zotregistry.io/zot@v1.4.4-0.20231124084042-02a8ed785457/Makefile (about) 1 export GO111MODULE=on 2 TOP_LEVEL=$(shell git rev-parse --show-toplevel) 3 COMMIT_HASH=$(shell git describe --always --tags --long) 4 RELEASE_TAG=$(shell git describe --tags --abbrev=0) 5 GO_VERSION=$(shell go version | awk '{print $$3}') 6 COMMIT ?= $(if $(shell git status --porcelain --untracked-files=no),$(COMMIT_HASH)-dirty,$(COMMIT_HASH)) 7 CONTAINER_RUNTIME := $(shell command -v podman 2> /dev/null || echo docker) 8 TMPDIR := $(shell mktemp -d) 9 TOOLSDIR := $(shell pwd)/hack/tools 10 PATH := bin:$(TOOLSDIR)/bin:$(PATH) 11 STACKER := $(shell which stacker) 12 GOLINTER := $(TOOLSDIR)/bin/golangci-lint 13 GOLINTER_VERSION := v1.54.2 14 NOTATION := $(TOOLSDIR)/bin/notation 15 NOTATION_VERSION := 1.0.0 16 COSIGN := $(TOOLSDIR)/bin/cosign 17 COSIGN_VERSION := 2.2.0 18 HELM := $(TOOLSDIR)/bin/helm 19 ORAS := $(TOOLSDIR)/bin/oras 20 ORAS_VERSION := 1.0.0-rc.1 21 REGCLIENT := $(TOOLSDIR)/bin/regctl 22 REGCLIENT_VERSION := v0.4.5 23 CRICTL := $(TOOLSDIR)/bin/crictl 24 CRICTL_VERSION := v1.26.1 25 ACTION_VALIDATOR := $(TOOLSDIR)/bin/action-validator 26 ACTION_VALIDATOR_VERSION := v0.5.3 27 ZUI_VERSION := commit-fad5572 28 ZUI_REPO_OWNER := project-zot 29 ZUI_REPO_NAME := zui 30 SWAGGER_VERSION := v1.8.12 31 STACKER := $(TOOLSDIR)/bin/stacker 32 BATS := $(TOOLSDIR)/bin/bats 33 TESTDATA := $(TOP_LEVEL)/test/data 34 OS ?= $(shell go env GOOS) 35 ARCH ?= $(shell go env GOARCH) 36 37 PROTOC := $(TOOLSDIR)/bin/protoc 38 PROTOC_VERSION := 24.4 39 GO_PROTOC_VERSION := 1.31.0 40 HOST_OS := $(shell go env GOOS) 41 HOST_ARCH := $(shell go env GOARCH) 42 ifeq ($(HOST_OS),linux) 43 PROTOC_OS := linux 44 else ifeq ($(HOST_OS),darwin) 45 PROTOC_OS := osx 46 endif 47 ifeq ($(HOST_ARCH),amd64) 48 PROTOC_ARCH := x86_64 49 else ifeq ($(HOST_ARCH),arm64) 50 PROTOC_ARCH := aarch_64 51 endif 52 53 BENCH_OUTPUT ?= stdout 54 ALL_EXTENSIONS = debug,imagetrust,lint,metrics,mgmt,profile,scrub,search,sync,ui,userprefs 55 EXTENSIONS ?= sync,search,scrub,metrics,lint,ui,mgmt,profile,userprefs,imagetrust 56 UI_DEPENDENCIES := search,mgmt,userprefs 57 # freebsd/arm64 not supported for pie builds 58 BUILDMODE_FLAGS := -buildmode=pie 59 ifeq ($(OS),freebsd) 60 ifeq ($(ARCH),arm64) 61 BUILDMODE_FLAGS= 62 endif 63 endif 64 comma:= , 65 space := $(null) # 66 hyphen:= - 67 68 merge-ui-extensions=$(subst $(1),$(2),$(if $(findstring ui,$(3)),$(3)$(1)$(4),$(3))) 69 merged-extensions = $(call merge-ui-extensions,$(comma),$(space),$(EXTENSIONS),$(UI_DEPENDENCIES)) 70 filter-valid = $(foreach ext, $(merged-extensions), $(if $(findstring $(ext),$(ALL_EXTENSIONS)),$(ext),$(error unknown extension: $(ext)))) 71 add-extensions = $(subst $(1),$(2),$(sort $(filter-valid))) 72 BUILD_LABELS = $(call add-extensions,$(space),$(comma)) 73 extended-name = -$(subst $(comma),$(hyphen),$(BUILD_LABELS)) 74 75 BATS_TEST_FILE_PATH ?