-
-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy pathMakefile
More file actions
412 lines (381 loc) ยท 16.8 KB
/
Makefile
File metadata and controls
412 lines (381 loc) ยท 16.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
# GO_CMD: The command to run Go# .PHONY: Declares phony targets that are not actual files.
.PHONY: build setup setup-prod build-plugin-signer generate-keys generate-prod-keys sign-plugins-prod sonar test vet fmt clean run build-plugins clean-plugins sign-plugins update-config update-prod-config quick-start help debug-config# GO_BUILD: The command to build the Go project.
# GO_TEST: The command to run Go tests.
# GO_VET: The command to run Go vet.
# GO_FMT: The command to format Go code.
# BINARY_NAME: The name of the binary to be created.
# PKG: The package to be used for Go commands.
# API_DIR: The directory containing the API source code.
# CONFIG_FILE: The path to the configuration file.
GO_CMD=go
GO_BUILD=$(GO_CMD) build
GO_TEST=$(GO_CMD) test
GO_VET=$(GO_CMD) vet
GO_FMT=$(GO_CMD) fmt
BINARY_NAME=dito
PKG=./...
API_DIR=cmd
CONFIG_FILE=cmd/config.yaml
PLUGINS_DIR=plugins
PLUGIN_SIGNER_DIR=cmd/plugin-signer
PLUGIN_SIGNER_BINARY=plugin-signer
# Key files (in bin directory)
PUBLIC_KEY_FILE=bin/ed25519_public.key
PRIVATE_KEY_FILE=bin/ed25519_private.key
# SONAR_HOST_URL: The URL of the SonarQube server.
# SONAR_PROJECT_KEY: The unique key for the SonarQube project.
SONAR_HOST_URL=http://localhost:9000
SONAR_PROJECT_KEY=dito
# .PHONY: Declares phony targets that are not actual files.
.PHONY: build setup setup-prod build-plugin-signer generate-keys generate-prod-keys sonar test vet fmt clean run build-plugins clean-plugins sign-plugins sign-plugins-prod update-config update-prod-config update-k8s-config quick-start help debug-config deploy-ocp deploy-ocp-dev clean-ocp status-ocp logs-ocp
# setup: Complete setup for development - builds everything and generates keys if needed
setup: build-plugin-signer generate-keys build build-plugins sign-plugins update-config
@echo "โ
Development setup complete! You can now run: make run"
# setup-prod: Complete setup for production - uses persistent keys and creates production config
setup-prod: build-plugin-signer generate-prod-keys build build-plugins sign-plugins-prod update-prod-config
@echo "โ
Production setup complete!"
@echo "๐ฆ Production files ready:"
@echo " - bin/$(BINARY_NAME) (application binary)"
@echo " - bin/config-prod.yaml (production config)"
@echo " - bin/ed25519_public_prod.key (production public key)"
@echo " - bin/ed25519_private_prod.key (production private key)"
@echo "๐ Ready for containerization with persistent keys!"
# build: Compiles the Go project and copies the configuration file to the bin directory.
build:
@echo "๐จ Building Dito..."
@mkdir -p bin
@$(GO_BUILD) -o bin/$(BINARY_NAME) $(API_DIR)/*.go && cp $(CONFIG_FILE) bin/
@echo "โ
Dito built successfully"
@echo "๐ Config copied: $(CONFIG_FILE) โ bin/config.yaml"
# build-plugin-signer: Builds the plugin signer tool
build-plugin-signer:
@echo "๐จ Building plugin-signer..."
@mkdir -p bin
@cd $(PLUGIN_SIGNER_DIR) && $(GO_BUILD) -o ../../bin/$(PLUGIN_SIGNER_BINARY) .
