Skip to content

Commit 776cb8f

Browse files
thaJeztahthaJeztah
committed
add scan plugin
Signed-off-by: Sebastiaan van Stijn <[email protected]>
1 parent 9a1e7a8 commit 776cb8f

File tree

1 file changed

+72
-27
lines changed

1 file changed

+72
-27
lines changed

static/Makefile

Lines changed: 72 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,14 @@ CLI_DIR = $(realpath $(CURDIR)/../src/github.com/docker/cli)
44
ENGINE_DIR = $(realpath $(CURDIR)/../src/github.com/docker/docker)
55
COMPOSE_DIR = $(realpath $(CURDIR)/../src/github.com/docker/compose)
66
BUILDX_DIR = $(realpath $(CURDIR)/../src/github.com/docker/buildx)
7+
SCAN_DIR = $(realpath $(CURDIR)/../src/github.com/docker/scan-cli-plugin)
78

89
CLI_VERSION = $(shell ./gen-static-ver $(CLI_DIR) $(VERSION))
910
ENGINE_VERSION = $(shell ./gen-static-ver $(ENGINE_DIR) $(VERSION))
1011
CONTAINERD_PKG_VER = $(shell ./gen-containerd-ver $(ENGINE_DIR) $(CONTAINERD_VERSION))
1112

13+
SCAN_GITCOMMIT?=$(shell cd "$(SCAN_DIR)" && git rev-parse --short HEAD)
14+
1215
HASH_CMD=docker run -v $(CURDIR):/sum -w /sum debian:jessie bash hash_files
1316
DIR_TO_HASH:=build/linux
1417
DOCKER_CLI_GOLANG_IMG=golang:$(GO_VERSION)
@@ -48,7 +51,7 @@ clean: ## remove build artifacts
4851
static: static-linux cross-mac cross-win cross-arm ## create all static packages
4952

5053
.PHONY: static-linux
51-
static-linux: static-cli static-engine static-buildx-plugin static-compose-plugin ## create tgz
54+
static-linux: static-cli static-engine static-buildx-plugin static-compose-plugin docker-scan-plugin ## create tgz
5255
# docker cli binaries
5356
mkdir -p build/linux/docker-cli
5457
cp $(CLI_DIR)/build/docker build/linux/docker-cli/
@@ -87,6 +90,9 @@ static-linux: static-cli static-engine static-buildx-plugin static-compose-plugi
8790
# docker buildx
8891
tar -C "$(BUILDX_DIR)"/bin/ -c -z -f build/linux/docker-buildx-plugin-"$(DOCKER_BUILDX_REF:v%=%)".tgz docker-buildx
8992

93+
# docker scan
94+
tar -C "$(SCAN_DIR)"/bin/ -c -z -f build/linux/docker-scan-plugin-"$(DOCKER_SCAN_REF:v%=%)".tgz docker-scan
95+
9096
.PHONY: hash_files
9197
hash_files:
9298
@echo "Hashing directory $(DIR_TO_HASH)"
@@ -102,65 +108,84 @@ cross-mac: cross-mac-amd64 cross-mac-arm64
102108

103109
.PHONY: cross-mac-amd64
104110
cross-mac-amd64: TARGETPLATFORM=darwin/amd64
105-
cross-mac-amd64: buildx static-cli static-buildx-plugin static-compose-plugin
111+
cross-mac-amd64: BUILD_DIR=build/mac/amd64
112+
cross-mac-amd64: buildx static-cli static-buildx-plugin static-compose-plugin cross-scan-plugin
106113
# docker cli binaries
107-
mkdir -p build/mac/amd64/docker-cli
108-
cp -L $(CLI_DIR)/build/docker build/mac/amd64/docker-cli/docker
109-
tar -C build/mac/amd64/ -c -z -f build/mac/amd64/docker-cli-$(CLI_VERSION).tgz docker-cli
110-
rm -r build/mac/amd64/docker-cli
114+
mkdir -p $(BUILD_DIR)/docker-cli
115+
cp -L $(CLI_DIR)/build/docker $(BUILD_DIR)/docker-cli/docker
116+
tar -C $(BUILD_DIR)/ -c -z -f $(BUILD_DIR)/docker-cli-$(CLI_VERSION).tgz docker-cli
117+
rm -r $(BUILD_DIR)/docker-cli
111118

112119
# docker compose
113-
tar -C "$(COMPOSE_DIR)"/bin/ -c -z -f build/mac/amd64/docker-compose-plugin-"$(DOCKER_COMPOSE_REF:v%=%)".tgz docker-compose
120+
tar -C "$(COMPOSE_DIR)"/bin/ -c -z -f $(BUILD_DIR)/docker-compose-plugin-"$(DOCKER_COMPOSE_REF:v%=%)".tgz docker-compose
114121