= replace_me 76 ifeq ($(BATS_VERBOSITY),2) 77 BATS_FLAGS = --trace --verbose-run --show-output-of-passing-tests --print-output-on-failure 78 else ifeq ($(BATS_VERBOSITY),1) 79 BATS_FLAGS = --trace --verbose-run --print-output-on-failure 80 else 81 BATS_FLAGS = --print-output-on-failure 82 endif 83 84 .PHONY: all 85 all: modcheck swaggercheck binary binary-minimal binary-debug cli bench exporter-minimal verify-config check check-gh-actions test covhtml 86 87 .PHONY: modtidy 88 modtidy: 89 go mod tidy 90 91 .PHONY: modcheck 92 modcheck: modtidy 93 $(eval UNCOMMITED_FILES = $(shell git status --porcelain | grep -c 'go.mod\|go.sum')) 94 @if [ $(UNCOMMITED_FILES) != 0 ]; then \ 95 echo "Updated go.mod and/or go.sum have uncommitted changes, commit the changes accordingly ";\ 96 git status;\ 97 exit 1;\ 98 fi 99 100 .PHONY: swaggercheck 101 swaggercheck: swagger 102 $(eval UNCOMMITED_FILES = $(shell git status --porcelain | grep -c swagger)) 103 @if [ $(UNCOMMITED_FILES) != 0 ]; then \ 104 echo "Updated swagger files uncommitted, make sure all swagger files are committed:";\ 105 git status;\ 106 exit 1;\ 107 fi 108 109 .PHONY: build-metadata 110 build-metadata: $(if $(findstring ui,$(BUILD_LABELS)), ui) 111 # do not allow empty $(BUILD_TAGS) (at least add containers_image_openpgp that doesn't affect package import & files listing) 112 $(eval BUILD_TAGS=$(if $(BUILD_LABELS),$(BUILD_LABELS),containers_image_openpgp)) 113 echo "Imports: \n" 114 go list -tags $(BUILD_TAGS) -f '{{ join .Imports "\n" }}' ./... | sort -u 115 echo "\n Files: \n" 116 go list -tags $(BUILD_TAGS) -f '{{ join .GoFiles "\n" }}' ./... | sort -u 117 118 .PHONY: gen-protobuf 119 gen-protobuf: check-not-freebds $(PROTOC) 120 $(PROTOC) --experimental_allow_proto3_optional \ 121 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 122 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 123 --go_opt='Moci/oci.proto=./gen' \ 124 --go_opt='Mmeta/meta.proto=./gen' \ 125 --go_opt='Moci/config.proto=./gen' \ 126 --go_opt='Moci/manifest.proto=./gen' \ 127 --go_opt='Moci/index.proto=./gen' \ 128 --go_opt='Moci/descriptor.proto=./gen' \ 129 --go_opt='Moci/versioned.proto=./gen' \ 130 $(TOP_LEVEL)/pkg/meta/proto/meta/meta.proto 131 $(PROTOC) --experimental_allow_proto3_optional \ 132 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 133 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 134 --go_opt='Moci/versioned.proto=./gen' \ 135 $(TOP_LEVEL)/pkg/meta/proto/oci/versioned.proto 136 $(PROTOC) --experimental_allow_proto3_optional \ 137 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 138 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 139 --go_opt='Moci/descriptor.proto=./gen' \ 140 $(TOP_LEVEL)/pkg/meta/proto/oci/descriptor.proto 141 $(PROTOC) --experimental_allow_proto3_optional \ 142 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 143 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 144 --go_opt='Moci/descriptor.proto=./gen' \ 145 --go_opt='Moci/versioned.proto=./gen' \ 146 --go_opt='Moci/index.proto=./gen' \ 147 $(TOP_LEVEL)/pkg/meta/proto/oci/index.proto 148 $(PROTOC) --experimental_allow_proto3_optional \ 149 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 150 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 151 --go_opt='Moci/oci.proto=./gen' \ 152 --go_opt='Moci/descriptor.proto=./gen' \ 153 --go_opt='Moci/config.proto=./gen' \ 154 $(TOP_LEVEL)/pkg/meta/proto/oci/config.proto 155 $(PROTOC) --experimental_allow_proto3_optional \ 156 --proto_path=$(TOP_LEVEL)/pkg/meta/proto \ 157 --go_out=$(TOP_LEVEL)/pkg/meta/proto \ 158 --go_opt='Moci/versioned.proto=./gen' \ 