Makefile

######################################
#    Build File for Docker Images    #
######################################

# Repo
####################
REPO_ORG = its-registry.unl.edu/unl-its/docker-ci

# All Dockerfiles
####################
DOCKERFILES := $(shell find ./ -name "Dockerfile")

# Get the latest commit
####################
GIT_COMMIT = $(strip $(shell git rev-parse --short HEAD))

# Docker build arguments
####################
BUILD_ARGS := --build-arg VCS_REF=$(GIT_COMMIT)

.PHONY: all clean test $(DOCKERFILES) static-code-analysis mobile delete_dangling_images security publish utility dotnet

all: php-lint php-unit-test mobile static-code-analysis utility detect-secrets dependency-check xml-lint

# Image Groups
####################
php-lint: php-lint_5.6 php-lint_7.0 php-lint_7.1 php-lint_7.2 php-lint_7.3 php-lint_7.4 php-lint_8.0 php-lint_latest
php-unit-test: php-unit-test_5.6 php-unit-test_7.0 php-unit-test_7.1 php-unit-test_7.2 php-unit-test_7.3 php-unit-test_7.4 php-unit-test_8.0 php-unit-test_latest
mobile: android-build-server
static-code-analysis: static-code-analysis_latest static-code-analysys_php static-code-analysys_python static-code-analysys_android
utility: alpine-ssh-client merge-request-check
dotnet: dotnet_3.1 dotnet_5.0

# PHP Lint Images
####################
php-lint_5.6: php-lint/5.6/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:5.6 -f php-lint/5.6/Dockerfile php-lint

php-lint_7.0: php-lint/7.0/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:7.0 -f php-lint/7.0/Dockerfile php-lint

php-lint_7.1: php-lint/7.1/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:7.1 -f php-lint/7.1/Dockerfile php-lint

php-lint_7.2: php-lint/7.2/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:7.2 -f php-lint/7.2/Dockerfile php-lint

php-lint_7.3: php-lint/7.3/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:7.3 -f php-lint/7.3/Dockerfile php-lint

php-lint_7.4: php-lint/7.4/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:7.4 -f php-lint/7.4/Dockerfile php-lint

php-lint_8.0: php-lint/8.0/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:8.0 -f php-lint/8.0/Dockerfile php-lint

php-lint_8.1: php-lint/8.1/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-lint:8.1 -f php-lint/8.1/Dockerfile php-lint

php-lint_latest: php-lint_8.1
	docker tag  ${REPO_ORG}/php-lint:8.1 ${REPO_ORG}/php-lint:latest

# PHP Unit Test Images
####################
php-unit-test_5.6: php-unit-test/5.6/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:5.6 -f php-unit-test/5.6/Dockerfile php-unit-test

php-unit-test_7.0: php-unit-test/7.0/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:7.0 -f php-unit-test/7.0/Dockerfile php-unit-test

php-unit-test_7.1: php-unit-test/7.1/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:7.1 -f php-unit-test/7.1/Dockerfile php-unit-test

php-unit-test_7.2: php-unit-test/7.2/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:7.2 -f php-unit-test/7.2/Dockerfile php-unit-test

php-unit-test_7.3: php-unit-test/7.3/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:7.3 -f php-unit-test/7.3/Dockerfile php-unit-test

php-unit-test_7.4: php-unit-test/7.4/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:7.4 -f php-unit-test/7.4/Dockerfile php-unit-test

php-unit-test_8.0: php-unit-test/8.0/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:8.0 -f php-unit-test/8.0/Dockerfile php-unit-test

php-unit-test_8.1: php-unit-test/8.1/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/php-unit-test:8.1 -f php-unit-test/8.1/Dockerfile php-unit-test

php-unit-test_latest: php-unit-test_8.1
	docker tag ${REPO_ORG}/php-unit-test:8.1 ${REPO_ORG}/php-unit-test:latest

# Mobile Applications
####################
android-build-server: android-build-server/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/android-build-server:latest android-build-server

