build: ensure the justfile could fully replace the makefile.

2025-03-28 20:13:00 +01:00 · 2025-03-28 20:13:00 +01:00 · 8e2a7e8068
commit 8e2a7e8068
parent fbb71fb47b
3 changed files with 163 additions and 29 deletions
--- a/176
+++ b/176
@ -17,12 +17,49 @@
 #   just available
 #   just clean

-base_dir := home_dir() / ".libvirt/base"
+# Admin username
+username := "user"
+
+# Default admin password
+password := "user"
+
+# Disk size of the VM to build
+disk_size := "40G"
+
+# Virtual machine CPU
+vcpus := "6"
+
+# Virtual machine RAM
+ram := "4096"
+
+# Path to the ssh key
+ssh_keyname := "id_ed25519"
+ssh_privatekey := home_dir() / ".ssh/" + ssh_keyname
+ssh_publickey := ssh_privatekey + ".pub" 
+
+# Where the VM are stored
 vm := home_dir() / ".vm"
-output := base_dir / "packer"
-prefix := "aa-"
+
+# Where the VM images are stored
+base_dir := home_dir() / ".libvirt/base"
+
+# Where the packer temporary output is stored
+output_dir := base_dir / "packer"
+
+# SSH options
+sshopt := "-i " + ssh_privatekey + " -o IdentitiesOnly=yes -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
+
+# Libvirt connection address
 c := "--connect=qemu:///system"
-sshopt := "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
+
+# VM prefix
+prefix := "aa-"
+
+# Build setings
+destdir := "/"
+build := ".build"
+pkgdest := `pwd` / ".pkg/dist"
+pkgname := "apparmor.d"

 [doc('Show this help message')]
 default:
@ -30,6 +67,100 @@ default:
 	@just --list --unsorted
 	@echo -e "\nSee https://apparmor.pujol.io/development/vm/ for more information."

+[doc('Build the go programs')]
+build:
+	@go build -o {{build}}/ ./cmd/aa-log
+	@go build -o {{build}}/ ./cmd/prebuild
+
+[doc('Prebuild the profiles in enforced mode')]
+enforce: build
+	@./{{build}}/prebuild
+
+[doc('Prebuild the profiles in complain mode')]
+complain: build
+	@./{{build}}/prebuild --complain
+
+[doc('Prebuild the profiles in FSP mode')]
+fsp: build
+	@./{{build}}/prebuild --complain --full
+
+[doc('Install the profiles')]
+install:
+	#!/usr/bin/env bash
+	set -eu -o pipefail
+	install -Dm0755 {{build}}/aa-log {{destdir}}/usr/bin/aa-log
+	install -Dm0644 systemd/aa-fix.service {{destdir}}/usr/lib/systemd/system/aa-fix.service
+	for file in $(find "{{build}}/share" -type f -not -name "*.md" -printf "%P\n"); do
+		install -Dm0644 "{{build}}/share/$file" "{{destdir}}/usr/share/$file"
+	done
+	for file in $(find "{{build}}/apparmor.d" -type f -printf "%P\n"); do
+		install -Dm0644 "{{build}}/apparmor.d/$file" "{{destdir}}/etc/apparmor.d/$file"
+	done
+	for file in $(find "{{build}}/apparmor.d" -type l -printf "%P\n"); do
+		mkdir -p "{{destdir}}/etc/apparmor.d/disable"
+		cp -d "{{build}}/apparmor.d/$file" "{{destdir}}/etc/apparmor.d/$file"
+	done
+	for file in "{{build}}/systemd/system/"*; do
+		service="$(basename "$file")"
+		install -Dm0644 "$file" "{{destdir}}/usr/lib/systemd/system/$service.d/apparmor.conf"
+	done
+	for file in "{{build}}/systemd/user/"*; do
+		service="$(basename "$file")"
+		install -Dm0644 "$file" "{{destdir}}/usr/lib/systemd/user/$service.d/apparmor.conf"
+	done
+
+[doc('Build & install apparmor.d on Arch based systems')]
+pkg:
+	@makepkg --syncdeps --install --cleanbuild --force --noconfirm
+
+[doc('Build & install apparmor.d on Debian based systems')]
+dpkg:
+	@bash dists/build.sh dpkg
+	@sudo dpkg -i {{pkgdest}}/{{pkgname}}_*.deb
+
+[doc('Build & install apparmor.d on OpenSUSE based systems')]
+rpm:
+	@bash dists/build.sh rpm
+	@sudo rpm -ivh --force  {{pkgdest}}/{{pkgname}}-*.rpm
+
+[doc('Run the unit tests')]
+tests:
+	@go test ./cmd/... -v -cover -coverprofile=coverage.out
+	@go test ./pkg/... -v -cover -coverprofile=coverage.out
+	@go tool cover -func=coverage.out
+
+[doc('Run the linters')]
+lint:
+	golangci-lint run
+	packer fmt tests/packer/
+	packer validate --syntax-only tests/packer/
+	shellcheck --shell=bash \
+		PKGBUILD dists/build.sh dists/docker.sh tests/check.sh \
+		tests/packer/init.sh tests/packer/src/aa-update tests/packer/clean.sh \
+		debian/{{pkgname}}.postinst debian/{{pkgname}}.postrm
+
+[doc('Run style checks on the profiles')]
+check:
+	@bash tests/check.sh
+
+[doc('Generate the man pages')]
+man:
+	@pandoc -t man -s -o share/man/man8/aa-log.8 share/man/man8/aa-log.md
+
+[doc('Build the documentation')]
+docs:
+	@ENABLED_GIT_REVISION_DATE=false MKDOCS_OFFLINE=true mkdocs build --strict
+
+[doc('Serve the documentation')]
+serve:
+	@ENABLED_GIT_REVISION_DATE=false MKDOCS_OFFLINE=false mkdocs serve
+
+[doc('Remove all build artifacts')]
+clean:
+	@rm -rf \
+		debian/.debhelper debian/debhelper* debian/*.debhelper debian/{{pkgname}} \
+		.pkg/{{pkgname}}* {{build}} coverage.out
+
 [doc('Build the apparmor.d package')]
 package dist:
    #!/usr/bin/env bash
@ -37,7 +168,7 @@ package dist:
    dist="{{dist}}"
    [[ $dist =~ ubuntu* ]] && dist=ubuntu
    [[ $dist =~ debian* ]] && dist=debian
-    make package dist=$dist
+    bash dists/docker.sh $dist

