-
Create a new repository from this template
-
Follow a guide at Probot on how to create and configure a GitHubApp
-
Create a Quay.io repository to host the controller container image
- Create a new Quay.io registry as an empty registry (go to quay.io/new, select your namespace and mark the repository as Public)
- Create a robot account (go to Quay.io, in top right corner select Account Settings, then second tab from the top Robot Accounts -> Create Robot Account)
- Grant this bot account Write access to your new container repository
- Save robot credentials as
QUAY_USERNAMEandQUAY_PASSWORDin the repository secrets (on GitHub repository page open Settings -> Secrets -> Actions -> New repository secret) - In order to properly expire container images we also need
QUAY_OAUTH_TOKEN. You can either use your own account token or (better) create new Quay Application in your organization. To do so, go tohttps://quay.io/organization/<org_name>, then Applications -> Create New Application. Copy the OAuth Token and save it asQUAY_OAUTH_TOKENin the repository secrets
-
Template all references (you can also do this manually, see
./scripts/template.shfor list of files to adjust)go install github.com/cbroglie/mustache/cmd/mustache@latest cat <<EOM > /tmp/data.yaml name: application-name description: Some text prod-namespace: namespaceA stage-namespace: namespaceB image: quay_image_name quay_org: quay_org org: github_org team: team-name repo: repo email: [email protected] EOM ./scripts/template.sh /tmp/data.yaml
-
Create credentials secrets for deployment based on your GitHub app data
# Copy secret from base cp manifests/base/controller/secret.yaml manifests/overlays/stage/secret.enc.yaml cp manifests/base/controller/secret.yaml manifests/overlays/prod/secret.enc.yaml # edit manifests/overlays/*/secret.enc.yaml filling in all data vim manifests/overlays/*/secret.enc.yaml # Encrypt them via sops sops -e -i --pgp="0508677DD04952D06A943D5B4DC4116D360E3276" manifests/overlays/stage/secret.enc.yaml sops -e -i --pgp="0508677DD04952D06A943D5B4DC4116D360E3276" manifests/overlays/prod/secret.enc.yaml
-
Read CONTRIBUTING.md and happily hack on
src/app.ts. -
We recommend installing DCO, Renovate, Semantic PRs GitHub apps.
ACKNOWLEDGMENTS.md- Recognize and credit project this tooling builds upon.aicoe-ci.yaml- Config for AI-CoE CI (disables default checks if the app is installed in organization, can be removed if AI-CoE CI is not used)app.yml- GitHub app manifest which can be used for automated app creation, see GitHub documentation here and Probot documentation hereCODE_OF_CONDUCT.md- Code of conduct for contributors and usersCONTRIBUTING.md- Guidelines on contributing, expected workflowsCONTRIBUTORS.md- List of contributors.env.example- Environment variables to set when running Probot locallyjest.config.js- Setup for tests.github- Configuration for local repositoryactions- Custom GitHub Actionsbuild- Builds a container image via Source to Imagecheck-maintainer-role- Verifies user permissions (used to check if user is eligible to create a release for example)set-expiration- Sets container image tag expiration in Quay.iotest- Runs tests against the controller
ISSUE_TEMPLATE- Standard set of issue templates available in the repobug_report.mdfeature_request.mdpromote.md- Triggers a workflow which promotes images used inmanifests/overlays/stagetomanifests/overlays/prod(creates a Pull Request, only maintainers are allowed)release.md- Triggers a workflow which releases from default main branch to GitHub releases and Quay.iosecurity.md- Used by users to nofity maintainers about security vulnerabilities found in the service
renovate.json- Config for Renovate app to keep your dependencies (Node.js and Github Actions) up to dateworkflows- Github Actions workflowspromote.yaml- Triggered by issues created bypromote.mdissue template. Important: make surekind/promoteandbotlabels are present in the repo. Promotes images used inmanifests/overlays/stagetomanifests/overlays/prod(creates a Pull Request, only maintainers are allowed)pr.yaml- Runs tests and attempts to build a container image out of a Pull Requestpush.yaml- Runs tests, builds and pushes a container image to Quay.io on push eventsrelease.yaml- Triggered by issues created byrelease.mdissue template. Important: make surekind/releaseandbotlabels are present in the repo. Releases from default main branch to GitHub releases and Quay.io
.gitignore.gitleaks.toml- Excludetest/fixtures/mock-cert.pemfrom Gitleaks scans to save you a headacheLICENSE- License filemanifests- Folder contains all manifests structured for Kustomizebasecontroller- Contains all manifests related to the controller deployment itselftasks- Tekton task manifests for heavy lifting on cluster, contains example task
overlays- Overlay for each environment
OWNERS- Used if the repo is connected to Prow, see documentation here, can be removed if Prow is not usedpackage.json- Node.js package manifestpackage-lock.json- Node.js package manifest lock file.pre-commit-config.yaml- Configuration for pre-commit.prow.yaml- Configuration for ProwREADME.md- This file, moved toREADME.old.mdafter the repo is templatedREADME.template.md- New README file after templating the repo.s2ibase- Reference to the used Source to Image builder imagescripts- Hacks and helpersbuild-image.sh- Creates a local build of Source to Image container imagetemplate.sh- Templates the repository
SECURITY.md- Security policy, see GitHub documentation heresrc- Source for the controllerapp.ts- Controller definitionindex.ts- Runner/entrypoint for the controller
static/robot.svg- Probot logo for you to customizeSUPPORT.md- Support process definition, how and where to ask for helptest- Store your controller tests hereapp.test.ts- Empty test suitefixtures/mock-cert.pem- Mock certificate
.thoth.yaml- Configuration file for Thoth Station (disables default checks if the AI-CoE CI app is installed in organization, can be removed if AI-CoE CI is not used)tsconfig.json- Typescript configuration file
See CONTRIBUTING.md on how to contribute.
See ACKNOWLEDGMENTS.md.