Skip to content

Migrate make to task#3539

Open
p4trickweiss wants to merge 12 commits intosecureCodeBox:mainfrom
p4trickweiss:migrate_make
Open

Migrate make to task#3539
p4trickweiss wants to merge 12 commits intosecureCodeBox:mainfrom
p4trickweiss:migrate_make

Conversation

@p4trickweiss
Copy link
Contributor

@p4trickweiss p4trickweiss commented Mar 4, 2026
edited
Loading

Description

This PR completes the migration from Make to Task as the project's build automation tool.

(closes #3159)

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure that all your commits are signed-off and that you are added to the Contributors file.
  • Make sure that all CI finish successfully.
  • Optional (but appreciated): Make sure that all commits are Verified.

@netlify
Copy link

netlify bot commented Mar 4, 2026
edited
Loading

Deploy Preview for docs-securecodebox canceled.

Name Link
🔨 Latest commit b45703c
🔍 Latest deploy log https://app.netlify.com/projects/docs-securecodebox/deploys/69b15da5f513b00007679fe1

@p4trickweiss p4trickweiss requested review from J12934 and Copilot March 4, 2026 10:41
Copilot AI reviewed Mar 4, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR completes the repository-wide migration from Makefiles to Taskfiles (go-task/task) for build/test automation across scanners, hooks, operator, auto-discovery, SDKs, and documentation, and updates CI/workflows/docs accordingly.

Changes:

  • Removed Makefile-based automation (Makefile, *.mk, component Makefiles) and replaced/expanded Taskfile equivalents across the repo.
  • Updated GitHub workflows to install and use task for docs generation and CI build/test steps.
  • Updated contributor documentation/ADR references from make ... to task ....

Reviewed changes

Copilot reviewed 62 out of 62 changed files in this pull request and generated no comments.

Show a summary per file
File Description
test-base.mk Removed shared Make-based test harness.
sdk.mk Removed SDK Make include (replaced by Taskfiles).
prerequisites.mk Removed Make prerequisites checks.
env-paths.mk Removed Make path indirection (replaced by Task vars).
scanners.mk Removed scanner Make include.
hooks.mk Removed hook Make include.
Makefile Removed root Make entrypoints; Taskfile now owns these commands.
Taskfile.yaml Root Taskfile expanded (paths/helm docs/lint/new-scanner/etc).
scanners/Taskfile.yaml Scanner orchestration updated (setup tasks, requires vars, etc).
scanners/ffuf/Taskfile.yaml Taskfile version bump.
scanners/git-repo-scanner/Taskfile.yaml Taskfile version bump.
scanners/gitleaks/Taskfile.yaml Taskfile version bump.
scanners/kube-hunter/Taskfile.yaml Taskfile version bump.
scanners/ncrack/Taskfile.yaml Taskfile version bump.
scanners/nikto/Taskfile.yaml Taskfile version bump.
scanners/nmap/Taskfile.yaml Taskfile version bump.
scanners/nuclei/Taskfile.yaml Taskfile version bump.
scanners/screenshooter/Taskfile.yaml Taskfile version bump.
scanners/semgrep/Taskfile.yaml Taskfile version bump.
scanners/ssh-audit/Taskfile.yaml Taskfile version bump.
scanners/sslyze/Taskfile.yaml Taskfile version bump.
scanners/subfinder/Taskfile.yaml Taskfile version bump.
scanners/test-scan/Taskfile.yaml Taskfile version bump.
scanners/trivy/Taskfile.yaml Taskfile version bump.
scanners/trivy-sbom/Taskfile.yaml Taskfile version bump.
scanners/whatweb/Taskfile.yaml Taskfile version bump.
scanners/wpscan/Taskfile.yaml Taskfile version bump.
scanners/zap-automation-framework/Taskfile.yaml Taskfile version bump.
hooks/Taskfile.yaml Hook orchestration updated (setup tasks, requires vars, etc).
hooks/cascading-scans/Taskfile.yaml Taskfile version bump.
hooks/finding-post-processing/Taskfile.yaml Taskfile version bump.
hooks/generic-webhook/Taskfile.yaml Taskfile version bump.
hooks/notification/Taskfile.yaml Taskfile version bump.
hooks/persistence-azure-monitor/Taskfile.yaml Taskfile version bump.
hooks/persistence-defectdojo/Taskfile.yaml Taskfile version bump.
hooks/persistence-dependencytrack/Taskfile.yaml Taskfile version bump.
hooks/persistence-elastic/Taskfile.yaml Taskfile version bump.
hooks/update-field-hook/Taskfile.yaml Taskfile version bump.
parser-sdk/nodejs/Makefile Removed Makefile entrypoint for parser SDK.
parser-sdk/nodejs/Taskfile.yaml Added Taskfile entrypoint for parser SDK build/export/kind-import.
hook-sdk/nodejs/Makefile Removed Makefile entrypoint for hook SDK.
hook-sdk/nodejs/Taskfile.yaml Added Taskfile entrypoint for hook SDK build/export/kind-import.
operator/Makefile Removed operator Makefile entrypoint.
operator/Taskfile.yaml Added operator Taskfile (codegen, envtest, tests, docker, helm deploy).
auto-discovery/kubernetes/Makefile Removed auto-discovery (kubernetes) Makefile entrypoint.
auto-discovery/kubernetes/Taskfile.yaml Added auto-discovery (kubernetes) Taskfile (tests/build/docker/etc).
auto-discovery/kubernetes/pull-secret-extractor/Taskfile.yaml Taskfile version bump.
auto-discovery/cloud-aws/Makefile Removed auto-discovery (cloud-aws) Makefile entrypoint.
auto-discovery/cloud-aws/Taskfile.yaml Added auto-discovery (cloud-aws) Taskfile (tests/build/docker/helm).
demo-targets/Makefile Removed demo-targets Makefile entrypoint.
demo-targets/Taskfile.yaml Added/expanded demo-targets Taskfile (incl. helm-unit-tests loop).
documentation/Makefile Removed documentation Makefile entrypoint.
documentation/Taskfile.yaml Added documentation Taskfile (puml/clean/install/start).
documentation/docs/contributing/test-concept/operator-test.md Updated instructions from make → task.
documentation/docs/contributing/operator.md Updated instructions from make → task.
documentation/docs/contributing/integrating-a-scanner/integrating-a-scanner.md Updated scanner creation command to task.
documentation/docs/contributing/integrating-a-hook/makefile.md Removed deprecated Makefile doc page.
documentation/docs/architecture/09_architecture_decisions/adr_0018.md Marked ADR as superseded by Task migration + note.
.templates/new-scanner/Taskfile.yaml Template Taskfile version bump.
.github/workflows/ci.yaml Switched CI steps from make/manual task install → setup-task + task commands.
.github/workflows/helm-docs.yaml Installed Task and swapped make docs generation → task.
.github/workflows/scb-bot.yaml Installed Task and swapped make docs generation → task.

