josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c11573eeeb7173d83194334ab37c879f6bcde5c2
Vetting/Makefile
T
josh 211abdf08f
CI / Lint + build + test (push) Successful in 1m41s
Details
Release / detect (push) Successful in 7s
Details
Release / build-live-image (push) Failing after 3m58s
Details
Release / bundle (push) Has been skipped
Details
feat(release): version live-image, skip rebuild+redownload when unchanged 
Splits the release workflow into three jobs (detect, build-live-image,
bundle) so the ~9 min mkosi build only runs when live-image/VERSION
bumps. The slim bundle (~30 MB: orchestrator + agent + deploy scripts
+ a live-image/VERSION pointer) rebuilds every push; the ~300 MB
vmlinuz+initrd.img are published separately under the immutable
live-image/<version>/ path. install.sh compares the pointer to
/var/lib/vetting/live/VERSION and fetches the files only on mismatch,
cutting repeat-install wall-clock from ~30 s + 300 MB to ~10 s + 0 MB
on the common no-live-image-change release.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 21:04:14 -04:00

90 lines
3.2 KiB
Makefile
Raw Blame History

.DEFAULT_GOAL := help
UNAME_S := $(shell uname -s 2>/dev/null || echo Windows)
GOOS_LINUX := GOOS=linux GOARCH=amd64
GIT_SHA := $(shell git rev-parse --short HEAD 2>/dev/null || echo dev)
LDFLAGS := -s -w -X vetting/internal/version.GitSHA=$(GIT_SHA)
.PHONY: help
help: ## Show targets
@awk 'BEGIN {FS = ":.*##"} /^[a-zA-Z_-]+:.*##/ {printf " %-20s %s\n", $$1, $$2}' $(MAKEFILE_LIST)
.PHONY: templ
templ: ## Generate templ .go files
templ generate
.PHONY: orchestrator
orchestrator: templ ## Build orchestrator for host OS
go build -ldflags="$(LDFLAGS)" -o bin/vetting$(if $(filter Windows%,$(UNAME_S)),.exe,) ./cmd/vetting
.PHONY: orchestrator-linux
orchestrator-linux: templ ## Cross-build orchestrator for linux-amd64
$(GOOS_LINUX) go build -ldflags="$(LDFLAGS)" -o bin/vetting-linux-amd64 ./cmd/vetting
.PHONY: agent
agent: ## Build agent for host OS (handy for unit testing only — real agent runs in the live image)
go build -ldflags="$(LDFLAGS)" -o bin/vetting-agent$(if $(filter Windows%,$(UNAME_S)),.exe,) ./cmd/vetting-agent
.PHONY: agent-linux
agent-linux: ## Cross-build agent for linux-amd64 (consumed by live-image build)
$(GOOS_LINUX) go build -ldflags="$(LDFLAGS)" -o bin/vetting-agent.linux-amd64 ./cmd/vetting-agent
.PHONY: tidy
tidy: ## go mod tidy
go mod tidy
.PHONY: fmt
fmt: ## go fmt
go fmt ./...
.PHONY: vet
vet: ## go vet
go vet ./...
.PHONY: test
test: templ ## Run tests
go test ./...
.PHONY: test-race
test-race: templ ## Run tests with the race detector
go test -race -count=1 ./...
.PHONY: e2e
e2e: ## Run the QEMU PXE E2E test (Linux, root, live image required)
sudo go test -tags=e2e -v ./test/e2e/...
.PHONY: live-image
live-image: agent-linux ## Build reproducible live image (requires Linux/WSL + mkosi)
ifneq ($(findstring Windows,$(UNAME_S))$(findstring MINGW,$(UNAME_S))$(findstring MSYS,$(UNAME_S)),)
@echo "ERROR: live-image must be built under Linux (use WSL: wsl make live-image)." && exit 1
endif
$(MAKE) -C live-image all
.PHONY: all
all: orchestrator agent ## Build everything buildable on host OS
.PHONY: run
run: orchestrator ## Build and run orchestrator with example config
./bin/vetting$(if $(filter Windows%,$(UNAME_S)),.exe,) --config deploy/vetting.example.yaml
.PHONY: install
install: orchestrator-linux agent-linux ## Run deploy/install.sh (must be run on the target LXC as root)
sudo ./deploy/install.sh --binary ./bin/vetting-linux-amd64 --agent-binary ./bin/vetting-agent.linux-amd64
.PHONY: release
release: orchestrator-linux agent-linux ## Build the slim release tarball (no live-image files — they're fetched on install)
@set -e; \
stamp=vetting-bundle; \
rm -rf build/$$stamp bin/$$stamp.tar.gz; \
mkdir -p build/$$stamp/bin build/$$stamp/live-image; \
cp bin/vetting-linux-amd64 bin/vetting-agent.linux-amd64 build/$$stamp/bin/; \
cp deploy/install.sh deploy/pxe-setup.sh deploy/vetting.service \
deploy/vetting.production.yaml deploy/ipxe-shas.txt build/$$stamp/; \
cp live-image/VERSION build/$$stamp/live-image/VERSION; \
echo $(GIT_SHA) > build/$$stamp/VERSION; \
tar -C build -czf bin/$$stamp.tar.gz $$stamp; \
echo "wrote bin/$$stamp.tar.gz ($$(du -h bin/$$stamp.tar.gz | cut -f1))"
.PHONY: clean
clean: ## Remove build artifacts
rm -rf bin out dist tmp build
Reference in New Issue View Git Blame Copy Permalink