Prow is a CI/CD system running on Kubernetes.

This directory contains the resources composing the Falco's workflow & testing infrastructure.

Listing the deployments we are currently using.

UI for prow jobs.

Clean up stale prow jobs.

Handle GitHub events dispatching them to plugins.

Start periodic jobs.

Start prow jobs.

This assumes that you are in the prow directory and that you can reach your working Kubernetes cluster.

1. Create a bot account (we have our own poiana).

   1.1. Grant it owner level access to the GitHub organisations on which prow will operate on.

   1.2. Generate a personal access token for the bot with full repo scope and admin:org, admin:repo_hook, and admin:org_hook too (in case you want prow to operate at organisation level).

   1.3 Save such OAuth token to prow/oauth_secret file.

2. Create a token for GitHub webhooks.

   openssl rand -hex 20 > prow/hmac_secret

3. Deploy prow

   make prow

4. Setup the hook

   4.1. Install the add-hook tool

   go get -u k8s.io/test-infra/experiment/add-hook

   4.2. Attach it to the organisation using --repo flag (or to a precise repo using MY_ORG/MY_REPO convention)

   add-hook --hmac-path=path/to/hmac/secret --github-token-path=path/to/oauth/secret --hook-url http://an.ip.addr.ess/hook --repo MY_ORG --confirm=true

5. Setup or update your plugins and configs with

   make plugins
   make configs