Katenary/katenary
2
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 15 Wiki Activity

chore(makefile): rewrite correctly some rules

Browse Source 
- cleanup
- sign and check gpg signature
- fixup NSIS installer method
- also sign windows installer
This commit is contained in:
Patrice Ferlet
2025-07-07 21:58:15 +02:00
parent 4e739c5f08
commit 42bf35593f
1 changed files with 80 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

143
Makefile
View File

@@ -1,19 +1,33 @@
CUR_SHA=$(shell git log -n1 --pretty='%h') CUR_SHA=$(shell git log -n1 --pretty='%h')
CUR_BRANCH=$(shell git branch --show-current) CUR_BRANCH=$(shell git branch --show-current)
VERSION=$(shell git describe --exact-match --tags $(CUR_SHA) 2>/dev/null || echo $(CUR_BRANCH)-$(CUR_SHA)) VERSION=$(shell git describe --exact-match --tags $(CUR_SHA) 2>/dev/null || echo $(CUR_BRANCH)-$(CUR_SHA))
# get the container (podman is preferred, but docker is also supported)
# TODO: prpose nerdctl
CTN:=$(shell which podman 2>&1 1>/dev/null && echo "podman" || echo "docker") CTN:=$(shell which podman 2>&1 1>/dev/null && echo "podman" || echo "docker")
PREFIX=~/.local PREFIX=~/.local
GOVERSION=1.24 GOVERSION=1.24
GO=container GO=container
OUT=katenary OUT=katenary
MODE=default
RELEASE="" RELEASE=""
BLD_CMD=go build -ldflags="-X 'katenary/generator.Version=$(RELEASE)$(VERSION)'" -o $(OUT) ./cmd/katenary # if release mode
ifeq ($(MODE),release)
VERSION:=release-$(VERSION)
endif
BLD_CMD=go build -ldflags="-X 'katenary/generator.Version=$(VERSION)'" -o $(OUT) ./cmd/katenary
GOOS=linux GOOS=linux
GOARCH=amd64 GOARCH=amd64
CGO_ENABLED=0 CGO_ENABLED=0
# GPG signer
SIGNER=metal3d@gmail.com SIGNER=metal3d@gmail.com
UPX_OPTS =
# upx compression
UPX_OPTS =
UPX ?= upx $(UPX_OPTS) UPX ?= upx $(UPX_OPTS)
BUILD_IMAGE=docker.io/golang:$(GOVERSION) BUILD_IMAGE=docker.io/golang:$(GOVERSION)
@@ -23,6 +37,8 @@ BUILD_IMAGE=docker.io/golang:$(GOVERSION)
SOURCES=$(wildcard ./*.go ./*/*.go ./*/*/*.go) SOURCES=$(wildcard ./*.go ./*/*.go ./*/*/*.go)
# List of binaries to build and sign # List of binaries to build and sign
BINARIES=dist/katenary-linux-amd64 dist/katenary-linux-arm64 dist/katenary.exe dist/katenary-darwin-amd64 dist/katenary-freebsd-amd64 dist/katenary-freebsd-arm64 BINARIES=dist/katenary-linux-amd64 dist/katenary-linux-arm64 dist/katenary.exe dist/katenary-darwin-amd64 dist/katenary-freebsd-amd64 dist/katenary-freebsd-arm64
BINARIES += dist/katenary-windows-setup.exe
# installer
# List of signatures to build # List of signatures to build
ASC_BINARIES=$(patsubst %,%.asc,$(BINARIES)) ASC_BINARIES=$(patsubst %,%.asc,$(BINARIES))
@@ -36,11 +52,10 @@ SHELL := bash
.DELETE_ON_ERROR: .DELETE_ON_ERROR:
MAKEFLAGS += --warn-undefined-variables MAKEFLAGS += --warn-undefined-variables
MAKEFLAGS += --no-builtin-rules MAKEFLAGS += --no-builtin-rules
.PHONY: help clean build install tests test doc nsis .PHONY: help dist-clean build install tests test doc nsis
all: build all: build
help: help:
@cat <<EOF | fold -s -w 80 @cat <<EOF | fold -s -w 80
=== HELP === === HELP ===
@@ -78,7 +93,8 @@ help:
EOF EOF
## Standard build ## BUILD
build: pull katenary build: pull katenary
pull: pull:
@@ -93,8 +109,7 @@ ifeq ($(GO),local)
$(BLD_CMD) $(BLD_CMD)
else ifeq ($(CTN),podman) else ifeq ($(CTN),podman)
@echo "=> Build in container using" $(CTN) @echo "=> Build in container using" $(CTN)
echo $(GOOS) $(GOARCH) @podman run -e CGO_ENABLED=$(CGO_ENABLED) -e GOOS=$(GOOS) -e GOARCH=$(GOARCH) \
podman run -e CGO_ENABLED=$(CGO_ENABLED) -e GOOS=$(GOOS) -e GOARCH=$(GOARCH) -e CC=$(CC) \
--rm -v $(PWD):/go/src/katenary:z -w /go/src/katenary --userns keep-id $(BUILD_IMAGE) $(BLD_CMD) --rm -v $(PWD):/go/src/katenary:z -w /go/src/katenary --userns keep-id $(BUILD_IMAGE) $(BLD_CMD)
else else
@echo "=> Build in container using" $(CTN) @echo "=> Build in container using" $(CTN)
