1# Determine this makefile's path.
2# Be sure to place this BEFORE `include` directives, if any.
3THIS_FILE := $(lastword $(MAKEFILE_LIST))
4
5TEST?=$$($(GO_CMD) list ./... | grep -v /vendor/ | grep -v /integ)
6TEST_TIMEOUT?=45m
7EXTENDED_TEST_TIMEOUT=60m
8INTEG_TEST_TIMEOUT=120m
9VETARGS?=-asmdecl -atomic -bool -buildtags -copylocks -methods -nilfunc -printf -rangeloops -shift -structtags -unsafeptr
10EXTERNAL_TOOLS_CI=\
11	github.com/elazarl/go-bindata-assetfs/... \
12	github.com/hashicorp/go-bindata/... \
13	github.com/mitchellh/gox \
14	golang.org/x/tools/cmd/goimports
15EXTERNAL_TOOLS=\
16	github.com/client9/misspell/cmd/misspell
17GOFMT_FILES?=$$(find . -name '*.go' | grep -v pb.go | grep -v vendor)
18
19
20GO_VERSION_MIN=1.16.7
21GO_CMD?=go
22CGO_ENABLED?=0
23ifneq ($(FDB_ENABLED), )
24	CGO_ENABLED=1
25	BUILD_TAGS+=foundationdb
26endif
27
28default: dev
29
30# bin generates the releasable binaries for Vault
31bin: prep
32	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' sh -c "'$(CURDIR)/scripts/build.sh'"
33
34# dev creates binaries for testing Vault locally. These are put
35# into ./bin/ as well as $GOPATH/bin
36dev: prep
37	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
38dev-ui: assetcheck prep
39	@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
40dev-dynamic: prep
41	@CGO_ENABLED=1 BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
42
43# *-mem variants will enable memory profiling which will write snapshots of heap usage
44# to $TMP/vaultprof every 5 minutes. These can be analyzed using `$ go tool pprof <profile_file>`.
45# Note that any build can have profiling added via: `$ BUILD_TAGS=memprofiler make ...`
46dev-mem: BUILD_TAGS+=memprofiler
47dev-mem: dev
48dev-ui-mem: BUILD_TAGS+=memprofiler
49dev-ui-mem: assetcheck dev-ui
50dev-dynamic-mem: BUILD_TAGS+=memprofiler
51dev-dynamic-mem: dev-dynamic
52
53# Creates a Docker image by adding the compiled linux/amd64 binary found in ./bin.
54# The resulting image is tagged "vault:dev".
55docker-dev: prep
56	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile -t vault:dev .
57
58docker-dev-ui: prep
59	docker build --build-arg VERSION=$(GO_VERSION_MIN) --build-arg BUILD_TAGS="$(BUILD_TAGS)" -f scripts/docker/Dockerfile.ui -t vault:dev-ui .
60
61# test runs the unit tests and vets the code
62test: prep
63	@CGO_ENABLED=$(CGO_ENABLED) \
64	VAULT_ADDR= \
65	VAULT_TOKEN= \
66	VAULT_DEV_ROOT_TOKEN_ID= \
67	VAULT_ACC= \
68	$(GO_CMD) test -tags='$(BUILD_TAGS)' $(TEST) $(TESTARGS) -timeout=$(TEST_TIMEOUT) -parallel=20
69
70testcompile: prep
71	@for pkg in $(TEST) ; do \
72		$(GO_CMD) test -v -c -tags='$(BUILD_TAGS)' $$pkg -parallel=4 ; \
73	done
74
75# testacc runs acceptance tests
76testacc: prep
77	@if [ "$(TEST)" = "./..." ]; then \
78		echo "ERROR: Set TEST to a specific package"; \
79		exit 1; \
80	fi
81	VAULT_ACC=1 $(GO_CMD) test -tags='$(BUILD_TAGS)' $(TEST) -v $(TESTARGS) -timeout=$(EXTENDED_TEST_TIMEOUT)
82
83# testrace runs the race checker
84testrace: prep
85	@CGO_ENABLED=1 \
86	VAULT_ADDR= \
87	VAULT_TOKEN= \
88	VAULT_DEV_ROOT_TOKEN_ID= \
89	VAULT_ACC= \
90	$(GO_CMD) test -tags='$(BUILD_TAGS)' -race $(TEST) $(TESTARGS) -timeout=$(EXTENDED_TEST_TIMEOUT) -parallel=20
91
92cover:
93	./scripts/coverage.sh --html
94
95# vet runs the Go source code static analysis tool `vet` to find
96# any common errors.
