-
Notifications
You must be signed in to change notification settings - Fork 310
Expand file tree
/
Copy pathMakefile
More file actions
365 lines (332 loc) · 15.5 KB
/
Makefile
File metadata and controls
365 lines (332 loc) · 15.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
BRANCH := $(shell git rev-parse --abbrev-ref HEAD)
BUILDDATE := $(shell date -u +%FT%T%z)
BUILDTS := $(shell date -u +%s)
REVISION := $(shell git rev-parse HEAD)
VERSION := 0.5.4
VERSION_DEV := $(VERSION)-dev$(shell date -u +%Y%m%d%H%M)
PROMETHEUS_TAG := github.com/prometheus/common/version
KVM_PKG_NAME := github.com/jetkvm/kvm
BUILDKIT_FLAVOR := arm-rockchip830-linux-uclibcgnueabihf
BUILDKIT_PATH ?= /opt/jetkvm-native-buildkit
DOCKER_BUILD_TAG ?= ghcr.io/jetkvm/buildkit:latest
SKIP_NATIVE_IF_EXISTS ?= 0
SKIP_UI_BUILD ?= 0
ENABLE_SYNC_TRACE ?= 0
CMAKE_BUILD_TYPE ?= Release
# GPG signing configuration
# SIGNING_KEY_FPR: The fingerprint of the signing subkey (on YubiKey)
# Required for signing releases
SIGNING_KEY_FPR ?=
GO_BUILD_ARGS := -tags netgo,timetzdata,nomsgpack
ifeq ($(ENABLE_SYNC_TRACE), 1)
GO_BUILD_ARGS := $(GO_BUILD_ARGS),synctrace
endif
GO_RELEASE_BUILD_ARGS := -trimpath $(GO_BUILD_ARGS)
GO_LDFLAGS := \
-s -w \
-X $(PROMETHEUS_TAG).Branch=$(BRANCH) \
-X $(PROMETHEUS_TAG).BuildDate=$(BUILDDATE) \
-X $(PROMETHEUS_TAG).Revision=$(REVISION) \
-X $(KVM_PKG_NAME).builtTimestamp=$(BUILDTS)
GO_ARGS := GOOS=linux GOARCH=arm GOARM=7 ARCHFLAGS="-arch arm"
# if BUILDKIT_PATH exists, use buildkit to build
ifneq ($(wildcard $(BUILDKIT_PATH)),)
GO_ARGS := $(GO_ARGS) \
CGO_CFLAGS="-I$(BUILDKIT_PATH)/$(BUILDKIT_FLAVOR)/include -I$(BUILDKIT_PATH)/$(BUILDKIT_FLAVOR)/sysroot/usr/include" \
CGO_LDFLAGS="-L$(BUILDKIT_PATH)/$(BUILDKIT_FLAVOR)/lib -L$(BUILDKIT_PATH)/$(BUILDKIT_FLAVOR)/sysroot/usr/lib -lrockit -lrockchip_mpp -lrga -lpthread -lm" \
CC="$(BUILDKIT_PATH)/bin/$(BUILDKIT_FLAVOR)-gcc" \
LD="$(BUILDKIT_PATH)/bin/$(BUILDKIT_FLAVOR)-ld" \
CGO_ENABLED=1
# GO_RELEASE_BUILD_ARGS := $(GO_RELEASE_BUILD_ARGS) -x -work
endif
GO_CMD := $(GO_ARGS) go
BIN_DIR := $(shell pwd)/bin
TEST_DIRS := $(shell find . -name "*_test.go" -type f -exec dirname {} \; | sort -u)
test:
go test ./...
# Fail fast if rclone cannot reach the R2 bucket.
check_r2:
@command -v rclone >/dev/null 2>&1 || { echo "Error: rclone is not installed"; exit 1; }
@rclone lsf r2://jetkvm-update/ >/dev/null 2>&1 || { echo "Error: Cannot access R2 bucket. Check rclone configuration and credentials."; exit 1; }
