diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..fce1e81 --- /dev/null +++ b/Makefile @@ -0,0 +1,10 @@ +################################ +# Makefile for Cadoles SP +################################ + +IMAGE_REPO := reg.cadoles.com/cadoles +IMAGE_VERSION ?= 0.0.1 + +DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d) + +include main.mk diff --git a/main.mk b/main.mk new file mode 100644 index 0000000..49e6499 --- /dev/null +++ b/main.mk @@ -0,0 +1,77 @@ +IMAGES_DIR := ./misc/images + +# +# $1: IMAGE_NAME +# +define build_image + echo "Building ${IMAGE_REPO}/$1";\ + docker build \ + -t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \ + -f ${IMAGES_DIR}/$1/Dockerfile \ + . +endef + +# +# $1: IMAGE_NAME +# $2: IMAGE_TAG +# +define scan_image + echo "Scanning ${IMAGE_REPO}/$1"; \ + mkdir -p .trivy/$(IMAGE_REPO)/$1; \ + tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \ + cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt" +endef + +define install_trivy + mkdir -p tools/trivy/bin ; \ + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1 +endef + +define release_image + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \ + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \ + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ; \ + docker push $(IMAGE_REPO)/$1:latest ; \ + docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \ + docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) +endef + + +#list: +build: ${IMAGES_DIR}/* + @for name in $(basename $(notdir $^)); do \ + $(call build_image,$${name}); \ + done;\ + +scan: ${IMAGES_DIR}/* + $(call install_trivy) + @for name in $(basename $(notdir $^)); do \ + $(call scan_image,$${name}); \ + done;\ + +tools/trivy/bin/trivy: + mkdir -p tools/trivy/bin + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1 + + +release: ${IMAGES_DIR}/* + @for name in $(basename $(notdir $^)); do \ + $(call release_image,$${name},base); \ + done;\ + +_release: + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION) + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION) + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest + +_test: tools/bin/bash_unit + tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh + +tools/bin/bash_unit: + mkdir -p tools/bin + cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh) + +##include recipes/*.mk diff --git a/skaffold.yaml b/skaffold.yaml new file mode 100644 index 0000000..0d0b6a0 --- /dev/null +++ b/skaffold.yaml @@ -0,0 +1,46 @@ +apiVersion: skaffold/v3 +kind: Config + +metadata: + name: mse + +manifests: + kustomize: + paths: + - misc/k8s/kustomization/base + +profiles: +- name: dev + manifests: + kustomize: + paths: + - misc/k8s/kustomization/overlays/dev + activation: + - command: dev + +build: + cluster: + dockerConfig: + path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson + randomDockerConfigSecret: true + randomPullSecret: true + + tagPolicy: + sha256: {} + + artifacts: + - image: reg.cadoles.com/cadoles/app-kube + context: . + sync: + infer: + - src/** + - app/** + - translations/** + - scripts/** + - templates/** + kaniko: + dockerfile: misc/images/app-kube/Dockerfile + cache: {} + +deploy: + statusCheckDeadlineSeconds: 600