-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
346 lines (286 loc) · 15.8 KB
/
Makefile
File metadata and controls
346 lines (286 loc) · 15.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
# ====================================================================================
# Setup Project
PROJECT_NAME ?= provider-cloudscale
PROJECT_REPO ?= github.com/onzack/$(PROJECT_NAME)
export TERRAFORM_VERSION ?= 1.10.6
export TERRAFORM_BINARY_NAME ?= tofu
export TERRAFORM_DOWNLOAD_URL ?= https://github.com/opentofu/opentofu/releases/download/v$(TERRAFORM_VERSION)
# Using OpenTofu instead of Terraform 1.6+ to avoid BSL licensing
# OpenTofu is the open-source fork of Terraform that remains under MPL 2.0
TERRAFORM_VERSION_VALID := 1
export TERRAFORM_PROVIDER_SOURCE ?= cloudscale-ch/cloudscale
export TERRAFORM_PROVIDER_SHORT_NAME ?= cloudscale-ch/cloudscale
export TERRAFORM_PROVIDER_REPO ?= https://github.com/cloudscale-ch/terraform-provider-cloudscale
export TERRAFORM_PROVIDER_VERSION ?= 5.0.0
export TERRAFORM_PROVIDER_DOWNLOAD_NAME ?= terraform-provider-cloudscale
export TERRAFORM_PROVIDER_DOWNLOAD_URL_PREFIX ?= https://github.com/cloudscale-ch/terraform-provider-cloudscale/releases/download/v$(TERRAFORM_PROVIDER_VERSION)
export TERRAFORM_NATIVE_PROVIDER_BINARY ?= terraform-provider-cloudscale_v5.0.0
export TERRAFORM_DOCS_PATH ?= docs/resources
PLATFORMS ?= linux_amd64 linux_arm64
# -include will silently skip missing files, which allows us
# to load those files with a target in the Makefile. If only
# "include" was used, the make command would fail and refuse
# to run a target until the include commands succeeded.
-include build/makelib/common.mk
# ====================================================================================
# Setup Output
-include build/makelib/output.mk
# ====================================================================================
# Custom generate.done target to fix example YAMLs
generate.done:
@./hack/fix-examples.sh
# ====================================================================================
# Setup Go
# Set a sane default so that the nprocs calculation below is less noisy on the initial
# loading of this file
NPROCS ?= 1
# each of our test suites starts a kube-apiserver and running many test suites in
# parallel can lead to high CPU utilization. by default we reduce the parallelism
# to half the number of CPU cores.
GO_TEST_PARALLEL := $(shell echo $$(( $(NPROCS) / 2 )))
GO_REQUIRED_VERSION ?= 1.24
GOLANGCILINT_VERSION ?= 2.4.0
GO_STATIC_PACKAGES = $(GO_PROJECT)/cmd/provider $(GO_PROJECT)/cmd/generator
GO_LDFLAGS += -X $(GO_PROJECT)/internal/version.Version=$(VERSION)
GO_SUBDIRS += cmd internal apis
-include build/makelib/golang.mk
# ====================================================================================
# Setup Kubernetes tools
KIND_VERSION = v0.30.0
UP_VERSION = v0.41.0
UP_CHANNEL = stable
UPTEST_VERSION = v2.1.0
CRDDIFF_VERSION = v0.12.1
-include build/makelib/k8s_tools.mk
# ====================================================================================
# Setup Images
REGISTRY_ORGS ?= ghcr.io/onzack
IMAGES = $(PROJECT_NAME)
-include build/makelib/imagelight.mk
# ====================================================================================
# Setup XPKG
XPKG_REG_ORGS ?= xpkg.upbound.io/onzack
XPKG_REG_ORGS_NO_PROMOTE ?= xpkg.upbound.io/onzack
XPKGS = $(PROJECT_NAME)
# Upbound authentication configuration
# For robot accounts, set either:
# - UP_ROBOT_USER and UP_ROBOT_PASSWORD for username/password auth
# - UP_ROBOT_TOKEN for token-based auth
UP_ROBOT_USER ?=
UP_ROBOT_PASSWORD ?=
UP_ROBOT_TOKEN ?=
# Map GitHub Actions secrets to UP credentials for compatibility
ifdef UPBOUND_MARKETPLACE_PUSH_ROBOT_USER
export UP_ROBOT_USER = $(UPBOUND_MARKETPLACE_PUSH_ROBOT_USER)
endif
ifdef UPBOUND_MARKETPLACE_PUSH_ROBOT_PWD
export UP_ROBOT_PASSWORD = $(UPBOUND_MARKETPLACE_PUSH_ROBOT_PWD)
endif
ifdef UPBOUND_MARKETPLACE_PUSH_ROBOT_TOKEN
export UP_ROBOT_TOKEN = $(UPBOUND_MARKETPLACE_PUSH_ROBOT_TOKEN)
endif
-include build/makelib/xpkg.mk