@echo "โ
Plugin-signer built successfully"
# generate-keys: Generates Ed25519 key pair if they don't exist
generate-keys: build-plugin-signer
@mkdir -p bin
@if [ ! -f $(PUBLIC_KEY_FILE) ] || [ ! -f $(PRIVATE_KEY_FILE) ]; then \
echo "๐ Generating Ed25519 key pair..."; \
cd bin && ../bin/$(PLUGIN_SIGNER_BINARY) generate-keys; \
echo "โ
Keys generated successfully in bin/ directory"; \
else \
echo "๐ Keys already exist in bin/ directory, skipping generation"; \
fi
# generate-prod-keys: Generates persistent Ed25519 key pair for production (only if they don't exist)
generate-prod-keys: build-plugin-signer
@mkdir -p bin
@if [ ! -f bin/ed25519_public_prod.key ] || [ ! -f bin/ed25519_private_prod.key ]; then \
echo "๐ Generating persistent Ed25519 key pair for production..."; \
cd bin && ../bin/$(PLUGIN_SIGNER_BINARY) generate-keys; \
mv ed25519_public.key ed25519_public_prod.key; \
mv ed25519_private.key ed25519_private_prod.key; \
echo "Keys generated successfully: ed25519_public_prod.key, ed25519_private_prod.key"; \
echo "โ
Production keys generated successfully in bin/ directory"; \
else \
echo "๐ Production keys already exist in bin/ directory, keeping existing keys for consistency"; \
fi
# Build all plugins dynamically
build-plugins:
@echo "๐จ Building plugins..."
@find plugins -mindepth 1 -maxdepth 1 -type d -exec sh -c 'echo "Building plugin: {}" && cd {} && go build -buildmode=plugin -o $$(basename {}).so' \;
@echo "โ
Plugins built successfully"
# sign-plugins: Signs all plugins automatically
sign-plugins: generate-keys
@echo "๐ Signing plugins..."
@find plugins -name "*.so" -type f | while read plugin; do \
if [ ! -f "$$plugin.sig" ]; then \
echo "Signing $$plugin..."; \
cp $(PRIVATE_KEY_FILE) ed25519_private.key; \
./bin/$(PLUGIN_SIGNER_BINARY) sign "$$plugin"; \
rm ed25519_private.key; \
else \
echo "$$plugin already signed, skipping"; \
fi \
done
@echo "โ
Plugins signed successfully"
# sign-plugins-prod: Signs all plugins automatically with production keys
sign-plugins-prod: generate-prod-keys
@echo "๐ Signing plugins with production keys..."
@find plugins -name "*.so" -type f | while read plugin; do \
echo "Signing $$plugin with production key..."; \
cp bin/ed25519_private_prod.key ed25519_private.key; \
./bin/$(PLUGIN_SIGNER_BINARY) sign "$$plugin"; \
rm ed25519_private.key; \
done
@echo "โ
Plugins signed successfully with production keys"
# update-config: Updates bin/config.yaml with the correct public key hash and paths
update-config: generate-keys build
@echo "๐ง Updating bin/config.yaml with public key hash and paths..."
@if [ ! -f $(PUBLIC_KEY_FILE) ]; then \
echo "โ Public key file not found: $(PUBLIC_KEY_FILE)"; \
exit 1; \
fi
@if [ ! -f bin/config.yaml ]; then \
echo "โ bin/config.yaml not found. Run 'make build' first."; \
exit 1; \
fi
@if command -v shasum >/dev/null 2>&1; then \
HASH=$$(shasum -a 256 $(PUBLIC_KEY_FILE) | awk '{print $$1}'); \
elif command -v sha256sum >/dev/null 2>&1; then \
HASH=$$(sha256sum $(PUBLIC_KEY_FILE) | awk '{print $$1}'); \
else \
echo "โ Neither shasum nor sha256sum found. Please install one of them."; \
exit 1; \
fi; \
echo "๐ Current public key hash: $$HASH"; \
echo "๐ง Updating bin/config.yaml..."; \
echo "๐ Before update:"; \
grep -A1 -B1 "public_key" bin/config.yaml || echo " (public_key lines not found)"; \
sed -i.bak 's|directory: "[^"]*"|directory: "../plugins"|' bin/config.yaml; \
sed -i.bak 's|public_key_path: "[^"]*"|public_key_path: "./ed25519_public.key"|' bin/config.yaml; \
sed -i.bak 's|public_key_hash: "[^"]*"[^"]*|public_key_hash: "'$$HASH'"|' bin/config.yaml; \
echo "๐ After update:"; \
grep -A3 -B1 "plugins:" bin/config.yaml || echo " (plugins section not found)"; \
echo "โ
bin/config.yaml updated successfully"
# update-prod-config: Updates bin/config-prod.yaml with the correct public key hash and paths for production
update-prod-config: generate-prod-keys build
@echo "๐ง Creating and updating bin/config-prod.yaml with production public key hash and paths..."
