VOL-4838 - makefile edits to cleanup permissions.
Makefile
--------
o Added makefile target 'fixperms' that will strip group permissions
from repository conf, json and yaml files. This is a source for
plenty of noise in the jenkins logs.
o Added convenience target 'pre-commit' that will lint sources and
repair permissions prior to creating a pull request.
Change-Id: Ia30ac099c23c6d651e5c54fad2bce74e0d382ee4
diff --git a/Makefile b/Makefile
index 2754d0f..4feb29b 100644
--- a/Makefile
+++ b/Makefile
@@ -60,6 +60,24 @@
## -----------------------------------------------------------------------
## -----------------------------------------------------------------------
+.PHONY: pre-commit
+.PHONY: fixperms
+pre-commit: lint fixperms
+
+## -----------------------------------------------------------------------
+## Scrub volume messages from jenksins logs and help secure nodes.
+## WARNING: Kubernetes configuration file is group-readable. This is insecure
+## -----------------------------------------------------------------------
+fixperms-args :=$(null)
+fixperms-args += -name '*.conf'
+fixperms-args += -o -name '*.json'
+fixperms-args += -o -name '*.yaml'
+fixperms:
+ $(HIDE)find . \( $(fixperms-args) \) -print0 \
+ | xargs -0 chmod og-rwx
+
+## -----------------------------------------------------------------------
+## -----------------------------------------------------------------------
clean:
## -----------------------------------------------------------------------
@@ -90,4 +108,11 @@
@echo " lint-json Syntax check .json sources"
@echo " lint-yaml Syntax check .yaml sources"
@echo
+ @echo "[PRE:check]"
+ @echo " pre-check Verify tools and deps are available for testing"
+ @echo
+ @echo "[PRE:commit]"
+ @echo " pre-commit Perform common repairs on source"
+ @echo " fixperms Remove group write permission on config files"
+ @echo
# [EOF]