fix: update Makefile to use #SecurityInsights schema

Currently the `lintyml` step is a no-op, because it doesn't explicitly
validate against the #SecurityInsights schema.

Fix that by specifying that vet should validate non-CUE files agains
that schema. This now aligns the `cue vet` checks here with the
si-tooling usage of the #SecurityInsights Go generated code:

https://github.com/ossf/si-tooling/blob/88ed8ab93e3fe1f4aab9ccabb5452942e0325a53/v2/si/security_insights.go#L67

Also use `cue vet` to validate the schema itself. This is the more
canonical way to validate a schema.

Signed-off-by: Paul Jolly <[email protected]>

Author: myitcv

Makefile

@@ -1,24 +1,24 @@
 lintcue:
 	@echo "  >  Linting CUE schema ..."
-	@cue eval schema.cue --all-errors --verbose
+	@cue vet . --all-errors --verbose
 
 lintyml:
 	@echo "  >  Linting YAML files ..."
 	@echo "  >  Linting .github/security-insights.yml ..."
-	@cue vet .github/security-insights.yml schema.cue
+	@cue vet -d '#SecurityInsights' . .github/security-insights.yml
 	@echo "  >  Linting template-full.yml ..."
-	cue vet template-full.yml schema.cue
+	cue vet -d '#SecurityInsights' . template-full.yml
 	@echo "  >  Linting template-minimum.yml ..."
-	cue vet template-minimum.yml schema.cue
+	cue vet -d '#SecurityInsights' . template-minimum.yml
 	@echo "  >  Linting template-multi-repository-project-reuse.yml ..."
-	cue vet template-multi-repository-project-reuse.yml schema.cue
+	cue vet -d '#SecurityInsights' . template-multi-repository-project-reuse.yml
 	@echo "  >  Linting template-multi-repository-project.yml ..."
-	cue vet template-multi-repository-project.yml schema.cue
+	cue vet -d '#SecurityInsights' . template-multi-repository-project.yml
 
 cuegen:
 	@echo "  >  Generating types from cue schema ..."
 	@cue exp gengotypes schema.cue
 	@echo "  >  vet the generated go types ..."
 	@go vet cue_types_gen.go
 
-PHONY: lintcue lintyml cuegen
+PHONY: lintcue lintyml cuegen