-
Notifications
You must be signed in to change notification settings - Fork 6
/
Makefile
94 lines (72 loc) · 3.53 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
APP_NAME=acme-apptemplatego
DOMAIN_SUFFIX=.service.d-velop.cloud
BUILD_VERSION=rev.$(shell git rev-parse --short HEAD).date.$(shell date '+%d-%m-%Y-%H.%M.%S')
all: build
generate:
go generate -tags release ./...
clean:
rm -rf ./dist
rm -rf ./terraform/.terraform
init:
mkdir -p ./dist/test-reports
test: init
go test ./... -v | tee ./dist/test-reports/testresult.txt && go-junit-report -set-exit-code < ./dist/test-reports/testresult.txt > ./dist/test-reports/testresult.xml
build: clean build-app build-lambda
build-app: generate test
GOOS=windows GOARCH=amd64 go build -tags release -o ./dist/$(APP_NAME)app.exe ./cmd/app/
build-lambda: generate test
GOOS=linux GOARCH=arm64 go build -tags="release lambda.norpc" -o ./dist/bootstrap ./src/cmd/lambda/ &&\
cd ./dist && touch -t $(date +%Y)01010000 bootstrap && zip -X -j lambda.zip bootstrap && # for reproducible zip file cf. https://content.pivotal.io/blog/barriers-to-deterministic-reproducible-zip-files\
cd ..
tf-bucket:
$(eval BUCKET_NAME=$(APP_NAME)-terraform)
@aws s3api get-bucket-location --bucket $(BUCKET_NAME) > /dev/null 2>&1; \
if [ "$$?" -ne "0" ]; \
then \
echo Create terraform state bucket \"$(BUCKET_NAME)\"...; \
aws s3api create-bucket --bucket $(BUCKET_NAME) --acl private --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1 &&\
aws s3api put-bucket-versioning --bucket $(BUCKET_NAME) --versioning-configuration Status=Enabled &&\
aws s3api put-public-access-block --bucket $(BUCKET_NAME) --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true; \
fi
tf-init: tf-bucket
cd ./terraform && \
terraform init -input=false -plugin-dir=/usr/local/lib/custom-terraform-plugins
tf-upgrade:
#Use this function if the .terraform.lock.hcl does not match the driver version
#cd ./terraform && \
#terraform init -upgrade
plan: tf-init build-lambda asset_hash
$(eval PLAN=$(shell mktemp))
cd ./terraform && \
terraform plan -input=false \
-var 'signature_secret="$(SIGNATURE_SECRET)"' \
-var 'build_version="$(BUILD_VERSION)"' \
-var 'appname="$(APP_NAME)"' \
-var 'domainsuffix="$(DOMAIN_SUFFIX)"' \
-var 'asset_hash="$(ASSET_HASH)"' \
-out=$(PLAN)
apply: plan
cd ./terraform && \
terraform apply -input=false -auto-approve=true $(PLAN)
deploy-assets: asset_hash apply
# best practice for immutable content: cache 1 year (vgl https://jakearchibald.com/2016/caching-best-practices/)
aws s3 sync ./web s3://$(APP_NAME)-assets/$(ASSET_HASH) --exclude "*.html" --cache-control max-age=31536000
asset_hash:
$(eval ASSET_HASH=$(shell find web -type f ! -path "*.html" -exec md5sum {} \; | sort -k 2 | md5sum | tr -d " -"))
deploy: apply deploy-assets
show: tf-init
cd ./terraform && \
terraform show
rename:
if [ -z $${NAME} ]; then echo "NAME is not set. Usage: rename NAME=NEW_APP_NAME"; exit 1; fi
@echo Rename App to $(NAME) ...
find . -name "docker-build.*" -or -name "Makefile" -or -name "*.tf" -or -name "*.go" | while read f; do \
echo "Processing file '$$f'"; \
sed -i 's/$(APP_NAME)/$(NAME)/g' $$f; \
done
destroy: tf-init
echo "destroy is disabled. Uncomment in Makefile to enable destroy."
#cd ./terraform && \
#terraform destroy -var 'signature_secret="$SIGNATURE_SECRET"' -var 'build_version="$build_version"' -var 'appname="$(APP_NAME)"' -var 'domainsuffix="$(DOMAIN_SUFFIX)"' -input=false -force
dns:
cd ./terraform && terraform output -json | jq "{Domain: .domain.value, Nameserver: .nameserver.value}" > ../dist/dns-entry.json