Enable vuls and lynis tests in CI
[validation.git] / docker / build.mk
1 ##############################################################################
2 # Copyright (c) 2019 AT&T, ENEA AB, Nokia and others                         #
3 #                                                                            #
4 # Licensed under the Apache License, Version 2.0 (the "License");            #
5 # you maynot use this file except in compliance with the License.            #
6 #                                                                            #
7 # You may obtain a copy of the License at                                    #
8 #       http://www.apache.org/licenses/LICENSE-2.0                           #
9 #                                                                            #
10 # Unless required by applicable law or agreed to in writing, software        #
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT  #
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.           #
13 # See the License for the specific language governing permissions and        #
14 # limitations under the License.                                             #
15 ##############################################################################
16
17 # declare the variables
18 REGISTRY ?= akraino
19 NAME ?= validation
20 TAG_PRE ?= $(notdir $(CURDIR))
21 TAG_VER ?= latest
22 DOCKERFILE ?= Dockerfile
23 WORK_DIR ?= $(CURDIR)
24 MTOOL ?= $(dir $(realpath $(lastword $(MAKEFILE_LIST))))/manifest-tool
25
26 # git submodule & patch locations for upstream patching before build
27 GIT_ROOT    := $(shell git rev-parse --show-toplevel)
28 GIT_DIR     := $(shell git rev-parse --git-dir)
29 PATCH_DIR   := $(shell pwd)/patches
30 AKRAINO_TAG := akraino-validation
31 SHELL        = /bin/sh
32 PATCHES      = $(shell find $(PATCH_DIR) $(PATCH_DIR)/$$(uname -m) \
33                  -maxdepth 1 -name '*.patch' 2> /dev/null)
34
35 export GIT_COMMITTER_NAME?=Akraino Validation
36 export GIT_COMMITTER_EMAIL?=validation@akraino.org
37
38 # get the architecture of the host
39 HOST_ARCH = amd64
40 ifeq ($(shell uname -m), aarch64)
41     HOST_ARCH = arm64
42 endif
43
44 $(MTOOL):
45         wget https://github.com/estesp/manifest-tool/releases/download/v0.9.0/manifest-tool-linux-$(HOST_ARCH) -O $@
46         sudo chmod +x $@
47
48 .PHONY: .build
49 .build::
50         cd $(WORK_DIR) && \
51         docker build \
52                 -t $(REGISTRY)/$(NAME):$(TAG_PRE)-$(HOST_ARCH)-$(TAG_VER) \
53                 -f $(DOCKERFILE) \
54                 .
55
56 .PHONY: .push_image
57 .push_image: .build
58         docker push $(REGISTRY)/$(NAME):$(TAG_PRE)-$(HOST_ARCH)-$(TAG_VER)
59
60 .PHONY: .push_manifest
61 .push_manifest: $(MTOOL)
62         $(MTOOL) push from-args \
63                 --ignore-missing \
64                 --platforms linux/amd64,linux/arm64 \
65                 --template $(REGISTRY)/$(NAME):$(TAG_PRE)-ARCH-$(TAG_VER) \
66                 --target $(REGISTRY)/$(NAME):$(TAG_PRE)-$(TAG_VER)
67
68 .submodules_init:
69         cd $(GIT_ROOT) && git submodule update --init 2>/dev/null; \
70         touch $@
71
72 .submodules_patched: .submodules_init $(PATCHES)
73         $(MAKE) .submodules_clean
74         @cd $(GIT_ROOT) && git submodule -q foreach ' \
75                 if [ $$name = $$(basename $(TAG_PRE)) ] && [ -n "$(PATCHES)" ]; then \
76                         git tag $(AKRAINO_TAG)-upstream && \
77                         git checkout -q -b akraino-validation && \
78                         echo "`tput setaf 2`-- patching $$name`tput sgr0`";\
79                         git am -3 --ignore-whitespace --patch-format=mbox \
80                                 --committer-date-is-author-date $(PATCHES) && \
81                         git tag $(AKRAINO_TAG) || exit 1; \
82                 fi'; \
83         touch $@
84
85 .PHONY: .submodules_clean
86 .submodules_clean:
87         @cd $(GIT_ROOT) && git submodule -q foreach ' \
88                 git am -q --abort > /dev/null 2>&1; \
89                 git checkout -q -f $(AKRAINO_TAG)-upstream > /dev/null 2>&1; \
90                 git branch -q -D akraino-validation > /dev/null 2>&1; \
91                 git tag | grep $(AKRAINO_TAG) | xargs git tag -d > /dev/null 2>&1; \
92                 git reset -q --hard HEAD; \
93                 git clean -xdff'
94         @rm -f .submodules_patched