115122
# docker buildx
116-
tar -C "$(BUILDX_DIR)"/bin/ -c -z -f build/mac/amd64/docker-buildx-plugin-"$(DOCKER_BUILDX_REF:v%=%)".tgz docker-buildx
123+
tar -C "$(BUILDX_DIR)"/bin/ -c -z -f $(BUILD_DIR)/docker-buildx-plugin-"$(DOCKER_BUILDX_REF:v%=%)".tgz docker-buildx
124+
125+
# docker scan
126+
mkdir -p $(BUILD_DIR)/docker-scan
127+
cp -L $(SCAN_DIR)/dist/docker-scan_darwin_amd64 $(BUILD_DIR)/docker-scan/docker-scan
128+
tar -C $(BUILD_DIR)/ -c -z -f $(BUILD_DIR)/docker-scan-plugin-"$(DOCKER_SCAN_REF:v%=%)".tgz docker-scan
129+
rm -r $(BUILD_DIR)/docker-scan
117130

118131
.PHONY: cross-mac-arm64
119132
cross-mac-arm64: TARGETPLATFORM=darwin/arm64
120-
cross-mac-arm64: buildx static-cli static-buildx-plugin static-compose-plugin
133+
cross-mac-arm64: BUILD_DIR=build/mac/arm64
134+
cross-mac-arm64: buildx static-cli static-buildx-plugin static-compose-plugin cross-scan-plugin
121135
# docker cli binaries
122-
mkdir -p build/mac/arm64/docker-cli
123-
cp -L $(CLI_DIR)/build/docker build/mac/arm64/docker-cli/docker
124-
tar -C build/mac/arm64/ -c -z -f build/mac/arm64/docker-cli-$(CLI_VERSION).tgz docker-cli
125-
rm -r build/mac/arm64/docker-cli
136+
mkdir -p $(BUILD_DIR)/docker-cli
137+
cp -L $(CLI_DIR)/build/docker $(BUILD_DIR)/docker-cli/docker
138+
tar -C $(BUILD_DIR)/ -c -z -f $(BUILD_DIR)/docker-cli-$(CLI_VERSION).tgz docker-cli
139+
rm -r $(BUILD_DIR)/docker-cli
126140

127141
# docker compose
128-
tar -C "$(COMPOSE_DIR)"/bin/ -c -z -f build/mac/arm64/docker-compose-plugin-"$(DOCKER_COMPOSE_REF:v%=%)".tgz docker-compose
142+
tar -C "$(COMPOSE_DIR)"/bin/ -c -z -f $(BUILD_DIR)/docker-compose-plugin-"$(DOCKER_COMPOSE_REF:v%=%)".tgz docker-compose
129143

130144
# docker buildx
131-
tar -C "$(BUILDX_DIR)"/bin/ -c -z -f build/mac/arm64/docker-buildx-plugin-"$(DOCKER_BUILDX_REF:v%=%)".tgz docker-buildx
145+
tar -C "$(BUILDX_DIR)"/bin/ -c -z -f $(BUILD_DIR)/docker-buildx-plugin-"$(DOCKER_BUILDX_REF:v%=%)".tgz docker-buildx
146+
147+
# docker scan
148+
mkdir -p $(BUILD_DIR)/docker-scan
149+
cp -L $(SCAN_DIR)/dist/docker-scan_darwin_aarch64 $(BUILD_DIR)/docker-scan/docker-scan
150+
tar -C $(BUILD_DIR)/ -c -z -f $(BUILD_DIR)/docker-scan-plugin-"$(DOCKER_SCAN_REF:v%=%)".tgz docker-scan
151+
rm -r $(BUILD_DIR)/docker-scan
132152

133153
.PHONY: cross-win
134154
cross-win: TARGETPLATFORM=windows/arm64
135155
cross-win: EXT=.exe
136-
cross-win: cross-win-engine static-cli static-buildx-plugin static-compose-plugin
156+
cross-win: BUILD_DIR=build/win/amd64
157+
cross-win: cross-win-engine static-cli static-buildx-plugin static-compose-plugin cross-scan-plugin
137158
# docker cli binaries
138-
mkdir -p build/win/amd64/docker-cli
139-
cp -L $(CLI_DIR)/build/docker build/win/amd64/docker-cli/docker.exe
159+
mkdir -p $(BUILD_DIR)/docker-cli
160+
cp -L $(CLI_DIR)/build/docker $(BUILD_DIR)/docker-cli/docker.exe
140161

