-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathMakefile
188 lines (147 loc) · 6.24 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
SHELL = /bin/bash
.SHELLFLAGS = -o pipefail -c
guard-%:
@ if [ "${${*}}" = "" ]; then \
echo "Environment variable $* not set"; \
exit 1; \
fi
.PHONY: install build test publish release clean
install: install-python install-hooks install-node
install-node:
npm ci
install-python:
poetry install
install-hooks: install-python
poetry run pre-commit install --install-hooks --overwrite
sam-build: sam-validate compile download-get-secrets-layer
sam build --template-file SAMtemplates/main_template.yaml --region eu-west-2
sam-build-sandbox: sam-validate-sandbox compile download-get-secrets-layer
sam build --template-file SAMtemplates/sandbox_template.yaml --region eu-west-2
sam-run-local: sam-build
sam local start-api
sam-sync: guard-AWS_DEFAULT_PROFILE guard-stack_name compile download-get-secrets-layer
sam sync \
--stack-name $$stack_name \
--watch \
--template-file SAMtemplates/main_template.yaml \
--parameter-overrides \
EnableSplunk=false
sam-sync-sandbox: guard-stack_name compile download-get-secrets-layer
sam sync \
--stack-name $$stack_name-sandbox \
--watch \
--template-file SAMtemplates/sandbox_template.yaml \
--parameter-overrides \
EnableSplunk=false
sam-deploy: guard-AWS_DEFAULT_PROFILE guard-stack_name
sam deploy \
--stack-name $$stack_name \
--parameter-overrides \
EnableSplunk=false
sam-delete: guard-AWS_DEFAULT_PROFILE guard-stack_name
sam delete --stack-name $$stack_name
sam-list-endpoints: guard-AWS_DEFAULT_PROFILE guard-stack_name
sam list endpoints --stack-name $$stack_name
sam-list-resources: guard-AWS_DEFAULT_PROFILE guard-stack_name
sam list resources --stack-name $$stack_name
sam-list-outputs: guard-AWS_DEFAULT_PROFILE guard-stack_name
sam list stack-outputs --stack-name $$stack_name
sam-validate:
sam validate --template-file SAMtemplates/main_template.yaml --region eu-west-2
sam validate --template-file SAMtemplates/functions/main.yaml --region eu-west-2
sam validate --template-file SAMtemplates/functions/lambda_resources.yaml --region eu-west-2
sam-validate-sandbox:
sam validate --template-file SAMtemplates/sandbox_template.yaml --region eu-west-2
sam-deploy-package: guard-artifact_bucket guard-artifact_bucket_prefix guard-stack_name guard-template_file guard-cloud_formation_execution_role guard-LATEST_TRUSTSTORE_VERSION guard-enable_mutual_tls guard-VERSION_NUMBER guard-COMMIT_ID guard-LOG_LEVEL guard-LOG_RETENTION_DAYS guard-TARGET_ENVIRONMENT
sam deploy \
--template-file $$template_file \
--stack-name $$stack_name \
--capabilities CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND \
--region eu-west-2 \
--s3-bucket $$artifact_bucket \
--s3-prefix $$artifact_bucket_prefix \
--config-file samconfig_package_and_deploy.toml \
--no-fail-on-empty-changeset \
--role-arn $$cloud_formation_execution_role \
--no-confirm-changeset \
--force-upload \
--tags "version=$$VERSION_NUMBER" \
--parameter-overrides \
TruststoreVersion=$$LATEST_TRUSTSTORE_VERSION \
EnableMutualTLS=$$enable_mutual_tls \
TargetSpineServer=$$target_spine_server \
EnableSplunk=true \
VersionNumber=$$VERSION_NUMBER \
CommitId=$$COMMIT_ID \
LogLevel=$$LOG_LEVEL \
LogRetentionInDays=$$LOG_RETENTION_DAYS \
Env=$$TARGET_ENVIRONMENT
compile: compile-node compile-packages compile-specification
compile-node:
npx tsc --build tsconfig.build.json
compile-packages:
npm run compile --workspace packages/prescriptionSearch
compile-specification:
npm run resolve --workspace packages/specification
download-get-secrets-layer:
mkdir -p packages/getSecretLayer/lib
curl -LJ https://github.com/NHSDigital/electronic-prescription-service-get-secrets/releases/download/$$(curl -s "https://api.github.com/repos/NHSDigital/electronic-prescription-service-get-secrets/releases/latest" | jq -r .tag_name)/get-secrets-layer.zip -o packages/getSecretLayer/lib/get-secrets-layer.zip
sbom:
mkdir -p ~/git_actions
git -C ~/git_actions/eps-actions-sbom/ pull || git clone https://github.com/NHSDigital/eps-action-sbom.git ~/git_actions/eps-actions-sbom/
docker build -t eps-sbom -f ~/git_actions/eps-actions-sbom/Dockerfile ~/git_actions/eps-actions-sbom/
docker run -it --rm -v $${LOCAL_WORKSPACE_FOLDER:-.}:/github/workspace eps-sbom
lint: lint-node lint-samtemplates lint-python lint-githubactions lint-githubaction-scripts lint-specification
lint-node: compile
npm run lint --workspace packages/clinicalView
npm run lint --workspace packages/prescriptionSearch
npm run lint --workspace packages/sandbox
npm run lint --workspace packages/statusLambda
npm run lint --workspace packages/common/testing
lint-samtemplates:
poetry run cfn-lint -I "SAMtemplates/**/*.y*ml" 2>&1 | awk '/Run scan/ { print } /^[EW][0-9]/ { print; getline; print }'
lint-python:
# poetry run flake8 scripts/*.py --config .flake8
lint-githubactions:
actionlint
lint-githubaction-scripts:
shellcheck .github/scripts/*.sh
lint-specification: compile-specification
npm run lint --workspace packages/specification
test: compile
npm run test --workspace packages/prescriptionSearch
npm run test --workspace packages/sandbox
npm run test --workspace packages/statusLambda
npm run test --workspace packages/clinicalView
clean:
rm -rf packages/clinicalView/coverage
rm -rf packages/common/testing/coverage
rm -rf packages/prescriptionSearch/coverage
rm -rf packages/sandbox/coverage
rm -rf packages/specification/coverage
rm -rf packages/statusLambda/coverage
rm -rf packages/clinicalView/lib
rm -rf packages/common/testing/lib
rm -rf packages/prescriptionSearch/lib
rm -rf packages/sandbox/lib
rm -rf packages/specification/lib
rm -rf packages/statusLambda/lib
rm -rf .aws-sam
deep-clean: clean
rm -rf .venv
find . -name 'node_modules' -type d -prune -exec rm -rf '{}' +
check-licenses: check-licenses-node check-licenses-python
check-licenses-node:
npm run check-licenses
npm run check-licenses --workspace packages/prescriptionSearch
npm run check-licenses --workspace packages/sandbox
npm run check-licenses --workspace packages/statusLambda
npm run check-licenses --workspace packages/clinicalView
check-licenses-python:
scripts/check_python_licenses.sh
aws-configure:
aws configure sso --region eu-west-2
aws-login:
aws sso login --sso-session sso-session
cfn-guard:
./scripts/run_cfn_guard.sh