-
Notifications
You must be signed in to change notification settings - Fork 44
/
Makefile
135 lines (104 loc) · 4.78 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
MAKEFILE_PATH := $(abspath $(lastword $(MAKEFILE_LIST)))
ROOT_DIR := $(dir $(MAKEFILE_PATH))
DEV_ENV_FILE_PATH := test/setup/.config
DEFAULT_KUBEHOUND_ENV := dev
SYSTEM_TEST_CMD := system-test system-test-clean
# get the latest commit hash in the short form
COMMIT := $(shell git rev-parse --short HEAD)
DATE := $(shell git log -1 --format=%cd --date=format:"%Y%m%d")
BUILD_VERSION ?= $(shell git describe --match 'v[0-9]*' --dirty --always --tags)
BUILD_BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD)
BUILD_ARCH := $(shell go env GOARCH)
BUILD_OS := $(shell go env GOOS)
BUILD_FLAGS := -ldflags="${GO_BUILDTAGS} -X github.com/DataDog/KubeHound/pkg/config.BuildVersion=$(BUILD_VERSION) -X github.com/DataDog/KubeHound/pkg/config.BuildBranch=$(BUILD_BRANCH) -X github.com/DataDog/KubeHound/pkg/config.BuildArch=$(BUILD_ARCH) -X github.com/DataDog/KubeHound/pkg/config.BuildOs=$(BUILD_OS)"
# Need to save the MAKEFILE_LIST variable before the including the env var files
HELP_MAKEFILE_LIST := $(MAKEFILE_LIST)
# Loading docker .env file if present
ifneq (,$(wildcard $(DEV_ENV_FILE_PATH)))
include $(DEV_ENV_FILE_PATH)
export
endif
# Set default values if none of the above have set anything
ifndef KUBEHOUND_ENV
KUBEHOUND_ENV := ${DEFAULT_KUBEHOUND_ENV}
endif
RACE_FLAG_SYSTEM_TEST := "-race"
ifeq (${CI},true)
RACE_FLAG_SYSTEM_TEST := ""
endif
ifeq ($(OS),Windows_NT)
DETECTED_OS = Windows
DRIVE_PREFIX=C:
else
DETECTED_OS = $(shell uname -s)
endif
ifeq ($(DETECTED_OS),Windows)
BINARY_EXT=.exe
endif
# By default, all artifacts go to subdirectories under ./bin/ in the repo root
DESTDIR ?=
BUILDX_CMD ?= docker buildx
all: build
.PHONY: generate
generate: ## Generate code for the application
go generate $(BUILD_FLAGS) ./...
.PHONY: build
build: ## Build the application
go build $(BUILD_FLAGS) -o "$(or $(DESTDIR),./bin/build)/kubehound$(BINARY_EXT)" ./cmd/kubehound/
.PHONY: binary
binary:
$(BUILDX_CMD) bake binary-with-coverage
.PHONY: lint
lint:
$(BUILDX_CMD) bake lint
.PHONY: cross
cross: ## Compile the CLI for linux, darwin and windows (not working on M1)
$(BUILDX_CMD) bake binary-cross
.PHONY: cache-clear
cache-clear: ## Clear the builder cache
$(BUILDX_CMD) prune --force --filter type=exec.cachemount --filter=unused-for=24h
.PHONY: kubehound
kubehound: | build ## Prepare kubehound (build go binary, deploy backend)
./bin/build/kubehound
.PHONY: test
test: ## Run the full suite of unit tests
cd pkg && go test -count=1 -race $(BUILD_FLAGS) ./...
.PHONY: system-test
system-test: | build ## Run the system tests
./bin/build/kubehound dev system-tests
cd test/system && export KUBECONFIG=$(ROOT_DIR)/test/setup/${KIND_KUBECONFIG} && go test -v -timeout "120s" -count=1 -race ./...
.PHONY: system-test-fast
system-test-fast: ## Run the system tests WITHOUT recreating the backend
cd test/system && export KUBECONFIG=$(ROOT_DIR)/test/setup/${KIND_KUBECONFIG} && go test -v -timeout "60s" -count=1 -race ./...
.PHONY: system-test-clean
system-test-clean: | build ## Tear down the kubehound stack for the system-test
./bin/build/kubehound dev system-tests --down
.PHONY: local-cluster-deploy
local-cluster-deploy: ## Create a kind cluster with some vulnerables resources (pods, roles, ...)
bash test/setup/manage-cluster.sh destroy
bash test/setup/manage-cluster.sh create
bash test/setup/manage-cluster-resources.sh deploy
.PHONY: local-cluster-resource-deploy
local-cluster-resource-deploy: ## Deploy the attacks resources into the kind cluster
bash test/setup/manage-cluster-resources.sh deploy
.PHONY: local-cluster-destroy
local-cluster-destroy: ## Destroy the local kind cluster
bash test/setup/manage-cluster.sh destroy
.PHONY: sample-graph
sample-graph: | local-cluster-deploy build ## Create the kind cluster, start the backend, run the application, delete the cluster
cd test/system && export KUBECONFIG=$(ROOT_DIR)/test/setup/${KIND_KUBECONFIG} && $(ROOT_DIR)/bin/build/kubehound
bash test/setup/manage-cluster.sh destroy
.PHONY: help
help: ## Show this help
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(HELP_MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
.PHONY: thirdparty-licenses
thirdparty-licenses: ## Generate the list of 3rd party dependencies and write to LICENSE-3rdparty.csv
go get github.com/google/go-licenses
go install github.com/google/go-licenses
$(GOPATH)/bin/go-licenses csv github.com/DataDog/KubeHound/cmd/kubehound | sort > $(ROOT_DIR)/LICENSE-3rdparty.csv.raw
python scripts/enrich-third-party-licences.py $(ROOT_DIR)/LICENSE-3rdparty.csv.raw > $(ROOT_DIR)/LICENSE-3rdparty.csv
rm -f LICENSE-3rdparty.csv.raw
.PHONY: local-wiki
local-wiki: ## Generate and serve the mkdocs wiki on localhost
poetry install || pip install mkdocs-material mkdocs-awesome-pages-plugin markdown-captions
poetry run mkdocs serve || mkdocs serve