# Fail fast if the requested signing key is not available in local GPG keyring.
check_signing_key:
@if [ -z "$(SIGNING_KEY_FPR)" ]; then \
echo "Error: SIGNING_KEY_FPR is required"; \
exit 1; \
fi
@gpg --list-secret-keys --with-colons $(SIGNING_KEY_FPR) >/dev/null 2>&1 || { \
echo "Error: Signing key $(SIGNING_KEY_FPR) not found in local GPG keyring"; \
exit 1; \
}
# E2E tests - normal development lane (core tests + prerelease unsigned OTA, no signing key needed)
test_e2e: frontend
@if [ -z "$(DEVICE_IP)" ]; then \
echo "Error: DEVICE_IP is required"; \
echo "Usage: make test_e2e DEVICE_IP=<ip>"; \
exit 1; \
fi
$(eval TEST_VERSION := $(VERSION)-dev$(shell date -u +%Y%m%d%H%M))
$(MAKE) build_dev VERSION_DEV=0.0.1-test-baseline SKIP_UI_BUILD=1
mv bin/jetkvm_app bin/jetkvm_app_baseline
$(MAKE) build_dev VERSION_DEV=$(TEST_VERSION) SKIP_UI_BUILD=1
cd ui && npm ci && npx playwright install chromium && cd ..
./scripts/test_core_e2e.sh "$(DEVICE_IP)" "bin/jetkvm_app"
./scripts/test_prerelease_unsigned_ota.sh "$(DEVICE_IP)" \
"bin/jetkvm_app_baseline" \
"bin/jetkvm_app" \
"$(TEST_VERSION)"
# Production release validation lane
test_production_release:
@if [ -z "$(SIGNING_KEY_FPR)" ]; then \
echo "Error: SIGNING_KEY_FPR is required"; \
echo "Usage: make test_production_release DEVICE_IP=<ip> SIGNING_KEY_FPR=<fingerprint>"; \
exit 1; \
fi
@if [ -z "$(DEVICE_IP)" ]; then \
echo "Error: DEVICE_IP is required"; \
echo "Usage: make test_production_release DEVICE_IP=<ip> SIGNING_KEY_FPR=<fingerprint>"; \
exit 1; \
fi
$(MAKE) check_signing_key SIGNING_KEY_FPR=$(SIGNING_KEY_FPR)
$(MAKE) check frontend
$(MAKE) build_dev VERSION_DEV=0.0.1-test-baseline
mv bin/jetkvm_app bin/jetkvm_app_baseline
$(MAKE) build_release VERSION=$(VERSION)
@echo "Signing release binary..."
@echo -n "Ready to sign with key $(SIGNING_KEY_FPR)? [y/N] " && read ans && [ "$$ans" = "y" ] || { echo "Signing cancelled."; exit 1; }
gpg --detach-sign --local-user $(SIGNING_KEY_FPR) bin/jetkvm_app || { echo "Error: GPG signing failed"; exit 1; }
@if [ ! -f "bin/jetkvm_app.sig" ]; then \
echo "Error: Signature file not created"; exit 1; \
fi
cd ui && npm ci && npx playwright install --with-deps chromium && cd ..
./scripts/test_core_e2e.sh "$(DEVICE_IP)" "bin/jetkvm_app"
./scripts/test_local_update.sh "$(DEVICE_IP)" "bin/jetkvm_app" "$(VERSION)"
./scripts/test_unsigned_specific_ota.sh "$(DEVICE_IP)" \
"bin/jetkvm_app_baseline" \
"bin/jetkvm_app" \
"$(VERSION)"
./scripts/test_prerelease_unsigned_ota.sh "$(DEVICE_IP)" \
"bin/jetkvm_app_baseline" \
"bin/jetkvm_app" \
"$(VERSION)"
./scripts/test_signed_ota.sh "$(DEVICE_IP)" \
"bin/jetkvm_app_baseline" \
"bin/jetkvm_app" \
"$(VERSION)" \
--signature "bin/jetkvm_app.sig"
lint:
go vet ./...
