diff --git a/.dockerignore b/.dockerignore index ac0d3cf66..b6f5f7db2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,7 +1,6 @@ .github .git bin -charts docs e2e img @@ -9,3 +8,4 @@ installation scanner_boot_test .envrc Dockerfile* +dist diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 71d050bee..9c3646c2b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,6 +3,7 @@ on: push: tags: - "v[0-9]+.[0-9]+.[0-9]+" + - "v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+" permissions: packages: write @@ -23,21 +24,37 @@ jobs: push: true use_release_repository: true - main_release: - needs: build_and_push - name: Release + publish_helm: + needs: verification + name: Publish Helm Chart runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 + + - name: Create Helm Chart package + env: + VERSION: ${{ github.ref_name }} + run: make dist-helm-chart + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 with: - fetch-depth: 0 + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Package and Publish Helm Chart + env: + VERSION: ${{ github.ref_name }} + run: make publish-helm-chart - - name: Render cloudformation - id: render_cloudformation - run: | - sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:${{ github.ref_name }}@' \ - installation/aws/VmClarity.cfn + artifacts: + name: Create artifacts + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v4 @@ -53,18 +70,80 @@ jobs: path: | ~/.cache/go-build ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ github.ref_name }}-${{ hashFiles('**/go.sum') }} + key: ${{ runner.os }}-go-api-${{ github.ref_name }}-${{ hashFiles('**/go.sum') }} restore-keys: | - ${{ runner.os }}-go-${{ github.ref_name }}- - ${{ runner.os }}-go-${{ github.event.repository.default_branch }}- + ${{ runner.os }}-go-api-${{ github.ref_name }}- + ${{ runner.os }}-go-api-${{ github.event.repository.default_branch }}- + + - name: Create vmclarity-cli manifest(s) + env: + VERSION: ${{ github.ref_name }} + run: make dist-vmclarity-cli + + - name: Create Cloudformation manifest(s) + env: + VERSION: ${{ github.ref_name }} + run: make dist-cloudformation + + - name: Create Azure Bicep manifest(s) + env: + VERSION: ${{ github.ref_name }} + run: make dist-bicep - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + - name: Create Docker Compose manifest(s) + env: + VERSION: ${{ github.ref_name }} + run: make dist-docker-compose + + - name: Create Google Cloud Deployment manifest(s) + env: + VERSION: ${{ github.ref_name }} + run: make dist-gcp-deployment + + - name: Upload + uses: actions/upload-artifact@v3 with: - version: v1.16.0 - args: release --clean --skip-validate + name: artifacts + path: | + dist/*.tar.gz + dist/*.tgz + dist/*.sha256sum + dist/bicep/vmclarity.json + dist/bicep/vmclarity-UI.json + if-no-files-found: error + + main_release: + needs: + - verification + - build_and_push + - publish_helm + - artifacts + name: Release + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: artifacts + path: dist + + - name: Generate changelog env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + VERSION: ${{ github.ref_name }} + run: make generate-release-notes + + - uses: ncipollo/release-action@v1 + with: + allowUpdates: true + artifactErrorsFailBuild: true + artifacts: "dist/*.tar.gz,dist/*.sha256sum,dist/bicep/vmclarity.json,dist/bicep/vmclarity-UI.json" + bodyFile: "dist/CHANGELOG.md" + draft: true + name: "Release ${{ github.ref_name }}" + updateOnlyUnreleased: true # TODO(sambetts) We need to publish a tag in the format "api/" tag # so that go mod is able to import the api module without overriding. We need diff --git a/.gitignore b/.gitignore index a769cda7e..4eef0a19b 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ bin/ db.db ui/build/ site/ +dist diff --git a/.goreleaser.yml b/.goreleaser.yml deleted file mode 100644 index 87121a4b2..000000000 --- a/.goreleaser.yml +++ /dev/null @@ -1,52 +0,0 @@ -builds: - - - id: "cli" - dir: cli - binary: vmclarity-cli - env: - - CGO_ENABLED=0 - ldflags: - - "-s -w" - - "-X github.com/openclarity/vmclarity/pkg/version.Version={{ .Version }}" - - "-X github.com/openclarity/vmclarity/pkg/version.CommitHash={{.Commit}}" - - "-X github.com/openclarity/vmclarity/pkg/version.BuildTimestamp={{.Timestamp}}" - goos: - - linux - - darwin - goarch: - - amd64 - - arm64 - -archives: - - - id: "cli" - name_template: "{{ .Binary }}-{{ .Version }}-{{ .Os }}-{{ .Arch }}" - - # Additional files/template/globs we want to add to the archive. - files: - - LICENSE - - README.md - -checksum: - name_template: 'checksums.txt' - -# Change the default artifacts folder -dist: goreleaser_artifacts - -snapshot: - name_template: "{{ incpatch .Version }}-next" - -changelog: - sort: asc - use: github-native - filters: - exclude: - - '^docs:' - - '^test:' - - '^workflow:' - - Merge pull request - - Merge remote-tracking branch - -release: - extra_files: - - glob: ./installation/aws/VmClarity.cfn diff --git a/Makefile b/Makefile index caa756672..32f42a459 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ SHELL = /usr/bin/env bash -o pipefail #### BINARY_NAME ?= vmclarity -VERSION ?= $(COMMIT_HASH) +VERSION ?= $(shell git rev-parse --short HEAD) DOCKER_REGISTRY ?= ghcr.io/openclarity DOCKER_IMAGE ?= $(DOCKER_REGISTRY)/$(BINARY_NAME) DOCKER_TAG ?= $(VERSION) @@ -28,12 +28,17 @@ BUILD_TIMESTAMP := $(shell date -u +"%Y-%m-%dT%H:%M:%SZ") COMMIT_HASH := $(shell git rev-parse HEAD) INSTALLATION_DIR := $(ROOT_DIR)/installation HELM_CHART_DIR := $(INSTALLATION_DIR)/kubernetes/helm +HELM_OCI_REPOSITORY := ghcr.io/openclarity/charts +DIST_DIR ?= $(ROOT_DIR)/dist include makefile.d/*.mk $(BIN_DIR): @mkdir -p $(BIN_DIR) +$(DIST_DIR): + @mkdir -p $(DIST_DIR) + ##@ General .PHONY: help @@ -49,16 +54,32 @@ build: ui build-all-go ## Build all components build-all-go: bin/vmclarity-apiserver bin/vmclarity-cli bin/vmclarity-orchestrator bin/vmclarity-ui-backend ## Build all go components bin/vmclarity-orchestrator: $(shell find api) $(shell find cmd/vmclarity-orchestrator) $(shell find pkg) go.mod go.sum | $(BIN_DIR) - go build -race -o bin/vmclarity-orchestrator cmd/vmclarity-orchestrator/main.go + go build -race -ldflags="-s -w \ + -X 