141162
# docker engine binaries
142-
mkdir -p build/win/amd64/docker-engine
143-
for f in dockerd.exe docker-init docker-proxy.exe; do \
144-
cp -L $(ENGINE_DIR)/bundles/cross/windows/amd64-daemon/$$f build/win/amd64/docker-engine/$$f; \
163+
mkdir -p $(BUILD_DIR)/docker-engine
164+
for f in dockerd.exe docker-proxy.exe; do \
165+
cp -L $(ENGINE_DIR)/bundles/cross/windows/amd64-daemon/$$f $(BUILD_DIR)/docker-engine/$$f; \
145166
done
146167

147168
# docker compose, docker buildx
148-
mkdir -p build/win/amd64/docker-compose
149-
cp $(COMPOSE_DIR)/bin/docker-compose/docker-compose.exe build/win/amd64/docker-compose/docker-compose.exe
169+
mkdir -p $(BUILD_DIR)/docker-compose
170+
cp $(COMPOSE_DIR)/bin/docker-compose/docker-compose.exe $(BUILD_DIR)/docker-compose/docker-compose.exe
150171

151172
# docker buildx
152-
mkdir -p build/win/amd64/docker-buildx
153-
cp $(BUILDX_DIR)/bin/docker-buildx.exe build/win/amd64/docker-buildx/docker-buildx.exe
173+
mkdir -p $(BUILD_DIR)/docker-buildx
174+
cp $(BUILDX_DIR)/bin/docker-buildx.exe $(BUILD_DIR)/docker-buildx/docker-buildx.exe
175+
176+
# docker scan
177+
mkdir -p $(BUILD_DIR)/docker-scan
178+
cp $(SCAN_DIR)/dist/docker-scan-plugin-windows_amd64.exe $(BUILD_DIR)/docker-scan/docker-scan.exe
154179

155-
docker run --rm -v $(CURDIR)/build/win/amd64:/v -w /v alpine sh -c 'apk add --no-cache zip \
180+
docker run --rm -v $(CURDIR)/$(BUILD_DIR):/v -w /v alpine sh -c 'apk add --no-cache zip \
156181
&& zip -r docker-cli-$(CLI_VERSION).zip docker-cli \
157182
&& zip -r docker-engine-$(ENGINE_VERSION).zip docker-engine \
158183
&& zip -r docker-compose-plugin-$(DOCKER_COMPOSE_REF:v%=%).zip docker-compose \
159184
&& zip -r docker-buildx-plugin-$(DOCKER_BUILDX_REF:v%=%).zip docker-buildx '
160185
$(CHOWN) -R $(shell id -u):$(shell id -g) build
161186

162187
# clean up temporary directories
163-
$(RM) -r build/win/amd64/docker-cli build/win/amd64/docker-engine build/win/amd64/docker-compose build/win/amd64/docker-buildx
188+
$(RM) -r $(BUILD_DIR)/docker-cli $(BUILD_DIR)/docker-engine $(BUILD_DIR)/docker-compose $(BUILD_DIR)/docker-buildx $(BUILD_DIR)/docker-scan
164189

165190
.PHONY: cross-arm
166191
cross-arm: cross-all-cli ## create tgz with linux armhf client only
@@ -193,6 +218,26 @@ static-compose-plugin:
193218

194219
ls -laR $(COMPOSE_DIR)/bin
195220

221+
.PHONY: docker-scan-plugin
222+
docker-scan-plugin:
223+
# Build the scan-plugin
224+
# TODO this should be skipped on non-x86 because there's no image for non-x86?
225+
# TODO change once we support scan-plugin on other architectures
226+
$(MAKE) -C $(SCAN_DIR) GIT_TAG_NAME="$(DOCKER_SCAN_REF)" build
227+
228+
# TODO(thaJeztah) upstream Makefile should pass PLATFORM_BINARY
229+
# Binary is named (e.g.) docker-scan_linux_amd64. Rename it to have something consistent
230+
mv $(SCAN_DIR)/bin/docker-scan_linux_* $(SCAN_DIR)/bin/docker-scan
231+
232+
ls -laR $(SCAN_DIR)/bin
233+
234+
.PHONY: cross-scan-plugin
235+
cross-scan-plugin:
236+
# TODO: Add TARGETPLATFORM support on scan-cli-plugin repo to build efficiently with --platform
237+
$(MAKE) -C $(SCAN_DIR) GIT_TAG_NAME="$(DOCKER_SCAN_REF)" cross
238+
239+
ls -laR $(SCAN_DIR)/dist
240+
196241
.PHONY: cross-all-cli
197242
cross-all-cli:
198243
$(MAKE) -C $(CLI_DIR) -f docker.Makefile VERSION=$(CLI_VERSION) cross

0 commit comments

Comments
 (0)