►
From YouTube: Avoid merging broken code with Prow
Description
This session is about creation of prow jobs in general. Prow is a Kubernetes based CI/CD system.
We cover what is a prow job, what job types are available, how to configure job triggers, testing jobs: requirements, obstacles and pitfalls configurations for merge gating other usages of jobs (publishing, bumping, ...).
Attendants will be able to know what job types are available, which one to use for a specific problem and how to verify their job works on their machine (TM) before creating a PR.
Presenter: Daniel Hiller, Senior Software Engineer OpenShift Virtualization, Red Hat, @dhill3r, @dhiller (GitHub)
B
Thank
you
too
yeah,
I'm
going
to
talk
about
prowl,
especially
this
is
important
for
keyboard,
because
we
are
using
prowl
as
our
ci
infrastructure.
So
at
first
I
want
going
over
the
topics,
so
we
are
going
to
talk
about
what
is
brow.
What
is
a
proud
job
in
general?
What
job
types
are
there?
How
do
you
configure
jobs?
B
How
do
you
test
jobs,
especially
not
on
the
server
of
course
but
locally,
and
how
do
you
configure
jobs
for
merge,
gating
and
yeah
the
final
stage?
We
will
also
discuss
other
usages
of
jobs
and.
B
B
Requests
and
it
can
attach
status
to
github
commits
which
is
important
for
merge
gating.
It
can
automate
the
merges
of
pull
requests,
and
the
most
important
thing,
I
think,
is
that
it
can
run
jobs
when
github
events
occur
so
also.
It
is,
of
course,
the
front
end
for
the
pro
components
for
the
several
components
that
are
there,
for
example,
for
tide
or
for
prow
job
overview,
which
is
what
I'm
going
to
show
you
now.
B
B
Sorry
for
that,
so
what
is
a
proud
job,
proud
job
in
general
is
a
kubernetes
object,
then
contains
a
ports
back
a
certain
decoration
center
status,
so
a
project
was
created
either
on
certain
github
repository
events
or
on
regular
basis.
B
So
and
also
a
projob
is
created
from
a
job
definition
that
is
located
in
the
repository
in
general
and
then
somehow
loaded
into
the
prior
configuration.
B
B
B
Yeah
use
users,
examples
of
jobs
are,
for
example,
for
a
pre-submit
is
in
general,
of
course,
the
validation
of
a
commit
before
a
merge,
so,
for
example,
run
unit
tests
for
a
post
submit
it's,
for
example,
something
like
some
some
update
after
merc.
So,
for
example,
if
you
have
merged
to
a
branch-
and
you
need
to
build
update
website
on
that,
so
you
do
the
post
submit.
B
Then
there
is
a
periodic
which,
with
which
you
can,
for
example,
do
regular
testing
or
regular
creation
of
resources
or
whatever
needs
to
be
done
regularly
and
of
course,
there's
the
at
the
last
music
example
for
for
batch
job
is
that,
for
example,
tide
uses
batch
jobs
to
test
multiple
pr's
at
once,
which
are
tested
all
in
in
one
job.
B
B
So
I
want
to
talk
about
what
what
a
proud
definition
at
first
looks
like
it's
proper
yaml,
of
course,
where
you
can
see
at
the
top
that
there
is
that
there
you
can
see
the
group
where
all
pre-submit
jobs,
for
example,
are
located,
and
the
second
is
an
org
repo
string,
so
that
brown
knows
for
what
repo
this
job
needs
to
get
executed.
B
B
So
then
you
have
some
options
because
you
need
to,
for
example,
you
can
you
can
you
can
tell
the
job
definition
that
it
only
runs,
for
example
on
on
a
branch
types
like
for
example.
In
this
example,
we
have
the
skip
branches,
so
we
are
going
to
skip
all
release
branches
and
just
run,
for
example,
on
everything
else
that
doesn't
match
this
pattern.
C
B
B
Then
the
optional
flag
is
required
for
telling
prowl
or
telling
in
general
of
the
system.
That
is.
Is
this
a
job?
Is
this
job
execution
or
this
status?
Is
it
required
for
a
merge
to
be
enabled
or
not?
B
And
at
last
the
skip
report
tells
prow
whether
it
should
propagate
the
status
from
the
prowl
job
run
to
github
and
attach
it
as
a
status
to
the
commit
and,
of
course,
just
just
as
a
side
example
in
the
in
the
bottom,
you
can
see
presets
that
are
away
on
proud
jobs,
just
to
generalize
a
general
configuration
so
yet
that
you
don't
have
to
repeat
on
every
job.