'github.com/openclarity/vmclarity/pkg/version.Version=$(VERSION)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.CommitHash=$(COMMIT_HASH)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.BuildTimestamp=$(BUILD_TIMESTAMP)'" \ + -o $@ cmd/vmclarity-orchestrator/main.go bin/vmclarity-apiserver: $(shell find api) $(shell find cmd/vmclarity-apiserver) $(shell find pkg) go.mod go.sum | $(BIN_DIR) - go build -race -o bin/vmclarity-apiserver cmd/vmclarity-apiserver/main.go + go build -race -ldflags="-s -w \ + -X 'github.com/openclarity/vmclarity/pkg/version.Version=$(VERSION)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.CommitHash=$(COMMIT_HASH)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.BuildTimestamp=$(BUILD_TIMESTAMP)'" \ + -o $@ cmd/vmclarity-apiserver/main.go bin/vmclarity-cli: $(shell find api) $(shell find cmd/vmclarity-cli) $(shell find pkg) go.mod go.sum | $(BIN_DIR) - go build -race -o bin/vmclarity-cli cmd/vmclarity-cli/main.go + go build -race -ldflags="-s -w \ + -X 'github.com/openclarity/vmclarity/pkg/version.Version=$(VERSION)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.CommitHash=$(COMMIT_HASH)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.BuildTimestamp=$(BUILD_TIMESTAMP)'" \ + -o $@ cmd/vmclarity-cli/main.go bin/vmclarity-ui-backend: $(shell find api) $(shell find cmd/vmclarity-ui-backend) $(shell find pkg) go.mod go.sum | $(BIN_DIR) - go build -race -o bin/vmclarity-ui-backend cmd/vmclarity-ui-backend/main.go + go build -race -ldflags="-s -w \ + -X 'github.com/openclarity/vmclarity/pkg/version.Version=$(VERSION)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.CommitHash=$(COMMIT_HASH)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.BuildTimestamp=$(BUILD_TIMESTAMP)'" \ + -o $@ cmd/vmclarity-ui-backend/main.go .PHONY: clean clean: clean-ui clean-go ## Clean all build artifacts @@ -255,7 +276,195 @@ gen-bicep: bin/bicep ## Generating Azure Bicep template(s) @$(BICEP_BIN) build installation/azure/vmclarity.bicep .PHONY: gen-helm-docs -gen-helm-docs: ## Generating documentation for Helm chart +gen-helm-docs: bin/helm-docs ## Generating documentation for Helm chart $(info Generating Helm chart(s) documentation ...) - docker run --rm --volume "$(HELM_CHART_DIR):/helm-docs" -u $(shell id -u) jnorwood/helm-docs:v1.11.0 + $(HELMDOCS_BIN) --chart-search-root $(HELM_CHART_DIR) + +##@ Release + +.DELETE_ON_ERROR: + +.PHONY: clean-dist +clean-dist: + rm -rf $(DIST_DIR)/* + +.PHONY: dist-all +dist-all: dist-bicep dist-cloudformation dist-docker-compose dist-gcp-deployment dist-helm-chart dist-vmclarity-cli + +CLI_OSARCH := $(shell echo {linux-,darwin-}{amd64,arm64}) +CLI_BINARIES := $(CLI_OSARCH:%=$(DIST_DIR)/%/vmclarity-cli) +CLI_TARS := $(CLI_OSARCH:%=$(DIST_DIR)/vmclarity-cli-$(VERSION)-%.tar.gz) +CLI_TAR_SHA256SUMS := $(CLI_TARS:%=%.sha256sum) + +.PHONY: dist-vmclarity-cli +dist-vmclarity-cli: $(CLI_BINARIES) $(CLI_TARS) $(CLI_TAR_SHA256SUMS) | $(DIST_DIR) ## Create vmclarity-cli release artifacts + +$(DIST_DIR)/vmclarity-cli-$(VERSION)-%.tar.gz: $(DIST_DIR)/%/vmclarity-cli $(DIST_DIR)/%/LICENSE $(DIST_DIR)/%/README.md + $(info --- Bundling $(dir $<) into $(notdir $@)) + tar cv -f $@ -C $(dir $<) --use-compress-program='gzip -9' $(notdir $^) + +$(DIST_DIR)/%/vmclarity-cli: $(shell find api) $(shell find cmd/vmclarity-cli) $(shell find pkg) go.mod go.sum + $(info --- Building $(notdir $@) for $*) + GOOS=$(firstword $(subst -, ,$*)) \ + GOARCH=$(lastword $(subst -, ,$*)) \ + CGO_ENABLED=0 \ + go build -ldflags="-s -w \ + -X 'github.com/openclarity/vmclarity/pkg/version.Version=$(VERSION)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.CommitHash=$(COMMIT_HASH)' \ + -X 'github.com/openclarity/vmclarity/pkg/version.BuildTimestamp=$(BUILD_TIMESTAMP)'" \ + -o $@ cmd/$(notdir $@)/main.go + +$(DIST_DIR)/%/LICENSE: $(ROOT_DIR)/LICENSE + $(info --- Copy $(notdir $<) to $@) + @cp $< $@ + +$(DIST_DIR)/%/README.md: $(ROOT_DIR)/README.md + $(info --- Copy $(notdir $<) to $@) + @cp $< $@ + +CFN_DIR := $(INSTALLATION_DIR)/aws +CFN_FILES := $(shell find $(CFN_DIR)) +CFN_DIST_DIR := $(DIST_DIR)/cloudformation + +.PHONY: dist-cloudformation +dist-cloudformation: $(DIST_DIR)/aws-cloudformation-$(VERSION).tar.gz $(DIST_DIR)/aws-cloudformation-$(VERSION).tar.gz.sha256sum ## Create AWS CloudFormation release artifacts + +$(DIST_DIR)/aws-cloudformation-$(VERSION).tar.gz: $(DIST_DIR)/aws-cloudformation-$(VERSION).bundle $(CFN_DIST_DIR)/LICENSE | $(CFN_DIST_DIR) + $(info --- Bundle $(CFN_DIST_DIR) into $(notdir $@)) + tar cv -f $@ -C $(CFN_DIST_DIR) --use-compress-program='gzip -9' $(shell ls $(CFN_DIST_DIR)) +$(DIST_DIR)/aws-cloudformation-$(VERSION).bundle: $(CFN_FILES) | $(CFN_DIST_DIR) + $(info --- Generate Cloudformation bundle) + cp -R $(CFN_DIR)/ $(CFN_DIST_DIR)/ + sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' $(CFN_DIST_DIR)/VmClarity.cfn + @touch $@ + +$(CFN_DIST_DIR)/LICENSE: $(ROOT_DIR)/LICENSE | $(CFN_DIST_DIR) + $(info --- Copy $(notdir $@) to $@) + @cp $< $@ + +$(CFN_DIST_DIR): + @mkdir -p $@ + +BICEP_DIR := $(INSTALLATION_DIR)/azure +BICEP_FILES := $(shell find $(BICEP_DIR)) +BICEP_DIST_DIR := $(DIST_DIR)/bicep + +.PHONY: dist-bicep +dist-bicep: $(DIST_DIR)/azure-bicep-$(VERSION).tar.gz $(DIST_DIR)/azure-bicep-$(VERSION).tar.gz.sha256sum ## Create Azure Bicep release artifacts + +$(DIST_DIR)/azure-bicep-$(VERSION).tar.gz: $(DIST_DIR)/azure-bicep-$(VERSION).bundle $(BICEP_DIST_DIR)/LICENSE | $(BICEP_DIST_DIR) + $(info --- Bundle $(BICEP_DIST_DIR) into $(notdir $@)) + tar cv -f $@ -C $(BICEP_DIST_DIR) --use-compress-program='gzip -9' $(shell ls $(BICEP_DIST_DIR)) + +$(DIST_DIR)/azure-bicep-$(VERSION).bundle: $(BICEP_FILES) $(BICEP_BIN) | $(BICEP_DIST_DIR) + $(info --- Generate Bicep bundle) + cp -R $(BICEP_DIR)/ $(BICEP_DIST_DIR)/ + sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ + $(BICEP_DIST_DIR)/*.bicep $(BICEP_DIST_DIR)/vmclarity-UI.json + $(BICEP_BIN) build $(BICEP_DIST_DIR)/vmclarity.bicep + @touch $@ + +$(BICEP_DIST_DIR)/LICENSE: $(ROOT_DIR)/LICENSE | $(BICEP_DIST_DIR) + $(info --- Copy $(notdir $@) to $@) + @cp $< $@ + +$(BICEP_DIST_DIR): + @mkdir -p $@ + +DOCKER_COMPOSE_DIR := $(INSTALLATION_DIR)/docker +DOCKER_COMPOSE_FILES := $(shell find $(DOCKER_COMPOSE_DIR)) +DOCKER_COMPOSE_DIST_DIR := $(DIST_DIR)/docker-compose + +.PHONY: dist-docker-compose +dist-docker-compose: $(DIST_DIR)/docker-compose-$(VERSION).tar.gz $(DIST_DIR)/docker-compose-$(VERSION).tar.gz.sha256sum ## Create Docker Compose release artifacts + +$(DIST_DIR)/docker-compose-$(VERSION).tar.gz: $(DIST_DIR)/docker-compose-$(VERSION).bundle $(DOCKER_COMPOSE_DIST_DIR)/LICENSE | $(DOCKER_COMPOSE_DIST_DIR) + $(info --- Bundle $(DOCKER_COMPOSE_DIST_DIR) into $(notdir $@)) + tar cv -f $@ -C $(DOCKER_COMPOSE_DIST_DIR) --use-compress-program='gzip -9' $(shell ls $(DOCKER_COMPOSE_DIST_DIR)) + +$(DIST_DIR)/docker-compose-$(VERSION).bundle: $(DOCKER_COMPOSE_FILES) | $(DOCKER_COMPOSE_DIST_DIR) + $(info --- Generate Docker Compose bundle) + cp -R $(DOCKER_COMPOSE_DIR)/ $(DOCKER_COMPOSE_DIST_DIR)/ + sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ + $(DOCKER_COMPOSE_DIST_DIR)/docker-compose.yml $(DOCKER_COMPOSE_DIST_DIR)/image_override.env + @touch $@ + +$(DOCKER_COMPOSE_DIST_DIR)/LICENSE: $(ROOT_DIR)/LICENSE | $(DOCKER_COMPOSE_DIST_DIR) + $(info --- Copy $(notdir $@) to $@) + @cp $< $@ + +$(DOCKER_COMPOSE_DIST_DIR): + @mkdir -p $@ + +GCP_DM_DIR := $(INSTALLATION_DIR)/gcp/dm +GCP_DM_FILES := $(shell find $(GCP_DM_DIR)) +GCP_DM_DIST_DIR := $(DIST_DIR)/gcp-deployment + +.PHONY: dist-gcp-deployment +dist-gcp-deployment: $(DIST_DIR)/gcp-deployment-$(VERSION).tar.gz $(DIST_DIR)/gcp-deployment-$(VERSION).tar.gz.sha256sum ## Create Google Cloud Deployment bundle + +$(DIST_DIR)/gcp-deployment-$(VERSION).tar.gz: $(DIST_DIR)/gcp-deployment-$(VERSION).bundle $(GCP_DM_DIST_DIR)/LICENSE | $(GCP_DM_DIST_DIR) + $(info --- Bundle $(GCP_DM_DIST_DIR) into $(notdir $@)) + tar cv -f $@ -C $(GCP_DM_DIST_DIR) --use-compress-program='gzip -9' $(shell ls $(GCP_DM_DIST_DIR)) + +$(DIST_DIR)/gcp-deployment-$(VERSION).bundle: $(GCP_DM_FILES) | $(GCP_DM_DIST_DIR) + $(info --- Generate Google Cloud Deployment bundle) + cp -R $(GCP_DM_DIR)/ $(GCP_DM_DIST_DIR)/ + sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ + $(GCP_DM_DIST_DIR)/vmclarity.py.schema $(GCP_DM_DIST_DIR)/components/vmclarity-server.py.schema + @touch $@ + +$(GCP_DM_DIST_DIR)/LICENSE: $(ROOT_DIR)/LICENSE | $(GCP_DM_DIST_DIR) + $(info --- Copy $(notdir $@) to $@) + @cp $< $@ + +$(GCP_DM_DIST_DIR): + @mkdir -p $@ + +HELM_CHART_DIR := $(INSTALLATION_DIR)/kubernetes/helm/vmclarity +HELM_CHART_FILES := $(shell find $(HELM_CHART_DIR)) +HELM_CHART_DIST_DIR := $(DIST_DIR)/helm-vmclarity-chart + +.PHONY: dist-helm-chart +dist-helm-chart: $(DIST_DIR)/vmclarity-$(VERSION).tgz $(DIST_DIR)/vmclarity-$(VERSION).tgz.sha256sum ## Create Helm Chart bundle + +$(DIST_DIR)/vmclarity-$(VERSION).tgz: $(DIST_DIR)/helm-vmclarity-chart-$(VERSION).bundle | $(HELM_CHART_DIST_DIR) + $(info --- Bundle $(HELM_CHART_DIST_DIR) into $(notdir $@)) + $(HELM_BIN) package $(HELM_CHART_DIST_DIR) --version "$(VERSION)" --app-version "$(VERSION)" --destination $(DIST_DIR) + +$(DIST_DIR)/helm-vmclarity-chart-$(VERSION).bundle: $(HELM_CHART_FILES) $(YQ_BIN) | $(HELM_CHART_DIST_DIR) + $(info --- Generate Helm Chart bundle) + cp -R $(HELM_CHART_DIR)/ $(HELM_CHART_DIST_DIR)/ + $(YQ_BIN) -i ' \ + .apiserver.image.tag = "$(VERSION)" | \ + .orchestrator.image.tag = "$(VERSION)" | \ + .orchestrator.scannerImage.tag = "$(VERSION)" | \ + .ui.image.tag = "$(VERSION)" | \ + .uibackend.image.tag = "$(VERSION)" \ + ' $(HELM_CHART_DIST_DIR)/values.yaml + $(YQ_BIN) -i ' \ + .version = "$(VERSION)" | \ + .appVersion = "$(VERSION)" \ + ' $(HELM_CHART_DIST_DIR)/Chart.yaml + $(HELMDOCS_BIN) --chart-search-root $(HELM_CHART_DIST_DIR) + @touch $@ + +$(HELM_CHART_DIST_DIR): + @mkdir -p $@ + +.PHONY: publish-helm-chart +publish-helm-chart: $(DIST_DIR)/vmclarity-$(VERSION).tgz ## Publish Helm Chart bundle to OCI registry + $(HELM_BIN) push $< oci://$(HELM_OCI_REPOSITORY) + +$(DIST_DIR)/%.sha256sum: | $(DIST_DIR) + $(info --- Generate SHA256 for $(notdir $@)) + shasum -a 256 $(basename $@) | sed "s@$(dir $@)@@" > $@ + +.PHONY: generate-release-notes +generate-release-notes: $(DIST_DIR)/RELEASE.md ## Generate Release Notes + +$(DIST_DIR)/RELEASE.md: $(DIST_DIR)/CHANGELOG.md + +$(DIST_DIR)/CHANGELOG.md: $(ROOT_DIR)/.git/refs/heads/$(shell git rev-parse --abbrev-ref HEAD) $(ROOT_DIR)/cliff.toml $(ROOT_DIR)/release.tmpl + $(GITCLIFF_BIN) -vv --strip all --unreleased --tag $(VERSION) --output $@ diff --git a/cliff.toml b/cliff.toml new file mode 100644 index 000000000..df2a7ac08 --- /dev/null +++ b/cliff.toml @@ -0,0 +1,86 @@ +# git-cliff ~ default configuration file +# https://git-cliff.org/docs/configuration +# +# Lines starting with "#" are comments. +# Configuration options are organized into tables and keys. +# See documentation for more information on available options. + +[changelog] +# changelog header +header = "" +# template for the changelog body +# https://keats.github.io/tera/docs/#introduction +body = """ +{% if version %}\ + ## {{ version | trim_start_matches(pat="v") }} - {{ timestamp | date(format="%Y-%m-%d") }} +{% else %}\ + ## [unreleased] +{% endif %}\ +{% for group, commits in commits | group_by(attribute="group") %} + ### {{ group | upper_first }} + {% for commit in commits %} + - {% if commit.scope %}*({{ commit.scope }})* {% endif %}{% if commit.breaking %}[**BREAKING**] {% endif %}{{ commit.message | upper_first }}\ + {% endfor %} +{% endfor %}\n +""" +# remove the leading and trailing whitespace from the template +trim = true +# changelog footer +footer = "" +# postprocessors +postprocessors = [ + { pattern = '', replace = "https://github.com/openclarity/vmclarity" }, # replace repository URL +] + +[git] +# parse the commits based on https://www.conventionalcommits.org +conventional_commits = true +# filter out the commits that are not conventional +filter_unconventional = true +# process each line of a commit as an individual commit +split_commits = false +# regex for preprocessing the commit messages +commit_preprocessors = [ + { pattern = '\((\w+\s)?#([0-9]+)\)', replace = "([#${2}](/pull/${2}))" }, + # Check spelling of the commit with https://github.com/crate-ci/typos + # If the spelling is incorrect, it will be automatically fixed. + #{ pattern = '.