101 lines
2.4 KiB
Makefile
101 lines
2.4 KiB
Makefile
include $(PWD)/src/toolchain/Makefile
|
|
|
|
BACKEND_TF := $(wildcard infra/backend/*.tf)
|
|
ENVIRONMENT := production
|
|
REGION := sfo3
|
|
ROOT_DIR := $(shell pwd)
|
|
TERRAFORM := $(ROOT_DIR)/out/terraform
|
|
KEYS := \
|
|
6B61ECD76088748C70590D55E90A401336C8AAA9 \
|
|
88823A75ECAA786B0FF38B148E401478A3FBEF72 \
|
|
3D7C8D39E8C4DF771583D3F0A8A091FD346001CA
|
|
|
|
.DEFAULT_GOAL :=
|
|
.PHONY: default
|
|
default: \
|
|
toolchain \
|
|
$(patsubst %,$(KEY_DIR)/%.asc,$(KEYS)) \
|
|
$(OUT_DIR)/website/.well-known/openpgpkey \
|
|
apply
|
|
|
|
.PHONY:
|
|
clean:
|
|
rm -rf $(CACHE_DIR)
|
|
|
|
.PHONY:
|
|
credentials: \
|
|
$(CACHE_DIR)/secrets/credentials.tfvars
|
|
|
|
$(KEY_DIR)/%.asc:
|
|
$(call fetch_pgp_key,$(basename $(notdir $@)))
|
|
|
|
$(OUT_DIR)/website/.well-known/openpgpkey:
|
|
$(call toolchain," \
|
|
sq wkd \
|
|
generate $(OUT_DIR)/website distrust.co \
|
|
<(cat $(patsubst %,$(KEY_DIR)/%.asc,$(KEYS))) \
|
|
")
|
|
|
|
infra/backend/.terraform: \
|
|
$(OUT_DIR)/terraform \
|
|
$(BACKEND_TF)
|
|
env -C infra/backend $(TERRAFORM) init
|
|
|
|
infra/main/.terraform: \
|
|
$(OUT_DIR)/terraform \
|
|
$(BACKEND_TF)
|
|
env -C infra/main $(TERRAFORM) init \
|
|
-backend-config="../../config/$(ENVIRONMENT).tfbackend"
|
|
|
|
infra/backend/$(ENVIRONMENT).tfstate: \
|
|
$(CACHE_DIR)/secrets/credentials.tfvars \
|
|
$(OUT_DIR)/terraform \
|
|
infra/backend/.terraform
|
|
env -C infra/backend $(TERRAFORM) apply \
|
|
-var environment=$(ENVIRONMENT) \
|
|
-var namespace=$(ENVIRONMENT) \
|
|
-var region=$(REGION) \
|
|
-state ../../$@ \
|
|
-var-file ../../$<
|
|
|
|
config/$(ENVIRONMENT).tfbackend: \
|
|
infra/backend/$(ENVIRONMENT).tfstate \
|
|
$(OUT_DIR)/terraform
|
|
env -C infra/backend $(TERRAFORM) \
|
|
output -state ../../$< \
|
|
> $@
|
|
|
|
.PHONY:
|
|
apply: \
|
|
$(CACHE_DIR)/secrets/credentials.tfvars \
|
|
$(OUT_DIR)/terraform \
|
|
infra/main/.terraform
|
|
env -C infra/main $(TERRAFORM) apply \
|
|
-var environment=$(ENVIRONMENT) \
|
|
-var namespace=$(ENVIRONMENT) \
|
|
-var region=$(REGION) \
|
|
-var-file ../../$<
|
|
|
|
$(CACHE_DIR)/secrets:
|
|
mkdir -p $@
|
|
|
|
$(CACHE_DIR)/secrets/%.tfvars: secrets/%.tfvars.gpg $(CACHE_DIR)/secrets
|
|
gpg --decrypt $< > $@
|
|
|
|
$(FETCH_DIR)/terraform:
|
|
$(call git_clone,$@,$(TERRAFORM_REPO),$(TERRAFORM_REF))
|
|
|
|
$(OUT_DIR)/terraform: $(FETCH_DIR)/terraform
|
|
$(call toolchain," \
|
|
cd $(FETCH_DIR)/terraform && \
|
|
export SSL_CERT_DIR=/etc/ssl/certs && \
|
|
export CGO_ENABLED=0 && \
|
|
export GOCACHE=/home/build/$(CACHE_DIR) && \
|
|
export GOPATH=/home/build/$(CACHE_DIR) && \
|
|
go build \
|
|
-v \
|
|
-trimpath \
|
|
-ldflags='-w -extldflags=-static' \
|
|
-o /home/build/$@ \
|
|
")
|