-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
171 lines (145 loc) · 5.37 KB
/
Makefile
File metadata and controls
171 lines (145 loc) · 5.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
PROJECT_NAME := keep
GOLANGCI_LINT ?= golangci-lint
GOBIN := $(shell go env GOPATH)/bin
export PATH := $(GOBIN):$(PATH)
.PHONY: all tidy build test lint format lint-go lint-python format-go format-python docker-up docker-down docker-logs db-migrate opa-test cert-refresh setup-venv security
all: build
tidy:
go mod tidy
build:
go build ./...
test:
go test ./...
pytest
smoke:
COMPOSE_FILE=docker-compose.yml ./scripts/smoke-tests.sh
# Formatting targets
format: format-go format-python
format-go:
@echo "Formatting Go code..."
go fmt ./...
goimports -w -local github.com/EvalOps/keep .
format-python:
@echo "Formatting Python code..."
black app/
isort app/
# Linting targets
lint: lint-go lint-python
lint-go:
@echo "Linting Go code..."
go mod download
$(GOLANGCI_LINT) run
lint-python:
@echo "Linting Python code..."
flake8 app/
mypy app/ --ignore-missing-imports
docker-up:
docker compose up --build -d
docker-down:
docker compose down
docker-logs:
docker compose logs -f
db-migrate:
go run ./cmd/migrate -direction=up
db-migrate-down:
go run ./cmd/migrate -direction=down
db-migrate-status:
go run ./cmd/migrate -version
opa-test:
opa test ./policies
cert-refresh:
go run ./cmd/authz cert-refresh
# Tool installation and checks
install-tools:
@echo "Installing Go tools..."
mkdir -p $(GOBIN)
go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
go install golang.org/x/tools/cmd/goimports@v0.36.0
go install golang.org/x/vuln/cmd/govulncheck@latest
go install github.com/securego/gosec/v2/cmd/gosec@v2.22.6
@echo "Ensuring OPA CLI is available..."
@NEED_OPA=1; \
if command -v opa >/dev/null 2>&1; then \
if opa version >/dev/null 2>&1; then \
echo "OPA already installed"; \
NEED_OPA=0; \
else \
echo "Existing OPA binary is unusable. Reinstalling..."; \
fi; \
fi; \
if [ $$NEED_OPA -eq 1 ]; then \
OPA_OS=$$(uname | tr '[:upper:]' '[:lower:]'); \
OPA_ARCH=$$(uname -m); \
case $$OPA_ARCH in \
x86_64) OPA_ARCH=amd64 ;; \
aarch64|arm64) OPA_ARCH=arm64 ;; \
*) echo "Unsupported architecture: $$OPA_ARCH" >&2; exit 1 ;; \
esac; \
case $$OPA_OS in \
linux|darwin) ;; \
*) echo "Unsupported OS: $$OPA_OS" >&2; exit 1 ;; \
esac; \
OPA_URL="https://github.com/open-policy-agent/opa/releases/latest/download/opa_$${OPA_OS}_$${OPA_ARCH}_static"; \
echo "Downloading OPA from $$OPA_URL"; \
curl -fsSL -o $(GOBIN)/opa.tmp "$$OPA_URL"; \
chmod +x $(GOBIN)/opa.tmp; \
mv $(GOBIN)/opa.tmp $(GOBIN)/opa; \
fi
@echo "Installing Python tools..."
uv tool install black
uv tool install flake8
uv tool install isort
uv tool install mypy
setup-venv:
uv venv $(VENV)
uv pip install -r app/requirements.txt
dev-bootstrap:
./scripts/dev-bootstrap.sh
check-tools:
@echo "Checking Go tools..."
@command -v golangci-lint >/dev/null 2>&1 || { echo "golangci-lint not found. Run 'make install-tools'"; exit 1; }
@command -v goimports >/dev/null 2>&1 || { echo "goimports not found. Run 'make install-tools'"; exit 1; }
@command -v govulncheck >/dev/null 2>&1 || { echo "govulncheck not found. Run 'make install-tools'"; exit 1; }
@command -v gosec >/dev/null 2>&1 || { echo "gosec not found. Run 'make install-tools'"; exit 1; }
@echo "Checking Python tools..."
@command -v black >/dev/null 2>&1 || { echo "black not found. Run 'make install-tools'"; exit 1; }
@command -v flake8 >/dev/null 2>&1 || { echo "flake8 not found. Run 'make install-tools'"; exit 1; }
@command -v isort >/dev/null 2>&1 || { echo "isort not found. Run 'make install-tools'"; exit 1; }
@command -v mypy >/dev/null 2>&1 || { echo "mypy not found. Run 'make install-tools'"; exit 1; }
@echo "All tools are available!"
security:
@echo "Running govulncheck..."
@# govulncheck currently fails due to golang.org/x/sync/semaphore type info missing via github.com/jackc/puddle/v2
@if ! govulncheck ./...; then \
echo "Warning: govulncheck encountered known issue (golang.org/x/sync/semaphore via github.com/jackc/puddle/v2); continuing"; \
fi
@echo "Running gosec..."
gosec ./...
# CI/CD targets
ci-lint: check-tools lint
ci-test: check-tools test
ci-format-check: check-tools
@echo "Checking Go formatting..."
@if [ "$$(gofmt -l . | wc -l)" -ne 0 ]; then echo "Go files need formatting. Run 'make format-go'"; exit 1; fi
@echo "Checking Python formatting..."
@black --check app/ || { echo "Python files need formatting. Run 'make format-python'"; exit 1; }
@isort --check-only app/ || { echo "Python imports need sorting. Run 'make format-python'"; exit 1; }
# Help target
help:
@echo "Available targets:"
@echo " build - Build all Go packages"
@echo " test - Run all Go tests"
@echo " lint - Run all linters (Go + Python)"
@echo " format - Format all code (Go + Python)"
@echo " lint-go - Run Go linters only"
@echo " lint-python - Run Python linters only"
@echo " format-go - Format Go code only"
@echo " format-python - Format Python code only"
@echo " install-tools - Install linting and formatting tools"
@echo " check-tools - Verify required tools are installed"
@echo " ci-lint - CI-friendly linting"
@echo " ci-test - CI-friendly testing"
@echo " ci-format-check - CI-friendly format checking"
@echo " docker-up - Start Docker Compose services"
@echo " docker-down - Stop Docker Compose services"
@echo " help - Show this help"