-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
139 lines (113 loc) · 5.11 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
SHELL := /bin/bash
.PHONY: help
primary := '\033[1;36m'
err := '\033[0;31m'
bold := '\033[1m'
clear := '\033[0m'
-include .env
export $(shell sed 's/=.*//' .env)
ifndef CI_BUILD_REF
CI_BUILD_REF=local
endif
ifeq ($(CI_BUILD_REF), local)
-include .env.local
export $(shell sed 's/=.*//' .env.local)
endif
help: ## This help.
@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
.DEFAULT_GOAL := help
ifndef TRIVIALSCAN_VERSION
TRIVIALSCAN_VERSION=$(shell cat ./src/trivialscan/cli/__main__.py | grep '__version__' | head -n1 | python -c "import sys; exec(sys.stdin.read()); print(__version__)")
endif
ifndef TRIVIALSCAN_API_URL
TRIVIALSCAN_API_URL=http://localhost:8080
endif
ifndef APP_ENV
APP_ENV=development
endif
ifndef RUNNER_NAME
RUNNER_NAME=$(shell basename $(shell pwd))
endif
clean: ## cleans python for wheel
find src -type f -name '*.pyc' -delete 2>/dev/null
find src -type d -name '__pycache__' -delete 2>/dev/null
rm -rf build dist **/*.egg-info .pytest_cache rust-query-crlite/target
rm -f **/*.zip **/*.tgz **/*.gz .coverage
deps: ## install dependancies for development of this project
pip install --disable-pip-version-check -U pip
pip install .
setup: deps ## setup for development of this project
pre-commit install --hook-type commit-msg --hook-type pre-push --hook-type pre-commit
@ [ -f .secrets.baseline ] || ( detect-secrets scan > .secrets.baseline )
yes | detect-secrets audit .secrets.baseline
install: ## Install the package
pip install -U dist/trivialscan-$(TRIVIALSCAN_VERSION)-py3-none-any.whl
reinstall: ## Force install the package
pip install --force-reinstall -U dist/trivialscan-$(TRIVIALSCAN_VERSION)-py3-none-any.whl
install-dev: ## Install the package
pip install --disable-pip-version-check -U pip
pip install -U -r requirements-dev.txt
pip install --force-reinstall --no-cache-dir -e .
pytest: ## run unit tests with coverage
coverage run -m pytest --nf
coverage report -m
test: ## all tests
pre-commit run --all-files
coverage report -m
build: ## build wheel file
rm -f dist/*
python -m build -nxsw
pypi: ## upload to pypi.org
git tag -f $(TRIVIALSCAN_VERSION)
git push -u origin --tags -f
python -m twine upload dist/*
tag: ## tag release and push
git tag -f $(TRIVIALSCAN_VERSION)
git push -u origin --tags -f
publish: pypi tag ## upload to pypi.org and push git tags
crlite-musl: ## Build crlite with musl for AWS Lambda
rustup target add x86_64-unknown-linux-musl
(cd rust-query-crlite && cargo build --release --target=x86_64-unknown-linux-musl)
rm -f rust-query-crlite/target/x86_64-unknown-linux-musl/release/rust-query-crlite
cp rust-query-crlite/target/x86_64-unknown-linux-musl/release/rust-query-crlite src/trivialscan/vendor/crlite-linux-musl
chmod a+x src/trivialscan/vendor/crlite-linux-musl
crlite: ## Build crlite
rustup default stable
(cd rust-query-crlite && cargo build --release)
rm -f src/trivialscan/vendor/crlite-linux
cp rust-query-crlite/target/release/rust-query-crlite src/trivialscan/vendor/crlite-linux
chmod a+x src/trivialscan/vendor/crlite-linux
./src/trivialscan/vendor/crlite-linux -vvv --db /tmp/.crlite_db/ --update prod x509
./src/trivialscan/vendor/crlite-linux -vvv --db /tmp/.crlite_db/ https ssllabs.com
local-runner: ## local setup for a gitlab runner
@docker volume create --name=gitlab-cache 2>/dev/null || true
docker pull -q docker.io/gitlab/gitlab-runner:latest
docker build -t $(RUNNER_NAME)/runner:${CI_BUILD_REF} .
@echo $(shell [ -z "${RUNNER_TOKEN}" ] && echo "RUNNER_TOKEN missing" )
@docker run -d --rm \
--name $(RUNNER_NAME) \
-v "gitlab-cache:/cache:rw" \
-e RUNNER_TOKEN=${RUNNER_TOKEN} \
$(RUNNER_NAME)/runner:${CI_BUILD_REF}
@docker exec -ti $(RUNNER_NAME) gitlab-runner register --non-interactive \
--tag-list 'jager' \
--name $(RUNNER_NAME) \
--request-concurrency 10 \
--url https://gitlab.com/ \
--registration-token '$(RUNNER_TOKEN)' \
--cache-dir '/cache' \
--executor shell
run-stdin: ## pipe targets from stdin
cat .$(APP_ENV)/targets.txt | xargs trivial scan -D $(TRIVIALSCAN_API_URL) --config-path .$(APP_ENV)/.trivialscan-config.yaml --project-name badssl --targets
run-stdin-upload: ## re-upload the piped targets from stdin make target
trivial scan-upload -D $(TRIVIALSCAN_API_URL) --config-path .$(APP_ENV)/.trivialscan-config.yaml --results-file .$(APP_ENV)/results/badssl/all.json
run-as-module: ## Using CLI as a python module directly (dev purposes)
python -m trivialscan.cli scan -D $(TRIVIALSCAN_API_URL) --config-path .$(APP_ENV)/.trivialscan-config.yaml -t ssllabs.com --project-name qualys
run-cli-parallel: ## Leverage defaults using all CPU cores
trivial scan -D $(TRIVIALSCAN_API_URL) --config-path .$(APP_ENV)/.trivialscan-config.yaml
run-cli-sequential: ## Just use normal python (for clean debugging outputs)
trivial scan -D $(TRIVIALSCAN_API_URL) --no-multiprocessing --config-path .$(APP_ENV)/.trivialscan-config.yaml
run-info: ## check client details and registration token status
trivial info -D $(TRIVIALSCAN_API_URL)
run-register: ## registers a new client to retrieve a registration token
trivial register -D $(TRIVIALSCAN_API_URL)