forked from deepfence/ThreatMapper
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakefile
204 lines (159 loc) · 7.46 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
PWD=$(shell pwd)
export ROOT_MAKEFILE_DIR=$(shell pwd)
export DEEPFENCE_AGENT_DIR=$(PWD)/deepfence_agent
export DEEPFENCE_ROUTER_DIR=$(PWD)/haproxy
export DEEPFENCE_FILE_SERVER_DIR=$(PWD)/deepfence_file_server
export DEEPFENCE_FRONTEND_DIR=$(PWD)/deepfence_frontend
export SECRET_SCANNER_DIR=$(DEEPFENCE_AGENT_DIR)/plugins/SecretScanner
export MALWARE_SCANNER_DIR=$(DEEPFENCE_AGENT_DIR)/plugins/YaraHunter/
export PACKAGE_SCANNER_DIR=$(DEEPFENCE_AGENT_DIR)/plugins/package-scanner
export COMPLIANCE_SCANNER_DIR=$(DEEPFENCE_AGENT_DIR)/plugins/compliance
export DEEPFENCE_CTL=$(PWD)/deepfence_ctl
export DEEPFENCED=$(PWD)/deepfence_bootstrapper
export IMAGE_REPOSITORY?=deepfenceio
export DF_IMG_TAG?=latest
export IS_DEV_BUILD?=false
export VERSION?="2.0.0"
default: bootstrap console_plugins agent console
.PHONY: console
console: redis postgres kafka-broker router server worker ui file-server graphdb
.PHONY: console_plugins
console_plugins: secretscanner malwarescanner packagescanner compliancescanner
.PHONY: bootstrap
bootstrap:
./bootstrap.sh
.PHONY: alpine_builder
alpine_builder:
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_builder_ce:$(DF_IMG_TAG) -f docker_builders/Dockerfile-alpine .
.PHONY: debian_builder
debian_builder:
docker build --build-arg DF_IMG_TAG=${DF_IMG_TAG} --build-arg IMAGE_REPOSITORY=${IMAGE_REPOSITORY} --tag=$(IMAGE_REPOSITORY)/deepfence_glibc_builder_ce:$(DF_IMG_TAG) -f docker_builders/Dockerfile-debian .
.PHONY: bootstrap-agent-plugins
bootstrap-agent-plugins:
(cd $(DEEPFENCE_AGENT_DIR)/plugins && make localinit)
(cd $(PACKAGE_SCANNER_DIR) && bash bootstrap.sh)
(cd $(SECRET_SCANNER_DIR) && bash bootstrap.sh)
(cd $(MALWARE_SCANNER_DIR) && bash bootstrap.sh)
.PHONY: agent
agent: debian_builder deepfenced console_plugins
(cd $(DEEPFENCE_AGENT_DIR) &&\
IMAGE_REPOSITORY="$(IMAGE_REPOSITORY)" DF_IMG_TAG="$(DF_IMG_TAG)" bash build.sh)
.PHONY: deepfenced
deepfenced: alpine_builder bootstrap bootstrap-agent-plugins
(cd $(DEEPFENCED) && make prepare)
cp $(DEEPFENCED)/deepfence_bootstrapper $(DEEPFENCE_AGENT_DIR)/deepfenced
.PHONY: redis
redis:
(cd deepfence_redis && docker build --tag=$(IMAGE_REPOSITORY)/deepfence_redis_ce:$(DF_IMG_TAG) .)
.PHONY: postgres
postgres:
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_postgres_ce:$(DF_IMG_TAG) -f deepfence_postgres/Dockerfile ./deepfence_postgres
.PHONY: kafka-broker
kafka-broker:
docker build -t $(IMAGE_REPOSITORY)/deepfence_kafka_broker_ce:$(DF_IMG_TAG) -f ./deepfence_kafka/kafka-broker-Dockerfile ./deepfence_kafka
.PHONY: router
router:
docker build --build-arg is_dev_build=$(IS_DEV_BUILD) -t $(IMAGE_REPOSITORY)/deepfence_router_ce:$(DF_IMG_TAG) $(DEEPFENCE_ROUTER_DIR)
.PHONY: file-server
file-server:
docker build -t $(IMAGE_REPOSITORY)/deepfence_file_server_ce:$(DF_IMG_TAG) $(DEEPFENCE_FILE_SERVER_DIR)
.PHONY: server
server: alpine_builder
(cd ./deepfence_server && make image)
.PHONY: worker
worker: alpine_builder
(cd ./deepfence_worker && make image)
.PHONY: graphdb
graphdb:
docker build -f ./deepfence_neo4j/Dockerfile --build-arg IMAGE_REPOSITORY=$(IMAGE_REPOSITORY) --build-arg DF_IMG_TAG=$(DF_IMG_TAG) -t $(IMAGE_REPOSITORY)/deepfence_neo4j_ce:$(DF_IMG_TAG) ./deepfence_neo4j
.PHONY: ui
ui:
git log --format="%h" -n 1 > $(DEEPFENCE_FRONTEND_DIR)/console_version.txt && \
echo $(VERSION) > $(DEEPFENCE_FRONTEND_DIR)/product_version.txt && \
docker run --rm --entrypoint=bash -v $(DEEPFENCE_FRONTEND_DIR):/app node:18-bullseye-slim -c "cd /app && corepack enable && corepack prepare [email protected] --activate && PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=true pnpm install --frozen-lockfile --prefer-offline && pnpm run build" && \
