Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Coverage Status Go Report Card GoDoc


Note that this README is targeted at AOS-Azure contributors. If you are not a member of this team, these instructions may not work as they will assume you have permissions that you may not have.

  1. Utilities. Install the following:

    1. Golang 1.11.6 (can also use package manager)
    2. Latest Azure CLI
    3. OpenShift Origin 3.11 client tools (can also use package manager)
    4. Latest Glide. Note: Glide 0.13.1 is known to be broken.
    5. jq (can also use package manager)

    Development helper scripts assume an up-to-date GNU tools environment. Recent Linux distros should work out-of-the-box.

    macOS ships with outdated BSD-based tools. We recommend installing macOS GNU tools.

  2. Environment variables. Ensure that $GOPATH/bin is in your path:

    export PATH=$PATH:${GOPATH:-$HOME/go}/bin.

  3. Azure CLI access. Log into Azure using the CLI using az login and your credentials.

  4. OpenShift CI cluster access. Log in to the CI cluster using oc login and a token from the CI cluster web interface. You can copy the required command by clicking on your username and the "Copy Login Command" option in the web portal.

  5. Codebase. Check out the codebase:

    go get

  6. Secrets. Retrieve cluster creation secrets from the vault:

    export VAULT_ADDR=
    ./vault login $TOKEN_FROM_THE_VAULT
    ./vault kv get -format=json "kv/selfservice/azure/cluster-secrets-azure/" | jq ""  > vault-secrets.json
  7. Environment file. Create an environment file:

    cp env.example env.

  8. AAD Application / Service principal. Create a personal AAD Application:

    1. hack/ app-create user-$USER-aad aro-team-shared
    2. Update env to include the AZURE_AAD_CLIENT_ID and AZURE_AAD_CLIENT_SECRET values output by
    3. Ask an AAD administrator to grant permissions to your application.

Deploy an OpenShift cluster

  1. Source the env file: . ./env.

  2. Determine an appropriate resource group name for your cluster (e.g. for a test cluster, you could call it $USER-test). Then export RESOURCEGROUP and run ./hack/ $RESOURCEGROUP to deploy a cluster.

  3. Access the web console via the link printed by, logging in with your Azure credentials.

  4. To inspect pods running on the OpenShift cluster, run KUBECONFIG=_data/_out/admin.kubeconfig oc get pods.

  5. To ssh into any OpenShift master node, run ./hack/ You can directly ssh to any other host from the master. sudo -i will give root.

  6. Run ./hack/ to delete the deployed cluster.


Basic OpenShift configuration (also see test/manifests/fakerp/create.yaml):

name: openshift
location: $AZURE_REGION
  openShiftVersion: v3.11
    - name: Azure AD
        kind: AADIdentityProvider
        clientId: $AZURE_AAD_CLIENT_ID
        secret: $AZURE_AAD_CLIENT_SECRET
        tenantId: $AZURE_TENANT_ID
    count: 3
    vmSize: Standard_D2s_v3
  - name: infra
    role: infra
    count: 3
    vmSize: Standard_D2s_v3
    osType: Linux
  - name: compute
    role: compute
    count: 1
    vmSize: Standard_D2s_v3
    osType: Linux

CI infrastructure

Read more about how to work with our CI system here.

For any infrastructure-related issues, make sure to contact the Developer Productivity team who is responsible for managing the OpenShift CI Infrastructure at #forum-testplatform in Slack.