159 --go_opt='Moci/descriptor.proto=./gen' \ 160 --go_opt='Moci/manifest.proto=./gen' \ 161 $(TOP_LEVEL)/pkg/meta/proto/oci/manifest.proto 162 163 .PHONY: binary-minimal 164 binary-minimal: EXTENSIONS= 165 binary-minimal: modcheck build-metadata 166 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zot-$(OS)-$(ARCH)-minimal $(BUILDMODE_FLAGS) -tags containers_image_openpgp -v -trimpath -ldflags "-X zotregistry.io/zot/pkg/api/config.ReleaseTag=${RELEASE_TAG} -X zotregistry.io/zot/pkg/api/config.Commit=${COMMIT} -X zotregistry.io/zot/pkg/api/config.BinaryType=minimal -X zotregistry.io/zot/pkg/api/config.GoVersion=${GO_VERSION} -s -w" ./cmd/zot 167 168 .PHONY: binary 169 binary: $(if $(findstring ui,$(BUILD_LABELS)), ui) 170 binary: modcheck build-metadata 171 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zot-$(OS)-$(ARCH) $(BUILDMODE_FLAGS) -tags $(BUILD_LABELS),containers_image_openpgp -v -trimpath -ldflags "-X zotregistry.io/zot/pkg/api/config.ReleaseTag=${RELEASE_TAG} -X zotregistry.io/zot/pkg/api/config.Commit=${COMMIT} -X zotregistry.io/zot/pkg/api/config.BinaryType=$(extended-name) -X zotregistry.io/zot/pkg/api/config.GoVersion=${GO_VERSION} -s -w" ./cmd/zot 172 173 .PHONY: binary-debug 174 binary-debug: $(if $(findstring ui,$(BUILD_LABELS)), ui) 175 binary-debug: modcheck swaggercheck build-metadata 176 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zot-$(OS)-$(ARCH)-debug $(BUILDMODE_FLAGS) -tags $(BUILD_LABELS),debug,containers_image_openpgp -v -gcflags all='-N -l' -ldflags "-X zotregistry.io/zot/pkg/api/config.ReleaseTag=${RELEASE_TAG} -X zotregistry.io/zot/pkg/api/config.Commit=${COMMIT} -X zotregistry.io/zot/pkg/api/config.BinaryType=$(extended-name) -X zotregistry.io/zot/pkg/api/config.GoVersion=${GO_VERSION}" ./cmd/zot 177 178 .PHONY: cli 179 cli: modcheck build-metadata 180 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zli-$(OS)-$(ARCH) $(BUILDMODE_FLAGS) -tags $(BUILD_LABELS),search,containers_image_openpgp -v -trimpath -ldflags "-X zotregistry.io/zot/pkg/api/config.Commit=${COMMIT} -X zotregistry.io/zot/pkg/api/config.BinaryType=$(extended-name) -X zotregistry.io/zot/pkg/api/config.GoVersion=${GO_VERSION} -s -w" ./cmd/zli 181 182 .PHONY: bench 183 bench: modcheck build-metadata 184 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zb-$(OS)-$(ARCH) $(BUILDMODE_FLAGS) -tags $(BUILD_LABELS),containers_image_openpgp -v -trimpath -ldflags "-X zotregistry.io/zot/pkg/api/config.Commit=${COMMIT} -X zotregistry.io/zot/pkg/api/config.BinaryType=$(extended-name) -X zotregistry.io/zot/pkg/api/config.GoVersion=${GO_VERSION} -s -w" ./cmd/zb 185 186 .PHONY: exporter-minimal 187 exporter-minimal: EXTENSIONS= 188 exporter-minimal: modcheck build-metadata 189 env CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -o bin/zxp-$(OS)-$(ARCH) $(BUILDMODE_FLAGS) -tags containers_image_openpgp -v -trimpath ./cmd/zxp 190 191 .PHONY: test-prereq 192 test-prereq: check-skopeo $(TESTDATA) $(ORAS) 193 194 .PHONY: test-extended 195 test-extended: $(if $(findstring ui,$(BUILD_LABELS)), ui) 196 test-extended: test-prereq 197 go test -failfast -tags $(BUILD_LABELS),containers_image_openpgp -trimpath -race -timeout 15m -cover -coverpkg ./... -coverprofile=coverage-extended.txt -covermode=atomic ./... 