check: lint test
build_native:
@if [ "$(SKIP_NATIVE_IF_EXISTS)" = "1" ] && [ -f "internal/native/cgo/lib/libjknative.a" ]; then \
echo "libjknative.a already exists, skipping native build..."; \
else \
echo "Building native..."; \
CC="$(BUILDKIT_PATH)/bin/$(BUILDKIT_FLAVOR)-gcc" \
LD="$(BUILDKIT_PATH)/bin/$(BUILDKIT_FLAVOR)-ld" \
CMAKE_BUILD_TYPE=$(CMAKE_BUILD_TYPE) \
./scripts/build_cgo.sh; \
fi
build_dev:
@if [ ! -d "$(BUILDKIT_PATH)" ]; then \
echo "Toolchain not found, running build_dev in Docker..."; \
rm -rf internal/native/cgo/build; \
docker run --rm -v "$$(pwd):/build" \
$(DOCKER_BUILD_TAG) make _build_dev_inner VERSION_DEV=$(VERSION_DEV); \
else \
$(MAKE) _build_dev_inner VERSION_DEV=$(VERSION_DEV); \
fi
_build_dev_inner: build_native
@echo "Building... $(VERSION_DEV)"
$(GO_CMD) build \
-ldflags="$(GO_LDFLAGS) -X $(KVM_PKG_NAME).builtAppVersion=$(VERSION_DEV)" \
$(GO_RELEASE_BUILD_ARGS) \
-o $(BIN_DIR)/jetkvm_app -v cmd/main.go
build_test2json:
$(GO_CMD) build -o $(BIN_DIR)/test2json cmd/test2json
build_gotestsum:
@echo "Building gotestsum..."
$(GO_CMD) install gotest.tools/gotestsum@latest
cp $(shell $(GO_CMD) env GOPATH)/bin/linux_arm/gotestsum $(BIN_DIR)/gotestsum
build_dev_test: build_test2json build_gotestsum
# collect all directories that contain tests
@echo "Building tests for devices ..."
@rm -rf $(BIN_DIR)/tests && mkdir -p $(BIN_DIR)/tests
@cat resource/dev_test.sh > $(BIN_DIR)/tests/run_all_tests
@for test in $(TEST_DIRS); do \
test_pkg_name=$$(echo $$test | sed 's/^.\///g'); \
test_pkg_full_name=$(KVM_PKG_NAME)/$$(echo $$test | sed 's/^.\///g'); \
test_filename=$$(echo $$test_pkg_name | sed 's/\//__/g')_test; \
$(GO_CMD) test -v \
-ldflags="$(GO_LDFLAGS) -X $(KVM_PKG_NAME).builtAppVersion=$(VERSION_DEV)" \
$(GO_BUILD_ARGS) \
-c -o $(BIN_DIR)/tests/$$test_filename $$test; \
echo "runTest ./$$test_filename $$test_pkg_full_name" >> $(BIN_DIR)/tests/run_all_tests; \
done; \
chmod +x $(BIN_DIR)/tests/run_all_tests; \
cp $(BIN_DIR)/test2json $(BIN_DIR)/tests/ && chmod +x $(BIN_DIR)/tests/test2json; \
cp $(BIN_DIR)/gotestsum $(BIN_DIR)/tests/ && chmod +x $(BIN_DIR)/tests/gotestsum; \
tar czfv device-tests.tar.gz -C $(BIN_DIR)/tests .
frontend:
@if [ "$(SKIP_UI_BUILD)" = "1" ] && [ -f "static/index.html" ]; then \
echo "Skipping frontend build..."; \
else \
cd ui && npm ci && npm run build:device && \
find ../static/ -type f \
\( -name '*.js' \
-o -name '*.css' \
-o -name '*.html' \
-o -name '*.ico' \
-o -name '*.png' \
-o -name '*.jpg' \
-o -name '*.jpeg' \
-o -name '*.gif' \
-o -name '*.svg' \
-o -name '*.webp' \
-o -name '*.woff2' \
\) -exec sh -c 'gzip -9 -kfv {}' \; ;\
fi
git_check_dev:
@if [ "$$(git rev-parse --abbrev-ref HEAD)" != "dev" ]; then \
echo "Error: Must be on 'dev' branch"; exit 1; \
fi
@if [ -n "$$(git status --porcelain)" ]; then \
echo "Error: Working tree is dirty. Commit or stash changes."; exit 1; \
fi
@git fetch origin dev
@if [ "$$(git rev-parse HEAD)" != "$$(git rev-parse origin/dev)" ]; then \
