evan.jarrett.net / secret-service-operator
Kubernetes Operator that creates Service Endpoints from Secrets
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

secret-service-operator / Makefile
at main 324 lines 14 kB view raw
Evan Jarrett update lint
39d8b56a
1# VERSION defines the project version for the bundle. 2# Update this value when you upgrade the version of your project. 3# To re-generate a bundle for another specific version without changing the standard setup, you can: 4# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) 5# - use environment variables to overwrite this value (e.g export VERSION=0.0.2) 6VERSION ?= 0.3.1 7 8# CHANNELS define the bundle channels used in the bundle. 9# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") 10# To re-generate a bundle for other specific channels without changing the standard setup, you can: 11# - use the CHANNELS as arg of the bundle target (e.g make bundle CHANNELS=candidate,fast,stable) 12# - use environment variables to overwrite this value (e.g export CHANNELS="candidate,fast,stable") 13ifneq ($(origin CHANNELS), undefined) 14BUNDLE_CHANNELS := --channels=$(CHANNELS) 15endif 16 17# DEFAULT_CHANNEL defines the default channel used in the bundle. 18# Add a new line here if you would like to change its default config. (E.g DEFAULT_CHANNEL = "stable") 19# To re-generate a bundle for any other default channel without changing the default setup, you can: 20# - use the DEFAULT_CHANNEL as arg of the bundle target (e.g make bundle DEFAULT_CHANNEL=stable) 21# - use environment variables to overwrite this value (e.g export DEFAULT_CHANNEL="stable") 22ifneq ($(origin DEFAULT_CHANNEL), undefined) 23BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL) 24endif 25BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) 26 27# IMAGE_TAG_BASE defines the docker.io namespace and part of the image name for remote images. 28# This variable is used to construct full image tags for bundle and catalog images. 29# 30# For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both 31# j5t.io/secret-service-operator-bundle:$VERSION and j5t.io/secret-service-operator-catalog:$VERSION. 32IMAGE_TAG_BASE ?= j5t.io/secret-service-operator 33 34# BUNDLE_IMG defines the image:tag used for the bundle. 35# You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=<some-registry>/<project-name-bundle>:<tag>) 36BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION) 37 38# BUNDLE_GEN_FLAGS are the flags passed to the operator-sdk generate bundle command 39BUNDLE_GEN_FLAGS ?= -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS) 40 41# USE_IMAGE_DIGESTS defines if images are resolved via tags or digests 42# You can enable this value if you would like to use SHA Based Digests 43# To enable set flag to true 44USE_IMAGE_DIGESTS ?= false 45ifeq ($(USE_IMAGE_DIGESTS), true) 46 BUNDLE_GEN_FLAGS += --use-image-digests 47endif 48 49# Set the Operator SDK version to use. By default, what is installed on the system is used. 50# This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit. 51OPERATOR_SDK_VERSION ?= v1.39.2 52# Image URL to use all building/pushing image targets 53IMG ?= controller:latest 54# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. 55ENVTEST_K8S_VERSION = 1.35.0 56 57# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) 58ifeq (,$(shell go env GOBIN)) 59GOBIN=$(shell go env GOPATH)/bin 60else 61GOBIN=$(shell go env GOBIN) 62endif 63 64# CONTAINER_TOOL defines the container tool to be used for building images. 65# Be aware that the target commands are only tested with Docker which is 66# scaffolded by default. However, you might want to replace it to use other 67# tools. (i.e. podman) 68CONTAINER_TOOL ?= docker 69 70# Setting SHELL to bash allows bash commands to be executed by recipes. 71# Options are set to exit when a recipe line exits non-zero or a piped command fails. 72SHELL = /usr/bin/env bash -o pipefail 73.SHELLFLAGS = -ec 74 75.PHONY: all 76all: build 77 78##@ General 79 80# The help target prints out all targets with their descriptions organized 81# beneath their categories. The categories are represented by '##@' and the 82# target descriptions by '##'. The awk command is responsible for reading the 83# entire set of makefiles included in this invocation, looking for lines of the 84# file as xyz: ## something, and then pretty-format the target and help. Then, 85# if there's a line with ##@ something, that gets pretty-printed as a category. 86# More info on the usage of ANSI control characters for terminal formatting: 87# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters 88# More info on the awk command: 89# http://linuxcommand.org/lc3_adv_awk.php 90 91.PHONY: help 92help: ## Display this help. 93 @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) 94 95##@ Development 96 97.PHONY: manifests 98manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. 99 $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases 100 101.PHONY: generate 102generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. 103 $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." 104 105.PHONY: fmt 106fmt: ## Run go fmt against code. 107 go fmt ./... 108 109.PHONY: vet 110vet: ## Run go vet against code. 111 go vet ./... 112 113.PHONY: test 114test: manifests generate fmt vet envtest ## Run tests. 115 KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e) -coverprofile cover.out 116 117# Utilize Kind or modify the e2e tests to load the image locally, enabling compatibility with other vendors. 118.PHONY: test-e2e # Run the e2e tests against a Kind k8s instance that is spun up. 119test-e2e: 120 go test ./test/e2e/ -v -ginkgo.v 121 122.PHONY: lint 123lint: golangci-lint ## Run golangci-lint linter 124 $(GOLANGCI_LINT) run 125 126.PHONY: lint-fix 127lint-fix: golangci-lint ## Run golangci-lint linter and perform fixes 128 $(GOLANGCI_LINT) run --fix 129 130##@ Build 131 132.PHONY: build 133build: manifests generate fmt vet ## Build manager binary. 134 go build -o bin/manager cmd/main.go 135 136.PHONY: run 137run: manifests generate fmt vet ## Run a controller from your host. 138 go run ./cmd/main.go 139 140# If you wish to build the manager image targeting other platforms you can use the --platform flag. 141# (i.e. docker build --platform linux/arm64). However, you must enable docker buildKit for it. 142# More info: https://docs.docker.com/develop/develop-images/build_enhancements/ 143.PHONY: docker-build 144docker-build: ## Build docker image with the manager. 145 $(CONTAINER_TOOL) build -t ${IMG} . 146 147.PHONY: docker-push 148docker-push: ## Push docker image with the manager. 149 $(CONTAINER_TOOL) push ${IMG} 150 151# PLATFORMS defines the target platforms for the manager image be built to provide support to multiple 152# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: 153# - be able to use docker buildx. More info: https://docs.docker.com/build/buildx/ 154# - have enabled BuildKit. More info: https://docs.docker.com/develop/develop-images/build_enhancements/ 155# - be able to push the image to your registry (i.e. if you do not set a valid value via IMG=<myregistry/image:<tag>> then the export will fail) 156# To adequately provide solutions that are compatible with multiple platforms, you should consider using this option. 157PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le 158.PHONY: docker-buildx 159docker-buildx: ## Build and push docker image for the manager for cross-platform support 160 # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile 161 sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross 162 - $(CONTAINER_TOOL) buildx create --name secret-service-operator-builder 163 $(CONTAINER_TOOL) buildx use secret-service-operator-builder 164 - $(CONTAINER_TOOL) buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . 165 - $(CONTAINER_TOOL) buildx rm secret-service-operator-builder 166 rm Dockerfile.cross 167 168.PHONY: build-installer 169build-installer: manifests generate kustomize ## Generate a consolidated YAML with CRDs and deployment. 170 mkdir -p dist 171 cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} 172 $(KUSTOMIZE) build config/default > dist/install.yaml 173 174##@ Deployment 175 176ifndef ignore-not-found 177 ignore-not-found = false 178endif 179 180.PHONY: install 181install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. 182 $(KUSTOMIZE) build config/crd | $(KUBECTL) apply -f - 183 184.PHONY: uninstall 185uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. 186 $(KUSTOMIZE) build config/crd | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - 187 188.PHONY: deploy 189deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. 190 cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} 191 $(KUSTOMIZE) build config/default | $(KUBECTL) apply -f - 192 193.PHONY: undeploy 194undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. 