 [doc('Build the image')]
 img dist flavor: (package dist)
@ -46,18 +177,24 @@ img dist flavor: (package dist)
 		-var dist={{dist}} \
 		-var flavor={{flavor}} \
 		-var prefix={{prefix}} \
+		-var username={{username}} \
+		-var password={{password}} \
+		-var ssh_publickey={{ssh_publickey}} \
+		-var disk_size={{disk_size}} \
+		-var cpus={{vcpus}} \
+		-var ram={{ram}} \
 		-var base_dir={{base_dir}} \
-		-var output={{output}} \
+		-var output_dir={{output_dir}} \
 		tests/packer/

 [doc('Create the machine')]
-vm dist flavor:
+create dist flavor:
 	@cp -f {{base_dir}}/{{prefix}}{{dist}}-{{flavor}}.qcow2 {{vm}}/{{prefix}}{{dist}}-{{flavor}}.qcow2
-	virt-install {{c}} \
+	@virt-install {{c}} \
 		--import \
 		--name {{prefix}}{{dist}}-{{flavor}} \
-		--vcpus 6 \
-		--ram 4096 \
+		--vcpus {{vcpus}} \
+		--ram {{ram}} \
 		--machine q35 \
 		--boot uefi \
 		--memorybacking source.type=memfd,access.mode=shared \
@ -77,6 +214,10 @@ up dist flavor:
 halt dist flavor:
 	@virsh {{c}} shutdown {{prefix}}{{dist}}-{{flavor}}

+[doc('Reboot the machine')]
+reboot dist flavor:
+	@virsh {{c}} reboot {{prefix}}{{dist}}-{{flavor}}
+
 [doc('Destroy the machine')]
 destroy dist flavor:
 	@virsh {{c}} destroy {{prefix}}{{dist}}-{{flavor}} || true
@ -85,14 +226,14 @@ destroy dist flavor:

 [doc('Connect to the machine')]
 ssh dist flavor:
-	@ssh {{sshopt}} user@`just get_ip {{dist}} {{flavor}}`
+	@ssh {{sshopt}} {{username}}@`just get_ip {{dist}} {{flavor}}`

 [doc('List the machines')]
 list:
-	@echo -e '\033[1m Id   Name                    State\033[0m'
-	@virsh {{c}} list --all | grep {{prefix}}
+	@echo -e '\033[1m Id   Distribution Flavor  State\033[0m'
+	@virsh {{c}} list --all | grep {{prefix}} | sed 's/{{prefix}}//g'

-[doc('List the machine images')]
+[doc('List the images')]
 images:
 	#!/usr/bin/env bash
 	set -eu -o pipefail
@ -133,14 +274,7 @@ integration dist flavor:
 	@ssh {{sshopt}} user@`just get_ip {{dist}} {{flavor}}` \
 		@bats --recursive --timing --print-output-on-failure Projects/integration/

-[doc('Run the linters')]
-lint:
-	@packer fmt tests/packer/
-	@packer validate --syntax-only tests/packer/

-[doc('Remove the machine images')]
-clean:
-	@rm -fv {{base_dir}}/{{prefix}}*.qcow2

 get_ip dist flavor:
 	@virsh --quiet --readonly {{c}} domifaddr {{prefix}}{{dist}}-{{flavor}} | \