echo "Error: Local dev is not up-to-date with origin/dev"; exit 1; \
fi
@command -v gh >/dev/null 2>&1 || { echo "Error: gh CLI not installed"; exit 1; }
@gh auth status >/dev/null 2>&1 || { echo "Error: gh CLI not authenticated. Run 'gh auth login'"; exit 1; }
dev_release: git_check_dev check_r2
@if [ -z "$(DEVICE_IP)" ]; then \
echo "Error: DEVICE_IP is required"; \
echo "Usage: make dev_release DEVICE_IP=<ip>"; \
exit 1; \
fi
@echo "═══════════════════════════════════════════════════════"
@echo " DEV Release"
@echo "═══════════════════════════════════════════════════════"
@echo " Version: $(VERSION_DEV)"
@echo " Tag: release/$(VERSION_DEV)"
@echo " Branch: $$(git rev-parse --abbrev-ref HEAD)"
@echo " Commit: $$(git rev-parse --short HEAD)"
@echo " Time: $$(date -u +%FT%T%z)"
@echo " Signing: disabled for dev releases"
@echo "═══════════════════════════════════════════════════════"
@read -p "Proceed? [y/N] " confirm && [ "$$confirm" = "y" ] || exit 1
$(MAKE) check frontend
$(MAKE) build_dev VERSION_DEV=0.0.1-test-baseline SKIP_UI_BUILD=1
mv bin/jetkvm_app bin/jetkvm_app_baseline
$(MAKE) build_dev VERSION_DEV=$(VERSION_DEV) SKIP_UI_BUILD=1
@echo "Running mandatory dev release validation..."
cd ui && npm ci && npx playwright install --with-deps chromium && cd ..
./scripts/test_core_e2e.sh "$(DEVICE_IP)" "bin/jetkvm_app"
./scripts/test_prerelease_unsigned_ota.sh "$(DEVICE_IP)" \
"bin/jetkvm_app_baseline" \
"bin/jetkvm_app" \
"$(VERSION_DEV)"
@echo "───────────────────────────────────────────────────────"
@echo " All tests completed. Everything is tested and ready for release."
@echo " Version: $(VERSION_DEV)"
@read -p "Are you sure you want to continue? [y/N] " final_confirm && [ "$$final_confirm" = "y" ] || exit 1
@echo "Uploading device app to R2..."
@shasum -a 256 bin/jetkvm_app | cut -d ' ' -f 1 > bin/jetkvm_app.sha256
rclone copyto bin/jetkvm_app r2://jetkvm-update/app/$(VERSION_DEV)/jetkvm_app
rclone copyto bin/jetkvm_app.sha256 r2://jetkvm-update/app/$(VERSION_DEV)/jetkvm_app.sha256
./scripts/deploy_cloud_app.sh -v $(VERSION_DEV) --skip-confirmation
@git tag release/$(VERSION_DEV)
@git push origin release/$(VERSION_DEV)
gh release create release/$(VERSION_DEV) bin/jetkvm_app bin/jetkvm_app.sha256 --prerelease --generate-notes
@echo "✓ Released: release/$(VERSION_DEV)"
# NOTE: VERSION is passed explicitly for consistency with build_dev (see comment above).
# While VERSION is static, passing it explicitly ensures the pattern is consistent
# and prevents issues if VERSION ever becomes dynamic.
build_release:
@if [ ! -d "$(BUILDKIT_PATH)" ]; then \
echo "Toolchain not found, running build_release in Docker..."; \
rm -rf internal/native/cgo/build; \
docker run --rm -v "$$(pwd):/build" \
$(DOCKER_BUILD_TAG) make _build_release_inner VERSION=$(VERSION); \
else \
$(MAKE) _build_release_inner VERSION=$(VERSION); \
fi
_build_release_inner: build_native
@echo "Building release..."
