This repository is meant to hold all information required to deploy and run Maistra test infrastructure in an Infrastructe-as-Code fashion.
The build container (maistra-builder
) is used by Prow to run unit tests and the linters against maistra/istio
.
To build the maistra-builder
container image, run make builder-image
in this repository.
This describes the steps needed to get our prow instance up and running on an existing cluster. It only covers aspects that are relevant to our configuration. See the upstream docs for more details.
You should have existing secrets for an already running cluster. You'll only need to obtain them if you're planning to do a test deployment to a different cluster. Note that in order to do that, you should have a separate GitHub Org already setup and configured in config.yaml
.
- Create bot account with access to your org
- Create a personal access token. We currently only need public_repo and repo:status scopes
- Store it in
prow/secrets/github-token
- Run
openssl rand -hex 20 > prow/secrets/github-hmac-secret
- Run
openssl rand -hex 32 > prow/secrets/cookie-secret
- Create a GCS bucket, make it publically readable
- Create a Service Account, store API credentials in
prow/secrets/gcs-credentials.json
- Give the Service Account write permissions to the bucket you created
- Run
cd prow && ./create.sh
- Add the webhook URL to the GitHub Org: https://github.com/organizations//settings/hooks - the URL is https:///hook
- Sometimes the letsencrypt certificate retrieval will fail on the second route due to rate limiting. You can copy the certificate over manually in that case.