Prow is a CI/CD system running on Kubernetes.
This directory contains the resources composing the Falco's workflow & testing infrastructure.
Listing the deployments we are currently using.
UI for prow jobs.
Clean up stale prow jobs.
Handle GitHub events dispatching them to plugins.
Start periodic jobs.
Start prow jobs.
This assumes that you are in the prow
directory and that you can reach your working Kubernetes cluster.
-
Create a bot account (we have our own poiana).
1.1. Grant it owner level access to the GitHub organisations on which prow will operate on.
1.2. Generate a personal access token for the bot with full
repo
scope andadmin:org
,admin:repo_hook
, andadmin:org_hook
too (in case you want prow to operate at organisation level).1.3 Save such OAuth token to
prow/oauth_secret
file. -
Create a token for GitHub webhooks.
openssl rand -hex 20 > prow/hmac_secret
-
Deploy prow
make prow
-
Setup the hook
4.1. Install the
add-hook
toolgo get -u k8s.io/test-infra/experiment/add-hook
4.2. Attach it to the organisation using
--repo
flag (or to a precise repo usingMY_ORG/MY_REPO
convention)add-hook --hmac-path=path/to/hmac/secret --github-token-path=path/to/oauth/secret --hook-url http://an.ip.addr.ess/hook --repo MY_ORG --confirm=true
-
Setup or update your plugins and configs with
make plugins make configs