# ====================================================================================
# Upbound Publishing Overrides
# Override xpkg publishing to use 'up' CLI for Upbound registries (macOS compatibility)
# Upbound login target
.PHONY: up.login
up.login:
@if [ -n "$(UP_ROBOT_TOKEN)" ]; then \
$(INFO) Logging in to Upbound with robot token; \
echo "$(UP_ROBOT_TOKEN)" | up login --token - || $(FAIL); \
$(OK) Logged in to Upbound with robot token; \
elif [ -n "$(UP_ROBOT_USER)" ] && [ -n "$(UP_ROBOT_PASSWORD)" ]; then \
$(INFO) Logging in to Upbound as robot user $(UP_ROBOT_USER); \
echo "$(UP_ROBOT_PASSWORD)" | up login --username "$(UP_ROBOT_USER)" --password - || $(FAIL); \
$(OK) Logged in to Upbound as robot user $(UP_ROBOT_USER); \
elif ! up profile current > /dev/null 2>&1; then \
$(ERR) Not logged in to Upbound. Please run 'up login' or set UP_ROBOT_TOKEN or UP_ROBOT_USER/UP_ROBOT_PASSWORD environment variables; \
exit 1; \
else \
$(INFO) Already logged in to Upbound; \
fi
# Override xpkg publish for Upbound registries to use 'up' CLI
define UP_XPKG_PUBLISH
xpkg.release.publish.$(1).$(2): up.login
@$$(INFO) Pushing package $(1)/$(2):$$(VERSION)
@for platform in $$(XPKG_LINUX_PLATFORMS); do \
up xpkg push -f $$(XPKG_OUTPUT_DIR)/$$$$platform/$(2)-$$(VERSION).xpkg $(1)/$(2):$$(VERSION) 2>&1 | tee /tmp/up-push.log; \
if grep -q "repository does not exist" /tmp/up-push.log; then \
up xpkg push --create -f $$(XPKG_OUTPUT_DIR)/$$$$platform/$(2)-$$(VERSION).xpkg $(1)/$(2):$$(VERSION) || $$(FAIL); \
elif ! grep -q "xpkg pushed" /tmp/up-push.log; then \
$$(FAIL); \
fi; \
done
@$$(OK) Pushed package $(1)/$(2):$$(VERSION)
endef
# Apply the override for Upbound registries
$(foreach r,$(filter xpkg.upbound.io%,$(XPKG_REG_ORGS)), $(foreach x,$(XPKGS),$(eval $(call UP_XPKG_PUBLISH,$(r),$(x)))))
# ====================================================================================
# Fallthrough
# run `make help` to see the targets and options
# We want submodules to be set up the first time `make` is run.
# We manage the build/ folder and its Makefiles as a submodule.
# The first time `make` is run, the includes of build/*.mk files will
# all fail, and this target will be run. The next time, the default as defined
# by the includes will be run instead.
fallthrough: submodules
@echo Initial setup complete. Running make again . . .
@make
# NOTE(hasheddan): we force image building to happen prior to xpkg build so that
# we ensure image is present in daemon.
xpkg.build.provider-cloudscale: do.build.images
# NOTE(hasheddan): we ensure up is installed prior to running platform-specific
# build steps in parallel to avoid encountering an installation race condition.
build.init: $(UP) $(CROSSPLANE_CLI) check-terraform-version
# ====================================================================================
# Setup Terraform for fetching provider schema
TERRAFORM := $(TOOLS_HOST_DIR)/terraform-$(TERRAFORM_VERSION)
TERRAFORM_WORKDIR := $(WORK_DIR)/terraform
TERRAFORM_PROVIDER_SCHEMA := config/schema.json
check-terraform-version:
# OpenTofu remains open source under MPL 2.0, no version restrictions needed
# This check is kept for compatibility but always passes
ifneq ($(TERRAFORM_VERSION_VALID),1)
$(error TERRAFORM_VERSION_VALID must be set to 1)
endif
$(TERRAFORM): check-terraform-version
@$(INFO) installing opentofu $(HOSTOS)-$(HOSTARCH)
@mkdir -p $(TOOLS_HOST_DIR)/tmp-terraform
@curl -fsSL https://github.com/opentofu/opentofu/releases/download/v$(TERRAFORM_VERSION)/tofu_$(TERRAFORM_VERSION)_$(SAFEHOST_PLATFORM).zip -o $(TOOLS_HOST_DIR)/tmp-terraform/tofu.zip
@unzip $(TOOLS_HOST_DIR)/tmp-terraform/tofu.zip -d $(TOOLS_HOST_DIR)/tmp-terraform
@mv $(TOOLS_HOST_DIR)/tmp-terraform/tofu $(TERRAFORM)
@rm -fr $(TOOLS_HOST_DIR)/tmp-terraform
@$(OK) installing opentofu $(HOSTOS)-$(HOSTARCH)
$(TERRAFORM_PROVIDER_SCHEMA): $(TERRAFORM)
@$(INFO) generating provider schema for $(TERRAFORM_PROVIDER_SOURCE) $(TERRAFORM_PROVIDER_VERSION)
@mkdir -p $(TERRAFORM_WORKDIR)
