-
Notifications
You must be signed in to change notification settings - Fork 1.4k
/
Copy pathMakefile
221 lines (186 loc) · 8.71 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
include ../metadata.mk
PACKAGE_NAME = github.com/projectcalico/calico/libcalico-go
LOCAL_CHECKS = check-gen-files
KIND_CONFIG = $(KIND_DIR)/kind-single.config
NETPOL_TAG = v0.1.5
NETPOL_CRD_URL = https://raw.githubusercontent.com/kubernetes-sigs/network-policy-api/refs/tags/$(NETPOL_TAG)/config/crd/experimental
NETPOL_ANP_CRD = policy.networking.k8s.io_adminnetworkpolicies.yaml
NETPOL_BANP_CRD = policy.networking.k8s.io_baselineadminnetworkpolicies.yaml
###############################################################################
# Download and include ../lib.Makefile
# Additions to EXTRA_DOCKER_ARGS need to happen before the include since
# that variable is evaluated when we declare DOCKER_RUN and siblings.
###############################################################################
include ../lib.Makefile
###############################################################################
BINDIR?=bin
# Create a list of files upon which the generated file depends, skip the generated file itself
UPGRADE_SRCS := $(filter-out ./lib/upgrade/migrator/clients/v1/k8s/custom/zz_generated.deepcopy.go, \
$(wildcard ./lib/upgrade/migrator/clients/v1/k8s/custom/*.go))
# Create a list of files upon which the generated file depends, skip the generated file itself
APIS_SRCS := $(filter-out ./lib/apis/v3/zz_generated.deepcopy.go, $(wildcard ./lib/apis/v3/*.go))
.PHONY: clean
clean:
rm -rf $(BINDIR) checkouts
find . -name '*.coverprofile' -type f -delete
###############################################################################
# Building the binary
###############################################################################
GENERATED_FILES:=./lib/apis/v3/zz_generated.deepcopy.go \
./lib/upgrade/migrator/clients/v1/k8s/custom/zz_generated.deepcopy.go \
./lib/apis/v3/generated.openapi.go \
./lib/apis/v1/generated.openapi.go \
./lib/selector/tokenizer/kind_string.go
.PHONY: gen-files
## Force rebuild generated go utilities (e.g. deepcopy-gen) and generated files
gen-files: gen-crds
rm -rf $(GENERATED_FILES)
$(MAKE) $(GENERATED_FILES)
$(MAKE) fix-changed
## Force a rebuild of custom resource definition yamls
gen-crds:
rm -rf config/crd
$(DOCKER_GO_BUILD) sh -c '$(GIT_CONFIG_SSH) controller-gen crd:allowDangerousTypes=true,crdVersions=v1,deprecatedV1beta1CompatibilityPreserveUnknownFields=false paths=./lib/apis/... output:crd:dir=config/crd/'
# Cleanup
rm -f config/crd/_.yaml
rm -f config/crd/_nodes.yaml
# Patch in manual tweaks to the generated CRDs.
patch -p2 < patches/0001-Add-nullable-to-IPAM-block-allocations-field.patch
# Remove the first yaml separator line.
$(DOCKER_GO_BUILD) sh -c 'find ./config/crd -name "*.yaml" | xargs sed -i 1d'
# Add K8S AdminNetworkPolicy CRD
curl -sSfL --retry 3 $(NETPOL_CRD_URL)/$(NETPOL_ANP_CRD) -o ./config/crd/$(NETPOL_ANP_CRD)
curl -sSfL --retry 3 $(NETPOL_CRD_URL)/$(NETPOL_BANP_CRD) -o ./config/crd/$(NETPOL_BANP_CRD)
./lib/upgrade/migrator/clients/v1/k8s/custom/zz_generated.deepcopy.go: $(UPGRADE_SRCS)
$(DOCKER_GO_BUILD) sh -c 'deepcopy-gen \
--v 1 --logtostderr \
--go-header-file "./docs/boilerplate.go.txt" \
--bounding-dirs "github.com/projectcalico/calico/libcalico-go" \
--output-file zz_generated.deepcopy.go \
"$(PACKAGE_NAME)/lib/upgrade/migrator/clients/v1/k8s/custom"'
./lib/apis/v3/zz_generated.deepcopy.go: $(APIS_SRCS)
$(DOCKER_GO_BUILD) sh -c 'deepcopy-gen \
--v 1 --logtostderr \
--go-header-file "./docs/boilerplate.go.txt" \
--bounding-dirs "github.com/projectcalico/calico/libcalico-go" \
--output-file zz_generated.deepcopy.go \
"$(PACKAGE_NAME)/lib/apis/v3"'
# Generate OpenAPI spec
./lib/apis/v3/generated.openapi.go: $(APIS_SRCS)
$(DOCKER_GO_BUILD) \
sh -c 'openapi-gen \
--v 1 --logtostderr \
--go-header-file "./docs/boilerplate.go.txt" \
--output-dir "./lib/apis/v3" \
--output-pkg "$(PACKAGE_NAME)/lib/apis/v3" \
"$(PACKAGE_NAME)/lib/apis/v3" \
"$(PACKAGE_NAME)/lib/apis/v1"'
$(DOCKER_GO_BUILD) \
sh -c 'openapi-gen \
--v 1 --logtostderr \
--go-header-file "./docs/boilerplate.go.txt" \
--output-dir "./lib/apis/v1" \
--output-pkg "$(PACKAGE_NAME)/lib/apis/v1" \
"$(PACKAGE_NAME)/lib/apis/v1"'
./lib/selector/tokenizer/kind_string.go: ./lib/selector/tokenizer/tokenizer.go
$(DOCKER_GO_BUILD) go generate ./lib/selector/tokenizer
###############################################################################
# Static checks
###############################################################################
# TODO: re-enable all linters
LINT_ARGS += --disable gosimple,unused,errcheck,ineffassign,staticcheck
.PHONY: check-gen-files
check-gen-files: $(GENERATED_FILES) fix-changed gen-crds
git diff --exit-code -- $(GENERATED_FILES) || (echo "The generated targets changed, please 'make gen-files' and commit the results"; exit 1)
@if [ "$$(git status --porcelain config/crd)" != "" ]; then \
echo "The following CRD file updates to be added"; git status --porcelain config/crd; exit 1; fi
.PHONY: check-format
check-format:
@if $(DOCKER_GO_BUILD) goimports -l lib | grep -v zz_generated | grep .; then \
echo "Some files in ./lib are not goimported"; \
false ;\
else \
echo "All files in ./lib are goimported"; \
fi
###############################################################################
# Tests
###############################################################################
.PHONY: ut-cover
## Run the UTs natively with code coverage. This requires a local etcd and local kubernetes master to be running.
ut-cover:
./run-uts
WHAT?=.
GINKGO_FOCUS?=.*
.PHONY:ut
## Run the fast set of unit tests in a container.
ut:
$(DOCKER_RUN) --privileged $(CALICO_BUILD) \
sh -c 'cd /go/src/$(PACKAGE_NAME) && ginkgo -r -skip "\[Datastore\]" -focus="$(GINKGO_FOCUS)" $(WHAT)'
.PHONY:fv
## Run functional tests against a real datastore in a container.
fv: fv-setup
$(DOCKER_RUN) --privileged \
-e KUBECONFIG=/kubeconfig.yaml \
-v $(KIND_KUBECONFIG):/kubeconfig.yaml \
--dns $(shell docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' coredns) \
$(CALICO_BUILD) sh -c 'cd /go/src/$(PACKAGE_NAME) && ginkgo -r -focus "$(GINKGO_FOCUS).*\[Datastore\]|\[Datastore\].*$(GINKGO_FOCUS)" $(WHAT)'
$(MAKE) fv-teardown
## Run the setup required to run the FVs, but don't run any FVs.
.PHONY:fv-setup
fv-setup: run-etcd run-etcd-tls cluster-create run-coredns
## Teardown the FVs resources.
fv-teardown: stop-etcd stop-etcd-tls kind-cluster-destroy stop-coredns
## Run the FVs without any setup or teardown. Useful when writing FVs.
.PHONY:fv-fast
fv-fast:
$(DOCKER_RUN) --privileged \
-e KUBECONFIG=/kubeconfig.yaml \
-v $(KIND_KUBECONFIG):/kubeconfig.yaml \
--dns $(shell docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' coredns) \
$(CALICO_BUILD) sh -c 'cd /go/src/$(PACKAGE_NAME) && ginkgo -r -focus "$(GINKGO_FOCUS).*\[Datastore\]|\[Datastore\].*$(GINKGO_FOCUS)" $(WHAT)'
# Create a kind cluster, and deploy some resources required for the libcalico-go tests.
# TODO: Remove the need for this extra target, these should be created by the tests that need them.
cluster-create: kind-cluster-create
@KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) apply -f test/mock-node.yaml
@KUBECONFIG=$(KIND_KUBECONFIG) $(KUBECTL) apply -f test/namespaces.yaml
## Run an etcd with TLS enabled, needed for some libcalico-go UTs.
run-etcd-tls: stop-etcd-tls
# TODO: We shouldn't need to enable the v2 API, but some of our test code
# still relies on it.
docker run --detach \
-v $(CURDIR)/test/etcd-ut-certs:/root/etcd-certificates/ \
--net=host \
--entrypoint=/usr/local/bin/etcd \
--name calico-etcd-tls $(ETCD_IMAGE) \
--listen-peer-urls https://127.0.0.1:5008 \
--peer-cert-file=/root/etcd-certificates/server.crt \
--peer-key-file=/root/etcd-certificates/server.key \
--advertise-client-urls https://127.0.0.1:5007 \
--listen-client-urls https://0.0.0.0:5007 \
--trusted-ca-file=/root/etcd-certificates/ca.crt \
--cert-file=/root/etcd-certificates/server.crt \
--key-file=/root/etcd-certificates/server.key \
--client-cert-auth=true \
--enable-v2 \
--data-dir=/var/lib/etcd
## Stop etcd with name calico-etcd-tls
stop-etcd-tls:
-docker rm -f calico-etcd-tls
run-coredns: stop-coredns
docker run \
--detach \
--name coredns \
--rm \
-v $(shell pwd)/test/coredns:/etc/coredns \
-w /etc/coredns \
coredns/coredns:$(COREDNS_VERSION)
stop-coredns:
-docker rm -f coredns
st:
@echo "No STs available"
###############################################################################
# CI
###############################################################################
.PHONY: ci
## Run what CI runs
ci: clean static-checks test