Skip to content

Commit

Permalink
refactor: general codebase improvements (#2888)
Browse files Browse the repository at this point in the history 
* refactor: general codebase improvements

Signed-off-by: Bence Csati <[email protected]>

* chore: code review

Signed-off-by: Bence Csati <[email protected]>

* chore: remove obsolete build tag

Signed-off-by: Bence Csati <[email protected]>

---------

Signed-off-by: Bence Csati <[email protected]>
  • Loading branch information
@csatib02
csatib02 authored Aug 9, 2024
1 parent b267ed3 commit 3473e4c
Show file tree
Hide file tree
Showing 32 changed files with 279 additions and 388 deletions.
85 changes: 33 additions & 52 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,39 @@ jobs:
- name: Build
run: nix develop --impure .#ci -c make build

test:
name: Test
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Set up Nix
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7

- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Prepare Nix shell
run: nix develop --impure .#ci

- name: Test
run: nix develop --impure .#ci -c make test

lint:
name: Lint
runs-on: ubuntu-latest
Expand Down Expand Up @@ -175,58 +208,6 @@ jobs:
- name: Dependency Review
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4

checks:
name: Checks
runs-on: ubuntu-latest

services:
vault:
image: hashicorp/vault:1.14.1
env:
SKIP_SETCAP: true
VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
ports:
- 8200:8200

steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Set up Nix
uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@b46e247b898aa56e6d2d2e728dc6df6c84fdb738 # v7

- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Setup test dependencies
run: |
sudo apt install opensc softhsm
sudo mkdir -p /var/lib/softhsm/tokens/
sudo softhsm2-util --init-token --free --label bank-vaults --so-pin banzai --pin banzai
sudo pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --keypairgen --key-type rsa:2048 --pin banzai --token-label bank-vaults --label bank-vaults
sudo chown -R runner:docker /etc/softhsm /var/lib/softhsm
- name: Prepare Nix shell
run: nix develop --impure .#ci

- name: Run verification
run: nix develop --impure .#ci -c make check
env:
VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf

e2e:
name: E2E tests
uses: ./.github/workflows/e2e.yaml
2 changes: 1 addition & 1 deletion .github/workflows/e2e.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:

services:
vault:
image: hashicorp/vault:1.14.1
image: hashicorp/vault:1.14.8
options: >-
--name=vault
--cap-add=IPC_LOCK
Expand Down
1 change: 0 additions & 1 deletion .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ linters-settings:
misspell:
locale: US
nolintlint:
allow-leading-space: false # require machine-readable nolint directives (with no leading space)
allow-unused: false # report any unused nolint directives
require-specific: false # don't require nolint directives to be specific about which linter is being skipped
revive:
Expand Down
1 change: 1 addition & 0 deletions ADOPTERS.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Adopters

This is a list of production adopters of Bank-Vaults (in alphabetical order):

- [Aspect](https://www.aspect.com) is using Bank-Vaults to provision and configure Vault for the Aspect Via® Cloud Contact Centre Platform.
- [Outshift](https://outshift.com) (by Cisco) is using Bank-Vaults to provision and configure Vault on Kubernetes and to inject secrets into applications.
- [Mintel](https://www.mintel.com) is using Bank-Vaults to provision and configure Vault to provide secrets to applications.
Expand Down
185 changes: 41 additions & 144 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,38 +1,7 @@
# A Self-Documenting Makefile: http://marmelab.com/blog/2016/02/29/auto-documented-makefile.html

OS = $(shell uname)
export PATH := $(abspath bin/):${PATH}

# Docker variables
DOCKER_TAG ?= ${VERSION}
DOCKER_BUILD_EXTRA_ARGS ?=
# Export HOST_NETWORK=1 if you want to build the docker images with host network (useful when using some VPNs)
ifeq (${HOST_NETWORK}, 1)
DOCKER_BUILD_EXTRA_ARGS += --network host
endif

# Project variables
PACKAGE = github.com/bank-vaults/bank-vaults
BINARY_NAME ?= bank-vaults
DOCKER_REGISTRY ?= ghcr.io/bank-vaults
DOCKER_IMAGE = ${DOCKER_REGISTRY}/bank-vaults
CONTAINER_IMAGE_REF = ghcr.io/bank-vaults/bank-vaults:dev