$(GO_CMD) build \
-ldflags="$(GO_LDFLAGS) -X $(KVM_PKG_NAME).builtAppVersion=$(VERSION)" \
$(GO_RELEASE_BUILD_ARGS) \
-o bin/jetkvm_app cmd/main.go
release: git_check_dev check_r2
@if [ -z "$(SIGNING_KEY_FPR)" ]; then \
echo "Error: SIGNING_KEY_FPR is required for releases"; \
echo "Usage: make release DEVICE_IP=<ip> SIGNING_KEY_FPR=<fingerprint>"; \
exit 1; \
fi
@if [ -z "$(DEVICE_IP)" ]; then \
echo "Error: DEVICE_IP is required"; \
echo "Usage: make release DEVICE_IP=<ip> SIGNING_KEY_FPR=<fingerprint>"; \
exit 1; \
fi
$(MAKE) check_signing_key SIGNING_KEY_FPR=$(SIGNING_KEY_FPR)
@if rclone lsf r2://jetkvm-update/app/$(VERSION)/ 2>/dev/null | grep -q "jetkvm_app"; then \
echo "Error: Version $(VERSION) already exists in R2"; exit 1; \
fi
@latest_dev=$$(curl -s "https://api.jetkvm.com/releases?deviceId=123&prerelease=true" | jq -r '.appVersion // ""'); \
if ! echo "$$latest_dev" | grep -q "^$(VERSION)-dev"; then \
echo ""; \
echo "⚠️ Warning: No dev release found for $(VERSION)"; \
echo " Latest pre-release: $$latest_dev"; \
echo ""; \
read -p "Release production without prior dev release? [y/N] " confirm && [ "$$confirm" = "y" ] || exit 1; \
fi
@echo "═══════════════════════════════════════════════════════"
@echo " PRODUCTION Release"
@echo "═══════════════════════════════════════════════════════"
@echo " Version: $(VERSION)"
@echo " Tag: release/$(VERSION)"
@echo " Branch: $$(git rev-parse --abbrev-ref HEAD)"
@echo " Commit: $$(git rev-parse --short HEAD)"
@echo " Time: $$(date -u +%FT%T%z)"
@echo " Signing: $(SIGNING_KEY_FPR)"
@echo "═══════════════════════════════════════════════════════"
@read -p "Proceed with PRODUCTION release? [y/N] " confirm && [ "$$confirm" = "y" ] || exit 1
@echo "Running mandatory production validation..."
$(MAKE) test_production_release DEVICE_IP=$(DEVICE_IP) SIGNING_KEY_FPR=$(SIGNING_KEY_FPR)
@echo "───────────────────────────────────────────────────────"
@echo " All tests completed. Everything is tested and ready for release."
@echo " Version: $(VERSION)"
@read -p "Are you sure you want to continue? [y/N] " final_confirm && [ "$$final_confirm" = "y" ] || exit 1
@echo "Uploading device app to R2..."
@shasum -a 256 bin/jetkvm_app | cut -d ' ' -f 1 > bin/jetkvm_app.sha256
rclone copyto bin/jetkvm_app r2://jetkvm-update/app/$(VERSION)/jetkvm_app
rclone copyto bin/jetkvm_app.sha256 r2://jetkvm-update/app/$(VERSION)/jetkvm_app.sha256
rclone copyto bin/jetkvm_app.sig r2://jetkvm-update/app/$(VERSION)/jetkvm_app.sig
./scripts/deploy_cloud_app.sh -v $(VERSION) --set-as-default --skip-confirmation
@git tag release/$(VERSION)
@git push origin release/$(VERSION)
prev_prod=$$(gh release list --exclude-drafts --exclude-pre-releases --limit 1 --json tagName --jq '.[0].tagName'); \
gh release create release/$(VERSION) bin/jetkvm_app bin/jetkvm_app.sha256 bin/jetkvm_app.sig \
--title "$(VERSION)" \
--generate-notes \
--notes-start-tag "$$prev_prod" \
--draft
@echo ""
@echo "✓ Released: release/$(VERSION)"
@echo ""
@echo "Next: Run 'make bump-version' to prepare for next release cycle"
bump-version:
@next_default=$$(echo $(VERSION) | awk -F. '{print $$1"."$$2"."$$3+1}'); \
echo "Current version: $(VERSION)"; \
read -p "Next version [$$next_default]: " next_ver; \
next_ver=$${next_ver:-$$next_default}; \
if ! echo "$$next_ver" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+$$'; then \
echo "Error: Invalid version '$$next_ver'. Must be semver format (e.g., 1.2.3)"; \
exit 1; \
fi; \
sed -i 's/^VERSION := .*/VERSION := '"$$next_ver"'/' Makefile && \
git add Makefile && \
git commit -m "Bump version to $$next_ver" && \
git push && \
echo "✓ Bumped to $$next_ver"