forked from rancher/ci-image
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
122 lines (100 loc) · 4.42 KB
/
Makefile
File metadata and controls
122 lines (100 loc) · 4.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
SHELL := /bin/bash
.SHELLFLAGS := -euo pipefail -c
.DEFAULT_GOAL := help
DOCKERFILES_DIR := dockerfiles
# Image names sourced from the images field of images-lock.yaml.
ALL_IMAGES := $(shell awk '/^images:/{f=1;next} /^[a-zA-Z]/{f=0} f && /- /{print $$2}' images-lock.yaml)
# IMAGE must be set explicitly for build/push. Use build-all/push-all to target every image.
# Usage:
# make build IMAGE=go1.25 # builds only go1.25
# make build-all # builds every image
IMAGE ?=
ORG ?= rancher
REPO ?= $(ORG)/ci-image
IMAGE_REPO ?= ghcr.io/$(REPO)
TARGET_PLATFORMS ?= linux/amd64,linux/arm64
# VERSION is set by CI to YYYYMMDD-<run_number> for unique, Renovate-sortable tags.
# Falls back to a local dev value so `make push` works outside CI.
VERSION ?= $(shell date -u +%Y%m%d-%H%M)-dev
NO_CACHE ?=
_GIT_COMMIT := $(shell git rev-parse HEAD 2>/dev/null || echo unknown)
_GIT_REMOTE := $(shell git remote get-url origin 2>/dev/null | sed 's|git@github.com:|https://github.com/|;s|\.git$$||' || true)
_BUILD_DATE := $(shell date -u +%Y-%m-%dT%H:%M:%SZ)
_SOURCE_URL = $(if $(ORG),https://github.com/$(REPO),$(_GIT_REMOTE))
.PHONY: all help test generate verify build push build-all push-all clean setup validate changelog-worktree changelog-local
# Stamp file so setup only runs once per clone, not on every make invocation.
.git/hooks/.setup-done: .githooks/pre-push
git config core.hooksPath .githooks
@touch $@
# Pull setup into every real target via this phony prerequisite.
.PHONY: _setup
_setup: .git/hooks/.setup-done
all: _setup test generate build-all ## Run tests, generate Dockerfiles, and build all images
help: _setup ## Show this help message
@grep -E '^[a-zA-Z_-]+:.*?## ' $(MAKEFILE_LIST) | \
awk 'BEGIN {FS = ":.*?## "}; {printf " %-20s %s\n", $$1, $$2}'
test: _setup ## Run unit tests
go test -v -count=1 ./...
generate: _setup ## Generate Dockerfiles from templates and deps.yaml
go run main.go
verify: _setup ## Verify no uncommitted changes exist
@if [ -n "$$(git status --porcelain)" ]; then \
echo "Error: uncommitted changes detected:"; \
git status --porcelain; \
git diff; \
exit 1; \
fi
validate: _setup generate verify
define buildx
@if [ -z "$(value IMAGE)" ]; then \
echo "Error: IMAGE is not set. Specify IMAGE=<name> or use build-all/push-all."; \
exit 1; \
fi
@echo "==> $(1) $(value IMAGE):$(VERSION)"
@docker buildx build \
--file "$(DOCKERFILES_DIR)/Dockerfile.$(value IMAGE)" \
--platform "$(TARGET_PLATFORMS)" \
--provenance mode=max \
--sbom=true \
$(if $(NO_CACHE),--no-cache) \
--label "org.opencontainers.image.source=$(_SOURCE_URL)" \
--label "org.opencontainers.image.url=$(_SOURCE_URL)" \
--label "org.opencontainers.image.revision=$(_GIT_COMMIT)" \
--label "org.opencontainers.image.created=$(_BUILD_DATE)" \
--label "org.opencontainers.image.version=$(VERSION)" \
--tag "$(IMAGE_REPO)/$(value IMAGE):$(VERSION)" \
--tag "$(IMAGE_REPO)/$(value IMAGE):latest" \
$(2) \
.
endef
build: _setup ## Build a single image — requires IMAGE=<name>
$(call buildx,Building,)
push: _setup ## Build and push a single image — requires IMAGE=<name>
$(call buildx,Pushing,--push)
build-all: _setup ## Build all container images
@for img in $(ALL_IMAGES); do \
$(MAKE) build IMAGE="$${img}" || exit 1; \
done
push-all: _setup ## Build and push all container images
@for img in $(ALL_IMAGES); do \
$(MAKE) push IMAGE="$${img}" || exit 1; \
done
clean: _setup ## Remove generated Dockerfiles
rm -rf $(DOCKERFILES_DIR)
setup: .git/hooks/.setup-done ## Configure git to use the repo's hooks (.githooks/pre-push runs make validate)
changelog-worktree: _setup ## Set up (or refresh) ./changelog-dir worktree from origin/changelog
@if git ls-remote --exit-code origin changelog &>/dev/null; then \
git fetch origin changelog --quiet; \
if [ -d changelog-dir ]; then \
git -C changelog-dir reset --hard origin/changelog --quiet; \
echo "changelog-dir refreshed to origin/changelog"; \
else \
git worktree add changelog-dir origin/changelog --quiet; \
echo "changelog-dir created from origin/changelog"; \
fi \
else \
git worktree add --orphan changelog-dir changelog --quiet; \
echo "changelog-dir created as orphan (no remote branch yet)"; \
fi
changelog-local: _setup ## Simulate or apply changelog generation locally (FROM=, TO=, VERSION=, APPLY=1 to commit, PUSH=1 to also push)
@bash scripts/changelog-local.sh