-
Notifications
You must be signed in to change notification settings - Fork 7
/
Makefile
158 lines (142 loc) · 4.86 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
AWS_REGION=us-east-1
AMI_ARCH=x86_64
AMI_PREFIX=semaphore-agent
AMI_INSTANCE_TYPE=t2.micro
AGENT_VERSION=v2.2.16
TOOLBOX_VERSION=v1.20.5
PACKER_OS=linux
INSTALL_ERLANG=true
SYSTEMD_RESTART_SECONDS=1800
VERSION=$(shell cat package.json | jq -r '.version')
HASH=$(shell find Makefile packer/$(PACKER_OS) -type f -exec md5sum "{}" + | awk '{print $$1}' | sort | md5sum | awk '{print $$1}')
SECURITY_TOOLBOX_BRANCH ?= master
SECURITY_TOOLBOX_TMP_DIR ?= /tmp/security-toolbox
check.prepare:
rm -rf $(SECURITY_TOOLBOX_TMP_DIR)
git clone [email protected]:renderedtext/security-toolbox.git $(SECURITY_TOOLBOX_TMP_DIR) && (cd $(SECURITY_TOOLBOX_TMP_DIR) && git checkout $(SECURITY_TOOLBOX_BRANCH) && cd -)
check.static: check.prepare
docker run -it -v $$(pwd):/app \
-v $(SECURITY_TOOLBOX_TMP_DIR):$(SECURITY_TOOLBOX_TMP_DIR) \
registry.semaphoreci.com/ruby:2.7 \
bash -c 'cd /app && $(SECURITY_TOOLBOX_TMP_DIR)/code --language js -d'
check.deps: check.prepare
docker run -it -v $$(pwd):/app \
-v $(SECURITY_TOOLBOX_TMP_DIR):$(SECURITY_TOOLBOX_TMP_DIR) \
registry.semaphoreci.com/ruby:2.7 \
bash -c 'cd /app && $(SECURITY_TOOLBOX_TMP_DIR)/dependencies --language js -d'
venv.execute:
python3 -m venv venv && \
. venv/bin/activate && \
pip install --upgrade pip && \
pip install -r requirements.txt && \
$(COMMAND) && \
deactivate && \
cd -
packer.fmt:
cd packer/$(PACKER_OS) && packer fmt . && cd -
packer.validate:
@if [ $(PACKER_OS) = "windows" ]; then \
$(MAKE) packer.validate.windows; \
else \
$(MAKE) packer.validate.linux; \
fi
packer.validate.linux:
$(MAKE) venv.execute COMMAND='\
cd packer/linux && \
packer validate \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "install_erlang=$(INSTALL_ERLANG)" \
-var "systemd_restart_seconds=$(SYSTEMD_RESTART_SECONDS)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
packer.validate.windows:
$(MAKE) venv.execute COMMAND='\
cd packer/windows && \
packer validate \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "install_erlang=$(INSTALL_ERLANG)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
packer.validate.macos:
$(MAKE) venv.execute COMMAND='\
cd packer/macos && \
packer validate \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
packer.init:
$(MAKE) venv.execute COMMAND='cd packer/$(PACKER_OS) && packer init .'
packer.build:
@if [ $(PACKER_OS) = "windows" ]; then \
$(MAKE) packer.build.windows; \
elif [ $(PACKER_OS) = "macos" ]; then \
$(MAKE) packer.build.macos; \
else \
$(MAKE) packer.build.linux; \
fi
packer.build.linux:
$(MAKE) venv.execute COMMAND='\
cd packer/linux && \
packer build \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "install_erlang=$(INSTALL_ERLANG)" \
-var "systemd_restart_seconds=$(SYSTEMD_RESTART_SECONDS)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
packer.build.windows:
$(MAKE) venv.execute COMMAND='\
cd packer/windows && \
packer build \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "install_erlang=$(INSTALL_ERLANG)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
# In order to run this, you need to make sure you have an available dedicated host.
# Otherwise, you will get a UnavailableHostRequirements error
# For mac1 family AMIs (intel), use AMI_ARCH=x86_64 and AMI_INSTANCE_TYPE=mac1.metal
# For mac2 family AMIs (ARM), use AMI_ARCH=arm64 and AMI_INSTANCE_TYPE=mac2.metal
packer.build.macos:
$(MAKE) venv.execute COMMAND='\
cd packer/macos && \
packer build \
-var "stack_version=v$(VERSION)" \
-var "agent_version=$(AGENT_VERSION)" \
-var "toolbox_version=$(TOOLBOX_VERSION)" \
-var "hash=$(HASH)" \
-var "region=$(AWS_REGION)" \
-var "ami_prefix=$(AMI_PREFIX)" \
-var "arch=$(AMI_ARCH)" \
-var "instance_type=$(AMI_INSTANCE_TYPE)" \
.'
ansible.lint:
$(MAKE) venv.execute COMMAND='cd packer/linux && ansible-lint'