@echo '{"terraform":[{"required_providers":[{"provider":{"source":"'"$(TERRAFORM_PROVIDER_SOURCE)"'","version":"'"$(TERRAFORM_PROVIDER_VERSION)"'"}}],"required_version":"'"$(TERRAFORM_VERSION)"'"}]}' > $(TERRAFORM_WORKDIR)/main.tf.json
@$(TERRAFORM) -chdir=$(TERRAFORM_WORKDIR) init > $(TERRAFORM_WORKDIR)/terraform-logs.txt 2>&1
@$(TERRAFORM) -chdir=$(TERRAFORM_WORKDIR) providers schema -json=true > $(TERRAFORM_PROVIDER_SCHEMA) 2>> $(TERRAFORM_WORKDIR)/terraform-logs.txt
@$(OK) generating provider schema for $(TERRAFORM_PROVIDER_SOURCE) $(TERRAFORM_PROVIDER_VERSION)
pull-docs:
@if [ ! -d "$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)" ]; then \
mkdir -p "$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)" && \
git clone -c advice.detachedHead=false --depth 1 --filter=blob:none --branch "v$(TERRAFORM_PROVIDER_VERSION)" --sparse "$(TERRAFORM_PROVIDER_REPO)" "$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)"; \
fi
@git -C "$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)" sparse-checkout set "$(TERRAFORM_DOCS_PATH)"
patch-docs: pull-docs
@$(INFO) patching provider documentation for scraper compatibility
@for file in $(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/*.md; do \
if [ -f "$$file" ] && ! grep -q "^description:" "$$file" 2>/dev/null; then \
awk 'NR==1{print; print "description: \"cloudscale.ch resource\""; next}1' "$$file" > "$$file.tmp" && mv "$$file.tmp" "$$file"; \
fi; \
done
@if [ -f "$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/load_balancer_pool_member.md" ]; then \
sed 's/cloudscale_server.web-worker\[count.index\].interfaces\[1\].addresses\[0\].address/cloudscale_server.web-worker.interfaces[0].addresses[0].address/g; /count = 2/d; s/$${count.index}//g' \
$(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/load_balancer_pool_member.md > $(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/load_balancer_pool_member.md.tmp && \
mv $(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/load_balancer_pool_member.md.tmp $(WORK_DIR)/$(TERRAFORM_PROVIDER_SHORT_NAME)/$(TERRAFORM_DOCS_PATH)/load_balancer_pool_member.md; \
fi
@$(OK) patched provider documentation
generate.init: $(TERRAFORM_PROVIDER_SCHEMA) patch-docs
.PHONY: $(TERRAFORM_PROVIDER_SCHEMA) pull-docs check-terraform-version
# ====================================================================================
# Targets
# NOTE: the build submodule currently overrides XDG_CACHE_HOME in order to
# force the Helm 3 to use the .work/helm directory. This causes Go on Linux
# machines to use that directory as the build cache as well. We should adjust
# this behavior in the build submodule because it is also causing Linux users
# to duplicate their build cache, but for now we just make it easier to identify
# its location in CI so that we cache between builds.
go.cachedir:
@go env GOCACHE
go.mod.cachedir:
@go env GOMODCACHE
# Generate a coverage report for cobertura applying exclusions on
# - generated file
cobertura:
@cat $(GO_TEST_OUTPUT)/coverage.txt | \
grep -v zz_ | \
$(GOCOVER_COBERTURA) > $(GO_TEST_OUTPUT)/cobertura-coverage.xml
# Update the submodules, such as the common build scripts.
submodules:
@git submodule sync
@git submodule update --init --recursive
# This is for running out-of-cluster locally, and is for convenience. Running
# this make target will print out the command which was used. For more control,
# try running the binary directly with different arguments.
run: go.build
@$(INFO) Running Crossplane locally out-of-cluster . . .
@# To see other arguments that can be provided, run the command with --help instead
$(GO_OUT_DIR)/provider --debug
# ====================================================================================
# End to End Testing
CROSSPLANE_VERSION = 2.0.2
CROSSPLANE_CLI_VERSION = v2.0.2
CROSSPLANE_NAMESPACE = crossplane-system
-include build/makelib/local.xpkg.mk
-include build/makelib/controlplane.mk
# This target requires the following environment variables to be set:
# - UPTEST_EXAMPLE_LIST, a comma-separated list of examples to test
# To ensure the proper functioning of the end-to-end test resource pre-deletion hook, it is crucial to arrange your resources appropriately.
