github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/makefile (about) 1 SOURCES := $(shell find . -name '*.go') 2 BINARY := kube-bench 3 DOCKER_ORG ?= khulnasoft 4 VERSION ?= $(shell git rev-parse --short=7 HEAD) 5 KUBEBENCH_VERSION ?= $(shell git describe --tags --abbrev=0) 6 IMAGE_NAME ?= $(DOCKER_ORG)/$(BINARY):$(VERSION) 7 IMAGE_NAME_UBI ?= $(DOCKER_ORG)/$(BINARY):$(VERSION)-ubi 8 GOOS ?= linux 9 BUILD_OS := linux 10 uname := $(shell uname -s) 11 BUILDX_PLATFORM ?= linux/amd64,linux/arm64,linux/arm,linux/ppc64le,linux/s390x 12 DOCKER_ORGS ?= khulnasoft 13 GOARCH ?= $@ 14 15 ifneq ($(findstring Microsoft,$(shell uname -r)),) 16 BUILD_OS := windows 17 else ifeq ($(uname),Linux) 18 BUILD_OS := linux 19 else ifeq ($(uname),Darwin) 20 BUILD_OS := darwin 21 endif 22 23 # kind cluster name to use 24 KIND_PROFILE ?= kube-bench 25 KIND_CONTAINER_NAME=$(KIND_PROFILE)-control-plane 26 KIND_IMAGE ?= kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6 27 28 # build a multi-arch image and push to Docker hub 29 .PHONY: docker 30 docker: 31 set -xe; \ 32 for org in $(DOCKER_ORGS); do \ 33 docker buildx build --tag $${org}/kube-bench:${VERSION} \ 34 --platform $(BUILDX_PLATFORM) --push . ; \ 35 done 36 37 build: $(BINARY) 38 39 $(BINARY): $(SOURCES) 40 GOOS=$(GOOS) CGO_ENABLED=0 go build -ldflags "-X github.com/khulnasoft-lab/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) . 41 42 build-fips: 43 GOOS=$(GOOS) CGO_ENABLED=0 GOEXPERIMENT=boringcrypto go build -tags fipsonly -ldflags "-X github.com/khulnasoft-lab/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) . 44 45 # builds the current dev docker version 46 build-docker: 47 docker build --build-arg BUILD_DATE=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ") \ 48 --build-arg VCS_REF=$(VERSION) \ 49 --build-arg KUBEBENCH_VERSION=$(KUBEBENCH_VERSION) \ 50 -t $(IMAGE_NAME) . 51 52 build-docker-ubi: 53 docker build -f Dockerfile.ubi --build-arg BUILD_DATE=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ") \ 54 --build-arg VCS_REF=$(VERSION) \ 55 --build-arg KUBEBENCH_VERSION=$(KUBEBENCH_VERSION) \ 56 -t $(IMAGE_NAME_UBI) . 57 58 # unit tests 59 tests: 60 GO111MODULE=on go test -vet all -short -race -timeout 30s -coverprofile=coverage.txt -covermode=atomic ./... 61 62 integration-test: kind-test-cluster kind-run 63 64 # creates a kind cluster to be used for development. 65 HAS_KIND := $(shell command -v kind;) 66 kind-test-cluster: 67 ifndef HAS_KIND 68 go get -u sigs.k8s.io/kind 69 endif 70 @if [ -z $$(kind get clusters | grep $(KIND_PROFILE)) ]; then\ 71 echo "Could not find $(KIND_PROFILE) cluster. Creating...";\ 72 kind create cluster --name $(KIND_PROFILE) --image $(KIND_IMAGE) --wait 5m;\ 73 fi 74 75 # pushes the current dev version to the kind cluster. 76 kind-push: build-docker 77 kind load docker-image $(IMAGE_NAME) --name $(KIND_PROFILE) 78 79 # runs the current version on kind using a job and follow logs 80 kind-run: KUBECONFIG = "./kubeconfig.kube-bench" 81 kind-run: kind-push 82 sed "s/\$${VERSION}/$(VERSION)/" ./hack/kind.yaml > ./hack/kind.test.yaml 83 kind get kubeconfig --name="$(KIND_PROFILE)" > $(KUBECONFIG) 84 -KUBECONFIG=$(KUBECONFIG) \ 85 kubectl delete job kube-bench 86 KUBECONFIG=$(KUBECONFIG) \ 87 kubectl apply -f ./hack/kind.test.yaml && \ 88 kubectl wait --for=condition=complete job.batch/kube-bench --timeout=60s && \ 89 kubectl logs job/kube-bench > ./test.data && \ 90 diff ./test.data integration/testdata/Expected_output.data 91 92 kind-run-stig: KUBECONFIG = "./kubeconfig.kube-bench" 93 kind-run-stig: kind-push 94 sed "s/\$${VERSION}/$(VERSION)/" ./hack/kind-stig.yaml > ./hack/kind-stig.test.yaml 95 kind get kubeconfig --name="$(KIND_PROFILE)" > $(KUBECONFIG) 96 -KUBECONFIG=$(KUBECONFIG) \ 97 kubectl delete job kube-bench 98 KUBECONFIG=$(KUBECONFIG) \ 99 kubectl apply -f ./hack/kind-stig.test.yaml && \ 100 kubectl wait --for=condition=complete job.batch/kube-bench --timeout=60s && \ 101 kubectl logs job/kube-bench > ./test.data && \ 102 diff ./test.data integration/testdata/Expected_output_stig.data