B
If
you
need,
for
example,
if
you
need,
if
you
need
credential
information
or
something
else
or
other
settings
that
are
required
for
this
job,
so
that
you
can
generalize
this
and
externalize
this
so
that
you
don't
have
to
repeat
it
any
everywhere.
B
Okay,
so
the
interesting
thing
about
proud
job
is
so
you
see
this
this
example
of
a
small
crowd
job
which
tests,
of
course,
like
you,
see
it,
calls
them
a
test
target.
So
what
you
see
in
this
container
spec
there
is
an
image
qrci
bootstrap.
This
has
nothing
to
do
in
general,
with
our
cuvette
repository,
where
this
job
in
general
runs.
B
So
the
interesting
thing
about
prow
is
that
by
decorating
the
project
or
pre-submit
job,
it
detaches
the
current
state
of
the
repository
that
is
to
be
tested
to
the
container
and
makes
it
available.
So
I
can
just
call
the
make
test
target
of
the
cubeville
repository
with
that
yeah.
That's
what
I
exactly
said
now,
so
I
was
a
little
bit
too
fast.
C
B
So
one
thing
you
have
to
notice,
of
course,
is
that
any
tools
that
you
need,
while
you
are
going
to
test,
they
need
either
be
provided
with
the
image
from
which
the
container
is
run
or
they
need
to
be
in
a
repository.
They
can
get
checked
out
or
they
need
to
get
downloaded
on
the
fly.
B
So,
for
example,
what
we
also
have
is
required
credentials
most
of
the
time.
B
For
example,
you
need
a
github
token
or
something
so
that
you
can
fetch
execute
actions,
and
these
are
getting
these
get
mounted
in
the
usual
way
like
like
volume,
ones
and
volumes,
and
of
course
you
also
have
to
have
you
don't
have
to
have
some
automated
hiding
like
you,
have
it
in
some
other
things,
for
example,
this
is
one
caveat
that
you
need
to
be
aware
of
minus
x
and
scripts,
which
might
meet
might
lead
to
leakage
of
tokens.
B
The
proud
job
definition
in
general
is
only
active
when
it
gets
merged
to
the
configuration
branch
of
your
pro
configuration,
so
prowl
then
loads
the
configuration
from
the
configuration
repository
and
then
it
gets
active,
which
means
that
as
long
as
the
product
configuration
is
not
in
a
merged
branch,
it's
not
active,
so
you
can
test
it
a
way
to
test.
It
is
just
to
run
it.
B
B
So
there
are
two
steps
to
test
power:
job
the
one.
The
first
is
to
create
the
proud
job
yaml
so
from
the
job
definition,
and
the
second
is
to
actually
run
it.
B
The
first
one
is
you
use
mkpj,
which
is
a
tool
from
kubernetes
test
infra
to
create
the
project
jammer,
which
is
here's
an
example.
How
to
do
this,
for,
for
example,
for
for
an
example,
job
from
mine
and
the
second
step
is
actually
run
the
project.
Like
I
said
in
the
a
example,
it
is
just
a
cube
cover,
create
minus
f
from
the
project
yamu
and
then
it
gets
executed
on
the
cluster
or
use.
B
Final
final
is
also
a
tool
from
test
infra,
and
this
enables
you
to
run
prowl
drops
locally,
so
they
attach
everything
to
a
docker
to
a
docker,
a
docker
container,
and
this
docker
container
then
runs
locally
on
your
machine.
B
Okay.
So
then,
I'm
going
to
show
you
a
demo.
I
hope
everyone
can
see
or
let
me
see,
stop
sharing
so
then
I
need
to
start
sharing
again
and
a
window.
I
want
to
share
this
one.
B
In
this
this
context,
I
use
github
of
the
github
client
to
check
whether
all
members
of
the
qubit
organization
have
two-factor
authentication
enabled.
So
this
is
just
an
example
where,
in
the
upper
body,
you
can
see
from
line
466
until
478
that
I'm
downloading
github
client
on
the
fly,
because
I
don't
have
it
available
in
the
qbci
bootstrap
image
which
which
I'm
using
currently,
then
I'm
going
to
log
in
using
this
github
token
that
I
am
going
to
attach
you
see
here
and
from
the
lines
from
488
to
495
now
or
2,
497.
B
Sorry,
and
then
I'm
going
to
call
github
api
for
checking
all
all
fetching
all
members
who
have
two
two-factor
authentication,
disabled
and
checking
the
length
and
yeah.