@@ -103,8 +118,9 @@ else
endif endif
## Release build # Make dist, build executables for all platforms, sign them, and compress them with upx if possible.
dist: prepare $(BINARIES) upx $(ASC_BINARIES) # Also generate the windows installer.
dist: prepare $(BINARIES) upx gpg-sign check-sign
prepare: pull prepare: pull
mkdir -p dist mkdir -p dist
@@ -141,6 +157,9 @@ dist/katenary-freebsd-arm64:
@echo -e "\033[1;32mBuilding katenary $(VERSION) for freebsd-arm64...\033[0m" @echo -e "\033[1;32mBuilding katenary $(VERSION) for freebsd-arm64...\033[0m"
$(MAKE) katenary GOOS=freebsd GOARCH=arm64 OUT=$@ $(MAKE) katenary GOOS=freebsd GOARCH=arm64 OUT=$@
dist/katenary-windows-setup.exe: nsis/EnVar.dll dist/katenary.exe
makensis -DAPP_VERSION=$(VERSION) nsis/katenary.nsi
mv nsis/katenary-windows-setup.exe dist/katenary-windows-setup.exe
nsis/EnVar.dll: nsis/EnVar.dll:
curl https://nsis.sourceforge.io/mediawiki/images/7/7f/EnVar_plugin.zip -o nsis/EnVar_plugin.zip curl https://nsis.sourceforge.io/mediawiki/images/7/7f/EnVar_plugin.zip -o nsis/EnVar_plugin.zip
@@ -149,34 +168,41 @@ nsis/EnVar.dll:
mv Plugins/x86-unicode/EnVar.dll EnVar.dll mv Plugins/x86-unicode/EnVar.dll EnVar.dll
rm -rf EnVar_plugin.zip Plugins rm -rf EnVar_plugin.zip Plugins
nsis: nsis/EnVar.dll dist/katenary.exe
@echo -e "\033[1;32mBuilding katenary $(VERSION) for windows with NSIS...\033[0m"
cd nsis && makensis -DAPP_VERSION=$(VERSION) katenary.nsi
gpg-sign:
rm -f dist/*.asc
$(MAKE) $(ASC_BINARIES)
dist/%.asc: dist/%
gpg --armor --detach-sign --default-key $(SIGNER) $< &>/dev/null || exit 1
upx: upx:
$(UPX) dist/katenary-linux-amd64 $(UPX) dist/katenary-linux-amd64
$(UPX) dist/katenary-linux-arm64 $(UPX) dist/katenary-linux-arm64
#$(UPX) dist/katenary.exe #$(UPX) dist/katenary.exe
$(UPX) dist/katenary-darwin-amd64 --force-macos $(UPX) dist/katenary-darwin-amd64 --force-macos
## GPG signing
gpg-sign:
rm -f dist/*.asc
$(MAKE) $(ASC_BINARIES)
check-sign:
@echo "=> Checking signatures..."
