-
Create a new repository from this template
-
Follow a guide at Probot on how to create and configure a GitHubApp
-
Create a Quay.io repository to host the controller container image
- Create a new Quay.io registry as an empty registry (go to quay.io/new, select your namespace and mark the repository as Public)
- Create a robot account (go to Quay.io, in top right corner select Account Settings, then second tab from the top Robot Accounts -> Create Robot Account)
- Grant this bot account Write access to your new container repository
- Save robot credentials as
QUAY_USERNAME
andQUAY_PASSWORD
in the repository secrets (on GitHub repository page open Settings -> Secrets -> Actions -> New repository secret) - In order to properly expire container images we also need
QUAY_OAUTH_TOKEN
. You can either use your own account token or (better) create new Quay Application in your organization. To do so, go tohttps://quay.io/organization/<org_name>
, then Applications -> Create New Application. Copy the OAuth Token and save it asQUAY_OAUTH_TOKEN
in the repository secrets
-
Template all references (you can also do this manually, see
./scripts/template.sh
for list of files to adjust)go install github.com/cbroglie/mustache/cmd/mustache@latest cat <<EOM > /tmp/data.yaml name: application-name description: Some text prod-namespace: namespaceA stage-namespace: namespaceB image: quay_image_name quay_org: quay_org org: github_org team: team-name repo: repo email: some-contact@domain.com EOM ./scripts/template.sh /tmp/data.yaml
-
Create credentials secrets for deployment based on your GitHub app data
# Copy secret from base cp manifests/base/controller/secret.yaml manifests/overlays/stage/secret.enc.yaml cp manifests/base/controller/secret.yaml manifests/overlays/prod/secret.enc.yaml # edit manifests/overlays/*/secret.enc.yaml filling in all data vim manifests/overlays/*/secret.enc.yaml # Encrypt them via sops sops -e -i --pgp="0508677DD04952D06A943D5B4DC4116D360E3276" manifests/overlays/stage/secret.enc.yaml sops -e -i --pgp="0508677DD04952D06A943D5B4DC4116D360E3276" manifests/overlays/prod/secret.enc.yaml
-
Read CONTRIBUTING.md and happily hack on
src/app.ts
. -
We recommend installing DCO, Renovate, Semantic PRs GitHub apps.
ACKNOWLEDGMENTS.md
- Recognize and credit project this tooling builds upon.aicoe-ci.yaml
- Config for AI-CoE CI (disables default checks if the app is installed in organization, can be removed if AI-CoE CI is not used)app.yml
- GitHub app manifest which can be used for automated app creation, see GitHub documentation here and Probot documentation hereCODE_OF_CONDUCT.md
- Code of conduct for contributors and usersCONTRIBUTING.md
- Guidelines on contributing, expected workflowsCONTRIBUTORS.md
- List of contributors.env.example
- Environment variables to set when running Probot locallyjest.config.js
- Setup for tests.github
- Configuration for local repositoryactions
- Custom GitHub Actionsbuild
- Builds a container image via Source to Imagecheck-maintainer-role
- Verifies user permissions (used to check if user is eligible to create a release for example)set-expiration
- Sets container image tag expiration in Quay.iotest
- Runs tests against the controller
ISSUE_TEMPLATE
- Standard set of issue templates available in the repobug_report.md
feature_request.md
promote.md
- Triggers a workflow which promotes images used inmanifests/overlays/stage
tomanifests/overlays/prod
(creates a Pull Request, only maintainers are allowed)release.md
- Triggers a workflow which releases from default main branch to GitHub releases and Quay.iosecurity.md
- Used by users to nofity maintainers about security vulnerabilities found in the service
renovate.json
- Config for Renovate app to keep your dependencies (Node.js and Github Actions) up to dateworkflows
- Github Actions workflowspromote.yaml
- Triggered by issues created bypromote.md
issue template. Important: make surekind/promote
andbot
labels are present in the repo. Promotes images used inmanifests/overlays/stage
tomanifests/overlays/prod
(creates a Pull Request, only maintainers are allowed)pr.yaml
- Runs tests and attempts to build a container image out of a Pull Requestpush.yaml
- Runs tests, builds and pushes a container image to Quay.io on push eventsrelease.yaml
- Triggered by issues created byrelease.md
issue template. Important: make surekind/release
andbot
labels are present in the repo. Releases from default main branch to GitHub releases and Quay.io
.gitignore
.gitleaks.toml
- Excludetest/fixtures/mock-cert.pem
from Gitleaks scans to save you a headacheLICENSE
- License filemanifests
- Folder contains all manifests structured for Kustomizebase
controller
- Contains all manifests related to the controller deployment itselftasks
- Tekton task manifests for heavy lifting on cluster, contains example task
overlays
- Overlay for each environment
OWNERS
- Used if the repo is connected to Prow, see documentation here, can be removed if Prow is not usedpackage.json
- Node.js package manifestpackage-lock.json
- Node.js package manifest lock file.pre-commit-config.yaml
- Configuration for pre-commit.prow.yaml
- Configuration for ProwREADME.md
- This file, moved toREADME.old.md
after the repo is templatedREADME.template.md
- New README file after templating the repo.s2ibase
- Reference to the used Source to Image builder imagescripts
- Hacks and helpersbuild-image.sh
- Creates a local build of Source to Image container imagetemplate.sh
- Templates the repository
SECURITY.md
- Security policy, see GitHub documentation heresrc
- Source for the controllerapp.ts
- Controller definitionindex.ts
- Runner/entrypoint for the controller
static/robot.svg
- Probot logo for you to customizeSUPPORT.md
- Support process definition, how and where to ask for helptest
- Store your controller tests hereapp.test.ts
- Empty test suitefixtures/mock-cert.pem
- Mock certificate
.thoth.yaml
- Configuration file for Thoth Station (disables default checks if the AI-CoE CI app is installed in organization, can be removed if AI-CoE CI is not used)tsconfig.json
- Typescript configuration file
See CONTRIBUTING.md
on how to contribute.
See ACKNOWLEDGMENTS.md
.