I
think
in
general,
you
get
the
idea.
So
this
is
just
a
simple
example
on
how
to
on
how
on
how
to
create
a
project.
You
can,
of
course,
do
everything
in
this
this
script.
What
you
want,
besides,
of
course,
running
running
any
binaries
or
whatever
you
have
available
in
the
image,
so,
okay!
B
B
B
The
project
ammo,
so
you
see
you
have
a
conflict
path
where
the
configuration
is,
then
you
have
the
job
conflict
path
where
the
job
configuration
is
and
by
specifying
the
job
name,
which
needs
to
be
identical.
B
B
So
I'm
just
going
to
show
you
the
brow
job,
yellow
so
that
you
see
that
it's
just
a
regular
yaml
file
where
you
can
see,
for
example,
that
is
of
kind
it's
of
kind,
proud
job,
and
you
see
the
specification
that
it,
for
example,
holds
the
the
complete
script
which
you
can
see
here
and
yeah.
You
can
also
see
the
attachments
of
the
volume
mods.
B
So
now
I'm
going
to
run
the
project.
So
the
first
thing
it
is
asking
me,
of
course,
from
where
do
you
want
to
mount
your
github
path?
So,
as
you
remember,
I
guess,
on
the
left
side,
you
can
see
that
the
volume
mount
is
pointing
to
hcc
github
and,
of
course,
when
I'm
running
it
locally.
I
need
to
provide
this
so
now
I'm
going
to
provide
this
my
from
my
local
directory,
where
I
have
stored
my
tokens.
B
Maybe
you
we
can
see,
make
a
little
bit
more
room,
I'm
going
to
go
a
little
bit
higher
so
that
you
can
see
how
the
docker
run
is
set
up
like,
for
example,
the
attached
volumes
which
are
which
are
mounted
and
how
the
parameters
are
injected
like
so
it
simulates
the
complete
environment
that
the
project
would
run
in
and
yeah.
This.
C
B
We
can
see,
of
course,
this
job
has
failed
because
of
a
token
scope,
which
is
not
correct
for
this
for
this
application.
B
So
I
need
to
take
another
token,
of
course,
or
I
need
to
pick
another
token
that
has
the
excess
rights.
So
what
I'm
now
doing
is
just
running
it
again
and
applying
the
correct
token
with
the
correct
scope,
and
then
you
can
see
that
when
it
runs
this
time
by
the
way,
the
downloads
every
time,
of
course,
the
github
binary,
which
I,
which
I
want
to
have
and
yeah
this
time.
B
Okay,
let's
continue,
this
was
the
demo.
So
what
what
does
this
help?
Now
we
want.
Of
course
we
have
the.
We
have
seen
that
we
have
a
failing
status
of
exit,
one
and
a
succeeding
status
of
exit
zero,
and
we
have,
for
example,
the
automation
component
in
prowl
that
is
called
tide
that
looks
at
all
the
prs
and
have
either
a
status
of
success,
or
else
that
is
a
failure
and
also
looks
at
the
configuration
what
labels
it
needs
to
have.
For
example.
B
False
and
skip
report
false,
which,
which
effectively
means
that
the
results
of
the
running
power
jobs
were
attached
to
the
were
attached
to
the
job
itself
or
to
the
github
status
itself
in
the
github
repository
pr
and
optional
folders
would
would
make
this
this
job
required.
B
So
this,
what
you
see
on
the
bottom
left
here
is
an
example
from
a
keyboard
pr,
where
the
top
project
execution
pull
keyboard
has
failed,
and
you
see
on
the
right
that
is,
it
is
required,
and
this
effectively
prohibits
the
job
from
at
first,
for
example,
from
from
being
able
to
get
merged
on
the
one
hand,
and
also
from
proud
to
get
picked
up
and
to
try
to
merge
it
automatically.
B
Of
course,
even
if
the,
if
tide
was
not
configured,
we
still
could,
of
course
get
it
merged,
also
by
an
administrator.
But
that's
not
the
topic
here.
Okay,
so
the
last
thing
I
want
to
mention
is
other
use
cases
for
prior
jobs,
which
are,
for
example,
for
periodic
jobs.
You
have,
for
example,
reportings
that
get
updated
on
a
regular
basis.
For
example,
we
have
reports
for
flake
finder
that
are
run
hourly
daily
or
weekly.
B
Then
we
create
our
nightly
builds,
for
example,
with
periodic
jobs
and,
of
course,
for
post
submits.
