rego-policies
rego-policies copied to clipboard
Add prow to test gatekeeper
We've got a script which will deploy gatekeeper: https://github.com/redhat-cop/rego-policies/blob/master/_test/deploy-gatekeeper.sh
and a script which will test it: https://github.com/redhat-cop/rego-policies/blob/master/_test/gatekeeper-integrationtests.sh
but no prow/ci to execute.
@pabrahamsson ; is it possible to get the bot hooked up with prow to execute the above?
Prow works by running a pod that you define. This pod will get the source code mounted by Prow and you can now run your CI script(s) against the source code. The pod does not have any elevated privileges and this is where I think we'll run into issues with Gatekeeper since it will require pretty much cluster-admin in order to be deleted and re-installed.
TL;DR your CI must be able to run inside an unprivileged pod, self-provisioner is enabled so can create new project if that helps.
Happy to chat more to better understand the needs here to see if we can come up with a working solution.
@springdo @ckavili @pabrahamsson ; can we have a bluejeans chat next week? hows Monday?
prow not used anymore, closing.