diff --git a/Makefile b/Makefile index 5611f9aa..5a08a62d 100644 --- a/Makefile +++ b/Makefile @@ -1,33 +1,42 @@ .PHONY: help all bin controller node test image limage ubi openshift push clean +VENDOR := seagate +GITHUB_ORG := Seagate +# Project name, without vendor +NAME := exos-x-csi +# Project name, including vendor +PROJECT := $(VENDOR)-$(NAME) +GITHUB_URL := github.com/$(GITHUB_ORG)/$(PROJECT) +NAMESPACE := $(VENDOR) + ifdef DOCKER_HUB_REPOSITORY DOCKER_HUB_REPOSITORY := $(DOCKER_HUB_REPOSITORY) else DOCKER_HUB_REPOSITORY := ghcr.io/seagate endif +# Note: the version number takes the form "v1.2.3" when used as a repository tag, but +# appears as "1.2.3" in other contexts such as the Helm chart. ifdef VERSION VERSION := $(VERSION) else -VERSION := v1.5.7 +VERSION := v1.5.9 endif - -VERSION_FLAG = -X github.com/Seagate/seagate-exos-x-csi/pkg/common.Version=$(VERSION) +HELM_VERSION := $(subst v,,$(VERSION)) +VERSION_FLAG = -X $(GITHUB_URL)/pkg/common.Version=$(VERSION) ifndef BIN - BIN = seagate-exos-x-csi + BIN = $(PROJECT) endif -HELM_VERSION := 1.0.1 +# $HELM_KEY must be the name of a secret key in the invoker's default keyring if package is to be signed HELM_KEY := css-host-software -HELM_IMAGE_REPO := $(DOCKER_HUB_REPOSITORY)/$(BIN) -# $HELM_KEY should be the name of a secret key in the invoker's default keyring ifneq (,$(HELM_KEY)) HELM_KEYRING := ~/.gnupg/secring.gpg HELM_SIGN := --sign --key $(HELM_KEY) --keyring $(HELM_KEYRING) endif HELM_PACKAGE := $(BIN)-$(HELM_VERSION).tgz - +HELM_IMAGE_REPO := $(DOCKER_HUB_REPOSITORY)/$(BIN) IMAGE = $(DOCKER_HUB_REPOSITORY)/$(BIN):$(VERSION) help: @@ -83,6 +92,19 @@ ubi: @echo "[] ubi" docker build -f Dockerfile.ubi -t $(IMAGE) --build-arg version="$(VERSION)" --build-arg vcs_ref="$(shell git rev-parse HEAD)" --build-arg build_date="$(shell date --rfc-3339=seconds)" . + +push: + @echo "" + @echo "[] push" + docker push $(IMAGE) + +clean: + @echo "" + @echo "[] clean" + rm -vf $(BIN)-controller $(BIN)-node *.zip *.tgz *.prov helm/$(BIN)-$(HELM_VERSION)* + +######################## Openshift certification stuff ######################## + openshift: @echo "" @echo "[] openshift" @@ -114,30 +136,36 @@ build-preflight: (cd ..; git clone https://github.com/redhat-openshift-ecosystem/openshift-preflight.git) cd ../openshift-preflight && make build -push: - @echo "" - @echo "[] push" - docker push $(IMAGE) - -clean: - @echo "" - @echo "[] clean" - rm -vf $(BIN)-controller $(BIN)-node *.zip *.tgz *.prov helm/$(BIN)-$(HELM_VERSION)* +######################## Helm package creation ######################## # Create a helm package that can be installed from a remote HTTPS URL with, e.g. -# helm install seagate-csi https:////seagate-exos-x-csi-1.0.0.tgz +# helm install exos-x-csi https:////seagate-exos-x-csi-1.0.0.tgz helm-package: $(HELM_PACKAGE) +# Update version numbers in the Helm chart. If yq is not installed, try "go install github.com/mikefarah/yq/v4@latest" +update-chart: $(MAKEFILE) + yq -i '.image.tag="$(VERSION)" | .image.repository="$(HELM_IMAGE_REPO)"' helm/csi-charts/values.yaml + +# Make a helm package. If yq is installed, the chart will be updated to reflect version $(VERSION) # To create a package without signing it, specify "make helm-package HELM_KEY=" # Note that helm doesn't support GPG v2.1 kbx files; if signing fails, try: # gpg --export-secret-keys > ~/.gnupg/secring.gpg $(HELM_PACKAGE): - cd helm; helm package $(HELM_SIGN) \ - --set image.tag=$(VERSION) --set image.repository=$(HELM_IMAGE_REPO) \ - $$PWD/csi-charts + echo HELM_PACKAGE:=$@ + ( which yq >/dev/null && $(MAKE) update-chart ) || true + cd helm; helm package --app-version "$(HELM_VERSION)" --version "$(HELM_VERSION)" $(HELM_SIGN) $$PWD/csi-charts cp -p helm/$@* . -ifdef HELM_KEYRING - helm verify --keyring $(HELM_KEYRING) $@ - zip -r $(subst .tgz,-signed-helm-package.zip,$@) $@ $@.prov -endif + +# Verify a signed package create a zip file containing the package and its provenance file +signed-helm-package: $(HELM_PACKAGE) + helm verify --keyring $(HELM_KEYRING) $< + zip -r $(subst .tgz,-signed-helm-package.zip,$<) $< $<.prov + +# This will allow the package to be installed directly from Github, with the command: +# helm install -n $(NAMESPACE) exos-x-csi https://$(GITHUB_URL)/releases/download/$(VERSION)/$(PROJECT)-$(HELM_VERSION).tgz +helm-upload: $(HELM_PACKAGE) + gh release upload $(VERSION) '$^#Helm Package' -R $(GITHUB_ORG)/$(PROJECT) + @echo Install package with: + @echo ' ' helm install -n $(NAMESPACE) $(NAME) https://$(GITHUB_URL)/releases/download/$(VERSION)/$(PROJECT)-$(HELM_VERSION).tgz +