# You can check the basic implementation here: https://github.com/crossplane/uptest/blob/main/internal/templates/03-delete.yaml.tmpl.
# - UPTEST_CLOUD_CREDENTIALS (optional), multiple sets of AWS IAM User credentials specified as key=value pairs.
# The support keys are currently `DEFAULT` and `PEER`. So, an example for the value of this env. variable is:
# DEFAULT='[default]
# aws_access_key_id = REDACTED
# aws_secret_access_key = REDACTED'
# PEER='[default]
# aws_access_key_id = REDACTED
# aws_secret_access_key = REDACTED'
# The associated `ProviderConfig`s will be named as `default` and `peer`.
# - UPTEST_DATASOURCE_PATH (optional), please see https://github.com/crossplane/uptest#injecting-dynamic-values-and-datasource
uptest: $(UPTEST) $(KUBECTL) $(CHAINSAW) $(CROSSPLANE_CLI)
@$(INFO) running automated tests
@KUBECTL=$(KUBECTL) CHAINSAW=$(CHAINSAW) CROSSPLANE_CLI=$(CROSSPLANE_CLI) CROSSPLANE_NAMESPACE=$(CROSSPLANE_NAMESPACE) $(UPTEST) e2e "${UPTEST_EXAMPLE_LIST}" --data-source="${UPTEST_DATASOURCE_PATH}" --setup-script=cluster/test/setup.sh --default-conditions="Test" || $(FAIL)
@$(OK) running automated tests
local-deploy: build controlplane.up local.xpkg.deploy.provider.$(PROJECT_NAME)
@$(INFO) running locally built provider
@$(KUBECTL) wait provider.pkg $(PROJECT_NAME) --for condition=Healthy --timeout 5m
@$(KUBECTL) -n crossplane-system wait --for=condition=Available deployment --all --timeout=5m
@$(OK) running locally built provider
e2e: local-deploy uptest
crddiff: $(UPTEST)
@$(INFO) Checking breaking CRD schema changes
@for crd in $${MODIFIED_CRD_LIST}; do \
if ! git cat-file -e "$${GITHUB_BASE_REF}:$${crd}" 2>/dev/null; then \
echo "CRD $${crd} does not exist in the $${GITHUB_BASE_REF} branch. Skipping..." ; \
continue ; \
fi ; \
echo "Checking $${crd} for breaking API changes..." ; \
changes_detected=$$(go run github.com/crossplane/uptest/cmd/crddiff@$(CRDDIFF_VERSION) revision --enable-upjet-extensions <(git cat-file -p "$${GITHUB_BASE_REF}:$${crd}") "$${crd}" 2>&1) ; \
if [[ $$? != 0 ]] ; then \
printf "\033[31m"; echo "Breaking change detected!"; printf "\033[0m" ; \
echo "$${changes_detected}" ; \
echo ; \
fi ; \
done
@$(OK) Checking breaking CRD schema changes
schema-version-diff:
@$(INFO) Checking for native state schema version changes
@export PREV_PROVIDER_VERSION=$$(git cat-file -p "${GITHUB_BASE_REF}:Makefile" | sed -nr 's/^export[[:space:]]*TERRAFORM_PROVIDER_VERSION[[:space:]]*:=[[:space:]]*(.+)/\1/p'); \
echo Detected previous Terraform provider version: $${PREV_PROVIDER_VERSION}; \
echo Current Terraform provider version: $${TERRAFORM_PROVIDER_VERSION}; \
mkdir -p $(WORK_DIR); \
git cat-file -p "$${GITHUB_BASE_REF}:config/schema.json" > "$(WORK_DIR)/schema.json.$${PREV_PROVIDER_VERSION}"; \
./scripts/version_diff.py config/generated.lst "$(WORK_DIR)/schema.json.$${PREV_PROVIDER_VERSION}" config/schema.json
@$(OK) Checking for native state schema version changes
.PHONY: cobertura submodules fallthrough run crds.clean
# ====================================================================================
# Special Targets
define CROSSPLANE_MAKE_HELP
Crossplane Targets:
cobertura Generate a coverage report for cobertura applying exclusions on generated files.
submodules Update the submodules, such as the common build scripts.
run Run crossplane locally, out-of-cluster. Useful for development.
endef
# The reason CROSSPLANE_MAKE_HELP is used instead of CROSSPLANE_HELP is because the crossplane
# binary will try to use CROSSPLANE_HELP if it is set, and this is for something different.
export CROSSPLANE_MAKE_HELP
crossplane.help:
@echo "$$CROSSPLANE_MAKE_HELP"
help-special: crossplane.help
.PHONY: crossplane.help help-special
# TODO(negz): Update CI to use these targets.
vendor: modules.download
vendor.check: modules.check