diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-10 17:49:29 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-10 17:49:29 -0600 |
| commit | ef572ae666732e87a35417710669ce88233a754a (patch) | |
| tree | 3cc32004dee9600014417d404dbe01ac0e1faca9 /Makefile | |
| parent | 8417a15087cc6f42c77fe070011ac2207f8d852d (diff) | |
| parent | 6721aaffa33894624c87a54f4ed10eccd3c080e5 (diff) | |
Merge branch 'entities' into 'main'
Use a static ACL file(s) to make authorization decisions
See merge request gitlab-org/software-supply-chain-security/authorization/authzd!6
Diffstat (limited to 'Makefile')
| -rw-r--r-- | Makefile | 45 |
1 files changed, 36 insertions, 9 deletions
@@ -1,19 +1,30 @@ -PROJECT_NAME := $(shell basename $(shell pwd))# {{{}}} +AUTHZD_BIN := bin/authzd +CLI_BIN := bin/cli GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/\//_/g') +PROJECT_NAME := $(shell basename $(shell pwd)) IMAGE_TAG := $(PROJECT_NAME):$(GIT_BRANCH) .PHONY: build check test run clean fmt lint doc vendor -.PHONY: build-image run-image health-check list-services test-image +.PHONY: build-image run-image +.PHONY: health-check list-services +.PHONY: staging-entities production-entities setup: mise install mise exec go -- go install github.com/xlgmokha/minit@latest - mise exec rust -- rustup component add clippy rustfmt + mise exec rust -- rustup component add clippy rustfmt rust-analyzer mise exec rust -- cargo install --locked cedar-policy-cli +$(AUTHZD_BIN): $(shell find src -name "*.rs" 2>/dev/null) Cargo.toml + @cargo build --bin authzd --offline + @cp target/debug/authzd bin/authzd + +$(CLI_BIN): $(shell find src -name "*.rs" 2>/dev/null) Cargo.toml + @cargo build --bin cli --offline + @cp target/debug/cli bin/cli + # Cargo targets -build: - @cargo build --offline +build: $(AUTHZD_BIN) $(CLI_BIN) check: @cargo check @@ -22,20 +33,20 @@ test: @cargo test run: build - @cp target/debug/authzd bin/authzd @minit clean: + @rm -f $(AUTHZD_BIN) $(CLI_BIN) @cargo clean fmt: @cargo fmt - @cedar format --policies etc/authzd/policy0.cedar --write + @for policy in etc/authzd/*.cedar; do cedar format --policies $$policy --write; done lint: @cargo clippy - @cedar check-parse --policies etc/authzd/policy0.cedar - @cedar format --policies etc/authzd/policy0.cedar --check + @for policy in etc/authzd/*.cedar; do cedar check-parse --policies $$policy; done + @for policy in etc/authzd/*.cedar; do cedar format --policies $$policy --check; done doc: @cargo doc --open @@ -56,3 +67,19 @@ health-check: list-services: @grpcurl -plaintext localhost:20000 list + +# entities targets +check-gitlab-token: + @if [ -z "$$GITLAB_TOKEN" ]; then \ + echo "Error: GITLAB_TOKEN environment variable is required"; \ + echo "Set it with: export GITLAB_TOKEN=your_token"; \ + exit 1; \ + fi + +staging-entities: $(CLI_BIN) check-gitlab-token + @$(CLI_BIN) generate --host https://staging.gitlab.com --project authorization/sparkle/team --output etc/authzd/staging.gitlab.com/authorization/sparkle/team/entities.json + +production-entities: $(CLI_BIN) check-gitlab-token + @$(CLI_BIN) generate --project gitlab-org/gitlab --output etc/authzd/gitlab.com/gitlab-org/gitlab/entities.json + @$(CLI_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/authzd --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/entities.json + @$(CLI_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/sparkled --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/entities.json |