198 rm -rf /tmp/getter*; rm -rf /tmp/trivy* 199 200 .PHONY: test-minimal 201 test-minimal: test-prereq 202 go test -failfast -tags containers_image_openpgp -trimpath -race -cover -coverpkg ./... -coverprofile=coverage-minimal.txt -covermode=atomic ./... 203 rm -rf /tmp/getter*; rm -rf /tmp/trivy* 204 205 .PHONY: test-devmode 206 test-devmode: $(if $(findstring ui,$(BUILD_LABELS)), ui) 207 test-devmode: test-prereq 208 go test -failfast -tags dev,$(BUILD_LABELS),containers_image_openpgp -trimpath -race -timeout 15m -cover -coverpkg ./... -coverprofile=coverage-dev-extended.txt -covermode=atomic ./pkg/test/... ./pkg/api/... ./pkg/storage/... ./pkg/extensions/sync/... -run ^TestInject 209 rm -rf /tmp/getter*; rm -rf /tmp/trivy* 210 go test -failfast -tags dev,containers_image_openpgp -trimpath -race -cover -coverpkg ./... -coverprofile=coverage-dev-minimal.txt -covermode=atomic ./pkg/test/... ./pkg/storage/... ./pkg/extensions/sync/... -run ^TestInject 211 rm -rf /tmp/getter*; rm -rf /tmp/trivy* 212 go test -failfast -tags stress,$(BUILD_LABELS),containers_image_openpgp -trimpath -race -timeout 15m ./pkg/cli/server/stress_test.go 213 214 .PHONY: test 215 test: $(if $(findstring ui,$(BUILD_LABELS)), ui) 216 test: test-extended test-minimal test-devmode 217 218 .PHONY: privileged-test 219 privileged-test: $(if $(findstring ui,$(BUILD_LABELS)), ui) 220 privileged-test: check-skopeo $(TESTDATA) 221 go test -failfast -tags needprivileges,$(BUILD_LABELS),containers_image_openpgp -trimpath -race -timeout 15m -cover -coverpkg ./... -coverprofile=coverage-dev-needprivileges.txt -covermode=atomic ./pkg/storage/local/... ./pkg/cli/client/... -run ^TestElevatedPrivileges 222 223 $(TESTDATA): check-skopeo 224 mkdir -p ${TESTDATA}; \ 225 cd ${TESTDATA}; ../scripts/gen_certs.sh; \ 226 mkdir -p noidentity; cd ${TESTDATA}/noidentity; ../../scripts/gen_nameless_certs.sh; \ 227 cd ${TOP_LEVEL}; \ 228 skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:7 oci:${TESTDATA}/zot-test:0.0.1; \ 229 skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:8 oci:${TESTDATA}/zot-cve-test:0.0.1; \ 230 skopeo --insecure-policy copy -q docker://ghcr.io/project-zot/test-images/java:0.0.1 oci:${TESTDATA}/zot-cve-java-test:0.0.1; \ 231 skopeo --insecure-policy copy -q docker://ghcr.io/project-zot/test-images/alpine:3.17.3 oci:${TESTDATA}/alpine:3.17.3; \ 232 chmod -R a=rwx ${TESTDATA} 233 ls -R -l ${TESTDATA} 234 235 .PHONY: run-bench 236 run-bench: binary bench 237 bin/zot-$(OS)-$(ARCH) serve examples/config-bench.json & echo $$! > zot.PID 238 sleep 5 239 bin/zb-$(OS)-$(ARCH) -c 10 -n 100 -o $(BENCH_OUTPUT) http://localhost:8080 240 @if [ -e zot.PID ]; then \ 241 kill -TERM $$(cat zot.PID) || true; \ 242 fi; \ 243 rm zot.PID 244 245 .PHONY: check-skopeo 246 check-skopeo: 247 skopeo -v || (echo "You need skopeo to be installed in order to run tests"; exit 1) 248 249 .PHONY: check-awslocal 250 check-awslocal: 251 awslocal --version || (echo "You need awslocal to be installed in order to run tests"; exit 1) 252 253 $(NOTATION): 254 mkdir -p $(TOOLSDIR)/bin 255 curl -Lo notation.tar.gz https://github.com/notaryproject/notation/releases/download/v$(NOTATION_VERSION)/notation_$(NOTATION_VERSION)_linux_amd64.tar.gz 256 tar xvzf notation.tar.gz -C $(TOOLSDIR)/bin notation 257 rm notation.tar.gz 258 259 $(ORAS): 260 mkdir -p $(TOOLSDIR)/bin 261 curl -Lo oras.tar.gz https://github.com/oras-project/oras/releases/download/v$(ORAS_VERSION)/oras_$(ORAS_VERSION)_linux_amd64.tar.gz 262 tar xvzf oras.tar.gz -C $(TOOLSDIR)/bin oras 263 rm oras.tar.gz 264 265 $(HELM): 266 mkdir -p $(TOOLSDIR)/bin 267 curl -Lo helm.tar.gz https://get.helm.sh/helm-v3.9.1-linux-amd64.tar.gz 268 tar xvzf helm.tar.gz -C $(TOOLSDIR)/bin linux-amd64/helm --strip-components=1 269 rm helm.tar.gz 270 271 $(REGCLIENT): 272 mkdir -p $(TOOLSDIR)/bin 273 curl -Lo regctl https://github.com/regclient/regclient/releases/download/$(REGCLIENT_VERSION)/regctl-linux-amd64 274 mv regctl $(TOOLSDIR)/bin/regctl 275 chmod +x $(TOOLSDIR)/bin/regctl 276 277 $(CRICTL): 278 mkdir -p $(TOOLSDIR)/bin 279 curl -Lo crictl.tar.gz https://github.com/kubernetes-sigs/cri-tools/releases/download/$(CRICTL_VERSION)/crictl-$(CRICTL_VERSION)-linux-amd64.tar.gz 280 tar xvzf crictl.tar.gz && rm crictl.tar.gz 281 mv crictl $(TOOLSDIR)/bin/crictl 282 chmod +x $(TOOLSDIR)/bin/crictl 283 284 $(PROTOC): 285 mkdir -p $(TOOLSDIR)/bin 286 curl -Lo protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/protoc-$(PROTOC_VERSION)-$(PROTOC_OS)-$(PROTOC_ARCH).zip 287 unzip -o -d $(TOOLSDIR) protoc.zip bin/protoc 288 rm protoc.zip 289 chmod +x $(PROTOC) 290 go install google.golang.org/protobuf/cmd/protoc-gen-go@v$(GO_PROTOC_VERSION) 291 292 $(ACTION_VALIDATOR): 293 mkdir -p $(TOOLSDIR)/bin 294 curl -Lo action-validator https://github.com/mpalmer/action-validator/releases/download/$(ACTION_VALIDATOR_VERSION)/action-validator_$(OS)_$(ARCH) 295 mv action-validator $(TOOLSDIR)/bin/action-validator 296 chmod +x $(TOOLSDIR)/bin/action-validator 297 298 .PHONY: check-gh-actions 299 check-gh-actions: check-compatibility $(ACTION_VALIDATOR) 300 for i in $$(ls .github/workflows/*); do $(ACTION_VALIDATOR) $$i; done 301 302 .PHONY: covhtml 303 covhtml: 304 go install github.com/wadey/gocovmerge@latest 305 gocovmerge coverage*.txt > coverage.txt 306 go tool cover -html=coverage.txt -o coverage.html 307 308 $(GOLINTER): 309 mkdir -p $(TOOLSDIR)/bin 310 curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(TOOLSDIR)/bin $(GOLINTER_VERSION) 311 $(GOLINTER) version 312 313 .PHONY: check 314 check: $(if $(findstring ui,$(BUILD_LABELS)), ui) 315 check: ./golangcilint.yaml $(GOLINTER) 316 mkdir -p pkg/extensions/build; touch pkg/extensions/build/.empty 317 $(GOLINTER) --config ./golangcilint.yaml run --enable-all --out-format=colored-line-number --build-tags containers_image_openpgp ./... 318 $(GOLINTER) --config ./golangcilint.yaml run --enable-all --out-format=colored-line-number --build-tags $(BUILD_LABELS),containers_image_openpgp ./... 319 $(GOLINTER) --config ./golangcilint.yaml run --enable-all --out-format=colored-line-number --build-tags debug ./pkg/debug/swagger/ ./pkg/debug/gqlplayground 320 $(GOLINTER) --config ./golangcilint.yaml run --enable-all --out-format=colored-line-number --build-tags dev ./pkg/test/inject/ 321 $(GOLINTER) --config ./golangcilint.yaml run --enable-all --out-format=colored-line-number --build-tags stress ./pkg/cli/server/ 322 rm pkg/extensions/build/.empty 323 324 .PHONY: swagger 325 swagger: 326 swag -v || go install github.com/swaggo/swag/cmd/swag@$(SWAGGER_VERSION) 327 swag init --parseDependency -o swagger -g pkg/api/routes.go -q 328 329 .PHONY: update-licenses 330 # note: for predictable output of below sort command we use locale LC_ALL=C 331 update-licenses: check-linux 332 @echo "Detecting and updating licenses ... please be patient!" 