-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgovulncheck.mk
More file actions
105 lines (86 loc) · 4.17 KB
/
govulncheck.mk
File metadata and controls
105 lines (86 loc) · 4.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
SHELL := /bin/bash -euo pipefail
define GOVULNCHECK_HELP
REQUIREMENTS:
- govulncheck : `govulncheck` command must be available.
- go : `go` command must be available for `govulncheck-install`.
TARGETS:
- govulncheck-help : show help message.
- govulncheck-install : install govulncheck using `go install`.
- govulncheck : run govulncheck command with given args.
- govulncheck-run : run vulnerability check.
VARIABLES [default value]:
- GO_CMD : go command used in govulncheck-install. [go]
- GOVULNCHECK_CMD : govulncheck command. [$$(GOBIN)govulncheck]
- GOVULNCHECK_VERSION : govulncheck version to install. [latest]
- GOVULNCHECK_TARGET : target of vulnerability check. [./...]
- GOVULNCHECK_OPTION : govulncheck command line option. []
REFERENCES:
- https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
- https://go.dev/doc/tutorial/govulncheck
IDE INTEGRATIONS:
- none
PROJECT STRUCTURE:
/ |-- Go Project
├─ _scripts/ |-- Git submodule
│ └─ makefiles/ |
│ └─ govulncheck.mk |
├─ Makefile |-- include _scripts/makefiles/govulncheck.mk
├─ go.mod |
└─ go.sum |
endef
.PHONY: govulncheck-help
govulncheck-help:
$(info $(GOVULNCHECK_HELP))
@echo ""
#├─────────────────────────────────────────────────────────────────────────────┤
GO_CMD ?= go
GOVULNCHECK_CMD ?= $(GOBIN)govulncheck
GOVULNCHECK_VERSION ?= latest
GOVULNCHECK_TARGET ?= ./...
GOVULNCHECK_OPTION ?=
#├─────────────────────────────────────────────────────────────────────────────┤
.PHONY: govulncheck-install-usage
govulncheck-install-usage:
# Usage : make govulncheck-install ARGS=""
# Exec : $$(GO_CMD) install $$(ARGS) "golang.org/x/vuln/cmd/govulncheck@$$(GOVULNCHECK_VERSION)"
# Desc : Install govulncheck using `go install`.
# Examples:
# - make govulncheck-install
# - make govulncheck-install ARGS="-tags netgo"
# - make govulncheck-install GOVULNCHECK_VERSION="main"
.PHONY: govulncheck-install
govulncheck-install:
ifeq ("govulncheck-install","$(MAKECMDGOALS)")
$(GO_CMD) install $(ARGS) "golang.org/x/vuln/cmd/govulncheck@$(GOVULNCHECK_VERSION)"
$(GO_CMD) mod tidy
else
ifeq (,$(shell which $(GOVULNCHECK_CMD) 2>/dev/null))
$(GO_CMD) install $(ARGS) "golang.org/x/vuln/cmd/govulncheck@$(GOVULNCHECK_VERSION)"
$(GO_CMD) mod tidy
endif
endif
#├─────────────────────────────────────────────────────────────────────────────┤
.PHONY: govulncheck-usage
govulncheck-usage:
# Usage : make govulncheck ARGS=""
# Exec : $$(GOVULNCHECK_CMD) $$(ARGS)
# Desc : Run govulcheck with given arguments.
# Examples:
# - make govulncheck ARGS="-version"
# - make govulncheck ARGS="-help"
.PHONY: govulncheck
govulncheck: govulncheck-install
$(GOVULNCHECK_CMD) $(ARGS)
#├─────────────────────────────────────────────────────────────────────────────┤
.PHONY: govulncheck-run-usage
govulncheck-run-usage:
# Usage : make govulncheck-run ARGS=""
# Exec : $$(GOVULNCHECK_CMD) $$(ARGS) $$(GOVULNCHECK_OPTION) $$(GOVULNCHECK_TARGET)
# Desc : Run govulncheck for the specified targets.
# Examples:
# - make govulncheck-run
# - make govulncheck-run ARGS=""
.PHONY: govulncheck-run
govulncheck-run: govulncheck-install
$(GOVULNCHECK_CMD) $(ARGS) $(GOVULNCHECK_OPTION) $(GOVULNCHECK_TARGET)
#├─────────────────────────────────────────────────────────────────────────────┤