97vet:
98	@$(GO_CMD) list -f '{{.Dir}}' ./... | grep -v /vendor/ \
99		| grep -v '.*github.com/hashicorp/vault$$' \
100		| xargs $(GO_CMD) vet ; if [ $$? -eq 1 ]; then \
101			echo ""; \
102			echo "Vet found suspicious constructs. Please check the reported constructs"; \
103			echo "and fix them if necessary before submitting the code for reviewal."; \
104		fi
105
106# lint runs vet plus a number of other checkers, it is more comprehensive, but louder
107lint:
108	@$(GO_CMD) list -f '{{.Dir}}' ./... | grep -v /vendor/ \
109		| xargs golangci-lint run; if [ $$? -eq 1 ]; then \
110			echo ""; \
111			echo "Lint found suspicious constructs. Please check the reported constructs"; \
112			echo "and fix them if necessary before submitting the code for reviewal."; \
113		fi
114# for ci jobs, runs lint against the changed packages in the commit
115ci-lint:
116	@golangci-lint run --deadline 10m --new-from-rev=HEAD~
117
118# prep runs `go generate` to build the dynamically generated
119# source files.
120prep: fmtcheck
121	@sh -c "'$(CURDIR)/scripts/goversioncheck.sh' '$(GO_VERSION_MIN)'"
122	@$(GO_CMD) generate $($(GO_CMD) list ./... | grep -v /vendor/)
123	@if [ -d .git/hooks ]; then cp .hooks/* .git/hooks/; fi
124
125# bootstrap the build by downloading additional tools needed to build
126ci-bootstrap:
127	@for tool in  $(EXTERNAL_TOOLS_CI) ; do \
128		echo "Installing/Updating $$tool" ; \
129		GO111MODULE=off $(GO_CMD) get -u $$tool; \
130	done
131
132# bootstrap the build by downloading additional tools that may be used by devs
133bootstrap: ci-bootstrap
134	go generate -tags tools tools/tools.go
135
136# Note: if you have plugins in GOPATH you can update all of them via something like:
137# for i in $(ls | grep vault-plugin-); do cd $i; git remote update; git reset --hard origin/master; dep ensure -update; git add .; git commit; git push; cd ..; done
138update-plugins:
139	grep vault-plugin- go.mod | cut -d ' ' -f 1 | while read -r P; do echo "Updating $P..."; go get -v "$P"; done
140
141static-assets-dir:
142	@mkdir -p ./pkg/web_ui
143
144static-assets: static-assets-dir
145	@echo "--> Generating static assets"
146	@go-bindata-assetfs -o bindata_assetfs.go -pkg http -prefix pkg -modtime 1480000000 -tags ui ./pkg/web_ui/...
147	@mv bindata_assetfs.go http
148	@$(MAKE) -f $(THIS_FILE) fmt
149
150test-ember:
151	@echo "--> Installing JavaScript assets"
152	@cd ui && yarn --ignore-optional
153	@echo "--> Running ember tests"
154	@cd ui && yarn run test:oss
155
156ember-ci-test: # Deprecated, to be removed soon.
157	@echo "ember-ci-test is deprecated in favour of test-ui-browserstack"
158	@exit 1
159
160check-vault-in-path:
161	@VAULT_BIN=$$(command -v vault) || { echo "vault command not found"; exit 1; }; \
162		[ -x "$$VAULT_BIN" ] || { echo "$$VAULT_BIN not executable"; exit 1; }; \
163		printf "Using Vault at %s:\n\$$ vault version\n%s\n" "$$VAULT_BIN" "$$(vault version)"
164
165check-browserstack-creds:
166	@[ -n "$$BROWSERSTACK_ACCESS_KEY" ] || { echo "BROWSERSTACK_ACCESS_KEY not set"; exit 1; }
167	@[ -n "$$BROWSERSTACK_USERNAME" ] || { echo "BROWSERSTACK_USERNAME not set"; exit 1; }
168
169test-ui-browserstack: check-vault-in-path check-browserstack-creds
170	@echo "--> Installing JavaScript assets"
171	@cd ui && yarn --ignore-optional
172	@echo "--> Running ember tests in Browserstack"
173	@cd ui && yarn run test:browserstack
174
175ember-dist:
176	@echo "--> Installing JavaScript assets"
177	@cd ui && yarn --ignore-optional
178	@cd ui && npm rebuild node-sass
179	@echo "--> Building Ember application"
180	@cd ui && yarn run build
181	@rm -rf ui/if-you-need-to-delete-this-open-an-issue-async-disk-cache
182
183ember-dist-dev:
184	@echo "--> Installing JavaScript assets"
185	@cd ui && yarn --ignore-optional
186	@cd ui && npm rebuild node-sass
187	@echo "--> Building Ember application"
188	@cd ui && yarn run build:dev
189
190static-dist: ember-dist static-assets
191static-dist-dev: ember-dist-dev static-assets
192
193proto:
194	protoc vault/*.proto --go_out=plugins=grpc,paths=source_relative:.
195	protoc vault/activity/activity_log.proto --go_out=plugins=grpc,paths=source_relative:.
196	protoc helper/storagepacker/types.proto --go_out=plugins=grpc,paths=source_relative:.