# Sonarqube static-code-analysis
# #####################
static-code-analysis_latest: static-code-analysis/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/static-code-analysis:latest static-code-analysis/

static-code-analysys_php: static-code-analysis/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/static-code-analysis:php static-code-analysis/

static-code-analysys_python: static-code-analysis/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/static-code-analysis:python static-code-analysis/

static-code-analysys_android: android-build-server static-code-analysis/android/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/static-code-analysis:android static-code-analysis/android/

# XML Lint Images
####################
xml-lint: xml-lint/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/xml-lint:latest xml-lint/

# Utility Images
####################
alpine-ssh-client: alpine-ssh-client/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/alpine-ssh-client:latest alpine-ssh-client/

merge-request-check: merge-request-check/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/merge-request-check:latest merge-request-check/

test: $(DOCKERFILES)
$(DOCKERFILES):
	@echo "Linting and validating $(@D)..."
	@docker run --rm -i nimmis/label-inspector lint < $(@D)/Dockerfile
	@docker run --rm -i nimmis/label-inspector validate < $(@D)/Dockerfile


# detect-secrets
# ##############
detect-secrets: detect-secrets/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/detect-secrets detect-secrets/


# dependency-check
# ################
dependency-check: dependency-check/Dockerfile
	 docker build $(BUILD_ARGS) -t ${REPO_ORG}/dependency-check dependency-check/

# dotnet Images
####################
dotnet_3.1: dotnet-build-server/3.1/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/dotnet-build-server:3.1 -f dotnet-build-server/3.1/Dockerfile dotnet-build-server/3.1/

dotnet_5.0: dotnet-build-server/5.0/Dockerfile
	docker build $(BUILD_ARGS) -t ${REPO_ORG}/dotnet-build-server:5.0 -f dotnet-build-server/5.0/Dockerfile dotnet-build-server/5.0/


#IMAGES_TO_SCAN = $(shell docker images --format '{{.Repository}}:{{.Tag}}' | grep unl-its )
#security:
#	@docker login -u ${TENABLE_IO_ACCESS_KEY} -p ${TENABLE_IO_SECRET_KEY} registry.cloud.tenable.com
#	@for image in $(IMAGES_TO_SCAN); do \
#		docker tag $$image registry.cloud.tenable.com/`echo $$image | cut -d "/" -f 2`; \
#		docker push registry.cloud.tenable.com/`echo $$image | cut -d "/" -f 2`; \
#	done

IMAGES_TO_PUBLISH = $(shell docker images --format '{{.Repository}}:{{.Tag}}' --filter 'dangling=false' --filter=reference='$(REPO_ORG)/$(IMG_NAME)*' | grep -v ':<none>$$')
publish:
	@for image in $(IMAGES_TO_PUBLISH); do \
		docker push $$image; \
	done

#Update README.md based on the template ._README.md
TOOLSET = `make all --dry-run | grep 'docker build' | cut -d ' ' -f 6 | sort -u | awk '{print "- " $$0}'`
README_HEAD = `cat ./_README.md | sed -e '/%CONTAINERS_LIST%/Q'`
README_TAIL = `cat ./_README.md | sed -e '1,/%CONTAINERS_LIST%/d'`
README_FOOTER = `echo "\n\r_Last update: \`date\`_\n"`
update_readme:
	@echo -e "$(README_HEAD)  \n\n$(TOOLSET) \n $(README_TAIL) \n$(README_FOOTER)" > README.md
	@git add README.md

delete_dangling_images:
	@echo "Removing dangling images"
	@docker image prune -f
help:
	@echo -e "make [all] \n\t # Creates all the images"
	@echo -e "make <TARGET> \n\t # Creates an specific image"
	@echo -e "make publish \n\t # Push the images to the UNL registry"
	@echo -e "make update_readme \n\t Update the README.md file"
#	@echo -e "make security \n\t # Send the images to Tenable. Use env variables TENABLE_IO_ACCESS_KEY and TENABLE_IO_SECRET_KEY"

debug:
	@echo -e "DOCKERFILES: \t $(DOCKERFILES)"
#	@echo -e "IMAGES_TO_SCAN:\t $(IMAGES_TO_SCAN)"
	@echo -e "IMAGES_TO_PUBLISH:\t $(IMAGES_TO_PUBLISH)"