docker build -f $(DEEPFENCE_FRONTEND_DIR)/Dockerfile -t $(IMAGE_REPOSITORY)/deepfence_ui_ce:$(DF_IMG_TAG) $(DEEPFENCE_FRONTEND_DIR) && \
rm -rf $(DEEPFENCE_FRONTEND_DIR)/console_version.txt $(DEEPFENCE_FRONTEND_DIR)/product_version.txt
.PHONY: secretscanner
secretscanner: bootstrap-agent-plugins
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_secret_scanner_ce:$(DF_IMG_TAG) -f $(SECRET_SCANNER_DIR)/Dockerfile $(SECRET_SCANNER_DIR)
.PHONY: malwarescanner
malwarescanner: bootstrap-agent-plugins
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_malware_scanner_ce:$(DF_IMG_TAG) -f $(MALWARE_SCANNER_DIR)/Dockerfile $(MALWARE_SCANNER_DIR)
.PHONY: packagescanner
packagescanner: bootstrap-agent-plugins
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_package_scanner_ce:$(DF_IMG_TAG) -f $(PACKAGE_SCANNER_DIR)/Dockerfile $(PACKAGE_SCANNER_DIR)
.PHONY: compliancescanner
compliancescanner:
docker build --tag=$(IMAGE_REPOSITORY)/deepfence_compliance_scanner_ce:$(DF_IMG_TAG) -f $(COMPLIANCE_SCANNER_DIR)/Dockerfile $(COMPLIANCE_SCANNER_DIR)
.PHONY: openapi
openapi: server
docker run --rm \
--entrypoint=/usr/local/bin/deepfence_server \
-v $(PWD):/app $(IMAGE_REPOSITORY)/deepfence_server_ce:$(DF_IMG_TAG) \
--export-api-docs-path /app/openapi.yaml
rm -rf golang_deepfence_sdk/client/*
docker pull openapitools/openapi-generator-cli:latest
docker run --rm \
-v $(PWD):/local openapitools/openapi-generator-cli:latest generate \
-i /local/openapi.yaml \
-g go \
-o /local/golang_deepfence_sdk/client \
-p isGoSubmodule=true \
-p packageName=client \
--git-repo-id golang_deepfence_sdk \
--git-user-id deepfence
rm openapi.yaml
cd $(PWD)/golang_deepfence_sdk/client && rm -rf ./test && sed -i 's/go 1.18/go 1.20/g' go.mod && go mod tidy -v && cd -
.PHONY: cli
cli: bootstrap
(cd $(DEEPFENCE_CTL) && make clean && make all)
.PHONY: publish
publish: publish-redis publish-postgres publish-kafka publish-router publish-minio publish-server publish-worker publish-ui publish-agent publish-cluster-agent publish-packagescanner publish-secretscanner publish-malwarescanner publish-graphdb
.PHONY: publish-redis
publish-redis:
docker push $(IMAGE_REPOSITORY)/deepfence_redis_ce:$(DF_IMG_TAG)
.PHONY: publish-postgres
publish-postgres:
docker push $(IMAGE_REPOSITORY)/deepfence_postgres_ce:$(DF_IMG_TAG)
.PHONY: publish-kafka
publish-kafka:
docker push $(IMAGE_REPOSITORY)/deepfence_kafka_broker_ce:$(DF_IMG_TAG)
.PHONY: publish-router
publish-router:
docker push $(IMAGE_REPOSITORY)/deepfence_router_ce:$(DF_IMG_TAG)
.PHONY: publish-minio
publish-minio:
docker push $(IMAGE_REPOSITORY)/deepfence_file_server_ce:$(DF_IMG_TAG)
.PHONY: publish-server
publish-server:
docker push $(IMAGE_REPOSITORY)/deepfence_server_ce:$(DF_IMG_TAG)
.PHONY: publish-worker
publish-worker:
docker push $(IMAGE_REPOSITORY)/deepfence_worker_ce:$(DF_IMG_TAG)
.PHONY: publish-ui
publish-ui:
docker push $(IMAGE_REPOSITORY)/deepfence_ui_ce:$(DF_IMG_TAG)
.PHONY: publish-agent
publish-agent:
docker push $(IMAGE_REPOSITORY)/deepfence_agent_ce:$(DF_IMG_TAG)
.PHONY: publish-cluster-agent
publish-cluster-agent:
docker push $(IMAGE_REPOSITORY)/deepfence_cluster_agent_ce:$(DF_IMG_TAG)
.PHONY: publish-packagescanner
publish-packagescanner:
docker push $(IMAGE_REPOSITORY)/deepfence_package_scanner_ce:$(DF_IMG_TAG)
.PHONY: publish-secretscanner
publish-secretscanner:
docker push $(IMAGE_REPOSITORY)/deepfence_secret_scanner_ce:$(DF_IMG_TAG)
.PHONY: publish-malwarescanner
publish-malwarescanner:
docker push $(IMAGE_REPOSITORY)/deepfence_malware_scanner_ce:$(DF_IMG_TAG)
.PHONY: publish-graphdb
publish-graphdb:
docker push $(IMAGE_REPOSITORY)/deepfence_neo4j_ce:$(DF_IMG_TAG)
.PHONY: clean
clean:
-(cd $(DEEPFENCE_AGENT_DIR) && make clean)
-(cd $(ROOT_MAKEFILE_DIR)/deepfence_server && make clean)
-(cd $(ROOT_MAKEFILE_DIR)/deepfence_worker && make clean)
-(cd $(DEEPFENCED) && make clean && rm $(DEEPFENCE_AGENT_DIR)/deepfenced)