333 go install github.com/google/go-licenses@latest 334 $(shell echo "Module | License URL | License" > THIRD-PARTY-LICENSES.md; echo "---|---|---" >> THIRD-PARTY-LICENSES.md; for i in $$(go list -m all | awk '{print $$1}'); do l=$$(go-licenses csv $$i 2>/dev/null); if [ $$? -ne 0 ]; then continue; fi; echo $$l | tr \, \| | tr ' ' '\n'; done | LC_ALL=C sort -u >> THIRD-PARTY-LICENSES.md) 335 $(eval UNCOMMITED_FILES = $(shell git status --porcelain | grep -c THIRD-PARTY-LICENSES.md)) 336 @if [ $(UNCOMMITED_FILES) != 0 ]; then \ 337 echo "THIRD-PARTY-LICENSES.md file needs to be updated";\ 338 git status;\ 339 exit 1;\ 340 fi 341 342 .PHONY: check-licenses 343 check-licenses: 344 # note: "printf" works for darwin instead of "echo -n" 345 go install github.com/google/go-licenses@latest 346 @for tag in "$(BUILD_LABELS),containers_image_openpgp" "containers_image_openpgp"; do \ 347 echo Evaluating tag: $$tag;\ 348 for mod in $$(go list -m -f '{{if not (or .Indirect .Main)}}{{.Path}}{{end}}' all); do \ 349 while [ x$$mod != x ]; do \ 350 printf "Checking $$mod ... "; \ 351 result=$$(GOFLAGS="-tags=$${tag}" go-licenses check $$mod 2>&1); \ 352 if [ $$? -eq 0 ]; then \ 353 echo OK; \ 354 break; \ 355 fi; \ 356 echo "$${result}" | grep -q "Forbidden"; \ 357 if [ $$? -eq 0 ]; then \ 358 echo FAIL; \ 359 exit 1; \ 360 fi; \ 361 echo "$${result}" | egrep -q "missing go.sum entry|no required module provides package|build constraints exclude all|updates to go.mod needed|non-Go code"; \ 362 if [ $$? -eq 0 ]; then \ 363 echo UNKNOWN; \ 364 break; \ 365 fi; \ 366 done; \ 367 done; \ 368 done 369 370 .PHONY: clean 371 clean: 372 rm -f bin/z* 373 rm -rf hack 374 rm -rf test/data/zot-test 375 rm -rf test/data/zot-cve-test 376 rm -rf test/data/zot-cve-java-test 377 rm -rf pkg/extensions/build 378 379 .PHONY: run 380 run: binary 381 ./bin/zot-$(OS)-$(ARCH) serve examples/config-test.json 382 383 .PHONY: verify-config 384 verify-config: _verify-config verify-config-warnings verify-config-commited 385 386 .PHONY: _verify-config 387 _verify-config: binary 388 rm -f output.txt 389 $(foreach file, $(wildcard examples/config-*), ./bin/zot-$(OS)-$(ARCH) verify $(file) 2>&1 | tee -a output.txt || exit 1;) 390 391 .PHONY: verify-config-warnings 392 verify-config-warnings: _verify-config 393 $(eval WARNINGS = $(shell cat output.txt | grep -c '"warn"')) 394 $(eval ERRORS = $(shell cat output.txt | grep -c '"error"')) 395 @if [ $(WARNINGS) != 0 ] || [ $(ERRORS) != 0 ]; then \ 396 echo "verify-config-warnings: warnings or errors found while verifying configs"; \ 397 rm output.txt; \ 398 exit 1; \ 399 fi 400 rm -f output.txt 401 402 .PHONY: verify-config-commited 403 verify-config-commited: _verify-config 404 $(eval UNCOMMITED_FILES = $(shell git status --porcelain | grep -c examples/config-)) 405 @if [ $(UNCOMMITED_FILES) != 0 ]; then \ 406 echo "Uncommited config files, make sure all config