@for f in $(ASC_BINARIES); do \
if gpg --verify $$f &>/dev/null; then \
echo "Signature for $$f is valid"; \
else \
echo "Signature for $$f is invalid"; \
exit 1; \
fi; \
done
dist/%.asc: dist/%
gpg --armor --detach-sign --default-key $(SIGNER) $< &>/dev/null || exit 1
## installation and uninstallation
install: build install: build
install -Dm755 katenary $(PREFIX)/bin/katenary install -Dm755 katenary $(PREFIX)/bin/katenary
uninstall: uninstall:
rm -f $(PREFIX)/bin/katenary rm -f $(PREFIX)/bin/katenary
clean:
rm -rf katenary dist/* release.id
serve-doc: __label_doc serve-doc: __label_doc
@cd doc && \ @cd doc && \
@@ -187,52 +213,19 @@ serve-doc: __label_doc
echo "==> Serving doc with mkdocs..." && \ echo "==> Serving doc with mkdocs..." && \
mkdocs serve mkdocs serve
tests: test ## Documentation generation
test:
@echo -e "\033[1;33mTesting katenary $(VERSION)...\033[0m"
go test -coverprofile=cover.out ./...
$(MAKE) cover
cover:
go tool cover -func=cover.out | grep "total:"
go tool cover -html=cover.out -o cover.html
if [ "$(BROWSER)" = "xdg-open" ]; then
xdg-open cover.html
else
$(BROWSER) -i --new-window cover.html
fi
push-release: build-all
@rm -f release.id
# read personal access token from .git-credentials
TOKEN=$(shell cat .credentials)
# create a new release based on current tag and get the release id
@curl -sSL -X POST \
-H "Accept: application/vnd.github.v3+json" \
-H "Authorization: token $$TOKEN" \
-d "{\"tag_name\": \"$(VERSION)\", \"target_commitish\": \"\", \"name\": \"$(VERSION)\", \"draft\": true, \"prerelease\": true}" \
https://api.github.com/repos/metal3d/katenary/releases | jq -r '.id' > release.id
@echo "Release id: $$(cat release.id) created"
@echo "Uploading assets..."
# push all dist binary as assets to the release
@for i in $$(find dist -type f -name "katenary*"); do
curl -sSL -H "Authorization: token $$TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
-H "Content-Type: application/octet-stream" \
--data-binary @$$i \
https://uploads.github.com/repos/metal3d/katenary/releases/$$(cat release.id)/assets?name=$$(basename $$i)
done
@rm -f release.id
doc: doc:
@echo "=> Generating documentation..." @echo "=> Generating documentation..."
# generate the labels doc and code doc # generate the labels doc and code doc
$(MAKE) __label_doc $(MAKE) __label_doc
install-gomarkdoc:
go install github.com/princjef/gomarkdoc/cmd/gomarkdoc@latest
__label_doc: __label_doc:
@command -v gomarkdoc || (echo "==> We need to install gomarkdoc..." && \ @command -v gomarkdoc || (echo "==> We need to install gomarkdoc..." && \
go install github.com/princjef/gomarkdoc/cmd/gomarkdoc@latest) $(MAKE) install-gomarkdoc)
@echo "=> Generating labels doc..." @echo "=> Generating labels doc..."
# short label doc # short label doc
go run ./cmd/katenary help-labels -m | \ go run ./cmd/katenary help-labels -m | \
@@ -256,6 +249,8 @@ __label_doc:
done done
## TESTS, security analysis, and code quality
# Scan the source code. # Scan the source code.
# - we don't need detection of text/template as it's not a web application, and # - we don't need detection of text/template as it's not a web application, and
# - we don't need sha1 detection as it is not used for cryptographic purposes. # - we don't need sha1 detection as it is not used for cryptographic purposes.
@@ -267,3 +262,25 @@ sast:
--exclude-rule go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1 \ --exclude-rule go.lang.security.audit.crypto.use_of_weak_crypto.use-of-sha1 \
--metrics=on \ --metrics=on \
. .
tests: test
test:
@echo -e "\033[1;33mTesting katenary $(VERSION)...\033[0m"
go test -coverprofile=cover.out ./...
$(MAKE) cover
cover:
go tool cover -func=cover.out | grep "total:"
go tool cover -html=cover.out -o cover.html
if [ "$(BROWSER)" = "xdg-open" ]; then
xdg-open cover.html
else
$(BROWSER) -i --new-window cover.html
fi
## Miscellaneous
dist-clean:
rm -rf dist
rm -f katenary