Review notes (blocking):

  • scanners/Taskfile.yaml (lines ~109–116): test:setup:parser-deps always runs bun install even when parserUsesNpmDependencies is "false" (no package.json), which will fail for non-Node parsers. Make the command conditional (similar to hooks/Taskfile.yaml), or only run the task when the parser has a package.json.
  • Taskfile.yaml (root) (lines ~199–206): create-new-scanner uses a shell precondition sh: '[ -n "{{ .NAME }}" ]'. With Go templates, an unset variable can render as <no value> and still satisfy -n, so this may not reliably block missing NAME. Prefer requires: { vars: [NAME] } (as used in hooks/Taskfile.yaml / scanners/Taskfile.yaml) or use a safer default/empty check.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

Reet00
Reet00 reviewed Mar 5, 2026
View reviewed changes
Copy link
Contributor

@Reet00 Reet00 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good so far :)
It would be nice to have 1 command that builds and deploys the operator for local development, like task deploy for the scanners. As i have seen it, we have to start kind-import and helm-deploy separately

@p4trickweiss
Migrate Makefiles to Taskfiles
86025a0 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Remove remaining Makefiles
549a321 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Pin latest Task version with renovate
df7a62f 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Update Taskfile version to 3.48.0
d71201a 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Remove v
090599e 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Use full SHA for install task action
a04e6c9 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Fix errors
0ac46f5 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Fix task errors
81caf04 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Fix operator Taskfile
8ac121f 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Simplify taskfiles
2e8b194 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Fix auto-discovery tasks
261c4ce 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@p4trickweiss
Fix auto-discovery taskfiles
b45703c 
Signed-off-by: Patrick <patrick.weiss@iteratec.com>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 11, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@p4trickweiss p4trickweiss moved this from Triage to To Review in secureCodeBox Mar 11, 2026
@p4trickweiss p4trickweiss moved this from To Review to Triage in secureCodeBox Mar 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Reet00 Reet00 Reet00 left review comments

Copilot code review Copilot Copilot left review comments

@J12934 J12934 Awaiting requested review from J12934

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

secureCodeBox
Status: Triage

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Remove remaining Makefiles

3 participants

@p4trickweiss @Reet00