# Build variables
BUILD_DIR ?= build
BUILD_PACKAGE = ${PACKAGE}/cmd/...
VERSION ?= $(shell echo `git symbolic-ref -q --short HEAD || git describe --tags --exact-match` | tr '[/]' '-')
COMMIT_HASH ?= $(shell git rev-parse --short HEAD 2>/dev/null)
BUILD_DATE ?= $(shell date +%FT%T%z)
LDFLAGS += -X main.version=${VERSION} -X main.commitHash=${COMMIT_HASH} -X main.buildDate=${BUILD_DATE}
export CGO_ENABLED ?= 1
export GOOS = $(shell go env GOOS)
ifeq (${VERBOSE}, 1)
GOARGS += -v
endif

############################

##@ General

# Targets commented with ## will be visible in "make help" info.
Expand All @@ -43,155 +12,83 @@ default: help
help: ## Display this help
@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)

##@ Development

.PHONY: up
up: ## Start development environment
docker compose up -d

.PHONY: stop
stop: ## Stop development environment
docker compose stop

.PHONY: down
down: ## Destroy development environment
docker compose down -v

##@ Build

.PHONY: build
build: ## Build binary
@mkdir -p build
go build -race -o build/ ./cmd/bank-vaults

.PHONY: build-debug
build-debug: GOARGS += -gcflags "-N -l"
build-debug: BINARY_NAME := ${BINARY_NAME}-debug
build-debug: build ## Build binary in debug mode

.PHONY: build-docker
build-docker: ## Build binary using Docker
docker run -it -v $(PWD):/go/src/${PACKAGE} -w /go/src/${PACKAGE} golang:${GOLANG_VERSION}-alpine go build -o ${BINARY_NAME}_linux ${BUILD_PACKAGE}

.PHONY: docker
docker: ## Build a Docker image
docker build ${DOCKER_BUILD_EXTRA_ARGS} -t ${DOCKER_IMAGE}:${DOCKER_TAG} -f Dockerfile .
ifeq (${DOCKER_LATEST}, 1)
docker tag ${DOCKER_IMAGE}:${DOCKER_TAG} ${DOCKER_IMAGE}:latest
endif

.PHONY: docker-push
docker-push: ## Push a Docker image
docker push ${DOCKER_IMAGE}:${DOCKER_TAG}
ifeq (${DOCKER_LATEST}, 1)
docker push ${DOCKER_IMAGE}:latest
endif
.PHONY: container-image
container-image: ## Build container image
docker build .

.PHONY: binary-snapshot
binary-snapshot: ## Build binary snapshot
VERSION=v${GORELEASER_VERSION} ${GORELEASER_BIN} release --clean --skip=publish --snapshot

.PHONY: artifacts
artifacts: ## Build binary and Docker image
artifacts: binary-snapshot docker

.PHONY: clean
clean: ## Clear the working area and the project
rm -rf ${BUILD_DIR}/ bin/ vendor/
artifacts: container-image binary-snapshot
artifacts: ## Build artifacts

##@ Checks

.PHONY: check
check: lint test-integration ## Run tests and linters
check: test test-integration lint ## Run tests and linters

.PHONY: fmt
fmt: ## Format code
$(GOLANGCI_LINT_BIN) run --fix
.PHONY: test
test: ## Run tests
go test -race -v ./...

.PHONY: test-integration
test-integration: ## Run integration tests
go test -race -v -tags=integration ./...

.PHONY: lint
lint: lint-go lint-docker lint-yaml
lint: ## Run linters

.PHONY: lint-go
lint-go:
$(GOLANGCI_LINT_BIN) run $(if ${CI},--out-format github-actions,)
$(GOLANGCI_LINT_BIN) run $(if ${CI},--out-format colored-line-number,)

.PHONY: lint-docker
lint-docker:
$(HADOLINT_BIN) Dockerfile
hadolint Dockerfile

.PHONY: lint-yaml
lint-yaml:
$(YAMLLINT_BIN) $(if ${CI},-f github,) --no-warnings .
yamllint $(if ${CI},-f github,) --no-warnings .

