rego-policies icon indicating copy to clipboard operation
rego-policies copied to clipboard

Published 20 hours ago verified publisher icon redhat-cop

Add prow to test gatekeeper

Open garethahealy opened this issue 3 years ago • 2 comments

We've got a script which will deploy gatekeeper: https://github.com/redhat-cop/rego-policies/blob/master/_test/deploy-gatekeeper.sh

and a script which will test it: https://github.com/redhat-cop/rego-policies/blob/master/_test/gatekeeper-integrationtests.sh

but no prow/ci to execute.

@pabrahamsson ; is it possible to get the bot hooked up with prow to execute the above?

garethahealy avatar Jul 16 '20 11:07 garethahealy

Prow works by running a pod that you define. This pod will get the source code mounted by Prow and you can now run your CI script(s) against the source code. The pod does not have any elevated privileges and this is where I think we'll run into issues with Gatekeeper since it will require pretty much cluster-admin in order to be deleted and re-installed.

TL;DR your CI must be able to run inside an unprivileged pod, self-provisioner is enabled so can create new project if that helps.

Happy to chat more to better understand the needs here to see if we can come up with a working solution.

pabrahamsson avatar Jul 17 '20 20:07 pabrahamsson

@springdo @ckavili @pabrahamsson ; can we have a bluejeans chat next week? hows Monday?

garethahealy avatar Jul 18 '20 06:07 garethahealy

prow not used anymore, closing.

garethahealy avatar Nov 14 '23 10:11 garethahealy