@if [ ! -f bin/ed25519_public_prod.key ]; then \
echo "โ Production public key file not found: bin/ed25519_public_prod.key"; \
exit 1; \
fi
@# Copy the base config to production config
@cp bin/config.yaml bin/config-prod.yaml
@if command -v shasum >/dev/null 2>&1; then \
HASH=$$(shasum -a 256 bin/ed25519_public_prod.key | awk '{print $$1}'); \
elif command -v sha256sum >/dev/null 2>&1; then \
HASH=$$(sha256sum bin/ed25519_public_prod.key | awk '{print $$1}'); \
else \
echo "โ Neither shasum nor sha256sum found. Please install one of them."; \
exit 1; \
fi; \
echo "๐ Production public key hash: $$HASH"; \
echo "๐ง Updating bin/config-prod.yaml..."; \
echo "๐ Before update:"; \
grep -A1 -B1 "public_key" bin/config-prod.yaml || echo " (public_key lines not found)"; \
sed -i.bak 's|directory: "[^"]*"|directory: "./plugins"|' bin/config-prod.yaml; \
sed -i.bak 's|public_key_path: "[^"]*"|public_key_path: "./ed25519_public_prod.key"|' bin/config-prod.yaml; \
sed -i.bak 's|public_key_hash: "[^"]*"[^"]*|public_key_hash: "'$$HASH'"|' bin/config-prod.yaml; \
echo "๐ After update:"; \
grep -A3 -B1 "plugins:" bin/config-prod.yaml || echo " (plugins section not found)"; \
echo "โ
bin/config-prod.yaml updated successfully"
# update-k8s-config: Creates Kubernetes-specific config with correct paths
update-k8s-config: generate-prod-keys
@echo "๐ง Creating Kubernetes configuration from template..."
@if [ ! -f bin/ed25519_public_prod.key ]; then \
echo "โ Production public key file not found: bin/ed25519_public_prod.key"; \
exit 1; \
fi
@if command -v shasum >/dev/null 2>&1; then \
HASH=$$(shasum -a 256 bin/ed25519_public_prod.key | awk '{print $$1}'); \
elif command -v sha256sum >/dev/null 2>&1; then \
HASH=$$(sha256sum bin/ed25519_public_prod.key | awk '{print $$1}'); \
else \
echo "โ Neither shasum nor sha256sum found. Please install one of them."; \
exit 1; \
fi; \
echo "๐ Production public key hash: $$HASH"; \
echo "๐ง Creating bin/config-prod-k8s.yaml from template..."; \
sed "s/PLACEHOLDER_HASH_TO_BE_REPLACED/$$HASH/" configs/templates/application.yaml > configs/config-prod-k8s.yaml; \
echo "โ
Kubernetes config created: configs/config-prod-k8s.yaml"
# debug-config: Debug configuration issues
debug-config:
@echo "๐ Debugging configuration..."
@echo "๐ Files in bin/:"
@ls -la bin/ || echo "bin/ directory doesn't exist"
@echo ""
@echo "๐ Public key file:"
@if [ -f $(PUBLIC_KEY_FILE) ]; then \
echo " โ
$(PUBLIC_KEY_FILE) exists"; \
HASH=$$(shasum -a 256 $(PUBLIC_KEY_FILE) | awk '{print $$1}'); \
echo " ๐ Hash: $$HASH"; \
else \
echo " โ $(PUBLIC_KEY_FILE) not found"; \
fi
@echo ""
@echo "๐ Configuration file:"
@if [ -f bin/config.yaml ]; then \
echo " โ
bin/config.yaml exists"; \
echo " ๐ Plugin configuration in bin/config.yaml:"; \
grep -A5 "plugins:" bin/config.yaml || echo " (plugins section not found)"; \
else \
echo " โ bin/config.yaml not found"; \
fi
# Clean all compiled plugin binaries and signatures
clean-plugins:
@echo "๐งน Cleaning plugins..."