.PHONY: fmt
fmt: ## Format code
$(GOLANGCI_LINT_BIN) run --fix

.PHONY: license-check
license-check: ## Run license check
$(LICENSEI_BIN) check
$(LICENSEI_BIN) header

##@ Tests

TEST_PKGS ?= ./...
TEST_REPORT_NAME ?= results.xml

# Dependency versions
GOTESTSUM_VERSION = 0.4.0
GOLANG_VERSION = 1.21.1

.PHONY: test
test: TEST_REPORT ?= main
test: TEST_FORMAT ?= short
test: SHELL = /bin/bash
test: bin/gotestsum ## Run tests
@mkdir -p ${BUILD_DIR}/test_results/${TEST_REPORT}
bin/gotestsum --no-summary=skipped --junitfile ${BUILD_DIR}/test_results/${TEST_REPORT}/${TEST_REPORT_NAME} --format ${TEST_FORMAT} -- $(filter-out -v,${GOARGS}) $(if ${TEST_PKGS},${TEST_PKGS},./...)

.PHONY: test-%
test-%: ## Run a specific test suite
@${MAKE} VERBOSE=0 GOTAGS=$* test

.PHONY: test-all
test-all: ## Run all tests
@${MAKE} GOARGS="${GOARGS} -run .\*" TEST_REPORT=all test

.PHONY: test-integration
test-integration: ## Run integration tests
@${MAKE} GOARGS="${GOARGS} -tags=integration" TEST_REPORT=integration test

bin/gotestsum: bin/gotestsum-${GOTESTSUM_VERSION}
@ln -sf gotestsum-${GOTESTSUM_VERSION} bin/gotestsum

bin/gotestsum-${GOTESTSUM_VERSION}:
@mkdir -p bin
curl -L https://github.com/gotestyourself/gotestsum/releases/download/v${GOTESTSUM_VERSION}/gotestsum_${GOTESTSUM_VERSION}_${OS}_amd64.tar.gz | tar -zOxf - gotestsum > ./bin/gotestsum-${GOTESTSUM_VERSION} && chmod +x ./bin/gotestsum-${GOTESTSUM_VERSION}

bin/jq: bin/jq-${JQ_VERSION}
@ln -sf jq-${JQ_VERSION} bin/jq

bin/jq-${JQ_VERSION}:
@mkdir -p bin
ifeq (${OS}, Darwin)
curl -L https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-osx-amd64 > ./bin/jq-${JQ_VERSION} && chmod +x ./bin/jq-${JQ_VERSION}
endif
ifeq (${OS}, Linux)
curl -L https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 > ./bin/jq-${JQ_VERSION} && chmod +x ./bin/jq-${JQ_VERSION}
endif

# Variable outputting/exporting rules
var-%: ; @echo $($*)
varexport-%: ; @echo $*=$($*)

##@ Release

release-%: ## Tag a new release
git tag -m 'Release $*' $*

@echo "Version updated to $*!"
@echo
@echo "To push the changes execute the following:"
@echo
@echo "git push; git push origin $*"

.PHONY: patch
patch: ## Tag a new patch version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1"."$$2"."$$3+1}')

.PHONY: minor
minor: ## Tag a new minor version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1"."$$2+1".0"}')

.PHONY: major
major: ## Tag a new major version
@${MAKE} release-$(shell git describe --abbrev=0 --tags | awk -F'[ .]' '{print $$1+1".0.0"}')

##@ Autogeneration

.PHONY: generate
generate: gen-docs
generate: ## Run generation jobs

.PHONY: gen-docs
gen-docs: ## Generate CLI documentation
@mkdir -p "build/docs"
Expand All @@ -203,9 +100,9 @@ deps: bin/golangci-lint bin/licensei bin/cosign bin/goreleaser
deps: ## Install dependencies

# Dependency versions
GOLANGCI_VERSION = 1.53.3
LICENSEI_VERSION = 0.8.0
COSIGN_VERSION = 2.2.2
GOLANGCI_VERSION = 1.59.1
LICENSEI_VERSION = 0.9.0
COSIGN_VERSION = 2.2.4
GORELEASER_VERSION = 2.0.0

# Dependency binaries
Expand Down
Loading

0 comments on commit 3473e4c

Please sign in to comment.