files are commited. Verify might have changed a config file.";\ 407 exit 1;\ 408 fi; \ 409 410 .PHONY: gqlgen 411 gqlgen: 412 cd pkg/extensions/search;\ 413 go run github.com/99designs/gqlgen version;\ 414 go run github.com/99designs/gqlgen generate 415 416 .PHONY: verify-gql-committed 417 verify-gql-committed: 418 $(eval UNCOMMITED_FILES = $(shell git status --porcelain | grep -c extensions/search)) 419 @if [ $(UNCOMMITED_FILES) != 0 ]; then \ 420 echo "Updated gql files uncommitted, make sure all gql files are committed:";\ 421 git status;\ 422 exit 1;\ 423 fi; \ 424 425 .PHONY: binary-container 426 binary-container: 427 ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f build/Dockerfile -t zot-build:latest . 428 429 .PHONY: run-container 430 run-container: 431 ${CONTAINER_RUNTIME} run --rm --security-opt label=disable -v $$(pwd):/go/src/github.com/project-zot/zot \ 432 zot-build:latest 433 434 .PHONY: binary-minimal-container 435 binary-minimal-container: 436 ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f build/Dockerfile-minimal -t zot-minimal:latest . 437 438 .PHONY: run-minimal-container 439 run-minimal-container: 440 ${CONTAINER_RUNTIME} run --rm --security-opt label=disable -v $$(pwd):/go/src/github.com/project-zot/zot \ 441 zot-minimal:latest 442 443 .PHONY: binary-exporter-container 444 binary-exporter-container: 445 ${CONTAINER_RUNTIME} build ${BUILD_ARGS} -f build/Dockerfile-zxp -t zxp:latest . 446 447 .PHONY: run-exporter-container 448 run-exporter-container: 449 ${CONTAINER_RUNTIME} run --rm --security-opt label=disable zxp:latest 450 451 .PHONY: oci-image 452 oci-image: $(STACKER) 453 ${STACKER} --debug build \ 454 -f build/stacker.yaml \ 455 --substitute COMMIT=$(COMMIT) \ 456 --substitute ARCH=$(ARCH) \ 457 --substitute OS=$(OS) \ 458 --substitute RELEASE_TAG=$(RELEASE_TAG) \ 459 --substitute REPO_NAME=zot-$(OS)-$(ARCH) 460 461 .PHONY: docker-image 462 docker-image: 463 ${CONTAINER_RUNTIME} buildx build --platform $(OS)/$(ARCH) -f build/Dockerfile . 464 465 $(BATS): 466 rm -rf bats-core; \ 467 git clone https://github.com/bats-core/bats-core.git; \ 468 cd bats-core; ./install.sh $(TOOLSDIR); cd ..; \ 469 rm -rf bats-core 470 471 .PHONY: check-blackbox-prerequisites 472 check-blackbox-prerequisites: check-linux check-skopeo $(BATS) $(REGCLIENT) $(ORAS) $(HELM) $(CRICTL) $(NOTATION) $(COSIGN) $(STACKER) 473 which skopeo && skopeo --version; \ 474 which stacker && stacker --version; \ 475 which regctl && regctl version; \ 476 which oras && oras version; \ 477 which helm && helm version; \ 478 which crictl && crictl version; \ 479 which notation && notation version; \ 480 which cosign && cosign version; 481 482 .PHONY: run-blackbox-tests 483 run-blackbox-tests: $(BATS_TEST_FILE_PATH) check-blackbox-prerequisites binary binary-minimal cli bench 484 echo running bats test "$(BATS_TEST_FILE_PATH)"; \ 485 $(BATS) $(BATS_FLAGS) $(BATS_TEST_FILE_PATH) 486 487 .PHONY: run-blackbox-ci 488 run-blackbox-ci: check-blackbox-prerequisites binary binary-minimal cli 489 echo running CI bats tests concurently 490 BATS_FLAGS="$(BATS_FLAGS)" test/blackbox/ci.sh 491 492 .PHONY: run-blackbox-cloud-ci 493 run-blackbox-cloud-ci: check-blackbox-prerequisites check-awslocal binary $(BATS) 494 echo