195 $(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - 196 197##@ Dependencies 198 199## Location to install dependencies to 200LOCALBIN ?= $(shell pwd)/bin 201$(LOCALBIN): 202 mkdir -p $(LOCALBIN) 203 204## Tool Binaries 205KUBECTL ?= kubectl 206KUSTOMIZE ?= $(LOCALBIN)/kustomize 207CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen 208ENVTEST ?= $(LOCALBIN)/setup-envtest 209GOLANGCI_LINT = $(LOCALBIN)/golangci-lint 210 211## Tool Versions 212KUSTOMIZE_VERSION ?= v5.4.3 213CONTROLLER_TOOLS_VERSION ?= v0.18.0 214ENVTEST_VERSION ?= release-0.23 215GOLANGCI_LINT_VERSION ?= v2.7.2 216 217.PHONY: kustomize 218kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. 219$(KUSTOMIZE): $(LOCALBIN) 220 $(call go-install-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v5,$(KUSTOMIZE_VERSION)) 221 222.PHONY: controller-gen 223controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. 224$(CONTROLLER_GEN): $(LOCALBIN) 225 $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen,$(CONTROLLER_TOOLS_VERSION)) 226 227.PHONY: envtest 228envtest: $(ENVTEST) ## Download setup-envtest locally if necessary. 229$(ENVTEST): $(LOCALBIN) 230 $(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,$(ENVTEST_VERSION)) 231 232.PHONY: golangci-lint 233golangci-lint: $(GOLANGCI_LINT) ## Download golangci-lint locally if necessary. 234$(GOLANGCI_LINT): $(LOCALBIN) 235 $(call go-install-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/v2/cmd/golangci-lint,$(GOLANGCI_LINT_VERSION)) 236 237# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist 238# $1 - target path with name of binary 239# $2 - package url which can be installed 240# $3 - specific version of package 241define go-install-tool 242@[ -f "$(1)-$(3)" ] || { \ 243set -e; \ 244package=$(2)@$(3) ;\ 245echo "Downloading $${package}" ;\ 246rm -f $(1) || true ;\ 247GOBIN=$(LOCALBIN) go install $${package} ;\ 248mv $(1) $(1)-$(3) ;\ 249} ;\ 250ln -sf $(1)-$(3) $(1) 251endef 252 253.PHONY: operator-sdk 254OPERATOR_SDK ?= $(LOCALBIN)/operator-sdk 255operator-sdk: ## Download operator-sdk locally if necessary. 256ifeq (,$(wildcard $(OPERATOR_SDK))) 257ifeq (, $(shell which operator-sdk 2>/dev/null)) 258 @{ \ 259 set -e ;\ 260 mkdir -p $(dir $(OPERATOR_SDK)) ;\ 261 OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ 262 curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$${OS}_$${ARCH} ;\ 263 chmod +x $(OPERATOR_SDK) ;\ 264 } 265else 266OPERATOR_SDK = $(shell which operator-sdk) 267endif 268endif 269 270.PHONY: bundle 271bundle: manifests kustomize operator-sdk ## Generate bundle manifests and metadata, then validate generated files. 272 $(OPERATOR_SDK) generate kustomize manifests -q 273 cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) 274 $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) 275 $(OPERATOR_SDK) bundle validate ./bundle 276 277.PHONY: bundle-build 278bundle-build: ## Build the bundle image. 279 docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) . 280 281.PHONY: bundle-push 282bundle-push: ## Push the bundle image. 283 $(MAKE) docker-push IMG=$(BUNDLE_IMG) 284 285.PHONY: opm 286OPM = $(LOCALBIN)/opm 287opm: ## Download opm locally if necessary. 288ifeq (,$(wildcard $(OPM))) 289ifeq (,$(shell which opm 2>/dev/null)) 290 @{ \ 291 set -e ;\ 292 mkdir -p $(dir $(OPM)) ;\ 293 OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ 294 curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$${OS}-$${ARCH}-opm ;\ 295 chmod +x $(OPM) ;\ 296 } 297else 298OPM = $(shell which opm) 299endif 300endif 301 302# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v0.2.0). 303# These images MUST exist in a registry and be pull-able. 304BUNDLE_IMGS ?= $(BUNDLE_IMG) 305 306# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v0.2.0). 307CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:v$(VERSION) 308 309# Set CATALOG_BASE_IMG to an existing catalog image tag to add $BUNDLE_IMGS to that image. 310ifneq ($(origin CATALOG_BASE_IMG), undefined) 311FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG) 312endif 313 314# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'. 315# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see: 316# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator 317.PHONY: catalog-build 318catalog-build: opm ## Build a catalog image. 319 $(OPM) index add --container-tool docker --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT) 320 321# Push the catalog image. 322.PHONY: catalog-push 323catalog-push: ## Push a catalog image. 324 $(MAKE) docker-push IMG=$(CATALOG_IMG)