-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathMakefile
More file actions
82 lines (67 loc) · 2.79 KB
/
Makefile
File metadata and controls
82 lines (67 loc) · 2.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
.PHONY: default
default: precommit
.PHONY: precommit
precommit: ensure format generate test check addlicense
@echo "ready to commit"
.PHONY: ensure
ensure:
go mod tidy -e
go mod verify
rm -rf vendor
.PHONY: format
format:
find . -type f -name 'go.mod' -not -path './vendor/*' -exec go run -mod=mod github.com/shoenig/go-modtool -w fmt "{}" \;
find . -type f -name '*.go' -not -path './vendor/*' -exec gofmt -w "{}" +
go run -mod=mod github.com/incu6us/goimports-reviser/v3 -project-name github.com/bborbe/errors -format -excludes vendor ./...
find . -type d -name vendor -prune -o -type f -name '*.go' -print0 | xargs -0 -n 10 go run -mod=mod github.com/segmentio/golines --max-len=100 -w
.PHONY: generate
generate:
rm -rf mocks avro
mkdir -p mocks
echo "package mocks" > mocks/mocks.go
go generate -mod=mod ./...
.PHONY: test
test:
# -race
go test -mod=mod -p=$${GO_TEST_PARALLEL:-1} -cover $(shell go list -mod=mod ./... | grep -v /vendor/)
.PHONY: check
check: lint vet errcheck vulncheck osv-scanner gosec trivy
.PHONY: lint
lint:
go run -mod=mod github.com/golangci/golangci-lint/v2/cmd/golangci-lint run --allow-parallel-runners --config .golangci.yml ./...
.PHONY: vet
vet:
go vet -mod=mod $(shell go list -mod=mod ./... | grep -v /vendor/)
.PHONY: errcheck
errcheck:
go run -mod=mod github.com/kisielk/errcheck -ignore '(Close|Write|Fprint)' $(shell go list -mod=mod ./... | grep -v /vendor/ | grep -v k8s/client)
.PHONY: vulncheck
vulncheck:
@go run -mod=mod golang.org/x/vuln/cmd/govulncheck -format json $(shell go list -mod=mod ./... | grep -v /vendor/) 2>&1 | \
jq -e 'select(.finding != null and .finding.osv != "GO-2026-4923" and .finding.osv != "GO-2026-4514" and .finding.osv != "GO-2022-0470" and .finding.osv != "GO-2026-4772" and .finding.osv != "GO-2026-4771")' > /dev/null 2>&1 && \
{ echo "Unexpected vulnerabilities found"; go run -mod=mod golang.org/x/vuln/cmd/govulncheck $(shell go list -mod=mod ./... | grep -v /vendor/); exit 1; } || \
echo "No unignored vulnerabilities found"
.PHONY: osv-scanner
osv-scanner:
@if [ -f .osv-scanner.toml ]; then \
echo "Using .osv-scanner.toml"; \
go run -mod=mod github.com/google/osv-scanner/v2/cmd/osv-scanner --config .osv-scanner.toml --recursive .; \
else \
echo "No config found, running default scan"; \
go run -mod=mod github.com/google/osv-scanner/v2/cmd/osv-scanner --recursive .; \
fi
.PHONY: gosec
gosec:
go run -mod=mod github.com/securego/gosec/v2/cmd/gosec -exclude=G104 ./...
.PHONY: trivy
trivy:
trivy fs \
--db-repository ghcr.io/aquasecurity/trivy-db \
--scanners vuln,secret \
--quiet \
--no-progress \
--disable-telemetry \
--exit-code 1 .
.PHONY: addlicense
addlicense:
go run -mod=mod github.com/google/addlicense -c "Benjamin Borbe" -y $$(date +'%Y') -l bsd $$(find . -name "*.go" -not -path './vendor/*')