Merge pull request #5 from compliance-framework/feature-standard-make

Standardise make and actions

Author: Chris Vermeulen

.github/workflows/test.yml

@@ -14,7 +14,7 @@ jobs:
       - name: Setup OPA
         uses: open-policy-agent/setup-opa@v2
         with:
-          version: latest
+          version: 1.6.0
 
       - name: Run OPA Tests
         run: opa test policies

Makefile

@@ -1,65 +1,39 @@
-# Makefile for building and pushing OPA policies to a registry
-
-# Variables
-REGISTRY_URL := ghcr.io
-NAMESPACE := compliance-framework
-POLICY_NAME := plugin-github-settings-policies
-VERSION := latest
-POLICY_DIR := ./policies # Directory containing your .rego files
-
-# Build and Push Commands
-.PHONY: all build bundle push clean
-
-# Default action
-all: test check build push clean
+# The help target prints out all targets with their descriptions organized
+# beneath their categories. The categories are represented by '##@' and the
+# target descriptions by '##'. The awk commands is responsible for reading the
+# entire set of makefiles included in this invocation, looking for lines of the
+# file as xyz: ## something, and then pretty-format the target and help. Then,
+# if there's a line with ##@ something, that gets pretty-printed as a category.
+# More info on the usage of ANSI catalog characters for terminal formatting:
+# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
+# More info on the awk command:
+# http://linuxcommand.org/lc3_adv_awk.php
 
 # Check if OPA CLI is installed
 OPA := $(shell command -v opa 2> /dev/null)
 ifeq ($(OPA),)
 $(error "opa CLI not found. Please install it: https://www.openpolicyagent.org/docs/latest/cli/")
 endif
 
-# Check if Docker CLI is installed
+##@ Help
+help: ## Display this concise help, ie only the porcelain target
+	@awk 'BEGIN {FS = ":.*##"; printf "\033[1mUsage\033[0m\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-30s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
 
-CONTAINER_CLI := ""
-DOCKER := $(shell command -v docker 2> /dev/null)
-PODMAN := $(shell command -v podman 2> /dev/null)
-ifeq ($(DOCKER),)
-	PODMAN := := $(shell command -v podman 2> /dev/null)
-	ifeq ($(PODMAN),)
-		$(error "either docker or podman CLI is required.")
-	else
-		CONTAINER_CLI = PODMAN
-	endif
-else
-	CONTAINER_CLI = DOCKER
-endif
+help-all: ## Display all help items, ie including plumbing targets
+	@awk 'BEGIN {FS = ":.*#"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?#/ { printf "  \033[36m%-25s\033[0m %s\n", $$1, $$2 } /^#@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
 
-test:
-	@echo "Testing policies..."
+##@ Policies
+test: ## Test policy files
 	@OPA test policies
 
-# Build the policies
-check:
-	@echo "Checking policies..."
+validate: ## Validate policy files
 	@opa check policies
 
+clean: # Cleanup build artifacts
+	@rm -f dist/*
+
 # Bundle the policies into a tarball for OCI registry
-build: clean
-	@echo "Bundling policies..."
+build: clean ## Build the policy bundle
 	@mkdir -p dist/
 	@opa build -b policies -o dist/bundle.tar.gz
 
-# Push the bundled policies to an OCI-compliant registry
-push: build
-	@echo "Pushing bundle to registry..."
-	@# Log in to the registry if necessary
-	@$(CONTAINER_CLI) login $(REGISTRY_URL)
-	@# Push the bundle as an OCI artifact
-	@$(CONTAINER_CLI) cp dist/bundle.tar.gz $(REGISTRY_URL)/$(NAMESPACE)/$(POLICY_NAME):$(VERSION)
-	@echo "Bundle pushed successfully to $(REGISTRY_URL)/$(NAMESPACE)/$(POLICY_NAME):$(VERSION)"
-
-# Clean up build artifacts
-clean:
-	@echo "Cleaning up..."
-	@rm -f dist/bundle.tar.gz