Makefile 7.82 KB
Newer Older
Ilya Frolov's avatar
Ilya Frolov committed
1 2 3 4 5 6 7
# Makefile for installing various utilities during CI
# Copyright 2017
# Licence MIT
# Maintainer Ilya Frolov <[email protected]>

# Variables
UNAME		 := $(shell uname -s)
8 9 10 11 12
KEY_SERVERS	 := pool.sks-keyservers.net \
	subkeys.pgp.net \
	pgp.mit.edu \
	keyserver.ubuntu.com \
	keys.gnupg.net
Ilya Frolov's avatar
Ilya Frolov committed
13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
#
TF_URL		 := https://releases.hashicorp.com/terraform
HASHICORP_KEY	 := 0x51852D87348FFC4C
# These can be overriden, for ex: with either `TF_ARCH=i386 make tfinstall` or `make TF_ARCH=i386 tfinstall`
TF_VERSION	 ?= 0.9.11
TF_DISTRO	 ?= linux
TF_ARCH		 ?= amd64
TF_INSTALL_TO	 ?= /

# These are just for readability
TF_ZIP		 := terraform_$(TF_VERSION)_$(TF_DISTRO)_$(TF_ARCH).zip
TF_SHA256	 := terraform_$(TF_VERSION)_SHA256SUMS
TF_SHA256SIG	 := terraform_$(TF_VERSION)_SHA256SUMS.sig

TF_URL_ZIP	 := $(TF_URL)/$(TF_VERSION)/$(TF_ZIP)
TF_URL_SHA256	 := $(TF_URL)/$(TF_VERSION)/$(TF_SHA256)
TF_URL_SHA256SIG := $(TF_URL)/$(TF_VERSION)/$(TF_SHA256SIG)

# Vault
VA_URL		 := https://releases.hashicorp.com/vault
Ilya Frolov's avatar
Ilya Frolov committed
33
# These can be overriden with either `VA_ARCH=i386 make vainstall` or `make VA_ARCH=i386 vainstall`
Ilya Frolov's avatar
Ilya Frolov committed
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
VA_VERSION	 ?= 0.7.3
VA_DISTRO	 ?= linux
VA_ARCH		 ?= amd64
VA_INSTALL_TO	 ?= /

# These are just for readability
VA_ZIP		 := vault_$(VA_VERSION)_$(VA_DISTRO)_$(VA_ARCH).zip
VA_SHA256	 := vault_$(VA_VERSION)_SHA256SUMS
VA_SHA256SIG	 := vault_$(VA_VERSION)_SHA256SUMS.sig

VA_URL_ZIP	 := $(VA_URL)/$(VA_VERSION)/$(VA_ZIP)
VA_URL_SHA256	 := $(VA_URL)/$(VA_VERSION)/$(VA_SHA256)
VA_URL_SHA256SIG := $(VA_URL)/$(VA_VERSION)/$(VA_SHA256SIG)

# Packer
PK_URL		 := https://releases.hashicorp.com/packer
Ilya Frolov's avatar
Ilya Frolov committed
50
# These can be overriden with either `PK_ARCH=i386 make pkinstall` or `make PK_ARCH=i386 pkinstall`
Ilya Frolov's avatar
Ilya Frolov committed
51 52 53 54 55 56 57 58 59 60 61 62 63 64
PK_VERSION	 ?= 1.0.3
PK_DISTRO	 ?= linux
PK_ARCH		 ?= amd64
PK_INSTALL_TO	 ?= /

# These are just for readability
PK_ZIP		 := packer_$(PK_VERSION)_$(PK_DISTRO)_$(PK_ARCH).zip
PK_SHA256	 := packer_$(PK_VERSION)_SHA256SUMS
PK_SHA256SIG	 := packer_$(PK_VERSION)_SHA256SUMS.sig

PK_URL_ZIP	 := $(PK_URL)/$(PK_VERSION)/$(PK_ZIP)
PK_URL_SHA256	 := $(PK_URL)/$(PK_VERSION)/$(PK_SHA256)
PK_URL_SHA256SIG := $(PK_URL)/$(PK_VERSION)/$(PK_SHA256SIG)

Ilya Frolov's avatar
Ilya Frolov committed
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
# Consul
CO_URL		 := https://releases.hashicorp.com/consul
# These can be overriden with either `CO_ARCH=i386 make coinstall` or `make CO_ARCH=i386 coinstall`
CO_VERSION	 ?= 0.9.0
CO_DISTRO	 ?= linux
CO_ARCH		 ?= amd64
CO_INSTALL_TO	 ?= /

