@@ -2,7 +2,7 @@ |
| 2 | 2 | # Targets mirror what CI runs. The Makefile is the source of truth. |
| 3 | 3 | |
| 4 | 4 | .DEFAULT_GOAL := help |
| 5 | | -.PHONY: help dev build test test-race lint lint-policy lint-markdown lint-secret-logs fmt tidy clean ci assets install-tools version deploy deploy-check restore-drill bench-staging |
| 5 | +.PHONY: help dev build test test-race lint lint-policy lint-markdown lint-secret-logs lint-spdx verify-api-docs fmt tidy clean ci assets install-tools version deploy deploy-check restore-drill bench-staging docs docs-serve docs-verify gen-third-party-notices |
| 6 | 6 | |
| 7 | 7 | # Build metadata embedded into the binary via -ldflags. |
| 8 | 8 | VERSION := $(shell git describe --tags --always --dirty 2>/dev/null || echo dev) |
@@ -70,7 +70,7 @@ assets: ## Copy Primer CSS into internal/web/static/ for embedding. |
| 70 | 70 | echo "warn: .refs/primer-css/dist not found; run 'git clone https://github.com/primer/css .refs/primer-css' first"; \ |
| 71 | 71 | fi |
| 72 | 72 | |
| 73 | | -ci: lint lint-policy lint-markdown lint-secret-logs test build ## Full CI pipeline (matches .github/workflows/ci.yml). |
| 73 | +ci: lint lint-policy lint-markdown lint-secret-logs lint-spdx verify-api-docs test build ## Full CI pipeline (matches .github/workflows/ci.yml). |
| 74 | 74 | @echo "ci: ok" |
| 75 | 75 | |
| 76 | 76 | lint-policy: ## Enforce policy-package boundary (no inline auth checks in handlers/git/cmd). |
@@ -82,6 +82,12 @@ lint-markdown: ## Enforce markdown-package boundary (no goldmark/bluemonday outs |
| 82 | 82 | lint-secret-logs: ## Fail when source emits log lines containing token-prefix patterns. |
| 83 | 83 | @scripts/lint-secret-logs.sh |
| 84 | 84 | |
| 85 | +lint-spdx: ## Verify every Go + shell source carries the SPDX license header. |
| 86 | + @scripts/verify-spdx-headers.sh |
| 87 | + |
| 88 | +verify-api-docs: ## Fail when an /api/v1 route in code is missing from docs/public/api/. |
| 89 | + @scripts/verify-api-docs.sh |
| 90 | + |
| 85 | 91 | bench-small: ## Run the bench harness against $$BENCH_TARGET (default localhost:8080). |
| 86 | 92 | @go run ./bench -target=$${BENCH_TARGET:-http://localhost:8080} -iters=$${BENCH_ITERS:-20} |
| 87 | 93 | |
@@ -175,3 +181,22 @@ restore-drill: ## Run the restore drill on the backup host (must be run via ssh |
| 175 | 181 | bench-staging: ## Run the bench harness against staging (BENCH_TARGET must be set to the staging URL). |
| 176 | 182 | @if [ -z "$$BENCH_TARGET" ]; then echo "set BENCH_TARGET=https://staging.shithub.example"; exit 2; fi |
| 177 | 183 | go run ./bench -target=$$BENCH_TARGET -iters=$${BENCH_ITERS:-50} |
| 184 | + |
| 185 | +# --- docs --- |
| 186 | +docs: ## Build the public docs site to build/docs/ via mdBook. |
| 187 | + cd docs/public && mdbook build |
| 188 | + |
| 189 | +docs-serve: ## Serve the public docs site locally on http://127.0.0.1:3000. |
| 190 | + cd docs/public && mdbook serve --port 3000 |
| 191 | + |
| 192 | +docs-verify: verify-api-docs ## Verify docs are in sync (API routes documented + SPDX headers). |
| 193 | + @$(MAKE) lint-spdx |
| 194 | + @if command -v mdbook >/dev/null 2>&1; then \ |
| 195 | + cd docs/public && mdbook build >/dev/null && echo "mdbook build: ok"; \ |
| 196 | + else \ |
| 197 | + echo "mdbook not installed; skipping site build"; \ |
| 198 | + fi |
| 199 | + |
| 200 | +gen-third-party-notices: ## Regenerate THIRD_PARTY_NOTICES.md from the active go.mod. |
| 201 | + @scripts/gen-third-party-notices.sh > THIRD_PARTY_NOTICES.md |
| 202 | + @echo "gen-third-party-notices: wrote THIRD_PARTY_NOTICES.md" |
