76 lines
2.6 KiB
Makefile
76 lines
2.6 KiB
Makefile
#
|
|
# $1: IMAGE_NAME
|
|
#
|
|
define build_image
|
|
echo "Building ${IMAGE_REPO}/$1";\
|
|
docker build \
|
|
-t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \
|
|
-f ${IMAGES_DIR}/Dockerfile \
|
|
.
|
|
endef
|
|
|
|
#
|
|
# $1: IMAGE_NAME
|
|
# $2: IMAGE_TAG
|
|
#
|
|
define scan_image
|
|
echo "Scanning ${IMAGE_REPO}/$1"; \
|
|
mkdir -p .trivy/$(IMAGE_REPO)/$1; \
|
|
tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \
|
|
cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt"
|
|
endef
|
|
|
|
define install_trivy
|
|
mkdir -p tools/trivy/bin ; \
|
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
|
endef
|
|
|
|
define release_image
|
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(COMMIT_ID) ; \
|
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \
|
|
docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-latest; \
|
|
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-latest ; \
|
|
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \
|
|
docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(COMMIT_ID)
|
|
endef
|
|
|
|
#list:
|
|
build: ${IMAGES_DIR}/*
|
|
$(call build_image,werther)
|
|
|
|
scan: ${IMAGES_DIR}/*
|
|
$(call install_trivy)
|
|
$(call scan_image,werther)
|
|
|
|
tools/trivy/bin/trivy:
|
|
mkdir -p tools/trivy/bin
|
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1
|
|
|
|
|
|
release: ${IMAGES_DIR}/*
|
|
$(call release_image,werther,base); \
|
|
git tag -f -a $(IMAGE_VERSION) -m "Version $(IMAGE_VERSION) released"; \
|
|
git tag -f -a $(IMAGE_VERSION)-$(COMMIT_ID) -m "Version $(IMAGE_VERSION)-$(COMMIT_ID) released"; \
|
|
git tag -f -a $(IMAGE_VERSION)-latest -m "Version $(IMAGE_VERSION)-latest released"; \
|
|
|
|
_release:
|
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(COMMIT_ID)
|
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
|
docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG)
|
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)
|
|
docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest
|
|
|
|
_test: tools/bin/bash_unit
|
|
tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh
|
|
|
|
tools/bin/bash_unit:
|
|
mkdir -p tools/bin
|
|
cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh)
|
|
|
|
up:
|
|
skaffold dev -p dev --default-repo ${IMAGE_REPO}
|
|
|
|
|
|
##include recipes/*.mk
|