONY: push-release github-release help multiarch-binverify markdownlint doctoc
|
|
.PHONY: spellcheck update-deps update-deps-dry prep-release
|
|
|
|
.DEFAULT: all
|