-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathjustfile
More file actions
347 lines (305 loc) · 13.4 KB
/
justfile
File metadata and controls
347 lines (305 loc) · 13.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
# SPDX-License-Identifier: Apache-2.0
# Copyright Open Network Fabric Authors
set unstable := true
set shell := ["/usr/bin/env", "bash", "-euo", "pipefail", "-c"]
set script-interpreter := ["/usr/bin/env", "bash", "-euo", "pipefail"]
# enable to debug just recipes
debug_justfile := "false"
[private]
_just_debuggable_ := if debug_justfile == "true" { "set -x" } else { "" }
# number of nix jobs to run in parallel
jobs := "8"
# libc
libc := if platform == "wasm32-wasip1" { "unknown" } else { "gnu" }
# kernel (linux or wasip1)
kernel := if platform == "wasm32-wasip1" { "wasip1" } else { "linux" }
# List out the available commands
[private]
[default]
@default:
just --list --justfile {{ justfile() }}
# cargo build profile (debug/release/fuzz)
profile := "debug"
# sanitizer to use (address/thread/safe-stack/cfi/"")
sanitize := ""
# comma-separated list of cargo features to enable (e.g. "shuttle")
features := ""
# whether to include default cargo features for this workspace (set to "false" to disable)
default_features := "true"
# Private computed cargo flag groups for consistent invocations.
# Recipes should compose these as needed (not all cargo subcommands accept all flags).
[private]
_cargo_feature_flags := \
(if default_features == "false" { "--no-default-features " } else { "" }) \
+ (if features != "" { "--features " + features } else { "" })
[private]
_cargo_profile_flag := if profile == "debug" { "" } else { "--profile " + profile }
# filters for nextest
filter := if features == "shuttle" { "shuttle" } else { "" }
# instrumentation mode (none/coverage)
instrument := "none"
# target platform (x86-64-v3/bluefield2)
platform := "x86-64-v3"
version_extra := ""
version_platform := if platform == "x86-64-v3" { "" } else { "-" + platform }
version_profile := if profile == "release" { "" } else { "-" + profile }
version_san := if sanitize == "" { "" } else { "-san." + replace(sanitize, ",", ".") }
version_feat := if features == "" { "" } else { "-feat." + replace(features, ",", ".") }
version := env("VERSION", "") || `git describe --tags --dirty --always` + version_platform + version_profile + version_san + version_feat + version_extra
# Print version that will be used in the build
version:
@echo "Using version: {{version}}"
# OCI repo to push images to
oci_repo := "127.0.0.1:30000"
oci_insecure := ""
oci_name := "githedgehog/dataplane"
oci_frr_prefix := "githedgehog/dataplane/frr"
oci_image_dataplane := oci_repo + "/" + oci_name + ":" + version
oci_image_dataplane_debugger := oci_repo + "/" + oci_name + "/debugger:" + version
oci_image_dataplane_validator := oci_repo + "/" + oci_name + "/validator:" + version
oci_image_frr_dataplane := oci_repo + "/" + oci_frr_prefix + ":" + version
oci_image_frr_host := oci_repo + "/" + oci_frr_prefix + "-host:" + version
[private]
_skopeo_dest_insecure := if oci_insecure == "true" { "--dest-tls-verify=false" } else { "" }
[private]
docker_sock := "/var/run/docker.sock"
# Build a nix derivation with standard build arguments
[script]
build target="dataplane.tar" *args:
{{ _just_debuggable_ }}
mkdir -p results
declare -r target="{{target}}"
nix build -f default.nix "${target}" \
--argstr profile '{{ profile }}' \
--argstr sanitize '{{ sanitize }}' \
--argstr libc '{{ libc }}' \
--argstr kernel '{{ kernel }}' \
--argstr features '{{ features }}' \
--argstr default-features '{{ default_features }}' \
--argstr instrumentation '{{ instrument }}' \
--argstr platform '{{ platform }}' \
--argstr tag '{{version}}' \
--print-build-logs \
--show-trace \
--out-link "results/${target}" \
--max-jobs "{{jobs}}" \
--keep-failed \
{{ args }}
# run formatters for the code used in this project
[script]
fmt *args:
{{ _just_debuggable_ }}
cargo fmt {{args}}
# run a series of pre-flight checks to catch most problems you might find in CI early
[script]
pre-flight: (check-dependencies) (fmt "--check") (test) (lint) (doctest)
{{ _just_debuggable_ }}