# These are just for readability
CO_ZIP		 := consul_$(CO_VERSION)_$(CO_DISTRO)_$(CO_ARCH).zip
CO_SHA256	 := consul_$(CO_VERSION)_SHA256SUMS
CO_SHA256SIG	 := consul_$(CO_VERSION)_SHA256SUMS.sig

CO_URL_ZIP	 := $(CO_URL)/$(CO_VERSION)/$(CO_ZIP)
CO_URL_SHA256	 := $(CO_URL)/$(CO_VERSION)/$(CO_SHA256)
CO_URL_SHA256SIG := $(CO_URL)/$(CO_VERSION)/$(CO_SHA256SIG)

Ilya Frolov's avatar
Ilya Frolov committed
82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112
# DO ctl
DO_URL		 := https://github.com/digitalocean/doctl/releases/download
# These can be overriden with either `DO_ARCH=i386 make doinstall` or `make DO_ARCH=i386 doinstall`
DO_VERSION	 ?= 1.7.0
DO_DISTRO	 ?= linux
DO_ARCH		 ?= amd64
DO_INSTALL_TO	 ?= /

# These are just for readability
DO_TGZ		 := doctl-$(DO_VERSION)-$(DO_DISTRO)-$(DO_ARCH).tar.gz
DO_SHA256	 := doctl-$(DO_VERSION)-$(DO_DISTRO)-$(DO_ARCH).sha256
DO_URL_TGZ	 := $(DO_URL)/v$(DO_VERSION)/$(DO_TGZ)
DO_URL_SHA256	 := $(DO_URL)/v$(DO_VERSION)/$(DO_SHA256)

# this is godly
# https://news.ycombinator.com/item?id=11939200
.PHONY: help
help:	### This screen. Keep it first target to be default
ifeq ($(UNAME), Linux)
	@grep -P '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}'
else
	@# this is not tested, but prepared in advance for you, Mac drivers
	@awk -F ':.*###' '$$0 ~ FS {printf "%15s%s\n", $$1 ":", $$2}' $(MAKEFILE_LIST) | grep -v '@awk' | sort
endif

# Targets
#
.PHONY: debug
debug:	### Debug Makefile itself placeholder
	@echo $(UNAME)

113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
.PHONY: gpgkey
gpgkey:		### Get Hashicop's gpg key from list of servers
	@gpg --list-keys $(HASHICORP_KEY); \
	if [ $$? -eq 0 ]; then \
		echo "Key $(HASHICORP_KEY) is already in keystore"; \
	else \
		for ksrv in $(KEY_SERVERS); do \
			echo -n "Getting key $(HASHICORP_KEY) from server $$ksrv ... "; \
			gpg --keyserver $$ksrv --recv-keys $(HASHICORP_KEY); \
			if [ $$? -eq 0 ]; then \
				echo "Success!"; \
				exit 0 ; \
			else \
				echo "Fail"; \
			fi; \
		done; \
	fi

Ilya Frolov's avatar
Ilya Frolov committed
131 132
.PHONY: tfinstall
tfinstall:	### Download, check sum and unpack specific terraform version
133
tfinstall: gpgkey
Ilya Frolov's avatar
Ilya Frolov committed
134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151
	@# First, we download into temporary dir
	$(eval [email protected]_TMP := $(shell mktemp -d "/tmp/tfinstall.tmp.XXXXXX"))
	test -n "$([email protected]_TMP)" || exit 1
	wget --quiet --continue --directory-prefix "$([email protected]_TMP)" \
		"$(TF_URL_ZIP)" \
		"$(TF_URL_SHA256)" \
		"$(TF_URL_SHA256SIG)"
	@# Then, we verify signature on hashsums
	gpg --verbose --verify "$([email protected]_TMP)/$(TF_SHA256SIG)" "$([email protected]_TMP)/$(TF_SHA256)"
	@# Then, we verify hashsum on our zip archive, using only its line as stdin
	cd $([email protected]_TMP) && grep "$(TF_ZIP)" "$(TF_SHA256)" | sha256sum -c -w
	@# Finally, we are confident file is legitimate
	unzip -o "$([email protected]_TMP)/$(TF_ZIP)" -d "$(TF_INSTALL_TO)"
	@# Cleanup
	rm -rf "$([email protected]_TMP)"

.PHONY: vainstall
vainstall:	### Download, check sum and unpack specific vault version
152
vainstall: gpgkey
Ilya Frolov's avatar
Ilya Frolov committed
153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170
	@# First, we download into temporary dir
	$(eval [email protected]_TMP := $(shell mktemp -d "/tmp/vainstall.tmp.XXXXXX"))
	test -n "$([email protected]_TMP)" || exit 1
	wget --quiet --continue --directory-prefix "$([email protected]_TMP)" \
		"$(VA_URL_ZIP)" \
		"$(VA_URL_SHA256)" \
		"$(VA_URL_SHA256SIG)"
	@# Then, we verify signature on hashsums
	gpg --verbose --verify "$([email protected]_TMP)/$(VA_SHA256SIG)" "$([email protected]_TMP)/$(VA_SHA256)"
	@# Then, we verify hashsum on our zip archive, using only its line as stdin
	cd $([email protected]_TMP) && grep "$(VA_ZIP)" "$(VA_SHA256)" | sha256sum -c -w
	@# Finally, we are confident file is legitimate
	unzip -o "$([email protected]_TMP)/$(VA_ZIP)" -d "$(VA_INSTALL_TO)"
	@# Cleanup
	rm -rf "$([email protected]_TMP)"

.PHONY: pkinstall
pkinstall:	### Download, check sum and unpack specific packer version
171
pkinstall: gpgkey
Ilya Frolov's avatar
Ilya Frolov committed
172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187
	@# First, we download into temporary dir
	$(eval [email protected]_TMP := $(shell mktemp -d "/tmp/pkinstall.tmp.XXXXXX"))
	test -n "$([email protected]_TMP)" || exit 1
	wget --quiet --continue --directory-prefix "$([email protected]_TMP)" \
		"$(PK_URL_ZIP)" \
		"$(PK_URL_SHA256)" \
		"$(PK_URL_SHA256SIG)"
	@# Then, we verify signature on hashsums
	gpg --verbose --verify "$([email protected]_TMP)/$(PK_SHA256SIG)" "$([email protected]_TMP)/$(PK_SHA256)"
	@# Then, we verify hashsum on our zip archive, using only its line as stdin
	cd $([email protected]_TMP) && grep "$(PK_ZIP)" "$(PK_SHA256)" | sha256sum -c -w
	@# Finally, we are confident file is legitimate
	unzip -o "$([email protected]_TMP)/$(PK_ZIP)" -d "$(PK_INSTALL_TO)"
	@# Cleanup
	rm -rf "$([email protected]_TMP)"

Ilya Frolov's avatar
Ilya Frolov committed
188 189
.PHONY: coinstall
coinstall:	### Download, check sum and unpack specific consul version
190
coinstall: gpgkey
Ilya Frolov's avatar
Ilya Frolov committed
191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206
	@# First, we download into temporary dir
	$(eval [email protected]_TMP := $(shell mktemp -d "/tmp/coinstall.tmp.XXXXXX"))
	test -n "$([email protected]_TMP)" || exit 1
	wget --quiet --continue --directory-prefix "$([email protected]_TMP)" \
		"$(CO_URL_ZIP)" \
		"$(CO_URL_SHA256)" \
		"$(CO_URL_SHA256SIG)"
	@# Then, we verify signature on hashsums
	gpg --verbose --verify "$([email protected]_TMP)/$(CO_SHA256SIG)" "$([email protected]_TMP)/$(CO_SHA256)"
	@# Then, we verify hashsum on our zip archive, using only its line as stdin
	cd $([email protected]_TMP) && grep "$(CO_ZIP)" "$(CO_SHA256)" | sha256sum -c -w
	@# Finally, we are confident file is legitimate
	unzip -o "$([email protected]_TMP)/$(CO_ZIP)" -d "$(CO_INSTALL_TO)"
	@# Cleanup
	rm -rf "$([email protected]_TMP)"

Ilya Frolov's avatar
Ilya Frolov committed
207 208 209 210 211
.PHONY: doinstall
doinstall:	### Download, check sum and unpack specific doctl version
	@# First, we download into temporary dir
	$(eval [email protected]_TMP := $(shell mktemp -d "/tmp/doinstall.tmp.XXXXXX"))
	test -n "$([email protected]_TMP)" || exit 1
John Jarvis's avatar
John Jarvis committed
212
	wget --continue --directory-prefix "$([email protected]_TMP)" \
Ilya Frolov's avatar
Ilya Frolov committed
213 214 215 216 217 218 219 220
		"$(DO_URL_TGZ)" \
		"$(DO_URL_SHA256)"
	@# Then, unpack and verify sum
	cd $([email protected]_TMP) && tar zxf $(DO_TGZ) && cat $(DO_SHA256) | sha256sum -c -w
	@# Finally, install file if it is legitimate
	mv $([email protected]_TMP)/doctl $(DO_INSTALL_TO)/doctl.real
	@# Cleanup
	rm -rf "$([email protected]_TMP)"
John Jarvis's avatar
John Jarvis committed
221 222 223 224

.PHONY: tfmt
tfmt:
	@find . -name "*.tf" | xargs -I{} terraform fmt {}