-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathMakefile
97 lines (82 loc) · 3.45 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# Disable all the default make stuff
MAKEFLAGS += --no-builtin-rules
.SUFFIXES:
## Display a list of the documented make targets
.PHONY: help
help:
@echo Documented Make targets:
@perl -e 'undef $$/; while (<>) { while ($$_ =~ /## (.*?)(?:\n# .*)*\n.PHONY:\s+(\S+).*/mg) { printf "\033[36m%-30s\033[0m %s\n", $$2, $$1 } }' $(MAKEFILE_LIST) | sort
.PHONY: .FORCE
.FORCE:
WORKLOAD_NAME = my-sample-workload
CONTAINER_NAME = my-sample-container
CONTAINER_IMAGE = ${WORKLOAD_NAME}:test
.score-compose/state.yaml:
score-compose init \
--no-sample
compose.yaml: score/score.yaml .score-compose/state.yaml Makefile
score-compose generate score/score.yaml \
--build '${CONTAINER_NAME}={"context":"app/","tags":["${CONTAINER_IMAGE}"]}' \
--override-property containers.${CONTAINER_NAME}.variables.MESSAGE="Hello, Compose!"
echo '{"services":{"${WORKLOAD_NAME}-${CONTAINER_NAME}":{"read_only":"true","user":"65532","cap_drop":["ALL"]}}}' | yq e -P > compose.override.yaml
## Generate a compose.yaml file from the score spec and launch it.
.PHONY: compose-up
compose-up: compose.yaml
docker compose up --build -d --remove-orphans
sleep 5
## Generate a compose.yaml file from the score spec, launch it and test (curl) the exposed container.
.PHONY: compose-test
compose-test: compose-up
curl $$(score-compose resources get-outputs dns.default#${WORKLOAD_NAME}.dns --format '{{ .host }}:8080')
## Delete the containers running via compose down.
.PHONY: compose-down
compose-down:
docker compose down -v --remove-orphans || true
.score-k8s/state.yaml:
score-k8s init \
--no-sample
manifests.yaml: score/score.yaml .score-k8s/state.yaml Makefile
score-k8s generate score/score.yaml \
--image ${CONTAINER_IMAGE} \
--override-property containers.${CONTAINER_NAME}.variables.MESSAGE="Hello, Kubernetes!" \
--patch-manifests 'Deployment/*/spec.template.spec.automountServiceAccountToken=false' \
--patch-manifests 'Deployment/*/spec.template.spec.securityContext={"fsGroup":65532,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}'
echo '{"spec":{"template":{"spec":{"containers":[{"name":"${CONTAINER_NAME}","securityContext":{"allowPrivilegeEscalation":false,"privileged": false,"readOnlyRootFilesystem": true,"capabilities":{"drop":["ALL"]}}}]}}}}' > deployment-patch.yaml
## Create a local Kind cluster.
.PHONY: kind-create-cluster
kind-create-cluster:
./scripts/setup-kind-cluster.sh
## Load the local container image in the current Kind cluster.
.PHONY: kind-load-image
kind-load-image:
kind load docker-image ${CONTAINER_IMAGE}
NAMESPACE ?= default
## Generate a manifests.yaml file from the score spec, deploy it to Kubernetes and wait for the Pods to be Ready.
.PHONY: k8s-up
k8s-up: manifests.yaml
kubectl apply \
-f manifests.yaml \
-n ${NAMESPACE}
kubectl patch \
deployment ${WORKLOAD_NAME} \
--patch-file deployment-patch.yaml \
-n ${NAMESPACE}
kubectl wait deployments/${WORKLOAD_NAME} \
-n ${NAMESPACE} \
--for condition=Available \
--timeout=90s
kubectl wait pods \
-n ${NAMESPACE} \
-l app.kubernetes.io/name=${WORKLOAD_NAME} \
--for condition=Ready \
--timeout=90s
## Expose the container deployed in Kubernetes via port-forward.
.PHONY: k8s-test
k8s-test: k8s-up
curl $$(score-k8s resources get-outputs dns.default#${WORKLOAD_NAME}.dns --format '{{ .host }}')
## Delete the deployment of the local container in Kubernetes.
.PHONY: k8s-down
k8s-down:
kubectl delete \
-f manifests.yaml \
-n ${NAMESPACE}