*', replace_command = 'bin/typos --write-changes -' }, +] +# regex for parsing and grouping commits +commit_parsers = [ + { message = "^feat\\(ci\\)", group = "Miscellaneous Tasks" }, + { message = "^refactor\\(ci\\)", group = "Miscellaneous Tasks" }, + { message = "^feat\\(e2e\\)", group = "Testing" }, + { message = "^fix\\(ci\\)", group = "Miscellaneous Tasks" }, + # TODO(chrisgacsal): remove the rules above for the next release + { message = "^feat", group = "Features" }, + { message = "^fix", group = "Bug Fixes" }, + { message = "^doc", group = "Documentation" }, + { message = "^perf", group = "Performance" }, + { message = "^refactor", group = "Refactor" }, + { message = "^style", group = "Styling" }, + { message = "^test", group = "Testing" }, + { message = "^chore\\(release\\): prepare for", skip = true }, + { message = "^chore\\(deps\\)", skip = true }, + { message = "^chore\\(pr\\)", skip = true }, + { message = "^chore\\(pull\\)", skip = true }, + { message = "^chore|ci", group = "Miscellaneous Tasks" }, + { body = ".*security", group = "Security" }, + { message = "^revert", group = "Revert" }, +] +# protect breaking changes from being skipped due to matching a skipping commit_parser +protect_breaking_commits = true +# filter out the commits that are not matched by commit parsers +filter_commits = false +# regex for matching git tags +tag_pattern = "v[0-9].*" +# regex for skipping tags +skip_tags = "" +# regex for ignoring tags +ignore_tags = "" +# sort the tags topologically +topo_order = false +# sort the commits inside sections by oldest/newest order +sort_commits = "newest" +# limit the number of commits included in the changelog. +# limit_commits = 42 diff --git a/installation/kubernetes/helm/vmclarity/Chart.yaml b/installation/kubernetes/helm/vmclarity/Chart.yaml index 3460949c4..04f980c74 100644 --- a/installation/kubernetes/helm/vmclarity/Chart.yaml +++ b/installation/kubernetes/helm/vmclarity/Chart.yaml @@ -5,7 +5,7 @@ description: | Virtual Machine Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations and leaked secrets. -version: v0.0.0-latest +version: 0.0.0 appVersion: "latest" type: application home: https://openclarity.io diff --git a/installation/kubernetes/helm/vmclarity/README.md b/installation/kubernetes/helm/vmclarity/README.md index 31dadaae4..81ce3c659 100644 --- a/installation/kubernetes/helm/vmclarity/README.md +++ b/installation/kubernetes/helm/vmclarity/README.md @@ -1,6 +1,6 @@ # vmclarity -![Version: v0.0.0-latest](https://img.shields.io/badge/Version-v0.0.0--latest-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square) +![Version: 0.0.0](https://img.shields.io/badge/Version-0.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: latest](https://img.shields.io/badge/AppVersion-latest-informational?style=flat-square) VMClarity is an open source tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and security threats such @@ -331,4 +331,4 @@ secrets. | yaraRuleServer.serviceAccount.name | string | `""` | The name of the ServiceAccount to use. If not set and create is true, it will use the component's calculated name. | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3) diff --git a/makefile.d/20-tools.mk b/makefile.d/20-tools.mk index 7150f4edb..a57e7223e 100644 --- a/makefile.d/20-tools.mk +++ b/makefile.d/20-tools.mk @@ -100,3 +100,122 @@ bin/golangci-lint: bin/golangci-lint-$(GOLANGCI_VERSION) bin/golangci-lint-$(GOLANGCI_VERSION): | $(BIN_DIR) curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b "$(BIN_DIR)" "v$(GOLANGCI_VERSION)" @mv bin/golangci-lint $@ + +#### +## yq CLI +#### + +YQ_BIN := $(BIN_DIR)/yq +YQ_VERSION := 4.35.2 + +bin/yq: bin/yq-$(YQ_VERSION) + @ln -sf $(notdir $<) $@ + +bin/yq-$(YQ_VERSION): | $(BIN_DIR) + @curl -sSfL 'https://github.com/mikefarah/yq/releases/download/v$(YQ_VERSION)/yq_$(OSTYPE)_$(ARCHTYPE)' \ + --output $@ + @chmod +x $@ + +#### +## Helm CLI +#### + +HELM_BIN := $(BIN_DIR)/helm +HELM_VERSION := 3.13.1 + +bin/helm: bin/helm-$(HELM_VERSION) + @ln -sf $(notdir $<) $@ + +bin/helm-$(HELM_VERSION): | $(BIN_DIR) + @curl -sSfL 'https://get.helm.sh/helm-v$(HELM_VERSION)-$(OSTYPE)-$(ARCHTYPE).tar.gz' --output - \ + | tar xzvOf - '$(OSTYPE)-$(ARCHTYPE)/helm' > $@ + @chmod +x $@ + +#### +## helm-docs CLI +#### + +HELMDOCS_BIN := $(BIN_DIR)/helm-docs +HELMDOCS_VERSION := 1.11.3 +HELMDOCS_OSTYPE := $(OSTYPE) +HELMDOCS_ARCH := $(ARCHTYPE) + +ifeq ($(HELMDOCS_OSTYPE),darwin) + HELMDOCS_OSTYPE = Darwin +endif +ifeq ($(HELMDOCS_OSTYPE),linux) + HELMDOCS_OSTYPE = Linux +endif +ifeq ($(HELMDOCS_ARCH),amd64) + HELMDOCS_ARCH = x86_64 +endif + +bin/helm-docs: bin/helm-docs-$(HELMDOCS_VERSION) + @ln -sf $(notdir $<) $@ + +bin/helm-docs-$(HELMDOCS_VERSION): | $(BIN_DIR) + @curl -sSfL 'https://github.com/norwoodj/helm-docs/releases/download/v$(HELMDOCS_VERSION)/helm-docs_$(HELMDOCS_VERSION)_$(HELMDOCS_OSTYPE)_$(HELMDOCS_ARCH).tar.gz' --output - \ + | tar xzvOf - 'helm-docs' > $@ + @chmod +x $@ + +#### +## git-cliff CLI +#### + +GITCLIFF_BIN := $(BIN_DIR)/git-cliff +GITCLIFF_VERSION := 1.4.0 +GITCLIFF_OSTYPE := $(OSTYPE) +GITCLIFF_ARCH := $(ARCHTYPE) +GITCLIFF_URL = + +ifeq ($(GITCLIFF_OSTYPE),darwin) + GITCLIFF_OSTYPE = apple-darwin +endif +ifeq ($(GITCLIFF_OSTYPE),linux) + GITCLIFF_OSTYPE = unknown-linux-gnu +endif +ifeq ($(GITCLIFF_ARCH),amd64) + GITCLIFF_ARCH = x86_64 +endif +ifeq ($(GITCLIFF_ARCH),arm64) + GITCLIFF_ARCH = aarch64 +endif + +bin/git-cliff: bin/git-cliff-$(GITCLIFF_VERSION) + @ln -sf $(notdir $<) $@ + +bin/git-cliff-$(GITCLIFF_VERSION): | $(BIN_DIR) + @curl -sSfL 'https://github.com/orhun/git-cliff/releases/download/v$(GITCLIFF_VERSION)/git-cliff-$(GITCLIFF_VERSION)-$(GITCLIFF_ARCH)-$(GITCLIFF_OSTYPE).tar.gz' --output - \ + | tar xzvOf - 'git-cliff-$(GITCLIFF_VERSION)/git-cliff' > $@ + @chmod +x $@ + +#### +## typos CLI +#### + +TYPOS_BIN := $(BIN_DIR)/typos +TYPOS_VERSION := 1.4.0 +TYPOS_OSTYPE := $(OSTYPE) +TYPOS_ARCH := $(ARCHTYPE) +TYPOS_URL = + +ifeq ($(TYPOS_OSTYPE),darwin) + TYPOS_OSTYPE = apple-darwin +endif +ifeq ($(TYPOS_OSTYPE),linux) + TYPOS_OSTYPE = unknown-linux-gnu +endif +ifeq ($(TYPOS_ARCH),amd64) + TYPOS_ARCH = x86_64 +endif +ifeq ($(TYPOS_ARCH),arm64) + TYPOS_ARCH = aarch64 +endif + +bin/typos: bin/typos-$(TYPOS_VERSION) + @ln -sf $(notdir $<) $@ + +bin/typos-$(TYPOS_VERSION): | $(BIN_DIR) + @curl -sSfL 'https://github.com/crate-ci/typos/releases/download/v$(TYPOS_VERSION)/typos-v$(TYPOS_VERSION)-$(TYPOS_ARCH)-$(TYPOS_OSTYPE).tar.gz' --output - \ + | tar xzvOf - './typos' > $@ + @chmod +x $@