@find plugins -name "*.so" -type f -delete
@find plugins -name "*.so.sig" -type f -delete
# vet: Runs the Go vet tool.
vet:
$(GO_VET) $(PKG)
# fmt: Formats the Go code.
fmt:
$(GO_FMT) $(PKG)
# clean: Removes the binary, configuration file, and compiled plugins.
clean:
@echo "๐งน Cleaning build artifacts..."
@rm -f bin/$(BINARY_NAME) bin/$(PLUGIN_SIGNER_BINARY) bin/config.yaml $(PUBLIC_KEY_FILE) $(PRIVATE_KEY_FILE) && $(MAKE) clean-plugins
# run: Runs the compiled binary.
run:
@if [ ! -f bin/$(BINARY_NAME) ]; then \
echo "โ Dito binary not found. Run 'make setup' first."; \
exit 1; \
fi
@if [ ! -f bin/config.yaml ]; then \
echo "โ bin/config.yaml not found. Run 'make setup' first."; \
exit 1; \
fi
@echo "๐ Starting Dito from bin/ directory..."
@cd bin && ./$(BINARY_NAME)
# quick-start: One command to get everything running
quick-start: clean setup
@echo "๐ Starting Dito..."
@$(MAKE) run
# fix-config: Quick command to fix configuration after setup
fix-config: update-config
@echo "โ
Configuration fixed!"
# test: Runs the Go tests.
test:
$(GO_TEST) $(PKG)
# sonar: Analyzes the project with SonarQube.
sonar:
sonar-scanner \
-Dsonar.projectKey=$(SONAR_PROJECT_KEY) \
-Dsonar.sources=. \
-Dsonar.host.url=$(SONAR_HOST_URL) \
-Dsonar.token=$(SONAR_DITO_TOKEN)
# help: Shows available commands
help:
@echo ""
@echo "๐ง Dito Build Commands"
@echo "======================"
@echo ""
@echo "๐ Quick Commands:"
@echo " make quick-start - Clean setup everything and start server"
@echo " make setup - Complete development setup (build, keys, plugins)"
@echo " make setup-prod - Complete production setup (persistent keys, prod config)"
@echo " make fix-config - Fix bin/config.yaml with correct paths/hashes"
@echo ""
@echo "๐จ Build Commands:"
@echo " make build - Build Dito binary only"
@echo " make build-plugins - Build all plugins"
@echo " make build-plugin-signer - Build plugin signer tool"
@echo ""
@echo "๐ Security Commands:"
@echo " make generate-keys - Generate Ed25519 key pair for development"
@echo " make generate-prod-keys - Generate persistent Ed25519 key pair for production"
@echo " make sign-plugins - Sign all plugins with development keys"
@echo " make sign-plugins-prod - Sign all plugins with production keys"
@echo " make update-config - Update bin/config.yaml with development key paths/hashes"
@echo " make update-prod-config - Update bin/config-prod.yaml with production key paths/hashes"
@echo " make update-k8s-config - Create bin/config-prod-k8s.yaml for Kubernetes deployment"
@echo ""
@echo "๐ฎ Runtime Commands:"
@echo " make run - Run Dito server"
@echo ""
@echo "๐ Debug Commands:"
@echo " make debug-config - Debug configuration issues"
@echo ""
@echo "๐งน Cleanup Commands:"
@echo " make clean - Clean all build artifacts"
@echo " make clean-plugins - Clean plugin binaries only"
@echo ""
@echo "๐งช Development Commands:"
@echo " make test - Run tests"
@echo " make vet - Run go vet"
@echo " make fmt - Format code"
@echo " make sonar - Run SonarQube analysis"
@echo ""
@echo "๐ OpenShift Deployment:"
@echo " make deploy-ocp - Complete OpenShift production deployment"
@echo " make deploy-ocp-dev - Quick development deployment"
@echo " make status-ocp - Check OpenShift deployment status"
@echo " make logs-ocp - View OpenShift deployment logs"
@echo " make clean-ocp - Clean up OpenShift resources"
@echo ""
@echo "โ Help:"
@echo " make help - Show this help"
@echo ""
# deploy-ocp: Complete OpenShift deployment with all components
deploy-ocp: setup-prod update-k8s-config
@echo "๐ Starting complete OpenShift deployment..."