running cloud CI bats tests; \ 495 $(BATS) $(BATS_FLAGS) test/blackbox/cloud_only.bats 496 497 .PHONY: run-blackbox-dedupe-nightly 498 run-blackbox-dedupe-nightly: check-blackbox-prerequisites check-awslocal binary binary-minimal 499 echo running nightly dedupe tests; \ 500 $(BATS) $(BATS_FLAGS) test/blackbox/restore_s3_blobs.bats && \ 501 $(BATS) $(BATS_FLAGS) test/blackbox/pushpull_running_dedupe.bats 502 503 .PHONY: run-blackbox-sync-nightly 504 run-blackbox-sync-nightly: check-blackbox-prerequisites binary binary-minimal bench 505 echo running nightly sync tests; \ 506 $(BATS) $(BATS_FLAGS) test/blackbox/sync_harness.bats 507 508 .PHONY: fuzz-all 509 fuzz-all: fuzztime=${1} 510 fuzz-all: 511 rm -rf test-data; \ 512 rm -rf pkg/storage/testdata; \ 513 git clone https://github.com/project-zot/test-data.git; \ 514 mv test-data/storage pkg/storage/testdata; \ 515 rm -rf test-data; \ 516 bash test/scripts/fuzzAll.sh ${fuzztime}; \ 517 rm -rf pkg/storage/testdata; \ 518 519 $(STACKER): check-linux 520 mkdir -p $(TOOLSDIR)/bin; \ 521 curl -fsSL https://github.com/project-stacker/stacker/releases/latest/download/stacker -o $@; \ 522 chmod +x $@ 523 524 $(COSIGN): 525 mkdir -p $(TOOLSDIR)/bin 526 curl -fsSL https://github.com/sigstore/cosign/releases/download/v$(COSIGN_VERSION)/cosign-linux-amd64 -o $@; \ 527 chmod +x $@ 528 529 # set ZUI_VERSION to empty string in order to clone zui locally and build default branch 530 .PHONY: ui 531 ui: 532 echo $(BUILD_LABELS);\ 533 if [ -z $(ZUI_VERSION) ]; then\ 534 pwd=$$(pwd);\ 535 tdir=$$(mktemp -d);\ 536 cd $$tdir;\ 537 git clone https://github.com/$(ZUI_REPO_OWNER)/$(ZUI_REPO_NAME).git zui;\ 538 cd zui;\ 539 npm install;\ 540 npm run build;\ 541 cd $$pwd;\ 542 rm -rf ./pkg/extensions/build;\ 543 cp -R $$tdir/zui/build ./pkg/extensions/;\ 544 else\ 545 curl --fail --head https://github.com/$(ZUI_REPO_OWNER)/$(ZUI_REPO_NAME)/releases/download/$(ZUI_VERSION)/zui.tgz;\ 546 if [ $$? -ne 0 ]; then\ 547 pwd=$$(pwd);\ 548 tdir=$$(mktemp -d);\ 549 cd $$tdir;\ 550 git clone --depth=1 --branch $(ZUI_VERSION) https://github.com/$(ZUI_REPO_OWNER)/$(ZUI_REPO_NAME).git zui;\ 551 cd zui;\ 552 git checkout $(ZUI_VERSION);\ 553 npm install;\ 554 npm run build;\ 555 cd $$pwd;\ 556 rm -rf ./pkg/extensions/build;\ 557 cp -R $$tdir/zui/build ./pkg/extensions/;\ 558 else\ 559 curl -fsSL https://github.com/$(ZUI_REPO_OWNER)/$(ZUI_REPO_NAME)/releases/download/$(ZUI_VERSION)/zui.tgz -o zui.tgz;\ 560 tar xvzf zui.tgz -C ./pkg/extensions/;\ 561 rm zui.tgz;\ 562 fi;\ 563 fi;\ 564 565 .PHONY: check-linux 566 check-linux: 567 ifneq ($(shell go env GOOS),linux) 568 $(error makefile target can be run only on linux) 569 endif 570 571 .PHONY: check-not-freebds 572 check-not-freebds: 573 ifeq ($(shell go env GOOS),freebsd) 574 $(error makefile target can't be run on freebsd) 575 endif 576 577 .PHONY: check-compatibility 578 check-compatibility: 579 ifeq ($(OS),freebsd) 580 $(error makefile target can't be run on freebsd) 581 endif 582 ifneq ($(OS),$(shell go env GOOS)) 583 $(error target can't be run on $(shell go env GOOS) as binary is compiled for $(OS)) 584 endif 585 ifneq ($(ARCH),$(shell go env GOARCH)) 586 $(error target can't be run on $(shell go env GOARCH) (binary is for $(ARCH))) 587 endif