197	protoc helper/forwarding/types.proto --go_out=plugins=grpc,paths=source_relative:.
198	protoc sdk/logical/*.proto --go_out=plugins=grpc,paths=source_relative:.
199	protoc physical/raft/types.proto --go_out=plugins=grpc,paths=source_relative:.
200	protoc helper/identity/mfa/types.proto --go_out=plugins=grpc,paths=source_relative:.
201	protoc helper/identity/types.proto --go_out=plugins=grpc,paths=source_relative:.
202	protoc sdk/database/dbplugin/*.proto --go_out=plugins=grpc,paths=source_relative:.
203	protoc sdk/database/dbplugin/v5/proto/*.proto --go_out=plugins=grpc,paths=source_relative:.
204	protoc sdk/plugin/pb/*.proto --go_out=plugins=grpc,paths=source_relative:.
205	sed -i -e 's/Id/ID/' vault/request_forwarding_service.pb.go
206	sed -i -e 's/Idp/IDP/' -e 's/Url/URL/' -e 's/Id/ID/' -e 's/IDentity/Identity/' -e 's/EntityId/EntityID/' -e 's/Api/API/' -e 's/Qr/QR/' -e 's/Totp/TOTP/' -e 's/Mfa/MFA/' -e 's/Pingid/PingID/' -e 's/protobuf:"/sentinel:"" protobuf:"/' -e 's/namespaceId/namespaceID/' -e 's/Ttl/TTL/' -e 's/BoundCidrs/BoundCIDRs/' helper/identity/types.pb.go helper/identity/mfa/types.pb.go helper/storagepacker/types.pb.go sdk/plugin/pb/backend.pb.go sdk/logical/identity.pb.go vault/activity/activity_log.pb.go
207
208fmtcheck:
209	@true
210#@sh -c "'$(CURDIR)/scripts/gofmtcheck.sh'"
211
212fmt:
213	find . -name '*.go' | grep -v pb.go | grep -v vendor | xargs gofumpt -w
214
215assetcheck:
216	@echo "==> Checking compiled UI assets..."
217	@sh -c "'$(CURDIR)/scripts/assetcheck.sh'"
218
219spellcheck:
220	@echo "==> Spell checking website..."
221	@misspell -error -source=text website/source
222
223mysql-database-plugin:
224	@CGO_ENABLED=0 $(GO_CMD) build -o bin/mysql-database-plugin ./plugins/database/mysql/mysql-database-plugin
225
226mysql-legacy-database-plugin:
227	@CGO_ENABLED=0 $(GO_CMD) build -o bin/mysql-legacy-database-plugin ./plugins/database/mysql/mysql-legacy-database-plugin
228
229cassandra-database-plugin:
230	@CGO_ENABLED=0 $(GO_CMD) build -o bin/cassandra-database-plugin ./plugins/database/cassandra/cassandra-database-plugin
231
232influxdb-database-plugin:
233	@CGO_ENABLED=0 $(GO_CMD) build -o bin/influxdb-database-plugin ./plugins/database/influxdb/influxdb-database-plugin
234
235postgresql-database-plugin:
236	@CGO_ENABLED=0 $(GO_CMD) build -o bin/postgresql-database-plugin ./plugins/database/postgresql/postgresql-database-plugin
237
238mssql-database-plugin:
239	@CGO_ENABLED=0 $(GO_CMD) build -o bin/mssql-database-plugin ./plugins/database/mssql/mssql-database-plugin
240
241hana-database-plugin:
242	@CGO_ENABLED=0 $(GO_CMD) build -o bin/hana-database-plugin ./plugins/database/hana/hana-database-plugin
243
244mongodb-database-plugin:
245	@CGO_ENABLED=0 $(GO_CMD) build -o bin/mongodb-database-plugin ./plugins/database/mongodb/mongodb-database-plugin
246
247# Tell packagespec where to write its CircleCI config.
248PACKAGESPEC_CIRCLECI_CONFIG := .circleci/config/@build-release.yml
249
250# Tell packagespec to re-run 'make ci-config' whenever updating its own CI config.
251PACKAGESPEC_HOOK_POST_CI_CONFIG := $(MAKE) ci-config
252
253.PHONY: ci-config
254ci-config:
255	@$(MAKE) -C .circleci ci-config
256.PHONY: ci-verify
257ci-verify:
258	@$(MAKE) -C .circleci ci-verify
259
260.PHONY: bin default prep test vet bootstrap ci-bootstrap fmt fmtcheck mysql-database-plugin mysql-legacy-database-plugin cassandra-database-plugin influxdb-database-plugin postgresql-database-plugin mssql-database-plugin hana-database-plugin mongodb-database-plugin static-assets ember-dist ember-dist-dev static-dist static-dist-dev assetcheck check-vault-in-path check-browserstack-creds test-ui-browserstack packages build build-ci
261
262.NOTPARALLEL: ember-dist ember-dist-dev static-assets
263
264-include packagespec.mk
265