@if ! command -v oc >/dev/null 2>&1; then \
echo "โ OpenShift CLI (oc) not found. Please install it."; \
exit 1; \
fi
@if ! oc whoami >/dev/null 2>&1; then \
echo "โ Not logged into OpenShift. Please run: oc login <cluster-url>"; \
exit 1; \
fi
@echo "๐ฆ Building and pushing container image..."
@./docker-build.sh
@echo "๐ง Deploying with automated script..."
@./scripts/deploy-ocp.sh
@echo "โ
Complete OpenShift deployment finished!"
# deploy-ocp-dev: Quick deployment for development/testing
deploy-ocp-dev: setup
@echo "๐ง Starting development OpenShift deployment..."
@if ! command -v oc >/dev/null 2>&1; then \
echo "โ OpenShift CLI (oc) not found. Please install it."; \
exit 1; \
fi
@if ! oc whoami >/dev/null 2>&1; then \
echo "โ Not logged into OpenShift. Please run: oc login <cluster-url>"; \
exit 1; \
fi
@echo "๐ฆ Building and pushing container image..."
@VERSION=dev ./docker-build.sh
@echo "๐ง Creating development resources..."
@NAMESPACE=$${NAMESPACE:-dito-dev} ./scripts/deploy-ocp.sh -v dev
@echo "โ
Development deployment completed!"
# clean-ocp: Clean up OpenShift resources
clean-ocp:
@echo "๐งน Cleaning up OpenShift resources..."
@if ! command -v oc >/dev/null 2>&1; then \
echo "โ OpenShift CLI (oc) not found. Please install it."; \
exit 1; \
fi
@NAMESPACE=$${NAMESPACE:-dito}; \
echo "๐๏ธ Deleting resources from namespace: $$NAMESPACE"; \
oc delete all,configmap,secret,networkpolicy,hpa,pdb -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No resources found"; \
echo "โ
OpenShift cleanup completed"
# status-ocp: Check OpenShift deployment status
status-ocp:
@echo "๐ Checking OpenShift deployment status..."
@if ! command -v oc >/dev/null 2>&1; then \
echo "โ OpenShift CLI (oc) not found. Please install it."; \
exit 1; \
fi
@NAMESPACE=$${NAMESPACE:-dito}; \
echo "๐ Namespace: $$NAMESPACE"; \
echo ""; \
echo "๐ Deployments:"; \
oc get deployment -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No deployments found"; \
echo ""; \
echo "๐ฆ Pods:"; \
oc get pods -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No pods found"; \
echo ""; \
echo "๐ Services:"; \
oc get svc -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No services found"; \
echo ""; \
echo "๐ Routes:"; \
oc get route -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No routes found"; \
echo ""; \
echo "๐ Secrets:"; \
oc get secret -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No secrets found"; \
echo ""; \
echo "๐ ConfigMaps:"; \
oc get configmap -l app=dito -n $$NAMESPACE 2>/dev/null || echo "No configmaps found"
# logs-ocp: View OpenShift deployment logs
logs-ocp:
@echo "๐ Viewing OpenShift deployment logs..."
@if ! command -v oc >/dev/null 2>&1; then \
echo "โ OpenShift CLI (oc) not found. Please install it."; \
exit 1; \
fi
@NAMESPACE=$${NAMESPACE:-dito}; \
echo "๐ Namespace: $$NAMESPACE"; \
oc logs -l app=dito -n $$NAMESPACE --tail=100 -f