We
also
have
some
a
couple
of
examples.
For
example,
we
are
currently
working
on
creating
releases
from
branches
on
post
submits
and
yeah.
We
are,
we
are.
We
can
build
and
push
images,
for
example,
to
a
container
or
image
majesty
and
post
submits,
and
also
we
can
sorry
build
the
published
websites
and
post
submits,
like
I
said
at
the
beginning
already,
I
think
but
yeah
okay,
so
I
think
that's
it
from
me.
B
So
yeah,
if
you
have
questions
I'd,
be
happy
to
answer
them.
So
let
me
just
unshare
my
screen.
B
Am
I
still
here
so
okay,
let's
see.
C
C
Hey
folks,
if
you
have
questions
about
prow,
please
either
post
them
in
the
chat.
If
you
want
to
ask
them
out
loud,
then
say
in
the
chat
you
want
to
ask
them
out
loud
and
I
will
enable
your
mic.
A
Well,
if
there
are
no
questions
thanks
daniel,
that
was
a
very
interesting
presentation.
I
actually
I
if
I
may,
may
I
ask
a
question
so
just
to
clarify
so
the
demo
that
you
presented
was
about
not
necessarily
emerging
code.
It
was
more
about
you
know,
kind
of
an
administration
task
of
checking
the
github
repos.
My
question
would
be
so
how
what
else?
What's
the
whole
spectrum
of
of
things
that
you
can
do
with
power?
A
Are
you
doing
everything,
or
are
there
plans
to
do
even
more
things
or
what's
what's
next,
let's
say
beyond
beyond
merging
code,
which
would
be
one
thing.
B
Yeah
yeah,
like
you
said,
a
merging
code,
is
still
gating
of
merging
code
is
just
one
aspect
on
this
right,
so
we
are,
of
course,
always
preventing
that
bad
code
gets
merged,
but
also
we
can
of
course
have
lots
of
other
interesting
things
like,
for
example,
just
yeah.
Whenever
you
have
a
commit
on
this
on
on
a
certain
certain
pr
or
not
on
a
pr
on
a
repository
branch,
you
can
execute
anything.
You
want
on
that.
B
For
example,
like
shortly,
we
have
created
a
job
that
that
would
update
a.
B
After
merge
on
a
branch
and
yeah
or
yeah,
maybe
you
can
a
little
bit
elaborate.
I'm
I'm
not
sure.
If
I
completely
understood
the
question.
A
Yeah,
I
mean,
and
let
me
actually
also
share
the
camera,
actually,
the
the
one.
One
point
that
I
actually
was
the
point
that
I
had
behind
my
question
was
to
try
to
you
know
realize
that
proud
was
much
more
than
at
least
what
one
has
in
mind.
You
know
one
new
things
testing
on
merging
code.
A
Another
aspect
of
this
is
might
be.
Maybe
I
would
mention
that
there
are
repos
in
the
cube.org
that
are
not
not.
Everything
is
code,
so
proud
is
also
managing
now.
Things
like
the
website,
for
example,
or
the
documentation
and
doing
things
like
verifying
spell
checks
for.
B
Yeah
sure,
of
course,
you
can
run
anything
that
that
has
some
script,
and
that
has
some
some
image
where
you
have
the
environment,
where
you
can
want
to
run
your
your
binaries
or
or
scripts
or
whatever
you
have.
B
Everything
can
can
be
put
into
a
project
and
can
be
executed
due
by
some
action
either
be
it
emerge
or
be
it
a
or
be
a
a
periodic
trigger
like
like
a
crown
or
or
like
a
like
a
like
an
interval
like
for
yeah,
like
you
said,
for
example,
we
are
currently
in
the
process
of
changing
the
user
guide
from
for
to
mk
docs,
and
we
are
currently
we
are
nearly
finishing
this
migration
and
after
that's
finished,
we
will
use
mk
docs
to
create
the
user
guide
and
just
yeah
update.
B
A
Well,
as
there
are
no
other
questions,
I
see
here
in
the
chat,
a
reminder
that
in
hash
virtualization
channel
in
slack
for
the
kubernetes
slack,
feel
free
to
reach
out
to
daniel
and
ask
any
questions
or
any
any
other
questions
around
you
without
the
project.
But
there
is
a
thread
there
in
that
channel
for
each
session
and
one
for
pro,
so
it
just
filled
two
minutes
to
the
next
session,
so
I
think
we
will
take
a
couple
of
minute
breaks.
Thank
you
very
much.
Thank
you
for
your
great
presentation.