echo "pre flight checks pass"
[script]
test package="tests.all" *args: (build (if package == "tests.all" { "tests.all" } else { "tests.pkg." + package }) args)
{{ _just_debuggable_ }}
declare -r target="{{ if package == "tests.all" { "tests.all" } else { "tests.pkg." + package } }}"
cargo nextest run --archive-file results/${target}/*.tar.zst --workspace-remap $(pwd) {{ filter }}
[script]
test-each *args: (build "tests.pkg" args)
{{ _just_debuggable_ }}
declare -a fail=()
for test_archive in results/tests.pkg*/*.tar.zst; do
if ! cargo nextest run --archive-file "${test_archive}" --workspace-remap "$(pwd)" --no-tests pass; then
fail+=("${test_archive} failed")
fi
done
if [ "${#fail[@]}" -gt 0 ]; then
>&2 printf '%s\n' "${fail[@]}"
exit 1
fi
[script]
docs package="" *args: (build (if package == "" { "docs.all" } else { "docs.pkg." + package }) args)
{{ _just_debuggable_ }}
# Create devroot and sysroot symlinks for local development
[script]
setup-roots *args:
{{ _just_debuggable_ }}
for root in devroot sysroot; do
nix build -f default.nix "${root}" \
--argstr profile '{{ profile }}' \
--argstr sanitize '{{ sanitize }}' \
--argstr instrumentation '{{ instrument }}' \
--argstr platform '{{ platform }}' \
--argstr tag '{{version}}' \
--out-link "${root}" \
{{ args }}
done
# Build the dataplane container image
[script]
build-container target="dataplane" *args: (build (if target == "dataplane" { "dataplane.tar" } else if target == "validator" { "workspace.validator" } else { "containers." + target }) args)
{{ _just_debuggable_ }}
declare -xr DOCKER_HOST="${DOCKER_HOST:-unix://{{docker_sock}}}"
case "{{target}}" in
"dataplane")
declare img
img="$(docker import --change 'ENTRYPOINT ["/bin/dataplane"]' ./results/dataplane.tar)"
declare -r img
docker tag "${img}" "{{oci_image_dataplane}}"
echo "imported {{ oci_image_dataplane }}"
;;
"dataplane-debugger")
docker load < ./results/containers.dataplane-debugger
docker tag "ghcr.io/githedgehog/dataplane/debugger:{{version}}" "{{oci_image_dataplane_debugger}}"
echo "imported {{ oci_image_dataplane_debugger }}"
;;
"debug-tools")
# Uses nix only to produce a base image with the runtime closure (glibc, bash, etc.)
# then layers locally-compiled cargo binaries on top via Dockerfile.
# See the `build-container-quick` recipe.
docker load < ./results/containers.debug-tools
echo "imported debug-tools:dev"
;;
"frr.dataplane")
docker load < ./results/containers.frr.dataplane
docker tag "ghcr.io/githedgehog/dataplane/frr:{{version}}" "{{oci_image_frr_dataplane}}"
echo "imported {{oci_image_frr_dataplane}}"
;;
"frr.host")
docker load < ./results/containers.frr.host
docker tag "ghcr.io/githedgehog/dataplane/frr-host:{{version}}" "{{oci_image_frr_host}}"
echo "imported {{oci_image_frr_host}}"
;;
"validator")
echo "NOTE: validator image is wasm and not containerized"
;;
*)
>&2 echo "{{target}} is not a valid container"
exit 99
esac
# WARNING: The resulting image must NEVER be pushed to a shared registry.
# NOTE: this recipe intentionally does not depend on build-container "debug-tools" to make the call fast.
# Quick (non-sterile) container build using local cargo artifacts
[script]
build-container-quick:
{{ _just_debuggable_ }}
docker build \
--file ./Dockerfile \
--build-arg PROFILE="{{profile}}" \
--label sterile="false" \
--annotation sterile="false" \
--tag "dataplane:dev" \
.
echo "imported dataplane:dev"
# Build and push the dataplane container
[script]
push-container target="dataplane" *args: (build-container target args) && version
{{ _just_debuggable_ }}
declare -xr DOCKER_HOST="${DOCKER_HOST:-unix://{{docker_sock}}}"
case "{{target}}" in
"dataplane")
skopeo copy --src-daemon-host="${DOCKER_HOST}" {{ _skopeo_dest_insecure }} "docker-daemon:{{ oci_image_dataplane }}" "docker://{{ oci_image_dataplane }}"
echo "Pushed {{ oci_image_dataplane }}"
;;
"dataplane-debugger")
skopeo copy --src-daemon-host="${DOCKER_HOST}" {{ _skopeo_dest_insecure }} "docker-daemon:{{ oci_image_dataplane_debugger }}" "docker://{{ oci_image_dataplane_debugger }}"
echo "Pushed {{ oci_image_dataplane_debugger }}"
;;
"debug-tools")
>&2 echo "do not push the debug tools!"
exit 1
;;
"frr.dataplane")
skopeo copy --src-daemon-host="${DOCKER_HOST}" {{ _skopeo_dest_insecure }} "docker-daemon:{{oci_image_frr_dataplane}}" "docker://{{oci_image_frr_dataplane}}"
echo "Pushed {{ oci_image_frr_dataplane }}"
;;
"frr.host")
skopeo copy --src-daemon-host="${DOCKER_HOST}" {{ _skopeo_dest_insecure }} "docker-daemon:{{oci_image_frr_host}}" "docker://{{oci_image_frr_host}}"
echo "Pushed {{ oci_image_frr_host }}"
;;
"validator")
if [ "{{platform}}" != "wasm32-wasip1" ]; then
>&2 echo "Pushing non wasm32-wasip1 validator images is not supported, set platform=wasm32-wasip1"
exit 1
fi
pushd ./results/workspace.validator/bin
oras push --annotation version="{{ version }}" "{{ oci_image_dataplane_validator }}" ./validator.wasm
popd
echo "Pushed {{ oci_image_dataplane_validator }}"
;;
*)
>&2 echo "{{target}} is not a valid container"
exit 99
esac
# Note: deliberately ignores all recipe parameters save version, debug_justfile, and oci_repo.
# Pushes all release container images.
[script]
push:
{{ _just_debuggable_ }}
for container in dataplane frr.dataplane validator; do
if [ "${container}" = "validator" ]; then
platform="wasm32-wasip1"
else
platform="x86-64-v3"
fi
just debug_justfile="{{debug_justfile}}" oci_repo="{{oci_repo}}" version="{{version}}" profile=release platform="${platform}" sanitize= instrument=none push-container "${container}"
done
# Print names of container images to build or push
[script]
print-container-tags:
echo "{{ oci_image_dataplane }}"
# Check dependency licenses and security advisories
[script]
check-dependencies *args:
{{ _just_debuggable_ }}
cargo deny {{ _cargo_feature_flags }} check {{ args }}
# Run linters
[script]
lint *args:
{{ _just_debuggable_ }}
cargo clippy --all-targets {{ _cargo_feature_flags }} {{ _cargo_profile_flag }} {{ args }} -- -D warnings
# Run doctests
[script]
doctest *args:
{{ _just_debuggable_ }}
cargo test --doc {{ _cargo_feature_flags }} {{ _cargo_profile_flag }} {{ args }}
# Run tests with code coverage. Args will be forwarded to nextest
[script]
coverage target="tests.all" *args: (build (if target == "tests.all" { "tests.all" } else { "tests.pkg." + target }) args)
{{ _just_debuggable_ }}
declare -r target="{{ if target == "tests.all" { "tests.all" } else { "tests.pkg." + target } }}"
export LLVM_COV="$(pwd)/devroot/bin/llvm-cov"
export LLVM_PROFDATA="$(pwd)/devroot/bin/llvm-profdata"
export CARGO_LLVM_COV_TARGET_DIR="$(pwd)/target/llvm-cov"
export CARGO_LLVM_COV_BUILD_DIR="$(pwd)"
cargo llvm-cov clean
cargo llvm-cov show-env
cargo llvm-cov --no-report --branch nextest --archive-file "./results/${target}/"*.tar.zst --workspace-remap . {{ args }}
# NOTE: --profile="" is intentional. When collecting coverage from a nextest archive, the
# profile path component that cargo-llvm-cov normally expects in the profdata directory is
# absent. Passing an empty profile string removes that component from the lookup path so
# the tool can find the profdata generated by the archive run above.
cargo llvm-cov report --html --profile="" --output-dir=./target/nextest/coverage
cargo llvm-cov --branch report --codecov --profile="" --output-path=./target/nextest/coverage/codecov.json
# Regenerate the dependency graph for the project
[script]
depgraph:
{{ _just_debuggable_ }}
cargo depgraph --exclude dataplane-test-utils,dataplane-dpdk-sysroot-helper --workspace-only \
| sed 's/dataplane-//g' \
| dot -Grankdir=TD -Gsplines=polyline -Granksep=1.5 -Tsvg > workspace-deps.svg
# Bump the minor version in Cargo.toml and reset patch version to 0
[script]
bump_minor_version:
CURRENT_VERSION="$(tomlq --raw-output '.workspace.package.version' Cargo.toml)"
echo "Current version: ${CURRENT_VERSION}"
MAJOR_VNUM="$(cut -d. -f1 <<<"${CURRENT_VERSION}")"
MINOR_VNUM="$(cut -d. -f2 <<<"${CURRENT_VERSION}")"
NEW_VERSION="${MAJOR_VNUM}.$((MINOR_VNUM + 1)).0"
just bump_version "${NEW_VERSION}"
# Bump the version in Cargo.toml to the specified version (for example, "1.2.3")
[script]
bump_version version:
declare -r new_version="{{ version }}"
echo "New version: ${new_version}"
sed -i "s/^version = \".*\"/version = \"${new_version}\"/" Cargo.toml
cargo update --workspace
# Enter nix-shell
[script]
shell:
nix-shell