Terraform module for Kubernetes Prow

Prow is a Kubernetes based CI/CD system.

Prow provides GitHub automation in the form of policy enforcement, chat-ops via /foo style commands, and automatic PR merging.

Pre-requirements

A GitHub app with specified permissions

Repository permissions:

Actions: Read-Only (Only needed when using the merge automation tide)
Administration: Read-Only (Required to fetch teams and collaborateurs)
Checks: Read-Only (Only needed when using the merge automation tide)
Contents: Read (Read & write needed when using the merge automation tide)
Issues: Read & write
Metadata: Read-Only
Pull Requests: Read & write
Projects: Admin when using the projects plugin, none otherwise
Commit statuses: Read & write

Organization permissions:

Members: Read-Only (Read & write when using peribolos)
Projects: Admin when using the projects plugin, none otherwise

Subscribe to events:

All events.

Secret

Webhook secret:

openssl rand -hex 20

GitHub App private key:

Click generate private key after GitHub App created.

Requirements

Name	Version
terraform	>= 1.2

Providers

Name	Version
kubernetes	n/a

Modules

No modules.

Resources

Name	Type
kubernetes_config_map.config	resource
kubernetes_config_map.plugins	resource
kubernetes_deployment.crier	resource
kubernetes_deployment.deck	resource
kubernetes_deployment.ghproxy	resource
kubernetes_deployment.hook	resource
kubernetes_deployment.horologium	resource
kubernetes_deployment.minio	resource
kubernetes_deployment.prow_controller_manager	resource
kubernetes_deployment.sinker	resource
kubernetes_deployment.statusreconciler	resource
kubernetes_deployment.tide	resource
kubernetes_ingress_v1.prow	resource
kubernetes_namespace.prow	resource
kubernetes_namespace.test_pods	resource
kubernetes_persistent_volume_claim.ghproxy	resource
kubernetes_persistent_volume_claim.minio	resource
kubernetes_role.hook	resource
kubernetes_role.prow_controller_manager	resource
kubernetes_role.prow_crier	resource
kubernetes_role.prow_deck	resource
kubernetes_role.prow_sinker	resource
kubernetes_role.prowhorologium	resource
kubernetes_role.statusreconciler	resource
kubernetes_role.test_pods_crier	resource
kubernetes_role.test_pods_deck	resource
kubernetes_role.test_pods_prow_controller_manager	resource
kubernetes_role.test_pods_sinker	resource
kubernetes_role.tide	resource
kubernetes_role_binding.hook	resource
kubernetes_role_binding.horologium	resource
kubernetes_role_binding.prow_controller_manager	resource
kubernetes_role_binding.prow_crier	resource
kubernetes_role_binding.prow_deck	resource
kubernetes_role_binding.prow_sinker	resource
kubernetes_role_binding.statusreconciler	resource
kubernetes_role_binding.test_pods_crier	resource
kubernetes_role_binding.test_pods_deck	resource
kubernetes_role_binding.test_pods_prow_controller_manager	resource
kubernetes_role_binding.test_pods_sinker	resource
kubernetes_role_binding.tide	resource
kubernetes_secret.github_token	resource
kubernetes_secret.hmac_token	resource
kubernetes_secret.prow_s3_credentials	resource
kubernetes_secret.test_pods_prow_s3_credentials	resource
kubernetes_service.deck	resource
kubernetes_service.ghproxy	resource
kubernetes_service.hook	resource
kubernetes_service.minio	resource
kubernetes_service.tide	resource
kubernetes_service_account.crier	resource
kubernetes_service_account.deck	resource
kubernetes_service_account.hook	resource
kubernetes_service_account.horologium	resource
kubernetes_service_account.prow_controller_manager	resource
kubernetes_service_account.sinker	resource
kubernetes_service_account.statusreconciler	resource
kubernetes_service_account.tide	resource

Inputs

Name	Description	Type	Default	Required
domain	The top-level domain of prow service	`string`	n/a	yes
github_appid	The id of Github APP	`string`	n/a	yes
github_cert	The private key cert pem of Github APP	`string`	n/a	yes
hmac_token	The hmac token of Github webhook secret	`string`	n/a	yes
kube_client_certificate	The client certificate of Kubernetes cluster	`string`	n/a	yes
kube_client_key	The client key of Kubernetes cluster	`string`	n/a	yes
kube_cluster_ca_certificate	The cluster ca certificate of Kubernetes cluster	`string`	n/a	yes
kube_host	The hostname of Kubernetes cluster	`string`	n/a	yes
minio_root_password	The password of minio	`string`	n/a	yes
minio_root_user	The user of minio	`string`	n/a	yes
plugin_config_raw	The raw config of plugin	`string`	n/a	yes
prow_config_raw	The raw config of prow	`string`	n/a	yes

Outputs

No outputs.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.devcontainer		.devcontainer
.github/workflows		.github/workflows
examples		examples
test		test
.editorconfig		.editorconfig
.gitignore		.gitignore
.releaserc.json		.releaserc.json
CHANGELOG.md		CHANGELOG.md
GNUmakefile		GNUmakefile
LICENSE		LICENSE
README.md		README.md
outputs.tf		outputs.tf
provider.tf		provider.tf
prow.tf		prow.tf
variables.tf		variables.tf
versions.tf		versions.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Terraform module for Kubernetes Prow

Pre-requirements

A GitHub app with specified permissions

Secret

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Releases

Packages

Languages

License

yufeiminds/terraform-kubernetes-prow

Folders and files

Latest commit

History

Repository files navigation

Terraform module for Kubernetes Prow

Pre-requirements

A GitHub app with specified permissions

Secret

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages