diff --git a/go.mod b/go.mod index bc0dc05af8..780788bfde 100644 --- a/go.mod +++ b/go.mod @@ -10,15 +10,15 @@ require ( github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b github.com/buildpacks/pack v0.29.0 github.com/cloudevents/sdk-go/v2 v2.14.0 - github.com/containerd/containerd v1.6.18 + github.com/containerd/containerd v1.6.19 github.com/containers/image/v5 v5.19.1 github.com/coreos/go-semver v0.3.0 github.com/docker/cli v23.0.6+incompatible github.com/docker/docker v23.0.6+incompatible github.com/docker/docker-credential-helpers v0.7.0 github.com/docker/go-connections v0.4.0 - github.com/go-git/go-billy/v5 v5.4.0 - github.com/go-git/go-git/v5 v5.6.0 + github.com/go-git/go-billy/v5 v5.4.1 + github.com/go-git/go-git/v5 v5.6.1 github.com/google/go-cmp v0.5.9 github.com/google/go-containerregistry v0.14.1-0.20230409045903-ed5c185df419 github.com/google/go-github/v49 v49.1.0 @@ -68,9 +68,9 @@ require ( github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/BurntSushi/toml v1.2.1 // indirect - github.com/Microsoft/hcsshim v0.9.6 // indirect + github.com/Microsoft/hcsshim v0.9.7 // indirect github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect - github.com/acomagu/bufpipe v1.0.3 // indirect + github.com/acomagu/bufpipe v1.0.4 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect github.com/apex/log v1.9.0 // indirect @@ -216,6 +216,7 @@ require ( go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.9.0 // indirect go.uber.org/zap v1.24.0 // indirect + golang.org/x/exp v0.0.0-20230307190834-24139beb5833 // indirect golang.org/x/mod v0.9.0 // indirect golang.org/x/net v0.9.0 // indirect golang.org/x/sys v0.8.0 // indirect @@ -254,8 +255,6 @@ replace ( github.com/hinshun/vt10x => github.com/hinshun/vt10x v0.0.0-20180809195222-d55458df857c // update docker to be compatible with version used by pack and removes invalid pseudo-version github.com/openshift/source-to-image => github.com/boson-project/source-to-image v1.3.2 - // github.com/tektoncd/cli v0.29.1 requires github.com/tektoncd/pipeline v0.42.0 - github.com/tektoncd/pipeline => github.com/tektoncd/pipeline v0.42.0 // Pin k8s.io dependencies to align with Knative and Tekton needs k8s.io/api => k8s.io/api v0.25.4 k8s.io/apimachinery => k8s.io/apimachinery v0.25.4 diff --git a/go.sum b/go.sum index 6f55a18874..84f130af50 100644 --- a/go.sum +++ b/go.sum @@ -182,8 +182,8 @@ github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+V github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= -github.com/Microsoft/hcsshim v0.9.6 h1:VwnDOgLeoi2du6dAznfmspNqTiwczvjv4K7NxuY9jsY= -github.com/Microsoft/hcsshim v0.9.6/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= +github.com/Microsoft/hcsshim v0.9.7 h1:mKNHW/Xvv1aFH87Jb6ERDzXTJTLPlmzfZ28VBFD/bfg= +github.com/Microsoft/hcsshim v0.9.7/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20200826032352-301c83a30e7c/go.mod h1:30A5igQ91GEmhYJF8TaRP79pMBOYynRsyOByfVV0dU4= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= @@ -196,7 +196,6 @@ github.com/OpenPeeDeeP/depguard v1.0.1/go.mod h1:xsIw86fROiiwelg+jB2uM9PiKihMMmU github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/ProtonMail/go-crypto v0.0.0-20210920160938-87db9fbc61c7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/ProtonMail/go-crypto v0.0.0-20211112122917-428f8eabeeb3/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8= github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= @@ -209,8 +208,9 @@ github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMx github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg= github.com/VividCortex/ewma v1.2.0/go.mod h1:nz4BbCtbLyFDeC9SUHbtcT5644juEuWfUAUnGx7j5l4= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= -github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= +github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= +github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b h1:doCpXjVwui6HUN+xgNsNS3SZ0/jUZ68Eb+mJRNOZfog= @@ -431,8 +431,8 @@ github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTV github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= -github.com/containerd/containerd v1.6.18 h1:qZbsLvmyu+Vlty0/Ex5xc0z2YtKpIsb5n45mAMI+2Ns= -github.com/containerd/containerd v1.6.18/go.mod h1:1RdCUu95+gc2v9t3IL+zIlpClSmew7/0YS8O5eQZrOw= +github.com/containerd/containerd v1.6.19 h1:F0qgQPrG0P2JPgwpxWxYavrVeXAG0ezUIB9Z/4FTUAU= +github.com/containerd/containerd v1.6.19/go.mod h1:HZCDMn4v/Xl2579/MvtOC2M206i+JJ6VxFWU/NetrGY= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -664,14 +664,14 @@ github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.4.0 h1:Vaw7LaSTRJOUric7pe4vnzBSgyuf2KrLsu2Y4ZpQBDE= -github.com/go-git/go-billy/v5 v5.4.0/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= +github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= +github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= github.com/go-git/go-git-fixtures/v4 v4.3.1 h1:y5z6dd3qi8Hl+stezc8p3JxDkoTRqMAlKnXHuzrfjTQ= github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= -github.com/go-git/go-git/v5 v5.6.0 h1:JvBdYfcttd+0kdpuWO7KTu0FYgCf5W0t5VwkWGobaa4= -github.com/go-git/go-git/v5 v5.6.0/go.mod h1:6nmJ0tJ3N4noMV1Omv7rC5FG3/o8Cm51TB4CJp7mRmE= +github.com/go-git/go-git/v5 v5.6.1 h1:q4ZRqQl4pR/ZJHc1L5CFjGA1a10u76aV1iC+nh+bHsk= +github.com/go-git/go-git/v5 v5.6.1/go.mod h1:mvyoL6Unz0PiTQrGQfSfiLFhBH1c1e84ylC2MDs4ee8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -1594,8 +1594,8 @@ github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2/go.mod h1:yHp0 github.com/tdakkota/asciicheck v0.0.0-20200416200610-e657995f937b/go.mod h1:yHp0ai0Z9gUljN3o0xMhYJnH/IcvkdTBOX2fmJ93JEM= github.com/tektoncd/cli v0.31.1 h1:rhVfvwWRilHMXO8Y6bLDx9Ow3nRRWCLeEPuk52PJ/uQ= github.com/tektoncd/cli v0.31.1/go.mod h1:MB0HrmwcGnHjPv9d/oviOWAqNmvuhdNP84UJUZfqy7A= -github.com/tektoncd/pipeline v0.42.0 h1:K85XkpWw0hJvuGQpbfVfsG8wL/ptYLNP5UuvYDhtH5M= -github.com/tektoncd/pipeline v0.42.0/go.mod h1:AsKKcVxseE/VxA28hgXJ/JO/L3yl60jlegDgDUCSNXE= +github.com/tektoncd/pipeline v0.47.0 h1:zZxmp6im8/p9RaH32LgeCP6dwH/4hcsfvEQUrwGsUPA= +github.com/tektoncd/pipeline v0.47.0/go.mod h1:7H1DeNuEJFGoExGwQTlRul2IziCPxkjXRdDdirWmoQs= github.com/tektoncd/triggers v0.23.1-0.20230420080448-bf603123cc0f h1:VwUu2eWgu+c34hoocxCL2IE+1zjNeGigyNHdd9ODfL8= github.com/tektoncd/triggers v0.23.1-0.20230420080448-bf603123cc0f/go.mod h1:gMyEJZbLOs8+PnbjeaOa2Y2oex4IMPU9TD86WbytWIo= github.com/tetafro/godot v0.3.7/go.mod h1:/7NLHhv08H1+8DNj0MElpAACw1ajsCuf3TKNQxA5S+0= @@ -1780,7 +1780,7 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1795,6 +1795,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= +golang.org/x/exp v0.0.0-20230307190834-24139beb5833 h1:SChBja7BCQewoTAU7IgvucQKMIXrEpFxNMs0spT3/5s= +golang.org/x/exp v0.0.0-20230307190834-24139beb5833/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1903,7 +1905,8 @@ golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/oauth2 v0.0.0-20180724155351-3d292e4d0cdc/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -2085,7 +2088,6 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= @@ -2098,7 +2100,6 @@ golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= diff --git a/third_party/VENDOR-LICENSE/golang.org/x/exp/maps/LICENSE b/third_party/VENDOR-LICENSE/golang.org/x/exp/maps/LICENSE new file mode 100644 index 0000000000..6a66aea5ea --- /dev/null +++ b/third_party/VENDOR-LICENSE/golang.org/x/exp/maps/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go index f4605922ab..78490d6cdd 100644 --- a/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go +++ b/vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go @@ -161,7 +161,39 @@ func (process *Process) Kill(ctx context.Context) (bool, error) { return true, nil } - resultJSON, err := vmcompute.HcsTerminateProcess(ctx, process.handle) + // HCS serializes the signals sent to a target pid per compute system handle. + // To avoid SIGKILL being serialized behind other signals, we open a new compute + // system handle to deliver the kill signal. + // If the calls to opening a new compute system handle fail, we forcefully + // terminate the container itself so that no container is left behind + hcsSystem, err := OpenComputeSystem(ctx, process.system.id) + if err != nil { + // log error and force termination of container + log.G(ctx).WithField("err", err).Error("OpenComputeSystem() call failed") + err = process.system.Terminate(ctx) + // if the Terminate() call itself ever failed, log and return error + if err != nil { + log.G(ctx).WithField("err", err).Error("Terminate() call failed") + return false, err + } + process.system.Close() + return true, nil + } + defer hcsSystem.Close() + + newProcessHandle, err := hcsSystem.OpenProcess(ctx, process.Pid()) + if err != nil { + // Return true only if the target process has either already + // exited, or does not exist. + if IsAlreadyStopped(err) { + return true, nil + } else { + return false, err + } + } + defer newProcessHandle.Close() + + resultJSON, err := vmcompute.HcsTerminateProcess(ctx, newProcessHandle.handle) if err != nil { // We still need to check these two cases, as processes may still be killed by an // external actor (human operator, OOM, random script etc). @@ -185,9 +217,9 @@ func (process *Process) Kill(ctx context.Context) (bool, error) { } } events := processHcsResult(ctx, resultJSON) - delivered, err := process.processSignalResult(ctx, err) + delivered, err := newProcessHandle.processSignalResult(ctx, err) if err != nil { - err = makeProcessError(process, operation, err, events) + err = makeProcessError(newProcessHandle, operation, err, events) } process.killSignalDelivered = delivered diff --git a/vendor/github.com/acomagu/bufpipe/CREDITS b/vendor/github.com/acomagu/bufpipe/CREDITS new file mode 100644 index 0000000000..fb0d2b59a0 --- /dev/null +++ b/vendor/github.com/acomagu/bufpipe/CREDITS @@ -0,0 +1,60 @@ +Go (the standard library) +https://golang.org/ +---------------------------------------------------------------- +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +================================================================ + +github.com/matryer/is +https://github.com/matryer/is +---------------------------------------------------------------- +MIT License + +Copyright (c) 2017-2018 Mat Ryer + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +================================================================ + diff --git a/vendor/github.com/acomagu/bufpipe/LICENSE b/vendor/github.com/acomagu/bufpipe/LICENSE new file mode 100644 index 0000000000..1b5f21cd24 --- /dev/null +++ b/vendor/github.com/acomagu/bufpipe/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2019 acomagu + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/vendor/github.com/acomagu/bufpipe/README.md b/vendor/github.com/acomagu/bufpipe/README.md index 19df083142..136ee01db1 100644 --- a/vendor/github.com/acomagu/bufpipe/README.md +++ b/vendor/github.com/acomagu/bufpipe/README.md @@ -40,3 +40,13 @@ w.Close() ``` [Playground](https://play.golang.org/p/UppmyLeRgX6) + +## Contribution + +### Generate CREDITS + +The [CREDITS](./CREDITS) file are generated by [gocredits](https://github.com/Songmu/gocredits). Update it when the dependencies are changed. + +``` +$ gocredits > CREDITS +``` diff --git a/vendor/github.com/acomagu/bufpipe/bufpipe.go b/vendor/github.com/acomagu/bufpipe/bufpipe.go index 846dbcc290..34882ea080 100644 --- a/vendor/github.com/acomagu/bufpipe/bufpipe.go +++ b/vendor/github.com/acomagu/bufpipe/bufpipe.go @@ -124,5 +124,6 @@ func (w *PipeWriter) CloseWithError(err error) error { err = io.EOF } w.rerr = err + w.cond.Broadcast() return nil } diff --git a/vendor/github.com/go-git/go-billy/v5/memfs/memory.go b/vendor/github.com/go-git/go-billy/v5/memfs/memory.go index f217693e6f..dab73968b6 100644 --- a/vendor/github.com/go-git/go-billy/v5/memfs/memory.go +++ b/vendor/github.com/go-git/go-billy/v5/memfs/memory.go @@ -310,14 +310,14 @@ func (f *file) Duplicate(filename string, mode os.FileMode, flag int) billy.File flag: flag, } - if isAppend(flag) { - new.position = int64(new.content.Len()) - } - if isTruncate(flag) { new.content.Truncate() } + if isAppend(flag) { + new.position = int64(new.content.Len()) + } + return new } diff --git a/vendor/github.com/go-git/go-git/v5/Makefile b/vendor/github.com/go-git/go-git/v5/Makefile index d10922fb10..2acb8bc45d 100644 --- a/vendor/github.com/go-git/go-git/v5/Makefile +++ b/vendor/github.com/go-git/go-git/v5/Makefile @@ -27,7 +27,7 @@ build-git: test: @echo "running against `git version`"; \ - $(GOTEST) ./... + $(GOTEST) -race ./... test-coverage: @echo "running against `git version`"; \ diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go index d0e9a2974e..b2c2fee381 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go @@ -374,7 +374,7 @@ func (s *session) checkNotFoundError() error { case <-t.C: return ErrTimeoutExceeded case line, ok := <-s.firstErrLine: - if !ok { + if !ok || len(line) == 0 { return nil } diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go index 9d3bcd359c..e89ce4ba3c 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go @@ -43,6 +43,7 @@ const ( type KeyboardInteractive struct { User string Challenge ssh.KeyboardInteractiveChallenge + HostKeyCallbackHelper } func (a *KeyboardInteractive) Name() string { @@ -54,18 +55,19 @@ func (a *KeyboardInteractive) String() string { } func (a *KeyboardInteractive) ClientConfig() (*ssh.ClientConfig, error) { - return &ssh.ClientConfig{ + return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ a.Challenge, }, - }, nil + }) } // Password implements AuthMethod by using the given password. type Password struct { User string Password string + HostKeyCallbackHelper } func (a *Password) Name() string { @@ -77,10 +79,10 @@ func (a *Password) String() string { } func (a *Password) ClientConfig() (*ssh.ClientConfig, error) { - return &ssh.ClientConfig{ + return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.Password(a.Password)}, - }, nil + }) } // PasswordCallback implements AuthMethod by using a callback @@ -88,6 +90,7 @@ func (a *Password) ClientConfig() (*ssh.ClientConfig, error) { type PasswordCallback struct { User string Callback func() (pass string, err error) + HostKeyCallbackHelper } func (a *PasswordCallback) Name() string { @@ -99,16 +102,17 @@ func (a *PasswordCallback) String() string { } func (a *PasswordCallback) ClientConfig() (*ssh.ClientConfig, error) { - return &ssh.ClientConfig{ + return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PasswordCallback(a.Callback)}, - }, nil + }) } // PublicKeys implements AuthMethod by using the given key pairs. type PublicKeys struct { User string Signer ssh.Signer + HostKeyCallbackHelper } // NewPublicKeys returns a PublicKeys from a PEM encoded private key. An @@ -147,10 +151,10 @@ func (a *PublicKeys) String() string { } func (a *PublicKeys) ClientConfig() (*ssh.ClientConfig, error) { - return &ssh.ClientConfig{ + return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PublicKeys(a.Signer)}, - }, nil + }) } func username() (string, error) { @@ -173,6 +177,7 @@ func username() (string, error) { type PublicKeysCallback struct { User string Callback func() (signers []ssh.Signer, err error) + HostKeyCallbackHelper } // NewSSHAgentAuth returns a PublicKeysCallback based on a SSH agent, it opens @@ -207,10 +212,10 @@ func (a *PublicKeysCallback) String() string { } func (a *PublicKeysCallback) ClientConfig() (*ssh.ClientConfig, error) { - return &ssh.ClientConfig{ + return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, - }, nil + }) } // NewKnownHostsCallback returns ssh.HostKeyCallback based on a file based on a @@ -286,9 +291,6 @@ func filterKnownHostsFiles(files ...string) ([]string, error) { // HostKeyCallbackHelper is a helper that provides common functionality to // configure HostKeyCallback into a ssh.ClientConfig. -// Deprecated in favor of SetConfigHostKeyFields (see common.go) which provides -// a mechanism for also setting ClientConfig.HostKeyAlgorithms for a specific -// host. type HostKeyCallbackHelper struct { // HostKeyCallback is the function type used for verifying server keys. // If nil default callback will be create using NewKnownHostsCallback diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go index 4b9ac07977..e06958a3ba 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go @@ -10,6 +10,7 @@ import ( "github.com/go-git/go-git/v5/plumbing/transport" "github.com/go-git/go-git/v5/plumbing/transport/internal/common" + "github.com/skeema/knownhosts" "github.com/kevinburke/ssh_config" "golang.org/x/crypto/ssh" @@ -122,9 +123,18 @@ func (c *command) connect() error { return err } hostWithPort := c.getHostWithPort() - config, err = SetConfigHostKeyFields(config, hostWithPort) - if err != nil { - return err + if config.HostKeyCallback == nil { + kh, err := newKnownHosts() + if err != nil { + return err + } + config.HostKeyCallback = kh.HostKeyCallback() + config.HostKeyAlgorithms = kh.HostKeyAlgorithms(hostWithPort) + } else if len(config.HostKeyAlgorithms) == 0 { + // Set the HostKeyAlgorithms based on HostKeyCallback. + // For background see https://github.com/go-git/go-git/issues/411 as well as + // https://github.com/golang/go/issues/29286 for root cause. + config.HostKeyAlgorithms = knownhosts.HostKeyAlgorithms(config.HostKeyCallback, hostWithPort) } overrideConfig(c.config, config) @@ -167,23 +177,6 @@ func dial(network, addr string, config *ssh.ClientConfig) (*ssh.Client, error) { return ssh.NewClient(c, chans, reqs), nil } -// SetConfigHostKeyFields sets cfg.HostKeyCallback and cfg.HostKeyAlgorithms -// based on OpenSSH known_hosts. cfg is modified in-place. hostWithPort must be -// supplied, since the algorithms will be set based on the known host keys for -// that specific host. Otherwise, golang.org/x/crypto/ssh can return an error -// upon connecting to a host whose *first* key is not known, even though other -// keys (of different types) are known and match properly. -// For background see https://github.com/go-git/go-git/issues/411 as well as -// https://github.com/golang/go/issues/29286 for root cause. -func SetConfigHostKeyFields(cfg *ssh.ClientConfig, hostWithPort string) (*ssh.ClientConfig, error) { - kh, err := newKnownHosts() - if err == nil { - cfg.HostKeyCallback = kh.HostKeyCallback() - cfg.HostKeyAlgorithms = kh.HostKeyAlgorithms(hostWithPort) - } - return cfg, err -} - func (c *command) getHostWithPort() string { if addr, found := c.doGetHostWithPortFromSSHConfig(); found { return addr diff --git a/vendor/github.com/go-git/go-git/v5/repository.go b/vendor/github.com/go-git/go-git/v5/repository.go index 7292df627c..2a06f8be37 100644 --- a/vendor/github.com/go-git/go-git/v5/repository.go +++ b/vendor/github.com/go-git/go-git/v5/repository.go @@ -750,21 +750,20 @@ func (r *Repository) buildTagSignature(tag *object.Tag, signKey *openpgp.Entity) // If you want to check to see if the tag is an annotated tag, you can call // TagObject on the hash of the reference in ForEach: // -// ref, err := r.Tag("v0.1.0") -// if err != nil { -// // Handle error -// } -// -// obj, err := r.TagObject(ref.Hash()) -// switch err { -// case nil: -// // Tag object present -// case plumbing.ErrObjectNotFound: -// // Not a tag object -// default: -// // Some other error -// } +// ref, err := r.Tag("v0.1.0") +// if err != nil { +// // Handle error +// } // +// obj, err := r.TagObject(ref.Hash()) +// switch err { +// case nil: +// // Tag object present +// case plumbing.ErrObjectNotFound: +// // Not a tag object +// default: +// // Some other error +// } func (r *Repository) Tag(name string) (*plumbing.Reference, error) { ref, err := r.Reference(plumbing.ReferenceName(path.Join("refs", "tags", name)), false) if err != nil { @@ -1241,26 +1240,25 @@ func commitIterFunc(order LogOrder) func(c *object.Commit) object.CommitIter { // If you want to check to see if the tag is an annotated tag, you can call // TagObject on the hash Reference passed in through ForEach: // -// iter, err := r.Tags() -// if err != nil { -// // Handle error -// } -// -// if err := iter.ForEach(func (ref *plumbing.Reference) error { -// obj, err := r.TagObject(ref.Hash()) -// switch err { -// case nil: -// // Tag object present -// case plumbing.ErrObjectNotFound: -// // Not a tag object -// default: -// // Some other error -// return err -// } -// }); err != nil { -// // Handle outer iterator error -// } +// iter, err := r.Tags() +// if err != nil { +// // Handle error +// } // +// if err := iter.ForEach(func (ref *plumbing.Reference) error { +// obj, err := r.TagObject(ref.Hash()) +// switch err { +// case nil: +// // Tag object present +// case plumbing.ErrObjectNotFound: +// // Not a tag object +// default: +// // Some other error +// return err +// } +// }); err != nil { +// // Handle outer iterator error +// } func (r *Repository) Tags() (storer.ReferenceIter, error) { refIter, err := r.Storer.IterReferences() if err != nil { @@ -1424,9 +1422,13 @@ func (r *Repository) Worktree() (*Worktree, error) { // // Implemented resolvers : HEAD, branch, tag, heads/branch, refs/heads/branch, // refs/tags/tag, refs/remotes/origin/branch, refs/remotes/origin/HEAD, tilde and caret (HEAD~1, master~^, tag~2, ref/heads/master~1, ...), selection by text (HEAD^{/fix nasty bug}), hash (prefix and full) -func (r *Repository) ResolveRevision(rev plumbing.Revision) (*plumbing.Hash, error) { - p := revision.NewParserFromString(string(rev)) +func (r *Repository) ResolveRevision(in plumbing.Revision) (*plumbing.Hash, error) { + rev := in.String() + if rev == "" { + return &plumbing.ZeroHash, plumbing.ErrReferenceNotFound + } + p := revision.NewParserFromString(rev) items, err := p.Parse() if err != nil { @@ -1557,6 +1559,10 @@ func (r *Repository) ResolveRevision(rev plumbing.Revision) (*plumbing.Hash, err } } + if commit == nil { + return &plumbing.ZeroHash, plumbing.ErrReferenceNotFound + } + return &commit.Hash, nil } diff --git a/vendor/github.com/go-git/go-git/v5/storage/filesystem/dotgit/dotgit.go b/vendor/github.com/go-git/go-git/v5/storage/filesystem/dotgit/dotgit.go index 6c386f7992..2be2bae3ec 100644 --- a/vendor/github.com/go-git/go-git/v5/storage/filesystem/dotgit/dotgit.go +++ b/vendor/github.com/go-git/go-git/v5/storage/filesystem/dotgit/dotgit.go @@ -943,6 +943,7 @@ func (d *DotGit) walkReferencesTree(refs *[]*plumbing.Reference, relPath []strin files, err := d.fs.ReadDir(d.fs.Join(relPath...)) if err != nil { if os.IsNotExist(err) { + // a race happened, and our directory is gone now return nil } @@ -960,6 +961,10 @@ func (d *DotGit) walkReferencesTree(refs *[]*plumbing.Reference, relPath []strin } ref, err := d.readReferenceFile(".", strings.Join(newRelPath, "/")) + if os.IsNotExist(err) { + // a race happened, and our file is gone now + continue + } if err != nil { return err } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_bucket.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_bucket.go deleted file mode 100644 index abdfc6e7d8..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_bucket.go +++ /dev/null @@ -1,112 +0,0 @@ -/* -Copyright 2019 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package config - -import ( - "os" - - corev1 "k8s.io/api/core/v1" -) - -const ( - // BucketLocationKey is the name of the configmap entry that specifies - // loction of the bucket. - BucketLocationKey = "location" - - // BucketServiceAccountSecretNameKey is the name of the configmap entry that specifies - // the name of the secret that will provide the servie account with bucket access. - // This secret must have a key called serviceaccount that will have a value with - // the service account with access to the bucket - BucketServiceAccountSecretNameKey = "bucket.service.account.secret.name" - - // BucketServiceAccountSecretKeyKey is the name of the configmap entry that specifies - // the secret key that will have a value with the service account json with access - // to the bucket - BucketServiceAccountSecretKeyKey = "bucket.service.account.secret.key" - - // DefaultBucketServiceFieldName defaults to a gcs bucket - DefaultBucketServiceFieldName = "GOOGLE_APPLICATION_CREDENTIALS" - - // BucketServiceAccountFieldNameKey is the name of the configmap entry that specifies - // the field name that should be used for the service account. - // Valid values: GOOGLE_APPLICATION_CREDENTIALS, BOTO_CONFIG. - BucketServiceAccountFieldNameKey = "bucket.service.account.field.name" -) - -// ArtifactBucket holds the configurations for the artifacts PVC -// +k8s:deepcopy-gen=true -type ArtifactBucket struct { - Location string - ServiceAccountSecretName string - ServiceAccountSecretKey string - ServiceAccountFieldName string -} - -// GetArtifactBucketConfigName returns the name of the configmap containing all -// customizations for the storage bucket. -func GetArtifactBucketConfigName() string { - if e := os.Getenv("CONFIG_ARTIFACT_BUCKET_NAME"); e != "" { - return e - } - return "config-artifact-bucket" -} - -// Equals returns true if two Configs are identical -func (cfg *ArtifactBucket) Equals(other *ArtifactBucket) bool { - if cfg == nil && other == nil { - return true - } - - if cfg == nil || other == nil { - return false - } - - return other.Location == cfg.Location && - other.ServiceAccountSecretName == cfg.ServiceAccountSecretName && - other.ServiceAccountSecretKey == cfg.ServiceAccountSecretKey && - other.ServiceAccountFieldName == cfg.ServiceAccountFieldName -} - -// NewArtifactBucketFromMap returns a Config given a map corresponding to a ConfigMap -func NewArtifactBucketFromMap(cfgMap map[string]string) (*ArtifactBucket, error) { - tc := ArtifactBucket{ - ServiceAccountFieldName: DefaultBucketServiceFieldName, - } - - if location, ok := cfgMap[BucketLocationKey]; ok { - tc.Location = location - } - - if serviceAccountSecretName, ok := cfgMap[BucketServiceAccountSecretNameKey]; ok { - tc.ServiceAccountSecretName = serviceAccountSecretName - } - - if serviceAccountSecretKey, ok := cfgMap[BucketServiceAccountSecretKeyKey]; ok { - tc.ServiceAccountSecretKey = serviceAccountSecretKey - } - - if serviceAccountFieldName, ok := cfgMap[BucketServiceAccountFieldNameKey]; ok { - tc.ServiceAccountFieldName = serviceAccountFieldName - } - - return &tc, nil -} - -// NewArtifactBucketFromConfigMap returns a Config for the given configmap -func NewArtifactBucketFromConfigMap(config *corev1.ConfigMap) (*ArtifactBucket, error) { - return NewArtifactBucketFromMap(config.Data) -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_pvc.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_pvc.go deleted file mode 100644 index 5434353d39..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/artifact_pvc.go +++ /dev/null @@ -1,86 +0,0 @@ -/* -Copyright 2019 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package config - -import ( - "os" - - corev1 "k8s.io/api/core/v1" -) - -const ( - // DefaultPVCSize is the default size of the PVC to create - DefaultPVCSize = "5Gi" - - // PVCSizeKey is the name of the configmap entry that specifies the size of the PVC to create - PVCSizeKey = "size" - - // PVCStorageClassNameKey is the name of the configmap entry that specifies the storage class of the PVC to create - PVCStorageClassNameKey = "storageClassName" -) - -// ArtifactPVC holds the configurations for the artifacts PVC -// +k8s:deepcopy-gen=true -type ArtifactPVC struct { - Size string - StorageClassName string -} - -// GetArtifactPVCConfigName returns the name of the configmap containing all -// customizations for the storage PVC. -func GetArtifactPVCConfigName() string { - if e := os.Getenv("CONFIG_ARTIFACT_PVC_NAME"); e != "" { - return e - } - return "config-artifact-pvc" -} - -// Equals returns true if two Configs are identical -func (cfg *ArtifactPVC) Equals(other *ArtifactPVC) bool { - if cfg == nil && other == nil { - return true - } - - if cfg == nil || other == nil { - return false - } - - return other.Size == cfg.Size && - other.StorageClassName == cfg.StorageClassName -} - -// NewArtifactPVCFromMap returns a Config given a map corresponding to a ConfigMap -func NewArtifactPVCFromMap(cfgMap map[string]string) (*ArtifactPVC, error) { - tc := ArtifactPVC{ - Size: DefaultPVCSize, - } - - if size, ok := cfgMap[PVCSizeKey]; ok { - tc.Size = size - } - - if storageClassName, ok := cfgMap[PVCStorageClassNameKey]; ok { - tc.StorageClassName = storageClassName - } - - return &tc, nil -} - -// NewArtifactPVCFromConfigMap returns a Config for the given configmap -func NewArtifactPVCFromConfigMap(config *corev1.ConfigMap) (*ArtifactPVC, error) { - return NewArtifactPVCFromMap(config.Data) -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/default.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/default.go index aa7656a1fb..968dae25e8 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/default.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/default.go @@ -20,11 +20,14 @@ import ( "fmt" "log" "os" + "reflect" "strconv" + "strings" "time" "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/sets" "sigs.k8s.io/yaml" ) @@ -41,6 +44,8 @@ const ( DefaultCloudEventSinkValue = "" // DefaultMaxMatrixCombinationsCount is used when no max matrix combinations count is specified. DefaultMaxMatrixCombinationsCount = 256 + // DefaultResolverTypeValue is used when no default resolver type is specified + DefaultResolverTypeValue = "" defaultTimeoutMinutesKey = "default-timeout-minutes" defaultServiceAccountKey = "default-service-account" @@ -50,6 +55,8 @@ const ( defaultCloudEventsSinkKey = "default-cloud-events-sink" defaultTaskRunWorkspaceBinding = "default-task-run-workspace-binding" defaultMaxMatrixCombinationsCountKey = "default-max-matrix-combinations-count" + defaultForbiddenEnv = "default-forbidden-env" + defaultResolverTypeKey = "default-resolver-type" ) // Defaults holds the default configurations @@ -63,6 +70,8 @@ type Defaults struct { DefaultCloudEventsSink string DefaultTaskRunWorkspaceBinding string DefaultMaxMatrixCombinationsCount int + DefaultForbiddenEnv []string + DefaultResolverType string } // GetDefaultsConfigName returns the name of the configmap containing all @@ -91,7 +100,9 @@ func (cfg *Defaults) Equals(other *Defaults) bool { other.DefaultAAPodTemplate.Equals(cfg.DefaultAAPodTemplate) && other.DefaultCloudEventsSink == cfg.DefaultCloudEventsSink && other.DefaultTaskRunWorkspaceBinding == cfg.DefaultTaskRunWorkspaceBinding && - other.DefaultMaxMatrixCombinationsCount == cfg.DefaultMaxMatrixCombinationsCount + other.DefaultMaxMatrixCombinationsCount == cfg.DefaultMaxMatrixCombinationsCount && + other.DefaultResolverType == cfg.DefaultResolverType && + reflect.DeepEqual(other.DefaultForbiddenEnv, cfg.DefaultForbiddenEnv) } // NewDefaultsFromMap returns a Config given a map corresponding to a ConfigMap @@ -102,6 +113,7 @@ func NewDefaultsFromMap(cfgMap map[string]string) (*Defaults, error) { DefaultManagedByLabelValue: DefaultManagedByLabelValue, DefaultCloudEventsSink: DefaultCloudEventSinkValue, DefaultMaxMatrixCombinationsCount: DefaultMaxMatrixCombinationsCount, + DefaultResolverType: DefaultResolverTypeValue, } if defaultTimeoutMin, ok := cfgMap[defaultTimeoutMinutesKey]; ok { @@ -151,6 +163,18 @@ func NewDefaultsFromMap(cfgMap map[string]string) (*Defaults, error) { } tc.DefaultMaxMatrixCombinationsCount = int(matrixCombinationsCount) } + if defaultForbiddenEnvString, ok := cfgMap[defaultForbiddenEnv]; ok { + tmpString := sets.NewString() + fEnvs := strings.Split(defaultForbiddenEnvString, ",") + for _, fEnv := range fEnvs { + tmpString.Insert(strings.TrimSpace(fEnv)) + } + tc.DefaultForbiddenEnv = tmpString.List() + } + + if defaultResolverType, ok := cfgMap[defaultResolverTypeKey]; ok { + tc.DefaultResolverType = defaultResolverType + } return &tc, nil } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/feature_flags.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/feature_flags.go index c3e605662a..699a65516e 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/feature_flags.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/feature_flags.go @@ -33,23 +33,19 @@ const ( AlphaAPIFields = "alpha" // BetaAPIFields is the value used for "enable-api-fields" when beta APIs should be usable as well. BetaAPIFields = "beta" - // FullEmbeddedStatus is the value used for "embedded-status" when the full statuses of TaskRuns and Runs should be - // embedded in PipelineRunStatusFields, but ChildReferences should not be used. - FullEmbeddedStatus = "full" - // BothEmbeddedStatus is the value used for "embedded-status" when full embedded statuses of TaskRuns and Runs as - // well as ChildReferences should be used in PipelineRunStatusFields. - BothEmbeddedStatus = "both" - // MinimalEmbeddedStatus is the value used for "embedded-status" when only ChildReferences should be used in - // PipelineRunStatusFields. - MinimalEmbeddedStatus = "minimal" - // EnforceResourceVerificationMode is the value used for "resource-verification-mode" when verification is applied and fail the - // TaskRun or PipelineRun when verification fails - EnforceResourceVerificationMode = "enforce" - // WarnResourceVerificationMode is the value used for "resource-verification-mode" when verification is applied but only log - // the warning when verification fails - WarnResourceVerificationMode = "warn" - // SkipResourceVerificationMode is the value used for "resource-verification-mode" when verification is skipped - SkipResourceVerificationMode = "skip" + // FailNoMatchPolicy is the value used for "trusted-resources-verification-no-match-policy" to fail TaskRun or PipelineRun + // when no matching policies are found + FailNoMatchPolicy = "fail" + // WarnNoMatchPolicy is the value used for "trusted-resources-verification-no-match-policy" to log warning and skip verification + // when no matching policies are found + WarnNoMatchPolicy = "warn" + // IgnoreNoMatchPolicy is the value used for "trusted-resources-verification-no-match-policy" to skip verification + // when no matching policies are found + IgnoreNoMatchPolicy = "ignore" + // ResultExtractionMethodTerminationMessage is the value used for "results-from" as a way to extract results from tasks using kubernetes termination message. + ResultExtractionMethodTerminationMessage = "termination-message" + // ResultExtractionMethodSidecarLogs is the value used for "results-from" as a way to extract results from tasks using sidecar logs. + ResultExtractionMethodSidecarLogs = "sidecar-logs" // DefaultDisableAffinityAssistant is the default value for "disable-affinity-assistant". DefaultDisableAffinityAssistant = false // DefaultDisableCredsInit is the default value for "disable-creds-init". @@ -62,53 +58,64 @@ const ( DefaultRequireGitSSHSecretKnownHosts = false // DefaultEnableTektonOciBundles is the default value for "enable-tekton-oci-bundles". DefaultEnableTektonOciBundles = false - // DefaultEnableCustomTasks is the default value for "enable-custom-tasks". - DefaultEnableCustomTasks = false // DefaultEnableAPIFields is the default value for "enable-api-fields". DefaultEnableAPIFields = StableAPIFields // DefaultSendCloudEventsForRuns is the default value for "send-cloudevents-for-runs". DefaultSendCloudEventsForRuns = false - // DefaultEmbeddedStatus is the default value for "embedded-status". - DefaultEmbeddedStatus = FullEmbeddedStatus - // DefaultEnableSpire is the default value for "enable-spire". - DefaultEnableSpire = false - // DefaultResourceVerificationMode is the default value for "resource-verification-mode". - DefaultResourceVerificationMode = SkipResourceVerificationMode + // EnforceNonfalsifiabilityWithSpire is the value used for "enable-nonfalsifiability" when SPIRE is used to enable non-falsifiability. + EnforceNonfalsifiabilityWithSpire = "spire" + // EnforceNonfalsifiabilityNone is the value used for "enable-nonfalsifiability" when non-falsifiability is not enabled. + EnforceNonfalsifiabilityNone = "" + // DefaultEnforceNonfalsifiability is the default value for "enforce-nonfalsifiability". + DefaultEnforceNonfalsifiability = EnforceNonfalsifiabilityNone + // DefaultNoMatchPolicyConfig is the default value for "trusted-resources-verification-no-match-policy". + DefaultNoMatchPolicyConfig = IgnoreNoMatchPolicy // DefaultEnableProvenanceInStatus is the default value for "enable-provenance-status". DefaultEnableProvenanceInStatus = false + // DefaultResultExtractionMethod is the default value for ResultExtractionMethod + DefaultResultExtractionMethod = ResultExtractionMethodTerminationMessage + // DefaultMaxResultSize is the default value in bytes for the size of a result + DefaultMaxResultSize = 4096 disableAffinityAssistantKey = "disable-affinity-assistant" disableCredsInitKey = "disable-creds-init" runningInEnvWithInjectedSidecarsKey = "running-in-environment-with-injected-sidecars" awaitSidecarReadinessKey = "await-sidecar-readiness" - requireGitSSHSecretKnownHostsKey = "require-git-ssh-secret-known-hosts" // nolint: gosec + requireGitSSHSecretKnownHostsKey = "require-git-ssh-secret-known-hosts" //nolint:gosec enableTektonOCIBundles = "enable-tekton-oci-bundles" - enableCustomTasks = "enable-custom-tasks" enableAPIFields = "enable-api-fields" sendCloudEventsForRuns = "send-cloudevents-for-runs" - embeddedStatus = "embedded-status" - enableSpire = "enable-spire" - verificationMode = "resource-verification-mode" + enforceNonfalsifiability = "enforce-nonfalsifiability" + verificationNoMatchPolicy = "trusted-resources-verification-no-match-policy" enableProvenanceInStatus = "enable-provenance-in-status" + resultExtractionMethod = "results-from" + maxResultSize = "max-result-size" ) // FeatureFlags holds the features configurations // +k8s:deepcopy-gen=true +// +//nolint:musttag type FeatureFlags struct { DisableAffinityAssistant bool DisableCredsInit bool RunningInEnvWithInjectedSidecars bool RequireGitSSHSecretKnownHosts bool EnableTektonOCIBundles bool - EnableCustomTasks bool ScopeWhenExpressionsToTask bool EnableAPIFields string SendCloudEventsForRuns bool AwaitSidecarReadiness bool - EmbeddedStatus string - EnableSpire bool - ResourceVerificationMode string - EnableProvenanceInStatus bool + EnforceNonfalsifiability string + // VerificationNoMatchPolicy is the feature flag for "trusted-resources-verification-no-match-policy" + // VerificationNoMatchPolicy can be set to "ignore", "warn" and "fail" values. + // ignore: skip trusted resources verification when no matching verification policies found + // warn: skip trusted resources verification when no matching verification policies found and log a warning + // fail: fail the taskrun or pipelines run if no matching verification policies found + VerificationNoMatchPolicy string + EnableProvenanceInStatus bool + ResultExtractionMethod string + MaxResultSize int } // GetFeatureFlagsConfigName returns the name of the configmap containing all @@ -126,7 +133,7 @@ func NewFeatureFlagsFromMap(cfgMap map[string]string) (*FeatureFlags, error) { if cfg, ok := cfgMap[key]; ok { value, err := strconv.ParseBool(cfg) if err != nil { - return fmt.Errorf("failed parsing feature flags config %q: %v", cfg, err) + return fmt.Errorf("failed parsing feature flags config %q: %w", cfg, err) } *feature = value return nil @@ -157,13 +164,19 @@ func NewFeatureFlagsFromMap(cfgMap map[string]string) (*FeatureFlags, error) { if err := setFeature(sendCloudEventsForRuns, DefaultSendCloudEventsForRuns, &tc.SendCloudEventsForRuns); err != nil { return nil, err } - if err := setEmbeddedStatus(cfgMap, DefaultEmbeddedStatus, &tc.EmbeddedStatus); err != nil { + if err := setVerificationNoMatchPolicy(cfgMap, DefaultNoMatchPolicyConfig, &tc.VerificationNoMatchPolicy); err != nil { return nil, err } - if err := setResourceVerificationMode(cfgMap, DefaultResourceVerificationMode, &tc.ResourceVerificationMode); err != nil { + if err := setFeature(enableProvenanceInStatus, DefaultEnableProvenanceInStatus, &tc.EnableProvenanceInStatus); err != nil { return nil, err } - if err := setFeature(enableProvenanceInStatus, DefaultEnableProvenanceInStatus, &tc.EnableProvenanceInStatus); err != nil { + if err := setResultExtractionMethod(cfgMap, DefaultResultExtractionMethod, &tc.ResultExtractionMethod); err != nil { + return nil, err + } + if err := setMaxResultSize(cfgMap, DefaultMaxResultSize, &tc.MaxResultSize); err != nil { + return nil, err + } + if err := setEnforceNonFalsifiability(cfgMap, tc.EnableAPIFields, &tc.EnforceNonfalsifiability); err != nil { return nil, err } @@ -175,18 +188,10 @@ func NewFeatureFlagsFromMap(cfgMap map[string]string) (*FeatureFlags, error) { // defeat the purpose of having a single shared gate for all alpha features. if tc.EnableAPIFields == AlphaAPIFields { tc.EnableTektonOCIBundles = true - tc.EnableCustomTasks = true - tc.EnableSpire = true } else { if err := setFeature(enableTektonOCIBundles, DefaultEnableTektonOciBundles, &tc.EnableTektonOCIBundles); err != nil { return nil, err } - if err := setFeature(enableCustomTasks, DefaultEnableCustomTasks, &tc.EnableCustomTasks); err != nil { - return nil, err - } - if err := setFeature(enableSpire, DefaultEnableSpire, &tc.EnableSpire); err != nil { - return nil, err - } } return &tc, nil } @@ -207,34 +212,82 @@ func setEnabledAPIFields(cfgMap map[string]string, defaultValue string, feature return nil } -// setEmbeddedStatus sets the "embedded-status" flag based on the content of a given map. +// setEnforceNonFalsifiability sets the "enforce-nonfalsifiability" flag based on the content of a given map. +// If the feature gate is invalid, then an error is returned. +func setEnforceNonFalsifiability(cfgMap map[string]string, enableAPIFields string, feature *string) error { + var value = DefaultEnforceNonfalsifiability + if cfg, ok := cfgMap[enforceNonfalsifiability]; ok { + value = strings.ToLower(cfg) + } + + // validate that "enforce-nonfalsifiability" is set to a valid value + switch value { + case EnforceNonfalsifiabilityNone, EnforceNonfalsifiabilityWithSpire: + break + default: + return fmt.Errorf("invalid value for feature flag %q: %q", enforceNonfalsifiability, value) + } + + // validate that "enforce-nonfalsifiability" is set to allowed values for stability level + switch enableAPIFields { + case AlphaAPIFields: + *feature = value + default: + // Do not consider any form of non-falsifiability enforcement in non-alpha mode + if value != DefaultEnforceNonfalsifiability { + return fmt.Errorf("%q can be set to non-default values (%q) only in alpha", enforceNonfalsifiability, value) + } + } + return nil +} + +// setResultExtractionMethod sets the "results-from" flag based on the content of a given map. // If the feature gate is invalid or missing then an error is returned. -func setEmbeddedStatus(cfgMap map[string]string, defaultValue string, feature *string) error { +func setResultExtractionMethod(cfgMap map[string]string, defaultValue string, feature *string) error { value := defaultValue - if cfg, ok := cfgMap[embeddedStatus]; ok { + if cfg, ok := cfgMap[resultExtractionMethod]; ok { value = strings.ToLower(cfg) } switch value { - case FullEmbeddedStatus, BothEmbeddedStatus, MinimalEmbeddedStatus: + case ResultExtractionMethodTerminationMessage, ResultExtractionMethodSidecarLogs: *feature = value default: - return fmt.Errorf("invalid value for feature flag %q: %q", embeddedStatus, value) + return fmt.Errorf("invalid value for feature flag %q: %q", resultExtractionMethod, value) + } + return nil +} + +// setMaxResultSize sets the "max-result-size" flag based on the content of a given map. +// If the feature gate is invalid or missing then an error is returned. +func setMaxResultSize(cfgMap map[string]string, defaultValue int, feature *int) error { + value := defaultValue + if cfg, ok := cfgMap[maxResultSize]; ok { + v, err := strconv.Atoi(cfg) + if err != nil { + return err + } + value = v + } + // if max limit is > 1.5 MB (CRD limit). + if value >= 1572864 { + return fmt.Errorf("invalid value for feature flag %q: %q. This is exceeding the CRD limit", resultExtractionMethod, fmt.Sprint(value)) } + *feature = value return nil } -// setResourceVerificationMode sets the "resource-verification-mode" flag based on the content of a given map. +// setVerificationNoMatchPolicy sets the "trusted-resources-verification-no-match-policy" flag based on the content of a given map. // If the value is invalid or missing then an error is returned. -func setResourceVerificationMode(cfgMap map[string]string, defaultValue string, feature *string) error { +func setVerificationNoMatchPolicy(cfgMap map[string]string, defaultValue string, feature *string) error { value := defaultValue - if cfg, ok := cfgMap[verificationMode]; ok { + if cfg, ok := cfgMap[verificationNoMatchPolicy]; ok { value = strings.ToLower(cfg) } switch value { - case EnforceResourceVerificationMode, WarnResourceVerificationMode, SkipResourceVerificationMode: + case FailNoMatchPolicy, WarnNoMatchPolicy, IgnoreNoMatchPolicy: *feature = value default: - return fmt.Errorf("invalid value for feature flag %q: %q", verificationMode, value) + return fmt.Errorf("invalid value for feature flag %q: %q", verificationNoMatchPolicy, value) } return nil } @@ -246,12 +299,33 @@ func NewFeatureFlagsFromConfigMap(config *corev1.ConfigMap) (*FeatureFlags, erro // EnableAlphaAPIFields enables alpha features in an existing context (for use in testing) func EnableAlphaAPIFields(ctx context.Context) context.Context { - return setEnableAPIFields(ctx, "alpha") + return setEnableAPIFields(ctx, AlphaAPIFields) } // EnableBetaAPIFields enables beta features in an existing context (for use in testing) func EnableBetaAPIFields(ctx context.Context) context.Context { - return setEnableAPIFields(ctx, "beta") + return setEnableAPIFields(ctx, BetaAPIFields) +} + +// EnableStableAPIFields enables stable features in an existing context (for use in testing) +func EnableStableAPIFields(ctx context.Context) context.Context { + return setEnableAPIFields(ctx, StableAPIFields) +} + +// GetVerificationNoMatchPolicy returns the "trusted-resources-verification-no-match-policy" value +func GetVerificationNoMatchPolicy(ctx context.Context) string { + return FromContextOrDefaults(ctx).FeatureFlags.VerificationNoMatchPolicy +} + +// CheckAlphaOrBetaAPIFields return true if the enable-api-fields is either set to alpha or set to beta +func CheckAlphaOrBetaAPIFields(ctx context.Context) bool { + cfg := FromContextOrDefaults(ctx) + return cfg.FeatureFlags.EnableAPIFields == AlphaAPIFields || cfg.FeatureFlags.EnableAPIFields == BetaAPIFields +} + +// IsSpireEnabled checks if non-falsifiable provenance is enforced through SPIRE +func IsSpireEnabled(ctx context.Context) bool { + return FromContextOrDefaults(ctx).FeatureFlags.EnforceNonfalsifiability == EnforceNonfalsifiabilityWithSpire } func setEnableAPIFields(ctx context.Context, want string) context.Context { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/spire_config.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/spire_config.go new file mode 100644 index 0000000000..7ad507f202 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/spire_config.go @@ -0,0 +1,83 @@ +/* +Copyright 2022 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "fmt" + "os" + + sc "github.com/tektoncd/pipeline/pkg/spire/config" + corev1 "k8s.io/api/core/v1" +) + +const ( + // SpireConfigMapName is the name of the trusted resources configmap + SpireConfigMapName = "config-spire" + + // SpireTrustDomain is the key to extract out the SPIRE trust domain to use + SpireTrustDomain = "spire-trust-domain" + // SpireSocketPath is the key to extract out the SPIRE agent socket for SPIFFE workload API + SpireSocketPath = "spire-socket-path" + // SpireServerAddr is the key to extract out the SPIRE server address for workload/node registration + SpireServerAddr = "spire-server-addr" + // SpireNodeAliasPrefix is the key to extract out the SPIRE node alias prefix to use + SpireNodeAliasPrefix = "spire-node-alias-prefix" + + // SpireTrustDomainDefault is the default value for the SpireTrustDomain + SpireTrustDomainDefault = "example.org" + // SpireSocketPathDefault is the default value for the SpireSocketPath + SpireSocketPathDefault = "unix:///spiffe-workload-api/spire-agent.sock" + // SpireServerAddrDefault is the default value for the SpireServerAddr + SpireServerAddrDefault = "spire-server.spire.svc.cluster.local:8081" + // SpireNodeAliasPrefixDefault is the default value for the SpireNodeAliasPrefix + SpireNodeAliasPrefixDefault = "/tekton-node/" +) + +// NewSpireConfigFromMap creates a Config from the supplied map +func NewSpireConfigFromMap(data map[string]string) (*sc.SpireConfig, error) { + cfg := &sc.SpireConfig{} + var ok bool + if cfg.TrustDomain, ok = data[SpireTrustDomain]; !ok { + cfg.TrustDomain = SpireTrustDomainDefault + } + if cfg.SocketPath, ok = data[SpireSocketPath]; !ok { + cfg.SocketPath = SpireSocketPathDefault + } + if cfg.ServerAddr, ok = data[SpireServerAddr]; !ok { + cfg.ServerAddr = SpireServerAddrDefault + } + if cfg.NodeAliasPrefix, ok = data[SpireNodeAliasPrefix]; !ok { + cfg.NodeAliasPrefix = SpireNodeAliasPrefixDefault + } + if err := cfg.Validate(); err != nil { + return nil, fmt.Errorf("failed to parse SPIRE configmap: %w", err) + } + return cfg, nil +} + +// NewSpireConfigFromConfigMap creates a Config from the supplied ConfigMap +func NewSpireConfigFromConfigMap(configMap *corev1.ConfigMap) (*sc.SpireConfig, error) { + return NewSpireConfigFromMap(configMap.Data) +} + +// GetSpireConfigName returns the name of Spire ConfigMap +func GetSpireConfigName() string { + if e := os.Getenv("CONFIG_SPIRE"); e != "" { + return e + } + return SpireConfigMapName +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/store.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/store.go index 338a05c2ff..9cb15bdf0b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/store.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/store.go @@ -19,6 +19,7 @@ package config import ( "context" + sc "github.com/tektoncd/pipeline/pkg/spire/config" "knative.dev/pkg/configmap" ) @@ -27,12 +28,10 @@ type cfgKey struct{} // Config holds the collection of configurations that we attach to contexts. // +k8s:deepcopy-gen=false type Config struct { - Defaults *Defaults - FeatureFlags *FeatureFlags - ArtifactBucket *ArtifactBucket - ArtifactPVC *ArtifactPVC - Metrics *Metrics - TrustedResources *TrustedResources + Defaults *Defaults + FeatureFlags *FeatureFlags + Metrics *Metrics + SpireConfig *sc.SpireConfig } // FromContext extracts a Config from the provided context. @@ -52,17 +51,14 @@ func FromContextOrDefaults(ctx context.Context) *Config { } defaults, _ := NewDefaultsFromMap(map[string]string{}) featureFlags, _ := NewFeatureFlagsFromMap(map[string]string{}) - artifactBucket, _ := NewArtifactBucketFromMap(map[string]string{}) - artifactPVC, _ := NewArtifactPVCFromMap(map[string]string{}) metrics, _ := newMetricsFromMap(map[string]string{}) - trustedresources, _ := NewTrustedResourcesConfigFromMap(map[string]string{}) + spireconfig, _ := NewSpireConfigFromMap(map[string]string{}) + return &Config{ - Defaults: defaults, - FeatureFlags: featureFlags, - ArtifactBucket: artifactBucket, - ArtifactPVC: artifactPVC, - Metrics: metrics, - TrustedResources: trustedresources, + Defaults: defaults, + FeatureFlags: featureFlags, + Metrics: metrics, + SpireConfig: spireconfig, } } @@ -85,12 +81,10 @@ func NewStore(logger configmap.Logger, onAfterStore ...func(name string, value i "defaults/features/artifacts", logger, configmap.Constructors{ - GetDefaultsConfigName(): NewDefaultsFromConfigMap, - GetFeatureFlagsConfigName(): NewFeatureFlagsFromConfigMap, - GetArtifactBucketConfigName(): NewArtifactBucketFromConfigMap, - GetArtifactPVCConfigName(): NewArtifactPVCFromConfigMap, - GetMetricsConfigName(): NewMetricsFromConfigMap, - GetTrustedResourcesConfigName(): NewTrustedResourcesConfigFromConfigMap, + GetDefaultsConfigName(): NewDefaultsFromConfigMap, + GetFeatureFlagsConfigName(): NewFeatureFlagsFromConfigMap, + GetMetricsConfigName(): NewMetricsFromConfigMap, + GetSpireConfigName(): NewSpireConfigFromConfigMap, }, onAfterStore..., ), @@ -114,30 +108,20 @@ func (s *Store) Load() *Config { if featureFlags == nil { featureFlags, _ = NewFeatureFlagsFromMap(map[string]string{}) } - artifactBucket := s.UntypedLoad(GetArtifactBucketConfigName()) - if artifactBucket == nil { - artifactBucket, _ = NewArtifactBucketFromMap(map[string]string{}) - } - artifactPVC := s.UntypedLoad(GetArtifactPVCConfigName()) - if artifactPVC == nil { - artifactPVC, _ = NewArtifactPVCFromMap(map[string]string{}) - } - metrics := s.UntypedLoad(GetMetricsConfigName()) if metrics == nil { metrics, _ = newMetricsFromMap(map[string]string{}) } - trustedresources := s.UntypedLoad(GetTrustedResourcesConfigName()) - if trustedresources == nil { - trustedresources, _ = NewTrustedResourcesConfigFromMap(map[string]string{}) + + spireconfig := s.UntypedLoad(GetSpireConfigName()) + if spireconfig == nil { + spireconfig, _ = NewSpireConfigFromMap(map[string]string{}) } return &Config{ - Defaults: defaults.(*Defaults).DeepCopy(), - FeatureFlags: featureFlags.(*FeatureFlags).DeepCopy(), - ArtifactBucket: artifactBucket.(*ArtifactBucket).DeepCopy(), - ArtifactPVC: artifactPVC.(*ArtifactPVC).DeepCopy(), - Metrics: metrics.(*Metrics).DeepCopy(), - TrustedResources: trustedresources.(*TrustedResources).DeepCopy(), + Defaults: defaults.(*Defaults).DeepCopy(), + FeatureFlags: featureFlags.(*FeatureFlags).DeepCopy(), + Metrics: metrics.(*Metrics).DeepCopy(), + SpireConfig: spireconfig.(*sc.SpireConfig).DeepCopy(), } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/trusted_resources.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/trusted_resources.go deleted file mode 100644 index aee081bfd1..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/trusted_resources.go +++ /dev/null @@ -1,71 +0,0 @@ -/* -Copyright 2022 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package config - -import ( - "fmt" - "os" - - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/sets" - - cm "knative.dev/pkg/configmap" -) - -// TrustedResources holds the collection of configurations that we attach to contexts. -// Configmap named with "config-trusted-resources" where cosign pub key path and -// KMS pub key path can be configured -// +k8s:deepcopy-gen=true -type TrustedResources struct { - // Keys defines the name of the key in configmap data - Keys sets.String -} - -const ( - // DefaultPublicKeyPath is the default path of public key - DefaultPublicKeyPath = "" - // PublicKeys is the name of the public key keyref in configmap data - PublicKeys = "publickeys" - // TrustedTaskConfig is the name of the trusted resources configmap - TrustedTaskConfig = "config-trusted-resources" -) - -// NewTrustedResourcesConfigFromMap creates a Config from the supplied map -func NewTrustedResourcesConfigFromMap(data map[string]string) (*TrustedResources, error) { - cfg := &TrustedResources{ - Keys: sets.NewString(DefaultPublicKeyPath), - } - if err := cm.Parse(data, - cm.AsStringSet(PublicKeys, &cfg.Keys), - ); err != nil { - return nil, fmt.Errorf("failed to parse data: %w", err) - } - return cfg, nil -} - -// NewTrustedResourcesConfigFromConfigMap creates a Config from the supplied ConfigMap -func NewTrustedResourcesConfigFromConfigMap(configMap *corev1.ConfigMap) (*TrustedResources, error) { - return NewTrustedResourcesConfigFromMap(configMap.Data) -} - -// GetTrustedResourcesConfigName returns the name of TrustedResources ConfigMap -func GetTrustedResourcesConfigName() string { - if e := os.Getenv("CONFIG_TRUSTED_RESOURCES_NAME"); e != "" { - return e - } - return TrustedTaskConfig -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/zz_generated.deepcopy.go index 0415be8ae1..15d1070d8e 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/config/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/config/zz_generated.deepcopy.go @@ -23,41 +23,8 @@ package config import ( pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" - sets "k8s.io/apimachinery/pkg/util/sets" ) -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ArtifactBucket) DeepCopyInto(out *ArtifactBucket) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArtifactBucket. -func (in *ArtifactBucket) DeepCopy() *ArtifactBucket { - if in == nil { - return nil - } - out := new(ArtifactBucket) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ArtifactPVC) DeepCopyInto(out *ArtifactPVC) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ArtifactPVC. -func (in *ArtifactPVC) DeepCopy() *ArtifactPVC { - if in == nil { - return nil - } - out := new(ArtifactPVC) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Defaults) DeepCopyInto(out *Defaults) { *out = *in @@ -71,6 +38,11 @@ func (in *Defaults) DeepCopyInto(out *Defaults) { *out = new(pod.AffinityAssistantTemplate) (*in).DeepCopyInto(*out) } + if in.DefaultForbiddenEnv != nil { + in, out := &in.DefaultForbiddenEnv, &out.DefaultForbiddenEnv + *out = make([]string, len(*in)) + copy(*out, *in) + } return } @@ -115,26 +87,3 @@ func (in *Metrics) DeepCopy() *Metrics { in.DeepCopyInto(out) return out } - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TrustedResources) DeepCopyInto(out *TrustedResources) { - *out = *in - if in.Keys != nil { - in, out := &in.Keys, &out.Keys - *out = make(sets.String, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustedResources. -func (in *TrustedResources) DeepCopy() *TrustedResources { - if in == nil { - return nil - } - out := new(TrustedResources) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/controller.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/controller.go index dd5669174a..5f15500709 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/controller.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/controller.go @@ -18,11 +18,9 @@ package pipeline const ( // PipelineRunControllerName holds the name of the PipelineRun controller - // nolint: revive PipelineRunControllerName = "PipelineRun" // PipelineControllerName holds the name of the Pipeline controller - // nolint: revive PipelineControllerName = "Pipeline" // TaskRunControllerName holds the name of the TaskRun controller diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/images.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/images.go index e40ebfe563..ae3127ca73 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/images.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/images.go @@ -26,22 +26,14 @@ import ( type Images struct { // EntrypointImage is container image containing our entrypoint binary. EntrypointImage string + // SidecarLogResultsImage is container image containing the binary that fetches results from the steps and logs it to stdout. + SidecarLogResultsImage string // NopImage is the container image used to kill sidecars. NopImage string - // GitImage is the container image with Git that we use to implement the Git source step. - GitImage string - // KubeconfigWriterImage is the container image containing our kubeconfig writer binary. - KubeconfigWriterImage string // ShellImage is the container image containing bash shell. ShellImage string // ShellImageWin is the container image containing powershell. ShellImageWin string - // GsutilImage is the container image containing gsutil. - GsutilImage string - // PRImage is the container image that we use to implement the PR source step. - PRImage string - // ImageDigestExporterImage is the container image containing our image digest exporter binary. - ImageDigestExporterImage string // WorkingDirInitImage is the container image containing our working dir init binary. WorkingDirInitImage string @@ -55,14 +47,10 @@ func (i Images) Validate() error { v, name string }{ {i.EntrypointImage, "entrypoint-image"}, + {i.SidecarLogResultsImage, "sidecarlogresults-image"}, {i.NopImage, "nop-image"}, - {i.GitImage, "git-image"}, - {i.KubeconfigWriterImage, "kubeconfig-writer-image"}, {i.ShellImage, "shell-image"}, {i.ShellImageWin, "shell-image-win"}, - {i.GsutilImage, "gsutil-image"}, - {i.PRImage, "pr-image"}, - {i.ImageDigestExporterImage, "imagedigest-exporter-image"}, {i.WorkingDirInitImage, "workingdirinit-image"}, } { if f.v == "" { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go index 2ebfd462a2..e9f75fa3b7 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go @@ -32,6 +32,13 @@ type Template struct { // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` + // List of environment variables that can be provided to the containers belonging to the pod. + // +optional + // +patchMergeKey=name + // +patchStrategy=merge + // +listType=atomic + Env []corev1.EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"` + // If specified, the pod's tolerations. // +optional // +listType=atomic @@ -148,6 +155,7 @@ func (tpl *Template) ToAffinityAssistantTemplate() *AffinityAssistantTemplate { } // PodTemplate holds pod specific configuration +// //nolint:revive type PodTemplate = Template @@ -164,6 +172,9 @@ func MergePodTemplateWithDefault(tpl, defaultTpl *PodTemplate) *PodTemplate { return defaultTpl default: // Otherwise, merge fields + if tpl.Env == nil { + tpl.Env = defaultTpl.Env + } if tpl.NodeSelector == nil { tpl.NodeSelector = defaultTpl.NodeSelector } @@ -206,7 +217,7 @@ func MergePodTemplateWithDefault(tpl, defaultTpl *PodTemplate) *PodTemplate { if tpl.HostAliases == nil { tpl.HostAliases = defaultTpl.HostAliases } - if tpl.HostNetwork == false && defaultTpl.HostNetwork == true { + if !tpl.HostNetwork && defaultTpl.HostNetwork { tpl.HostNetwork = true } if tpl.TopologySpreadConstraints == nil { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go index 000cb713d3..450128e3a9 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go @@ -70,6 +70,13 @@ func (in *Template) DeepCopyInto(out *Template) { (*out)[key] = val } } + if in.Env != nil { + in, out := &in.Env, &out.Env + *out = make([]v1.EnvVar, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Tolerations != nil { in, out := &in.Tolerations, &out.Tolerations *out = make([]v1.Toleration, len(*in)) diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go index a95b23e72a..0a5ab30547 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go @@ -43,6 +43,9 @@ const ( // RunKey is used as the label identifier for a Run RunKey = GroupName + "/run" + // CustomRunKey is used as the label identifier for a CustomRun + CustomRunKey = GroupName + "/customRun" + // MemberOfLabelKey is used as the label identifier for a PipelineTask // Set to Tasks/Finally depending on the position of the PipelineTask MemberOfLabelKey = GroupName + "/memberOf" @@ -80,9 +83,9 @@ var ( Resource: "pipelineruns", } - // PipelineResourceResource represents a Tekton PipelineResource - PipelineResourceResource = schema.GroupResource{ + // CustomRunResource represents a Tekton CustomRun + CustomRunResource = schema.GroupResource{ Group: GroupName, - Resource: "pipelineresources", + Resource: "customruns", } ) diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/sidecarlogs.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/sidecarlogs.go new file mode 100644 index 0000000000..a0c570675e --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/sidecarlogs.go @@ -0,0 +1,27 @@ +/* +Copyright 2022 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package pipeline + +const ( + // ReservedResultsSidecarName is the name of the results sidecar that outputs the results to stdout + // when the results-from feature-flag is set to "sidecar-logs". + ReservedResultsSidecarName = "tekton-log-results" + + // ReservedResultsSidecarContainerName is the name of the results sidecar container that is injected + // by the reconciler. + ReservedResultsSidecarContainerName = "sidecar-tekton-log-results" +) diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_types.go index c3831ed218..79c9922f46 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_types.go @@ -5,7 +5,7 @@ Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -22,7 +22,6 @@ import ( // Step runs a subcomponent of a Task type Step struct { - // Name of the Step specified as a DNS_LABEL. // Each Step in a Task must have a unique name. Name string `json:"name" protobuf:"bytes,1,opt,name=name"` @@ -191,7 +190,6 @@ func (s *Step) SetContainerFields(c corev1.Container) { // StepTemplate is a template for a Step type StepTemplate struct { - // Image reference name. // More info: https://kubernetes.io/docs/concepts/containers/images // This field is optional to allow higher level config management to default or override @@ -308,7 +306,6 @@ func (s *StepTemplate) ToK8sContainer() *corev1.Container { // Sidecar has nearly the same data structure as Step but does not have the ability to timeout. type Sidecar struct { - // Name of the Sidecar specified as a DNS_LABEL. // Each Sidecar in a Task must have a unique name (DNS_LABEL). // Cannot be updated. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/matrix_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/matrix_types.go new file mode 100644 index 0000000000..67fb8a6b81 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/matrix_types.go @@ -0,0 +1,362 @@ +/* +Copyright 2023 The Tekton Authors +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + "context" + "fmt" + "sort" + + "github.com/tektoncd/pipeline/pkg/apis/config" + "golang.org/x/exp/maps" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/utils/strings/slices" + "knative.dev/pkg/apis" +) + +// Matrix is used to fan out Tasks in a Pipeline +type Matrix struct { + // Params is a list of parameters used to fan out the pipelineTask + // Params takes only `Parameters` of type `"array"` + // Each array element is supplied to the `PipelineTask` by substituting `params` of type `"string"` in the underlying `Task`. + // The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting. + // +listType=atomic + Params Params `json:"params,omitempty"` + + // Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix. + // +optional + // +listType=atomic + Include IncludeParamsList `json:"include,omitempty"` +} + +// IncludeParamsList is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix. +type IncludeParamsList []IncludeParams + +// IncludeParams allows passing in a specific combinations of Parameters into the Matrix. +type IncludeParams struct { + // Name the specified combination + Name string `json:"name,omitempty"` + + // Params takes only `Parameters` of type `"string"` + // The names of the `params` must match the names of the `params` in the underlying `Task` + // +listType=atomic + Params Params `json:"params,omitempty"` +} + +// Combination is a map, mainly defined to hold a single combination from a Matrix with key as param.Name and value as param.Value +type Combination map[string]string + +// Combinations is a Combination list +type Combinations []Combination + +// FanOut returns an list of params that represent combinations +func (m *Matrix) FanOut() []Params { + var combinations, includeCombinations Combinations + includeCombinations = m.getIncludeCombinations() + if m.HasInclude() && !m.HasParams() { + // If there are only Matrix Include Parameters return explicit combinations + return includeCombinations.toParams() + } + // Generate combinations from Matrix Parameters + for _, parameter := range m.Params { + combinations = combinations.fanOutMatrixParams(parameter) + } + combinations.overwriteCombinations(includeCombinations) + combinations = combinations.addNewCombinations(includeCombinations) + return combinations.toParams() +} + +// overwriteCombinations replaces any missing include params in the initial +// matrix params combinations by overwriting the initial combinations with the +// include combinations +func (cs Combinations) overwriteCombinations(ics Combinations) { + for _, paramCombination := range cs { + for _, includeCombination := range ics { + if paramCombination.contains(includeCombination) { + // overwrite the parameter name and value in existing combination + // with the include combination + for name, val := range includeCombination { + paramCombination[name] = val + } + } + } + } +} + +// addNewCombinations creates a new combination for any include parameter +// values that are missing entirely from the initial combinations and +// returns all combinations +func (cs Combinations) addNewCombinations(ics Combinations) Combinations { + for _, includeCombination := range ics { + if cs.shouldAddNewCombination(includeCombination) { + cs = append(cs, includeCombination) + } + } + return cs +} + +// contains returns true if the include parameter name and value exists in combinations +func (c Combination) contains(includeCombination Combination) bool { + for name, val := range includeCombination { + if _, exist := c[name]; exist { + if c[name] != val { + return false + } + } + } + return true +} + +// shouldAddNewCombination returns true if the include parameter name exists but the value is +// missing from combinations +func (cs Combinations) shouldAddNewCombination(includeCombination map[string]string) bool { + if len(includeCombination) == 0 { + return false + } + for _, paramCombination := range cs { + for name, val := range includeCombination { + if _, exist := paramCombination[name]; exist { + if paramCombination[name] == val { + return false + } + } + } + } + return true +} + +// toParams transforms Combinations from a slice of map[string]string to a slice of Params +// such that, these combinations can be directly consumed in creating taskRun/run object +func (cs Combinations) toParams() []Params { + listOfParams := make([]Params, len(cs)) + for i := range cs { + var params Params + combination := cs[i] + order, _ := combination.sortCombination() + for _, key := range order { + params = append(params, Param{ + Name: key, + Value: ParamValue{Type: ParamTypeString, StringVal: combination[key]}, + }) + } + listOfParams[i] = params + } + return listOfParams +} + +// fanOutMatrixParams generates new combinations based on Matrix Parameters. +func (cs Combinations) fanOutMatrixParams(param Param) Combinations { + if len(cs) == 0 { + return initializeCombinations(param) + } + return cs.distribute(param) +} + +// getIncludeCombinations generates combinations based on Matrix Include Parameters +func (m *Matrix) getIncludeCombinations() Combinations { + var combinations Combinations + for i := range m.Include { + includeParams := m.Include[i].Params + newCombination := make(Combination) + for _, param := range includeParams { + newCombination[param.Name] = param.Value.StringVal + } + combinations = append(combinations, newCombination) + } + return combinations +} + +// distribute generates a new Combination of Parameters by adding a new Parameter to an existing list of Combinations. +func (cs Combinations) distribute(param Param) Combinations { + var expandedCombinations Combinations + for _, value := range param.Value.ArrayVal { + for _, combination := range cs { + newCombination := make(Combination) + maps.Copy(newCombination, combination) + newCombination[param.Name] = value + _, orderedCombination := newCombination.sortCombination() + expandedCombinations = append(expandedCombinations, orderedCombination) + } + } + return expandedCombinations +} + +// initializeCombinations generates a new Combination based on the first Parameter in the Matrix. +func initializeCombinations(param Param) Combinations { + var combinations Combinations + for _, value := range param.Value.ArrayVal { + combinations = append(combinations, Combination{param.Name: value}) + } + return combinations +} + +// sortCombination sorts the given Combination based on the Parameter names to produce a deterministic ordering +func (c Combination) sortCombination() ([]string, Combination) { + sortedCombination := make(Combination, len(c)) + order := make([]string, 0, len(c)) + for key := range c { + order = append(order, key) + } + sort.Slice(order, func(i, j int) bool { + return order[i] <= order[j] + }) + for _, key := range order { + sortedCombination[key] = c[key] + } + return order, sortedCombination +} + +// CountCombinations returns the count of Combinations of Parameters generated from the Matrix in PipelineTask. +func (m *Matrix) CountCombinations() int { + // Iterate over Matrix Parameters and compute count of all generated Combinations + count := m.countGeneratedCombinationsFromParams() + + // Add any additional Combinations generated from Matrix Include Parameters + count += m.countNewCombinationsFromInclude() + + return count +} + +// countGeneratedCombinationsFromParams returns the count of Combinations of Parameters generated from the Matrix +// Parameters +func (m *Matrix) countGeneratedCombinationsFromParams() int { + if !m.HasParams() { + return 0 + } + count := 1 + for _, param := range m.Params { + count *= len(param.Value.ArrayVal) + } + return count +} + +// countNewCombinationsFromInclude returns the count of Combinations of Parameters generated from the Matrix +// Include Parameters +func (m *Matrix) countNewCombinationsFromInclude() int { + if !m.HasInclude() { + return 0 + } + if !m.HasParams() { + return len(m.Include) + } + count := 0 + matrixParamMap := m.Params.extractParamMapArrVals() + for _, include := range m.Include { + for _, param := range include.Params { + if val, exist := matrixParamMap[param.Name]; exist { + // If the Matrix Include param values does not exist, a new Combination will be generated + if !slices.Contains(val, param.Value.StringVal) { + count++ + } else { + break + } + } + } + } + return count +} + +// HasInclude returns true if the Matrix has Include Parameters +func (m *Matrix) HasInclude() bool { + return m != nil && m.Include != nil && len(m.Include) > 0 +} + +// HasParams returns true if the Matrix has Parameters +func (m *Matrix) HasParams() bool { + return m != nil && m.Params != nil && len(m.Params) > 0 +} + +// GetAllParams returns a list of all Matrix Parameters +func (m *Matrix) GetAllParams() Params { + var params Params + if m.HasParams() { + params = append(params, m.Params...) + } + if m.HasInclude() { + for _, include := range m.Include { + params = append(params, include.Params...) + } + } + return params +} + +func (m *Matrix) validateCombinationsCount(ctx context.Context) (errs *apis.FieldError) { + matrixCombinationsCount := m.CountCombinations() + maxMatrixCombinationsCount := config.FromContextOrDefaults(ctx).Defaults.DefaultMaxMatrixCombinationsCount + if matrixCombinationsCount > maxMatrixCombinationsCount { + errs = errs.Also(apis.ErrOutOfBoundsValue(matrixCombinationsCount, 0, maxMatrixCombinationsCount, "matrix")) + } + return errs +} + +// validateParams validates the type of Parameter for Matrix.Params and Matrix.Include.Params +// Matrix.Params must be of type array. Matrix.Include.Params must be of type string. +// validateParams also validates Matrix.Params for a unique list of params +// and a unique list of params in each Matrix.Include.Params specification +func (m *Matrix) validateParams() (errs *apis.FieldError) { + if m != nil { + if m.HasInclude() { + for i, include := range m.Include { + errs = errs.Also(include.Params.validateDuplicateParameters().ViaField(fmt.Sprintf("matrix.include[%d].params", i))) + for _, param := range include.Params { + if param.Value.Type != ParamTypeString { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("parameters of type string only are allowed, but got param type %s", string(param.Value.Type)), "").ViaFieldKey("matrix.include.params", param.Name)) + } + } + } + } + if m.HasParams() { + errs = errs.Also(m.Params.validateDuplicateParameters().ViaField("matrix.params")) + for _, param := range m.Params { + if param.Value.Type != ParamTypeArray { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("parameters of type array only are allowed, but got param type %s", string(param.Value.Type)), "").ViaFieldKey("matrix.params", param.Name)) + } + } + } + } + return errs +} + +// validatePipelineParametersVariablesInMatrixParameters validates all pipeline parameter variables including Matrix.Params and Matrix.Include.Params +// that may contain the reference(s) to other params to make sure those references are used appropriately. +func (m *Matrix) validatePipelineParametersVariablesInMatrixParameters(prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { + if m.HasInclude() { + for _, include := range m.Include { + for idx, param := range include.Params { + stringElement := param.Value.StringVal + // Matrix Include Params must be of type string + errs = errs.Also(validateStringVariable(stringElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("", idx).ViaField("matrix.include.params", "")) + } + } + } + if m.HasParams() { + for _, param := range m.Params { + for idx, arrayElement := range param.Value.ArrayVal { + // Matrix Params must be of type array + errs = errs.Also(validateArrayVariable(arrayElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("value", idx).ViaFieldKey("matrix.params", param.Name)) + } + } + } + return errs +} + +func (m *Matrix) validateParameterInOneOfMatrixOrParams(params []Param) (errs *apis.FieldError) { + matrixParamNames := m.GetAllParams().ExtractNames() + for _, param := range params { + if matrixParamNames.Has(param.Name) { + errs = errs.Also(apis.ErrMultipleOneOf("matrix["+param.Name+"]", "params["+param.Name+"]")) + } + } + return errs +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/merge.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/merge.go index b7995ae90a..b500ef8758 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/merge.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/merge.go @@ -20,6 +20,7 @@ import ( "encoding/json" corev1 "k8s.io/api/core/v1" + v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/strategicpatch" ) @@ -57,6 +58,8 @@ func MergeStepsWithStepTemplate(template *StepTemplate, steps []Step) ([]Step, e merged.Args = []string{} } + amendConflictingContainerFields(&merged, s) + // Pass through original step Script, for later conversion. newStep := Step{Script: s.Script, OnError: s.OnError, Timeout: s.Timeout, StdoutConfig: s.StdoutConfig, StderrConfig: s.StderrConfig} newStep.SetContainerFields(merged) @@ -65,6 +68,65 @@ func MergeStepsWithStepTemplate(template *StepTemplate, steps []Step) ([]Step, e return steps, nil } +// MergeStepsWithSpecs takes a possibly nil list of overrides and a +// list of steps, merging each of the steps with the overrides' resource requirements, if +// it's not nil, and returning the resulting list. +func MergeStepsWithSpecs(steps []Step, overrides []TaskRunStepSpec) ([]Step, error) { + stepNameToOverride := make(map[string]TaskRunStepSpec, len(overrides)) + for _, o := range overrides { + stepNameToOverride[o.Name] = o + } + for i, s := range steps { + o, found := stepNameToOverride[s.Name] + if !found { + continue + } + merged := v1.ResourceRequirements{} + err := mergeObjWithTemplate(&s.ComputeResources, &o.ComputeResources, &merged) + if err != nil { + return nil, err + } + steps[i].ComputeResources = merged + } + return steps, nil +} + +// MergeSidecarsWithSpecs takes a possibly nil list of overrides and a +// list of sidecars, merging each of the sidecars with the overrides' resource requirements, if +// it's not nil, and returning the resulting list. +func MergeSidecarsWithSpecs(sidecars []Sidecar, overrides []TaskRunSidecarSpec) ([]Sidecar, error) { + if len(overrides) == 0 { + return sidecars, nil + } + sidecarNameToOverride := make(map[string]TaskRunSidecarSpec, len(overrides)) + for _, o := range overrides { + sidecarNameToOverride[o.Name] = o + } + for i, s := range sidecars { + o, found := sidecarNameToOverride[s.Name] + if !found { + continue + } + merged := v1.ResourceRequirements{} + err := mergeObjWithTemplate(&s.ComputeResources, &o.ComputeResources, &merged) + if err != nil { + return nil, err + } + sidecars[i].ComputeResources = merged + } + return sidecars, nil +} + +// mergeObjWithTemplate merges obj with template and updates out to reflect the merged result. +// template, obj, and out should point to the same type. out points to the zero value of that type. +func mergeObjWithTemplate(template, obj, out interface{}) error { + md, err := getMergeData(template, out) + if err != nil { + return err + } + return mergeObjWithTemplateBytes(md, obj, out) +} + // getMergeData serializes the template and empty object to get the intermediate results necessary for // merging an object of the same type with this template. // This function is provided to avoid repeatedly serializing an identical template. @@ -114,3 +176,24 @@ func mergeObjWithTemplateBytes(md *mergeData, obj, out interface{}) error { // Unmarshal the merged JSON to a pointer, and return it. return json.Unmarshal(mergedAsJSON, out) } + +// amendConflictingContainerFields amends conflicting container fields after merge, and overrides conflicting fields +// by fields in step. +func amendConflictingContainerFields(container *corev1.Container, step Step) { + if container == nil || len(step.Env) == 0 { + return + } + + envNameToStepEnv := make(map[string]corev1.EnvVar, len(step.Env)) + for _, e := range step.Env { + envNameToStepEnv[e.Name] = e + } + + for index, env := range container.Env { + if env.ValueFrom != nil && len(env.Value) > 0 { + if e, ok := envNameToStepEnv[env.Name]; ok { + container.Env[index] = e + } + } + } +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go index c586cb3b27..5915648f90 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go @@ -33,8 +33,8 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod.AffinityAssistantTemplate": schema_pkg_apis_pipeline_pod_AffinityAssistantTemplate(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod.Template": schema_pkg_apis_pipeline_pod_Template(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ChildStatusReference": schema_pkg_apis_pipeline_v1_ChildStatusReference(ref), - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ConfigSource": schema_pkg_apis_pipeline_v1_ConfigSource(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.EmbeddedTask": schema_pkg_apis_pipeline_v1_EmbeddedTask(ref), + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.IncludeParams": schema_pkg_apis_pipeline_v1_IncludeParams(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Matrix": schema_pkg_apis_pipeline_v1_Matrix(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Param": schema_pkg_apis_pipeline_v1_Param(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ParamSpec": schema_pkg_apis_pipeline_v1_ParamSpec(ref), @@ -61,6 +61,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.PipelineWorkspaceDeclaration": schema_pkg_apis_pipeline_v1_PipelineWorkspaceDeclaration(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.PropertySpec": schema_pkg_apis_pipeline_v1_PropertySpec(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Provenance": schema_pkg_apis_pipeline_v1_Provenance(ref), + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.RefSource": schema_pkg_apis_pipeline_v1_RefSource(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ResolverRef": schema_pkg_apis_pipeline_v1_ResolverRef(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ResultRef": schema_pkg_apis_pipeline_v1_ResultRef(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Sidecar": schema_pkg_apis_pipeline_v1_Sidecar(ref), @@ -186,6 +187,27 @@ func schema_pkg_apis_pipeline_pod_Template(ref common.ReferenceCallback) common. }, }, }, + "env": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of environment variables that can be provided to the containers belonging to the pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.EnvVar"), + }, + }, + }, + }, + }, "tolerations": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -354,7 +376,7 @@ func schema_pkg_apis_pipeline_pod_Template(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume"}, + "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume"}, } } @@ -418,49 +440,6 @@ func schema_pkg_apis_pipeline_v1_ChildStatusReference(ref common.ReferenceCallba } } -func schema_pkg_apis_pipeline_v1_ConfigSource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ConfigSource identifies the source where a resource came from. This can include Git repositories, Task Bundles, file checksums, or other information that allows users to identify where the resource came from and what version was used.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "uri": { - SchemaProps: spec.SchemaProps{ - Description: "URI indicates the identity of the source of the config. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri Example: \"https://github.com/tektoncd/catalog\"", - Type: []string{"string"}, - Format: "", - }, - }, - "digest": { - SchemaProps: spec.SchemaProps{ - Description: "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "entryPoint": { - SchemaProps: spec.SchemaProps{ - Description: "EntryPoint identifies the entry point into the build. This is often a path to a configuration file and/or a target label within that file. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint Example: \"task/git-clone/0.8/git-clone.yaml\"", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - } -} - func schema_pkg_apis_pipeline_v1_EmbeddedTask(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -512,6 +491,13 @@ func schema_pkg_apis_pipeline_v1_EmbeddedTask(ref common.ReferenceCallback) comm }, }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the task that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the task that may be used to populate a UI.", @@ -628,6 +614,47 @@ func schema_pkg_apis_pipeline_v1_EmbeddedTask(ref common.ReferenceCallback) comm } } +func schema_pkg_apis_pipeline_v1_IncludeParams(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IncludeParams allows passing in a specific combinations of Parameters into the Matrix.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name the specified combination", + Type: []string{"string"}, + Format: "", + }, + }, + "params": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Params takes only `Parameters` of type `\"string\"` The names of the `params` must match the names of the `params` in the underlying `Task`", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Param"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Param"}, + } +} + func schema_pkg_apis_pipeline_v1_Matrix(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -654,11 +681,30 @@ func schema_pkg_apis_pipeline_v1_Matrix(ref common.ReferenceCallback) common.Ope }, }, }, + "include": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.IncludeParams"), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Param"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.IncludeParams", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Param"}, } } @@ -757,14 +803,14 @@ func schema_pkg_apis_pipeline_v1_ParamValue(ref common.ReferenceCallback) common Description: "ResultValue is a type alias of ParamValue", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "type": { + "Type": { SchemaProps: spec.SchemaProps{ Default: "", Type: []string{"string"}, Format: "", }, }, - "stringVal": { + "StringVal": { SchemaProps: spec.SchemaProps{ Description: "Represents the stored type of ParamValues.", Default: "", @@ -772,7 +818,7 @@ func schema_pkg_apis_pipeline_v1_ParamValue(ref common.ReferenceCallback) common Format: "", }, }, - "arrayVal": { + "ArrayVal": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ "x-kubernetes-list-type": "atomic", @@ -791,7 +837,7 @@ func schema_pkg_apis_pipeline_v1_ParamValue(ref common.ReferenceCallback) common }, }, }, - "objectVal": { + "ObjectVal": { SchemaProps: spec.SchemaProps{ Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ @@ -807,7 +853,7 @@ func schema_pkg_apis_pipeline_v1_ParamValue(ref common.ReferenceCallback) common }, }, }, - Required: []string{"type", "stringVal", "arrayVal", "objectVal"}, + Required: []string{"Type", "StringVal", "ArrayVal", "ObjectVal"}, }, }, } @@ -1120,7 +1166,7 @@ func schema_pkg_apis_pipeline_v1_PipelineRunRunStatus(ref common.ReferenceCallba "status": { SchemaProps: spec.SchemaProps{ Description: "Status is the RunStatus for the corresponding Run", - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1.RunStatus"), + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/run/v1beta1.CustomRunStatus"), }, }, "whenExpressions": { @@ -1146,7 +1192,7 @@ func schema_pkg_apis_pipeline_v1_PipelineRunRunStatus(ref common.ReferenceCallba }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.WhenExpression", "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1.RunStatus"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.WhenExpression", "github.com/tektoncd/pipeline/pkg/apis/run/v1beta1.CustomRunStatus"}, } } @@ -1389,6 +1435,22 @@ func schema_pkg_apis_pipeline_v1_PipelineRunStatus(ref common.ReferenceCallback) Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, @@ -1491,6 +1553,22 @@ func schema_pkg_apis_pipeline_v1_PipelineRunStatusFields(ref common.ReferenceCal Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, @@ -1553,6 +1631,13 @@ func schema_pkg_apis_pipeline_v1_PipelineSpec(ref common.ReferenceCallback) comm Description: "PipelineSpec defines the desired state of Pipeline.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the pipeline that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the pipeline that may be used to populate a UI.", @@ -1677,6 +1762,20 @@ func schema_pkg_apis_pipeline_v1_PipelineTask(ref common.ReferenceCallback) comm Format: "", }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is the display name of this task within the context of a Pipeline. This display name may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Description: "Description is the description of this task within the context of a Pipeline. This description may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "taskRef": { SchemaProps: spec.SchemaProps{ Description: "TaskRef is a reference to a task definition.", @@ -1987,7 +2086,7 @@ func schema_pkg_apis_pipeline_v1_PipelineWorkspaceDeclaration(ref common.Referen return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding. Deprecated: use PipelineWorkspaceDeclaration type instead", + Description: "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding.\n\nDeprecated: use PipelineWorkspaceDeclaration type instead", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2042,20 +2141,69 @@ func schema_pkg_apis_pipeline_v1_Provenance(ref common.ReferenceCallback) common return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield `ConfigSource` that identifies the source where a build config file came from. In future, it can be expanded as needed to include more metadata about the build. This field aims to be used to carry minimum amount of the authenticated metadata in *Run status so that Tekton Chains can pick it up and record in the provenance it generates.", + Description: "Provenance contains metadata about resources used in the TaskRun/PipelineRun such as the source from where a remote build definition was fetched. This field aims to carry minimum amoumt of metadata in *Run status so that Tekton Chains can capture them in the provenance.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "configSource": { + "refSource": { + SchemaProps: spec.SchemaProps{ + Description: "RefSource identifies the source where a remote task/pipeline came from.", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.RefSource"), + }, + }, + "featureFlags": { SchemaProps: spec.SchemaProps{ - Description: "ConfigSource identifies the source where a resource came from.", - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ConfigSource"), + Description: "FeatureFlags identifies the feature flags that were used during the task/pipeline run", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/config.FeatureFlags"), }, }, }, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.ConfigSource"}, + "github.com/tektoncd/pipeline/pkg/apis/config.FeatureFlags", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.RefSource"}, + } +} + +func schema_pkg_apis_pipeline_v1_RefSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RefSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uri": { + SchemaProps: spec.SchemaProps{ + Description: "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", + Type: []string{"string"}, + Format: "", + }, + }, + "digest": { + SchemaProps: spec.SchemaProps{ + Description: "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "entryPoint": { + SchemaProps: spec.SchemaProps{ + Description: "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -3114,14 +3262,14 @@ func schema_pkg_apis_pipeline_v1_TaskRef(ref common.ReferenceCallback) common.Op }, "kind": { SchemaProps: spec.SchemaProps{ - Description: "TaskKind indicates the kind of the task, namespaced or cluster scoped.", + Description: "TaskKind indicates the Kind of the Task: 1. Namespaced Task when Kind is set to \"Task\". If Kind is \"\", it defaults to \"Task\". 2. Custom Task when Kind is non-empty and APIVersion is non-empty", Type: []string{"string"}, Format: "", }, }, "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "API version of the referent", + Description: "API version of the referent Note: A Task with non-empty APIVersion and Kind is considered a Custom Task", Type: []string{"string"}, Format: "", }, @@ -3465,7 +3613,7 @@ func schema_pkg_apis_pipeline_v1_TaskRunSpec(ref common.ReferenceCallback) commo }, "status": { SchemaProps: spec.SchemaProps{ - Description: "Used for cancelling a taskrun (and maybe more later on)", + Description: "Used for cancelling a TaskRun (and maybe more later on)", Type: []string{"string"}, Format: "", }, @@ -3477,9 +3625,16 @@ func schema_pkg_apis_pipeline_v1_TaskRunSpec(ref common.ReferenceCallback) commo Format: "", }, }, + "retries": { + SchemaProps: spec.SchemaProps{ + Description: "Retries represents how many times this TaskRun should be retried in the event of task failure.", + Type: []string{"integer"}, + Format: "int32", + }, + }, "timeout": { SchemaProps: spec.SchemaProps{ - Description: "Time after which the build times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + Description: "Time after which one retry attempt times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"), }, }, @@ -3718,6 +3873,22 @@ func schema_pkg_apis_pipeline_v1_TaskRunStatus(ref common.ReferenceCallback) com Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, Required: []string{"podName"}, }, @@ -3842,6 +4013,22 @@ func schema_pkg_apis_pipeline_v1_TaskRunStatusFields(ref common.ReferenceCallbac Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, Required: []string{"podName"}, }, @@ -3908,6 +4095,13 @@ func schema_pkg_apis_pipeline_v1_TaskSpec(ref common.ReferenceCallback) common.O }, }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the task that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the task that may be used to populate a UI.", diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/param_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/param_types.go index 2269c0896c..746cd3d4cb 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/param_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/param_types.go @@ -23,8 +23,8 @@ import ( "regexp" "strings" - resource "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1" "github.com/tektoncd/pipeline/pkg/substitution" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" "knative.dev/pkg/apis" ) @@ -62,6 +62,9 @@ type ParamSpec struct { Default *ParamValue `json:"default,omitempty"` } +// ParamSpecs is a list of ParamSpec +type ParamSpecs []ParamSpec + // PropertySpec defines the struct for object keys type PropertySpec struct { Type ParamType `json:"type,omitempty"` @@ -107,16 +110,253 @@ func (pp *ParamSpec) setDefaultsForProperties() { } } -// ResourceParam declares a string value to use for the parameter called Name, and is used in -// the specific context of PipelineResources. -type ResourceParam = resource.ResourceParam - // Param declares an ParamValues to use for the parameter called name. type Param struct { Name string `json:"name"` Value ParamValue `json:"value"` } +// ExtractNames returns a set of unique names +func (ps Params) ExtractNames() sets.String { + names := sets.String{} + for _, p := range ps { + names.Insert(p.Name) + } + return names +} + +func (ps Params) extractValues() []string { + pvs := []string{} + for i := range ps { + pvs = append(pvs, ps[i].Value.StringVal) + pvs = append(pvs, ps[i].Value.ArrayVal...) + for _, v := range ps[i].Value.ObjectVal { + pvs = append(pvs, v) + } + } + return pvs +} + +// extractParamMapArrVals creates a param map with the key: param.Name and +// val: param.Value.ArrayVal +func (ps Params) extractParamMapArrVals() map[string][]string { + paramsMap := make(map[string][]string) + for _, p := range ps { + paramsMap[p.Name] = p.Value.ArrayVal + } + return paramsMap +} + +// Params is a list of Param +type Params []Param + +// extractParamArrayLengths extract and return the lengths of all array params +// Example of returned value: {"a-array-params": 2,"b-array-params": 2 } +func (ps Params) extractParamArrayLengths() map[string]int { + // Collect all array params + arrayParamsLengths := make(map[string]int) + + // Collect array params lengths from params + for _, p := range ps { + if p.Value.Type == ParamTypeArray { + arrayParamsLengths[p.Name] = len(p.Value.ArrayVal) + } + } + return arrayParamsLengths +} + +// validateDuplicateParameters checks if a parameter with the same name is defined more than once +func (ps Params) validateDuplicateParameters() (errs *apis.FieldError) { + taskParamNames := sets.NewString() + for i, param := range ps { + if taskParamNames.Has(param.Name) { + errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("parameter names must be unique,"+ + " the parameter \"%s\" is also defined at", param.Name), fmt.Sprintf("[%d].name", i))) + } + taskParamNames.Insert(param.Name) + } + return errs +} + +// extractParamArrayLengths extract and return the lengths of all array params +// Example of returned value: {"a-array-params": 2,"b-array-params": 2 } +func (ps ParamSpecs) extractParamArrayLengths() map[string]int { + // Collect all array params + arrayParamsLengths := make(map[string]int) + + // Collect array params lengths from defaults + for _, p := range ps { + if p.Default != nil { + if p.Default.Type == ParamTypeArray { + arrayParamsLengths[p.Name] = len(p.Default.ArrayVal) + } + } + } + return arrayParamsLengths +} + +// validateOutofBoundArrayParams validates if the array indexing params are out of bound +// example of arrayIndexingParams: ["$(params.a-array-param[1])", "$(params.b-array-param[2])"] +// example of arrayParamsLengths: {"a-array-params": 2,"b-array-params": 2 } +func validateOutofBoundArrayParams(arrayIndexingParams []string, arrayParamsLengths map[string]int) error { + outofBoundParams := sets.String{} + for _, val := range arrayIndexingParams { + indexString := substitution.ExtractIndexString(val) + idx, _ := substitution.ExtractIndex(indexString) + // this will extract the param name from reference + // e.g. $(params.a-array-param[1]) -> a-array-param + paramName, _, _ := substitution.ExtractVariablesFromString(substitution.TrimArrayIndex(val), "params") + + if paramLength, ok := arrayParamsLengths[paramName[0]]; ok { + if idx >= paramLength { + outofBoundParams.Insert(val) + } + } + } + if outofBoundParams.Len() > 0 { + return fmt.Errorf("non-existent param references:%v", outofBoundParams.List()) + } + return nil +} + +// extractArrayIndexingParamRefs takes a string of the form `foo-$(params.array-param[1])-bar` and extracts the portions of the string that reference an element in an array param. +// For example, for the string “foo-$(params.array-param[1])-bar-$(params.other-array-param[2])-$(params.string-param)`, +// it would return ["$(params.array-param[1])", "$(params.other-array-param[2])"]. +func extractArrayIndexingParamRefs(paramReference string) []string { + l := []string{} + list := substitution.ExtractParamsExpressions(paramReference) + for _, val := range list { + indexString := substitution.ExtractIndexString(val) + if indexString != "" { + l = append(l, val) + } + } + return l +} + +// extractParamRefsFromSteps get all array indexing references from steps +func extractParamRefsFromSteps(steps []Step) []string { + paramsRefs := []string{} + for _, step := range steps { + paramsRefs = append(paramsRefs, step.Script) + container := step.ToK8sContainer() + paramsRefs = append(paramsRefs, extractParamRefsFromContainer(container)...) + } + return paramsRefs +} + +// extractParamRefsFromStepTemplate get all array indexing references from StepsTemplate +func extractParamRefsFromStepTemplate(stepTemplate *StepTemplate) []string { + if stepTemplate == nil { + return nil + } + container := stepTemplate.ToK8sContainer() + return extractParamRefsFromContainer(container) +} + +// extractParamRefsFromSidecars get all array indexing references from sidecars +func extractParamRefsFromSidecars(sidecars []Sidecar) []string { + paramsRefs := []string{} + for _, s := range sidecars { + paramsRefs = append(paramsRefs, s.Script) + container := s.ToK8sContainer() + paramsRefs = append(paramsRefs, extractParamRefsFromContainer(container)...) + } + return paramsRefs +} + +// extractParamRefsFromVolumes get all array indexing references from volumes +func extractParamRefsFromVolumes(volumes []corev1.Volume) []string { + paramsRefs := []string{} + for i, v := range volumes { + paramsRefs = append(paramsRefs, v.Name) + if v.VolumeSource.ConfigMap != nil { + paramsRefs = append(paramsRefs, v.ConfigMap.Name) + for _, item := range v.ConfigMap.Items { + paramsRefs = append(paramsRefs, item.Key) + paramsRefs = append(paramsRefs, item.Path) + } + } + if v.VolumeSource.Secret != nil { + paramsRefs = append(paramsRefs, v.Secret.SecretName) + for _, item := range v.Secret.Items { + paramsRefs = append(paramsRefs, item.Key) + paramsRefs = append(paramsRefs, item.Path) + } + } + if v.PersistentVolumeClaim != nil { + paramsRefs = append(paramsRefs, v.PersistentVolumeClaim.ClaimName) + } + if v.Projected != nil { + for _, s := range volumes[i].Projected.Sources { + if s.ConfigMap != nil { + paramsRefs = append(paramsRefs, s.ConfigMap.Name) + } + if s.Secret != nil { + paramsRefs = append(paramsRefs, s.Secret.Name) + } + if s.ServiceAccountToken != nil { + paramsRefs = append(paramsRefs, s.ServiceAccountToken.Audience) + } + } + } + if v.CSI != nil { + if v.CSI.NodePublishSecretRef != nil { + paramsRefs = append(paramsRefs, v.CSI.NodePublishSecretRef.Name) + } + if v.CSI.VolumeAttributes != nil { + for _, value := range v.CSI.VolumeAttributes { + paramsRefs = append(paramsRefs, value) + } + } + } + } + return paramsRefs +} + +// extractParamRefsFromContainer get all array indexing references from container +func extractParamRefsFromContainer(c *corev1.Container) []string { + paramsRefs := []string{} + paramsRefs = append(paramsRefs, c.Name) + paramsRefs = append(paramsRefs, c.Image) + paramsRefs = append(paramsRefs, string(c.ImagePullPolicy)) + paramsRefs = append(paramsRefs, c.Args...) + + for ie, e := range c.Env { + paramsRefs = append(paramsRefs, e.Value) + if c.Env[ie].ValueFrom != nil { + if e.ValueFrom.SecretKeyRef != nil { + paramsRefs = append(paramsRefs, e.ValueFrom.SecretKeyRef.LocalObjectReference.Name) + paramsRefs = append(paramsRefs, e.ValueFrom.SecretKeyRef.Key) + } + if e.ValueFrom.ConfigMapKeyRef != nil { + paramsRefs = append(paramsRefs, e.ValueFrom.ConfigMapKeyRef.LocalObjectReference.Name) + paramsRefs = append(paramsRefs, e.ValueFrom.ConfigMapKeyRef.Key) + } + } + } + + for _, e := range c.EnvFrom { + paramsRefs = append(paramsRefs, e.Prefix) + if e.ConfigMapRef != nil { + paramsRefs = append(paramsRefs, e.ConfigMapRef.LocalObjectReference.Name) + } + if e.SecretRef != nil { + paramsRefs = append(paramsRefs, e.SecretRef.LocalObjectReference.Name) + } + } + + paramsRefs = append(paramsRefs, c.WorkingDir) + paramsRefs = append(paramsRefs, c.Command...) + + for _, v := range c.VolumeMounts { + paramsRefs = append(paramsRefs, v.Name) + paramsRefs = append(paramsRefs, v.MountPath) + paramsRefs = append(paramsRefs, v.SubPath) + } + return paramsRefs +} + // ParamType indicates the type of an input parameter; // Used to distinguish between a single string and an array of strings. type ParamType string @@ -137,11 +377,11 @@ var AllParamTypes = []ParamType{ParamTypeString, ParamTypeArray, ParamTypeObject // Used in JSON unmarshalling so that a single JSON field can accept // either an individual string or an array of strings. type ParamValue struct { - Type ParamType `json:"type"` // Represents the stored type of ParamValues. - StringVal string `json:"stringVal"` + Type ParamType // Represents the stored type of ParamValues. + StringVal string // +listType=atomic - ArrayVal []string `json:"arrayVal"` - ObjectVal map[string]string `json:"objectVal"` + ArrayVal []string + ObjectVal map[string]string } // UnmarshalJSON implements the json.Unmarshaller interface. @@ -214,6 +454,8 @@ func (paramValues *ParamValue) ApplyReplacements(stringReplacements map[string]s newObjectVal[k] = substitution.ApplyReplacements(v, stringReplacements) } paramValues.ObjectVal = newObjectVal + case ParamTypeString: + fallthrough default: paramValues.applyOrCorrect(stringReplacements, arrayReplacements, objectReplacements) } @@ -291,12 +533,9 @@ func ArrayReference(a string) string { // validatePipelineParametersVariablesInTaskParameters validates param value that // may contain the reference(s) to other params to make sure those references are used appropriately. -func validatePipelineParametersVariablesInTaskParameters(params []Param, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { - taskParamNames := sets.NewString() - for i, param := range params { - if taskParamNames.Has(param.Name) { - errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("params names must be unique, the same param: %s is defined multiple times at", param.Name), fmt.Sprintf("params[%d].name", i))) - } +func validatePipelineParametersVariablesInTaskParameters(params Params, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { + errs = errs.Also(params.validateDuplicateParameters()).ViaField("params") + for _, param := range params { switch param.Value.Type { case ParamTypeArray: for idx, arrayElement := range param.Value.ArrayVal { @@ -306,47 +545,11 @@ func validatePipelineParametersVariablesInTaskParameters(params []Param, prefix for key, val := range param.Value.ObjectVal { errs = errs.Also(validateStringVariable(val, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldKey("properties", key).ViaFieldKey("params", param.Name)) } + case ParamTypeString: + fallthrough default: errs = errs.Also(validateParamStringValue(param, prefix, paramNames, arrayParamNames, objectParamNameKeys)) } - taskParamNames.Insert(param.Name) - } - return errs -} - -// validatePipelineParametersVariablesInMatrixParameters validates matrix param value -// that may contain the reference(s) to other params to make sure those references are used appropriately. -func validatePipelineParametersVariablesInMatrixParameters(matrix []Param, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { - for _, param := range matrix { - for idx, arrayElement := range param.Value.ArrayVal { - errs = errs.Also(validateArrayVariable(arrayElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("value", idx).ViaFieldKey("matrix", param.Name)) - } - } - return errs -} - -func validateParametersInTaskMatrix(matrix *Matrix) (errs *apis.FieldError) { - if matrix != nil { - for _, param := range matrix.Params { - if param.Value.Type != ParamTypeArray { - errs = errs.Also(apis.ErrInvalidValue("parameters of type array only are allowed in matrix", "").ViaFieldKey("matrix", param.Name)) - } - } - } - return errs -} - -func validateParameterInOneOfMatrixOrParams(matrix *Matrix, params []Param) (errs *apis.FieldError) { - matrixParameterNames := sets.NewString() - if matrix != nil { - for _, param := range matrix.Params { - matrixParameterNames.Insert(param.Name) - } - } - for _, param := range params { - if matrixParameterNames.Has(param.Name) { - errs = errs.Also(apis.ErrMultipleOneOf("matrix["+param.Name+"]", "params["+param.Name+"]")) - } } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_defaults.go index 594e1761e5..a6c7190e8e 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_defaults.go @@ -19,6 +19,7 @@ package v1 import ( "context" + "github.com/tektoncd/pipeline/pkg/apis/config" "knative.dev/pkg/apis" ) @@ -36,25 +37,27 @@ func (ps *PipelineSpec) SetDefaults(ctx context.Context) { } for _, pt := range ps.Tasks { - if pt.TaskRef != nil { - if pt.TaskRef.Kind == "" { - pt.TaskRef.Kind = NamespacedTaskKind - } - } - if pt.TaskSpec != nil { - pt.TaskSpec.SetDefaults(ctx) - } + pt.SetDefaults(ctx) } for _, ft := range ps.Finally { ctx := ctx // Ensure local scoping per Task - if ft.TaskRef != nil { - if ft.TaskRef.Kind == "" { - ft.TaskRef.Kind = NamespacedTaskKind - } + ft.SetDefaults(ctx) + } +} + +// SetDefaults sets default values for a PipelineTask +func (pt *PipelineTask) SetDefaults(ctx context.Context) { + cfg := config.FromContextOrDefaults(ctx) + if pt.TaskRef != nil { + if pt.TaskRef.Kind == "" { + pt.TaskRef.Kind = NamespacedTaskKind } - if ft.TaskSpec != nil { - ft.TaskSpec.SetDefaults(ctx) + if pt.TaskRef.Name == "" && pt.TaskRef.Resolver == "" { + pt.TaskRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) } } + if pt.TaskSpec != nil { + pt.TaskSpec.SetDefaults(ctx) + } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_types.go index f6420521c6..d338944881 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_types.go @@ -17,21 +17,12 @@ limitations under the License. package v1 import ( - "context" - "fmt" - "strings" - - "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" - "github.com/tektoncd/pipeline/pkg/apis/version" - "github.com/tektoncd/pipeline/pkg/reconciler/pipeline/dag" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation" - "knative.dev/pkg/apis" "knative.dev/pkg/kmeta" ) @@ -81,6 +72,10 @@ func (*Pipeline) GetGroupVersionKind() schema.GroupVersionKind { // PipelineSpec defines the desired state of Pipeline. type PipelineSpec struct { + // DisplayName is a user-facing name of the pipeline that may be + // used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` // Description is a user-facing description of the pipeline that may be // used to populate a UI. // +optional @@ -91,7 +86,7 @@ type PipelineSpec struct { // Params declares a list of input parameters that must be supplied when // this Pipeline is run. // +listType=atomic - Params []ParamSpec `json:"params,omitempty"` + Params ParamSpecs `json:"params,omitempty"` // Workspaces declares a set of named workspaces that are expected to be // provided by a PipelineRun. // +optional @@ -160,6 +155,16 @@ type PipelineTask struct { // the execution order of tasks relative to one another. Name string `json:"name,omitempty"` + // DisplayName is the display name of this task within the context of a Pipeline. + // This display name may be used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` + + // Description is the description of this task within the context of a Pipeline. + // This description may be used to populate a UI. + // +optional + Description string `json:"description,omitempty"` + // TaskRef is a reference to a task definition. // +optional TaskRef *TaskRef `json:"taskRef,omitempty"` @@ -185,7 +190,7 @@ type PipelineTask struct { // Parameters declares parameters passed to this task. // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // Matrix declares parameters used to fan out this task. // +optional @@ -204,246 +209,16 @@ type PipelineTask struct { Timeout *metav1.Duration `json:"timeout,omitempty"` } -// Matrix is used to fan out Tasks in a Pipeline -type Matrix struct { - // Params is a list of parameters used to fan out the pipelineTask - // Params takes only `Parameters` of type `"array"` - // Each array element is supplied to the `PipelineTask` by substituting `params` of type `"string"` in the underlying `Task`. - // The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting. - // +listType=atomic - Params []Param `json:"params,omitempty"` -} - -// validateRefOrSpec validates at least one of taskRef or taskSpec is specified -func (pt PipelineTask) validateRefOrSpec() (errs *apis.FieldError) { - // can't have both taskRef and taskSpec at the same time - if pt.TaskRef != nil && pt.TaskSpec != nil { - errs = errs.Also(apis.ErrMultipleOneOf("taskRef", "taskSpec")) - } - // Check that one of TaskRef and TaskSpec is present - if pt.TaskRef == nil && pt.TaskSpec == nil { - errs = errs.Also(apis.ErrMissingOneOf("taskRef", "taskSpec")) - } - return errs -} - -// validateCustomTask validates custom task specifications - checking kind and fail if not yet supported features specified -func (pt PipelineTask) validateCustomTask() (errs *apis.FieldError) { - if pt.TaskRef != nil && pt.TaskRef.Kind == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify kind", "taskRef.kind")) - } - if pt.TaskSpec != nil && pt.TaskSpec.Kind == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify kind", "taskSpec.kind")) - } - if pt.TaskRef != nil && pt.TaskRef.APIVersion == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify apiVersion", "taskRef.apiVersion")) - } - if pt.TaskSpec != nil && pt.TaskSpec.APIVersion == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify apiVersion", "taskSpec.apiVersion")) - } - return errs -} - -// validateTask validates a pipeline task or a final task for taskRef and taskSpec -func (pt PipelineTask) validateTask(ctx context.Context) (errs *apis.FieldError) { - cfg := config.FromContextOrDefaults(ctx) - // Validate TaskSpec if it's present - if pt.TaskSpec != nil { - errs = errs.Also(pt.TaskSpec.Validate(ctx).ViaField("taskSpec")) - } - if pt.TaskRef != nil { - if pt.TaskRef.Name != "" { - // TaskRef name must be a valid k8s name - if errSlice := validation.IsQualifiedName(pt.TaskRef.Name); len(errSlice) != 0 { - errs = errs.Also(apis.ErrInvalidValue(strings.Join(errSlice, ","), "name")) - } - } else if pt.TaskRef.Resolver == "" { - errs = errs.Also(apis.ErrInvalidValue("taskRef must specify name", "taskRef.name")) - } - if cfg.FeatureFlags.EnableAPIFields != config.BetaAPIFields && cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields { - // fail if resolver or resource are present when enable-api-fields is false. - if pt.TaskRef.Resolver != "" { - errs = errs.Also(apis.ErrDisallowedFields("taskref.resolver")) - } - if len(pt.TaskRef.Params) > 0 { - errs = errs.Also(apis.ErrDisallowedFields("taskref.params")) - } - } - } - return errs +// IsCustomTask checks whether an embedded TaskSpec is a Custom Task +func (et *EmbeddedTask) IsCustomTask() bool { + // Note that if `apiVersion` is set to `"tekton.dev/v1beta1"` and `kind` is set to `"Task"`, + // the reference will be considered a Custom Task - https://github.com/tektoncd/pipeline/issues/6457 + return et != nil && et.APIVersion != "" && et.Kind != "" } // IsMatrixed return whether pipeline task is matrixed func (pt *PipelineTask) IsMatrixed() bool { - return pt.Matrix != nil && len(pt.Matrix.Params) > 0 -} - -func (pt *PipelineTask) validateMatrix(ctx context.Context) (errs *apis.FieldError) { - if pt.IsMatrixed() { - // This is an alpha feature and will fail validation if it's used in a pipeline spec - // when the enable-api-fields feature gate is anything but "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "matrix", config.AlphaAPIFields)) - // Matrix requires "embedded-status" feature gate to be set to "minimal", and will fail - // validation if it is anything but "minimal". - errs = errs.Also(ValidateEmbeddedStatus(ctx, "matrix", config.MinimalEmbeddedStatus)) - errs = errs.Also(pt.validateMatrixCombinationsCount(ctx)) - } - errs = errs.Also(validateParameterInOneOfMatrixOrParams(pt.Matrix, pt.Params)) - errs = errs.Also(validateParametersInTaskMatrix(pt.Matrix)) - return errs -} - -func (pt *PipelineTask) validateMatrixCombinationsCount(ctx context.Context) (errs *apis.FieldError) { - matrixCombinationsCount := pt.GetMatrixCombinationsCount() - maxMatrixCombinationsCount := config.FromContextOrDefaults(ctx).Defaults.DefaultMaxMatrixCombinationsCount - if matrixCombinationsCount > maxMatrixCombinationsCount { - errs = errs.Also(apis.ErrOutOfBoundsValue(matrixCombinationsCount, 0, maxMatrixCombinationsCount, "matrix")) - } - return errs -} - -func (pt PipelineTask) validateEmbeddedOrType() (errs *apis.FieldError) { - // Reject cases where APIVersion and/or Kind are specified alongside an embedded Task. - // We determine if this is an embedded Task by checking of TaskSpec.TaskSpec.Steps has items. - if pt.TaskSpec != nil && len(pt.TaskSpec.TaskSpec.Steps) > 0 { - if pt.TaskSpec.APIVersion != "" { - errs = errs.Also(&apis.FieldError{ - Message: "taskSpec.apiVersion cannot be specified when using taskSpec.steps", - Paths: []string{"taskSpec.apiVersion"}, - }) - } - if pt.TaskSpec.Kind != "" { - errs = errs.Also(&apis.FieldError{ - Message: "taskSpec.kind cannot be specified when using taskSpec.steps", - Paths: []string{"taskSpec.kind"}, - }) - } - } - return -} - -// GetMatrixCombinationsCount returns the count of combinations of Parameters generated from the Matrix in PipelineTask. -func (pt *PipelineTask) GetMatrixCombinationsCount() int { - if !pt.IsMatrixed() { - return 0 - } - count := 1 - for _, param := range pt.Matrix.Params { - count *= len(param.Value.ArrayVal) - } - return count -} - -func (pt *PipelineTask) validateResultsFromMatrixedPipelineTasksNotConsumed(matrixedPipelineTasks sets.String) (errs *apis.FieldError) { - for _, ref := range PipelineTaskResultRefs(pt) { - if matrixedPipelineTasks.Has(ref.PipelineTask) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("consuming results from matrixed task %s is not allowed", ref.PipelineTask), "")) - } - } - return errs -} - -func (pt *PipelineTask) validateExecutionStatusVariablesDisallowed() (errs *apis.FieldError) { - for _, param := range pt.Params { - if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { - errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, "value"). - ViaFieldKey("params", param.Name)) - } - } - for i, we := range pt.When { - if expressions, ok := we.GetVarSubstitutionExpressions(); ok { - errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, ""). - ViaFieldIndex("when", i)) - } - } - return errs -} - -func (pt *PipelineTask) validateExecutionStatusVariablesAllowed(ptNames sets.String) (errs *apis.FieldError) { - for _, param := range pt.Params { - if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { - errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, "value"). - ViaFieldKey("params", param.Name)) - } - } - for i, we := range pt.When { - if expressions, ok := we.GetVarSubstitutionExpressions(); ok { - errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, ""). - ViaFieldIndex("when", i)) - } - } - return errs -} - -func validateContainsExecutionStatusVariablesDisallowed(expressions []string, path string) (errs *apis.FieldError) { - if containsExecutionStatusReferences(expressions) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline tasks can not refer to execution status"+ - " of any other pipeline task or aggregate status of tasks"), path)) - } - return errs -} - -func containsExecutionStatusReferences(expressions []string) bool { - // validate tasks.pipelineTask.status/tasks.status if this expression is not a result reference - if !LooksLikeContainsResultRefs(expressions) { - for _, e := range expressions { - // check if it contains context variable accessing execution status - $(tasks.taskname.status) - // or an aggregate status - $(tasks.status) - if containsExecutionStatusRef(e) { - return true - } - } - } - return false -} - -func validateExecutionStatusVariablesExpressions(expressions []string, ptNames sets.String, fieldPath string) (errs *apis.FieldError) { - // validate tasks.pipelineTask.status if this expression is not a result reference - if !LooksLikeContainsResultRefs(expressions) { - for _, expression := range expressions { - // its a reference to aggregate status of dag tasks - $(tasks.status) - if expression == PipelineTasksAggregateStatus { - continue - } - // check if it contains context variable accessing execution status - $(tasks.taskname.status) - if containsExecutionStatusRef(expression) { - // strip tasks. and .status from tasks.taskname.status to further verify task name - pt := strings.TrimSuffix(strings.TrimPrefix(expression, "tasks."), ".status") - // report an error if the task name does not exist in the list of dag tasks - if !ptNames.Has(pt) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline task %s is not defined in the pipeline", pt), fieldPath)) - } - } - } - } - return errs -} - -func (pt *PipelineTask) validateWorkspaces(workspaceNames sets.String) (errs *apis.FieldError) { - workspaceBindingNames := sets.NewString() - for i, ws := range pt.Workspaces { - if workspaceBindingNames.Has(ws.Name) { - errs = errs.Also(apis.ErrGeneric( - fmt.Sprintf("workspace name %q must be unique", ws.Name), "").ViaFieldIndex("workspaces", i)) - } - - if ws.Workspace == "" { - if !workspaceNames.Has(ws.Name) { - errs = errs.Also(apis.ErrInvalidValue( - fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Name), - "", - ).ViaFieldIndex("workspaces", i)) - } - } else if !workspaceNames.Has(ws.Workspace) { - errs = errs.Also(apis.ErrInvalidValue( - fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Workspace), - "", - ).ViaFieldIndex("workspaces", i)) - } - - workspaceBindingNames.Insert(ws.Name) - } - return errs + return pt.Matrix.HasParams() || pt.Matrix.HasInclude() } // TaskSpecMetadata returns the metadata of the PipelineTask's EmbeddedTask spec. @@ -456,40 +231,6 @@ func (pt PipelineTask) HashKey() string { return pt.Name } -// ValidateName checks whether the PipelineTask's name is a valid DNS label -func (pt PipelineTask) ValidateName() *apis.FieldError { - if err := validation.IsDNS1123Label(pt.Name); len(err) > 0 { - return &apis.FieldError{ - Message: fmt.Sprintf("invalid value %q", pt.Name), - Paths: []string{"name"}, - Details: "Pipeline Task name must be a valid DNS Label." + - "For more info refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - } - } - return nil -} - -// Validate classifies whether a task is a custom task or a regular task(dag/final) -// calls the validation routine based on the type of the task -func (pt PipelineTask) Validate(ctx context.Context) (errs *apis.FieldError) { - errs = errs.Also(pt.validateRefOrSpec()) - - errs = errs.Also(pt.validateEmbeddedOrType()) - - cfg := config.FromContextOrDefaults(ctx) - // If EnableCustomTasks feature flag is on, validate custom task specifications - // pipeline task having taskRef with APIVersion is classified as custom task - switch { - case cfg.FeatureFlags.EnableCustomTasks && pt.TaskRef != nil && pt.TaskRef.APIVersion != "": - errs = errs.Also(pt.validateCustomTask()) - case cfg.FeatureFlags.EnableCustomTasks && pt.TaskSpec != nil && pt.TaskSpec.APIVersion != "": - errs = errs.Also(pt.validateCustomTask()) - default: - errs = errs.Also(pt.validateTask(ctx)) - } - return -} - // Deps returns all other PipelineTask dependencies of this PipelineTask, based on resource usage or ordering func (pt PipelineTask) Deps() []string { // hold the list of dependencies in a set to avoid duplicates @@ -543,22 +284,6 @@ func (l PipelineTaskList) Names() sets.String { return names } -// Validate a list of pipeline tasks including custom task -func (l PipelineTaskList) Validate(ctx context.Context, taskNames sets.String, path string) (errs *apis.FieldError) { - for i, t := range l { - // validate pipeline task name - errs = errs.Also(t.ValidateName().ViaFieldIndex(path, i)) - // names cannot be duplicated - checking that pipelineTask names are unique - if _, ok := taskNames[t.Name]; ok { - errs = errs.Also(apis.ErrMultipleOneOf("name").ViaFieldIndex(path, i)) - } - taskNames.Insert(t.Name) - // validate custom task, dag, or final task - errs = errs.Also(t.Validate(ctx).ViaFieldIndex(path, i)) - } - return errs -} - // PipelineTaskParam is used to provide arbitrary string parameters to a Task. type PipelineTaskParam struct { Name string `json:"name"` diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_validation.go index 6c6da8cc37..0c60fae33b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipeline_validation.go @@ -23,11 +23,13 @@ import ( "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/validate" + "github.com/tektoncd/pipeline/pkg/apis/version" "github.com/tektoncd/pipeline/pkg/reconciler/pipeline/dag" "github.com/tektoncd/pipeline/pkg/substitution" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/validation" "knative.dev/pkg/apis" "knative.dev/pkg/webhook/resourcesemantics" ) @@ -89,6 +91,181 @@ func ValidatePipelineTasks(ctx context.Context, tasks []PipelineTask, finalTasks return errs } +// Validate a list of pipeline tasks including custom task +func (l PipelineTaskList) Validate(ctx context.Context, taskNames sets.String, path string) (errs *apis.FieldError) { + for i, t := range l { + // validate pipeline task name + errs = errs.Also(t.ValidateName().ViaFieldIndex(path, i)) + // names cannot be duplicated - checking that pipelineTask names are unique + if _, ok := taskNames[t.Name]; ok { + errs = errs.Also(apis.ErrMultipleOneOf("name").ViaFieldIndex(path, i)) + } + taskNames.Insert(t.Name) + // validate custom task, dag, or final task + errs = errs.Also(t.Validate(ctx).ViaFieldIndex(path, i)) + } + return errs +} + +// ValidateName checks whether the PipelineTask's name is a valid DNS label +func (pt PipelineTask) ValidateName() *apis.FieldError { + if err := validation.IsDNS1123Label(pt.Name); len(err) > 0 { + return &apis.FieldError{ + Message: fmt.Sprintf("invalid value %q", pt.Name), + Paths: []string{"name"}, + Details: "Pipeline Task name must be a valid DNS Label." + + "For more info refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + } + } + return nil +} + +// Validate classifies whether a task is a custom task or a regular task(dag/final) +// calls the validation routine based on the type of the task +func (pt PipelineTask) Validate(ctx context.Context) (errs *apis.FieldError) { + errs = errs.Also(pt.validateRefOrSpec()) + + errs = errs.Also(pt.validateEmbeddedOrType()) + + // Pipeline task having taskRef/taskSpec with APIVersion is classified as custom task + switch { + case pt.TaskRef != nil && pt.TaskRef.APIVersion != "": + errs = errs.Also(pt.validateCustomTask()) + case pt.TaskSpec != nil && pt.TaskSpec.APIVersion != "": + errs = errs.Also(pt.validateCustomTask()) + default: + errs = errs.Also(pt.validateTask(ctx)) + } + return +} + +func (pt *PipelineTask) validateMatrix(ctx context.Context) (errs *apis.FieldError) { + if pt.IsMatrixed() { + // This is an alpha feature and will fail validation if it's used in a pipeline spec + // when the enable-api-fields feature gate is anything but "alpha". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "matrix", config.AlphaAPIFields)) + errs = errs.Also(pt.Matrix.validateCombinationsCount(ctx)) + } + errs = errs.Also(pt.Matrix.validateParameterInOneOfMatrixOrParams(pt.Params)) + errs = errs.Also(pt.Matrix.validateParams()) + return errs +} + +func (pt PipelineTask) validateEmbeddedOrType() (errs *apis.FieldError) { + // Reject cases where APIVersion and/or Kind are specified alongside an embedded Task. + // We determine if this is an embedded Task by checking of TaskSpec.TaskSpec.Steps has items. + if pt.TaskSpec != nil && len(pt.TaskSpec.TaskSpec.Steps) > 0 { + if pt.TaskSpec.APIVersion != "" { + errs = errs.Also(&apis.FieldError{ + Message: "taskSpec.apiVersion cannot be specified when using taskSpec.steps", + Paths: []string{"taskSpec.apiVersion"}, + }) + } + if pt.TaskSpec.Kind != "" { + errs = errs.Also(&apis.FieldError{ + Message: "taskSpec.kind cannot be specified when using taskSpec.steps", + Paths: []string{"taskSpec.kind"}, + }) + } + } + return +} + +func (pt *PipelineTask) validateResultsFromMatrixedPipelineTasksNotConsumed(matrixedPipelineTasks sets.String) (errs *apis.FieldError) { + for _, ref := range PipelineTaskResultRefs(pt) { + if matrixedPipelineTasks.Has(ref.PipelineTask) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("consuming results from matrixed task %s is not allowed", ref.PipelineTask), "")) + } + } + return errs +} + +func (pt *PipelineTask) validateWorkspaces(workspaceNames sets.String) (errs *apis.FieldError) { + workspaceBindingNames := sets.NewString() + for i, ws := range pt.Workspaces { + if workspaceBindingNames.Has(ws.Name) { + errs = errs.Also(apis.ErrGeneric( + fmt.Sprintf("workspace name %q must be unique", ws.Name), "").ViaFieldIndex("workspaces", i)) + } + + if ws.Workspace == "" { + if !workspaceNames.Has(ws.Name) { + errs = errs.Also(apis.ErrInvalidValue( + fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Name), + "", + ).ViaFieldIndex("workspaces", i)) + } + } else if !workspaceNames.Has(ws.Workspace) { + errs = errs.Also(apis.ErrInvalidValue( + fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Workspace), + "", + ).ViaFieldIndex("workspaces", i)) + } + + workspaceBindingNames.Insert(ws.Name) + } + return errs +} + +// validateRefOrSpec validates at least one of taskRef or taskSpec is specified +func (pt PipelineTask) validateRefOrSpec() (errs *apis.FieldError) { + // can't have both taskRef and taskSpec at the same time + if pt.TaskRef != nil && pt.TaskSpec != nil { + errs = errs.Also(apis.ErrMultipleOneOf("taskRef", "taskSpec")) + } + // Check that one of TaskRef and TaskSpec is present + if pt.TaskRef == nil && pt.TaskSpec == nil { + errs = errs.Also(apis.ErrMissingOneOf("taskRef", "taskSpec")) + } + return errs +} + +// validateCustomTask validates custom task specifications - checking kind and fail if not yet supported features specified +func (pt PipelineTask) validateCustomTask() (errs *apis.FieldError) { + if pt.TaskRef != nil && pt.TaskRef.Kind == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify kind", "taskRef.kind")) + } + if pt.TaskSpec != nil && pt.TaskSpec.Kind == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify kind", "taskSpec.kind")) + } + if pt.TaskRef != nil && pt.TaskRef.APIVersion == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify apiVersion", "taskRef.apiVersion")) + } + if pt.TaskSpec != nil && pt.TaskSpec.APIVersion == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify apiVersion", "taskSpec.apiVersion")) + } + return errs +} + +// validateTask validates a pipeline task or a final task for taskRef and taskSpec +func (pt PipelineTask) validateTask(ctx context.Context) (errs *apis.FieldError) { + cfg := config.FromContextOrDefaults(ctx) + // Validate TaskSpec if it's present + if pt.TaskSpec != nil { + errs = errs.Also(pt.TaskSpec.Validate(ctx).ViaField("taskSpec")) + } + if pt.TaskRef != nil { + if pt.TaskRef.Name != "" { + // TaskRef name must be a valid k8s name + if errSlice := validation.IsQualifiedName(pt.TaskRef.Name); len(errSlice) != 0 { + errs = errs.Also(apis.ErrInvalidValue(strings.Join(errSlice, ","), "name")) + } + } else if pt.TaskRef.Resolver == "" { + errs = errs.Also(apis.ErrInvalidValue("taskRef must specify name", "taskRef.name")) + } + if cfg.FeatureFlags.EnableAPIFields != config.BetaAPIFields && cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields { + // fail if resolver or resource are present when enable-api-fields is false. + if pt.TaskRef.Resolver != "" { + errs = errs.Also(apis.ErrDisallowedFields("taskref.resolver")) + } + if len(pt.TaskRef.Params) > 0 { + errs = errs.Also(apis.ErrDisallowedFields("taskref.params")) + } + } + } + return errs +} + // validatePipelineWorkspacesDeclarations validates the specified workspaces, ensuring having unique name without any // empty string, func validatePipelineWorkspacesDeclarations(wss []PipelineWorkspaceDeclaration) (errs *apis.FieldError) { @@ -111,7 +288,7 @@ func validatePipelineWorkspacesDeclarations(wss []PipelineWorkspaceDeclaration) // validatePipelineWorkspacesUsage validates that all the referenced workspaces (by pipeline tasks) are specified in // the pipeline func validatePipelineWorkspacesUsage(ctx context.Context, wss []PipelineWorkspaceDeclaration, pts []PipelineTask) (errs *apis.FieldError) { - if config.ValidateParameterVariablesAndWorkspaces(ctx) == false { + if !config.ValidateParameterVariablesAndWorkspaces(ctx) { return nil } workspaceNames := sets.NewString() @@ -152,7 +329,7 @@ func ValidatePipelineParameterVariables(ctx context.Context, tasks []PipelineTas } } } - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { errs = errs.Also(validatePipelineParametersVariables(tasks, "params", parameterNames, arrayParameterNames, objectParameterNameKeys)) } return errs @@ -162,7 +339,7 @@ func validatePipelineParametersVariables(tasks []PipelineTask, prefix string, pa for idx, task := range tasks { errs = errs.Also(validatePipelineParametersVariablesInTaskParameters(task.Params, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) if task.IsMatrixed() { - errs = errs.Also(validatePipelineParametersVariablesInMatrixParameters(task.Matrix.Params, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) + errs = errs.Also(task.Matrix.validatePipelineParametersVariablesInMatrixParameters(prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) } errs = errs.Also(task.When.validatePipelineParametersVariables(prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) } @@ -183,14 +360,7 @@ func validatePipelineContextVariables(tasks []PipelineTask) *apis.FieldError { ) var paramValues []string for _, task := range tasks { - var matrixParams []Param - if task.IsMatrixed() { - matrixParams = task.Matrix.Params - } - for _, param := range append(task.Params, matrixParams...) { - paramValues = append(paramValues, param.Value.StringVal) - paramValues = append(paramValues, param.Value.ArrayVal...) - } + paramValues = task.extractAllParams().extractValues() } errs := validatePipelineContextVariablesInParamValues(paramValues, "context\\.pipelineRun", pipelineRunContextNames). Also(validatePipelineContextVariablesInParamValues(paramValues, "context\\.pipeline", pipelineContextNames)). @@ -198,6 +368,23 @@ func validatePipelineContextVariables(tasks []PipelineTask) *apis.FieldError { return errs } +// extractAllParams extracts all the parameters in a PipelineTask: +// - pt.Params +// - pt.Matrix.Params +// - pt.Matrix.Include.Params +func (pt *PipelineTask) extractAllParams() Params { + allParams := pt.Params + if pt.Matrix.HasParams() { + allParams = append(allParams, pt.Matrix.Params...) + } + if pt.Matrix.HasInclude() { + for _, include := range pt.Matrix.Include { + allParams = append(allParams, include.Params...) + } + } + return allParams +} + func containsExecutionStatusRef(p string) bool { if strings.HasPrefix(p, "tasks.") && strings.HasSuffix(p, ".status") { return true @@ -205,6 +392,12 @@ func containsExecutionStatusRef(p string) bool { return false } +func validateExecutionStatusVariables(tasks []PipelineTask, finallyTasks []PipelineTask) (errs *apis.FieldError) { + errs = errs.Also(validateExecutionStatusVariablesInTasks(tasks).ViaField("tasks")) + errs = errs.Also(validateExecutionStatusVariablesInFinally(PipelineTaskList(tasks).Names(), finallyTasks).ViaField("finally")) + return errs +} + // validate dag pipeline tasks, task params can not access execution status of any other task // dag tasks cannot have param value as $(tasks.pipelineTask.status) func validateExecutionStatusVariablesInTasks(tasks []PipelineTask) (errs *apis.FieldError) { @@ -223,12 +416,81 @@ func validateExecutionStatusVariablesInFinally(tasksNames sets.String, finally [ return errs } -func validateExecutionStatusVariables(tasks []PipelineTask, finallyTasks []PipelineTask) (errs *apis.FieldError) { - errs = errs.Also(validateExecutionStatusVariablesInTasks(tasks).ViaField("tasks")) - errs = errs.Also(validateExecutionStatusVariablesInFinally(PipelineTaskList(tasks).Names(), finallyTasks).ViaField("finally")) +func (pt *PipelineTask) validateExecutionStatusVariablesDisallowed() (errs *apis.FieldError) { + for _, param := range pt.Params { + if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { + errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, "value"). + ViaFieldKey("params", param.Name)) + } + } + for i, we := range pt.When { + if expressions, ok := we.GetVarSubstitutionExpressions(); ok { + errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, ""). + ViaFieldIndex("when", i)) + } + } return errs } +func (pt *PipelineTask) validateExecutionStatusVariablesAllowed(ptNames sets.String) (errs *apis.FieldError) { + for _, param := range pt.Params { + if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { + errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, "value"). + ViaFieldKey("params", param.Name)) + } + } + for i, we := range pt.When { + if expressions, ok := we.GetVarSubstitutionExpressions(); ok { + errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, ""). + ViaFieldIndex("when", i)) + } + } + return errs +} + +func validateContainsExecutionStatusVariablesDisallowed(expressions []string, path string) (errs *apis.FieldError) { + if containsExecutionStatusReferences(expressions) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline tasks can not refer to execution status"+ + " of any other pipeline task or aggregate status of tasks"), path)) + } + return errs +} + +func containsExecutionStatusReferences(expressions []string) bool { + // validate tasks.pipelineTask.status/tasks.status if this expression is not a result reference + if !LooksLikeContainsResultRefs(expressions) { + for _, e := range expressions { + // check if it contains context variable accessing execution status - $(tasks.taskname.status) + // or an aggregate status - $(tasks.status) + if containsExecutionStatusRef(e) { + return true + } + } + } + return false +} + +func validateExecutionStatusVariablesExpressions(expressions []string, ptNames sets.String, fieldPath string) (errs *apis.FieldError) { + // validate tasks.pipelineTask.status if this expression is not a result reference + if !LooksLikeContainsResultRefs(expressions) { + for _, expression := range expressions { + // its a reference to aggregate status of dag tasks - $(tasks.status) + if expression == PipelineTasksAggregateStatus { + continue + } + // check if it contains context variable accessing execution status - $(tasks.taskname.status) + if containsExecutionStatusRef(expression) { + // strip tasks. and .status from tasks.taskname.status to further verify task name + pt := strings.TrimSuffix(strings.TrimPrefix(expression, "tasks."), ".status") + // report an error if the task name does not exist in the list of dag tasks + if !ptNames.Has(pt) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline task %s is not defined in the pipeline", pt), fieldPath)) + } + } + } + } + return errs +} func validatePipelineContextVariablesInParamValues(paramValues []string, prefix string, contextNames sets.String) (errs *apis.FieldError) { for _, paramValue := range paramValues { errs = errs.Also(substitution.ValidateVariableP(paramValue, prefix, contextNames).ViaField("value")) @@ -309,7 +571,6 @@ func taskContainsResult(resultExpression string, pipelineTaskNames sets.String, if strings.HasPrefix(value, "finally") && !pipelineFinallyTaskNames.Has(pipelineTaskName) { return false } - } } return true @@ -413,3 +674,51 @@ func validateResultsFromMatrixedPipelineTasksNotConsumed(tasks []PipelineTask, f } return errs } + +// ValidateParamArrayIndex validates if the param reference to an array param is out of bound. +// error is returned when the array indexing reference is out of bound of the array param +// e.g. if a param reference of $(params.array-param[2]) and the array param is of length 2. +func (ps *PipelineSpec) ValidateParamArrayIndex(ctx context.Context, params Params) error { + if !config.CheckAlphaOrBetaAPIFields(ctx) { + return nil + } + + // Collect all array params lengths + arrayParamsLengths := ps.Params.extractParamArrayLengths() + for k, v := range params.extractParamArrayLengths() { + arrayParamsLengths[k] = v + } + + paramsRefs := []string{} + for i := range ps.Tasks { + paramsRefs = append(paramsRefs, ps.Tasks[i].Params.extractValues()...) + if ps.Tasks[i].IsMatrixed() { + paramsRefs = append(paramsRefs, ps.Tasks[i].Matrix.Params.extractValues()...) + } + for j := range ps.Tasks[i].Workspaces { + paramsRefs = append(paramsRefs, ps.Tasks[i].Workspaces[j].SubPath) + } + for _, wes := range ps.Tasks[i].When { + paramsRefs = append(paramsRefs, wes.Input) + paramsRefs = append(paramsRefs, wes.Values...) + } + } + + for i := range ps.Finally { + paramsRefs = append(paramsRefs, ps.Finally[i].Params.extractValues()...) + if ps.Finally[i].IsMatrixed() { + paramsRefs = append(paramsRefs, ps.Finally[i].Matrix.Params.extractValues()...) + } + for _, wes := range ps.Finally[i].When { + paramsRefs = append(paramsRefs, wes.Values...) + } + } + + // extract all array indexing references, for example []{"$(params.array-params[1])"} + arrayIndexParamRefs := []string{} + for _, p := range paramsRefs { + arrayIndexParamRefs = append(arrayIndexParamRefs, extractArrayIndexingParamRefs(p)...) + } + + return validateOutofBoundArrayParams(arrayIndexParamRefs, arrayParamsLengths) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelineref_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelineref_validation.go index e68b775115..ee91841717 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelineref_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelineref_validation.go @@ -39,7 +39,7 @@ func (ref *PipelineRef) Validate(ctx context.Context) (errs *apis.FieldError) { } } if ref.Params != nil { - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "params", config.BetaAPIFields).ViaField("params")) + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "resolver params", config.BetaAPIFields).ViaField("params")) if ref.Name != "" { errs = errs.Also(apis.ErrMultipleOneOf("name", "params")) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_defaults.go index d386021959..e53efe5e5a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_defaults.go @@ -36,8 +36,15 @@ func (pr *PipelineRun) SetDefaults(ctx context.Context) { // SetDefaults implements apis.Defaultable func (prs *PipelineRunSpec) SetDefaults(ctx context.Context) { cfg := config.FromContextOrDefaults(ctx) + if prs.PipelineRef != nil && prs.PipelineRef.Name == "" && prs.PipelineRef.Resolver == "" { + prs.PipelineRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) + } + + if prs.Timeouts == nil { + prs.Timeouts = &TimeoutFields{} + } - if prs.Timeouts != nil && prs.Timeouts.Pipeline == nil { + if prs.Timeouts.Pipeline == nil { prs.Timeouts.Pipeline = &metav1.Duration{Duration: time.Duration(cfg.Defaults.DefaultTimeoutMinutes) * time.Minute} } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_types.go index 11f8296395..4f4e33b3a1 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_types.go @@ -20,20 +20,19 @@ import ( "context" "time" - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" - "github.com/tektoncd/pipeline/pkg/apis/config" apisconfig "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" - runv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1" + runv1beta1 "github.com/tektoncd/pipeline/pkg/apis/run/v1beta1" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "k8s.io/utils/clock" "knative.dev/pkg/apis" - duckv1beta1 "knative.dev/pkg/apis/duck/v1beta1" + duckv1 "knative.dev/pkg/apis/duck/v1" ) // +genclient @@ -98,7 +97,7 @@ func (pr *PipelineRun) IsGracefullyStopped() bool { return pr.Spec.Status == PipelineRunSpecStatusStoppedRunFinally } -// PipelineTimeout returns the the applicable timeout for the PipelineRun +// PipelineTimeout returns the applicable timeout for the PipelineRun func (pr *PipelineRun) PipelineTimeout(ctx context.Context) time.Duration { if pr.Spec.Timeouts != nil && pr.Spec.Timeouts.Pipeline != nil { return pr.Spec.Timeouts.Pipeline.Duration @@ -106,7 +105,7 @@ func (pr *PipelineRun) PipelineTimeout(ctx context.Context) time.Duration { return time.Duration(config.FromContextOrDefaults(ctx).Defaults.DefaultTimeoutMinutes) * time.Minute } -// TasksTimeout returns the the tasks timeout for the PipelineRun, if set, +// TasksTimeout returns the tasks timeout for the PipelineRun, if set, // or the tasks timeout computed from the Pipeline and Finally timeouts, if those are set. func (pr *PipelineRun) TasksTimeout() *metav1.Duration { t := pr.Spec.Timeouts @@ -125,7 +124,7 @@ func (pr *PipelineRun) TasksTimeout() *metav1.Duration { return nil } -// FinallyTimeout returns the the finally timeout for the PipelineRun, if set, +// FinallyTimeout returns the finally timeout for the PipelineRun, if set, // or the finally timeout computed from the Pipeline and Tasks timeouts, if those are set. func (pr *PipelineRun) FinallyTimeout() *metav1.Duration { t := pr.Spec.Timeouts @@ -224,7 +223,7 @@ type PipelineRunSpec struct { PipelineSpec *PipelineSpec `json:"pipelineSpec,omitempty"` // Params is a list of parameter names and values. // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // Used for cancelling a pipelinerun (and maybe more later on) // +optional @@ -285,7 +284,7 @@ const ( // PipelineRunStatus defines the observed state of PipelineRun type PipelineRunStatus struct { - duckv1beta1.Status `json:",inline"` + duckv1.Status `json:",inline"` // PipelineRunStatusFields inlines the status fields. PipelineRunStatusFields `json:",inline"` @@ -399,11 +398,9 @@ type ChildStatusReference struct { // consume these fields via duck typing. type PipelineRunStatusFields struct { // StartTime is the time the PipelineRun is actually started. - // +optional StartTime *metav1.Time `json:"startTime,omitempty"` // CompletionTime is the time the PipelineRun completed. - // +optional CompletionTime *metav1.Time `json:"completionTime,omitempty"` // Results are the list of results written out by the pipeline task's containers @@ -429,7 +426,11 @@ type PipelineRunStatusFields struct { FinallyStartTime *metav1.Time `json:"finallyStartTime,omitempty"` // Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). + // +optional Provenance *Provenance `json:"provenance,omitempty"` + + // SpanContext contains tracing span context fields + SpanContext map[string]string `json:"spanContext,omitempty"` } // SkippedTask is used to describe the Tasks that were skipped due to their When Expressions @@ -468,6 +469,8 @@ const ( TasksTimedOutSkip SkippingReason = "PipelineRun Tasks timeout has been reached" // FinallyTimedOutSkip means the task was skipped because the PipelineRun has passed its Timeouts.Finally. FinallyTimedOutSkip SkippingReason = "PipelineRun Finally timeout has been reached" + // EmptyArrayInMatrixParams means the task was skipped because Matrix parameters contain empty array. + EmptyArrayInMatrixParams SkippingReason = "Matrix Parameters have an empty array" // None means the task was not skipped None SkippingReason = "None" ) @@ -500,7 +503,7 @@ type PipelineRunRunStatus struct { PipelineTaskName string `json:"pipelineTaskName,omitempty"` // Status is the RunStatus for the corresponding Run // +optional - Status *runv1alpha1.RunStatus `json:"status,omitempty"` + Status *runv1beta1.CustomRunStatus `json:"status,omitempty"` // WhenExpressions is the list of checks guarding the execution of the PipelineTask // +optional // +listType=atomic diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_validation.go index 701ff7d708..d5e8361f8c 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/pipelinerun_validation.go @@ -190,7 +190,7 @@ func appendParamSpec(paramSpec []ParamSpec, params []ParamSpec) []ParamSpec { return paramSpec } -func appendParam(paramSpec []ParamSpec, params []Param) []ParamSpec { +func appendParam(paramSpec []ParamSpec, params Params) []ParamSpec { for _, p := range params { skip := false for _, ps := range paramSpec { @@ -227,7 +227,6 @@ func validateSpecStatus(status PipelineRunSpecStatus) *apis.FieldError { PipelineRunSpecStatusCancelledRunFinally, PipelineRunSpecStatusStoppedRunFinally, PipelineRunSpecStatusPending), "status") - } func validateTimeoutDuration(field string, d *metav1.Duration) (errs *apis.FieldError) { @@ -291,5 +290,8 @@ func validateTaskRunSpec(ctx context.Context, trs PipelineTaskRunSpec) (errs *ap errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "computeResources", config.AlphaAPIFields).ViaField("computeResources")) errs = errs.Also(validateTaskRunComputeResources(trs.ComputeResources, trs.StepSpecs)) } + if trs.PodTemplate != nil { + errs = errs.Also(validatePodTemplateEnv(ctx, *trs.PodTemplate)) + } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/provenance.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/provenance.go index f0034a3ae7..de9f2a5c5d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/provenance.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/provenance.go @@ -13,34 +13,34 @@ limitations under the License. package v1 -// Provenance contains some key authenticated metadata about how a software artifact was -// built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield -// `ConfigSource` that identifies the source where a build config file came from. -// In future, it can be expanded as needed to include more metadata about the build. -// This field aims to be used to carry minimum amount of the authenticated metadata in *Run status -// so that Tekton Chains can pick it up and record in the provenance it generates. +import "github.com/tektoncd/pipeline/pkg/apis/config" + +// Provenance contains metadata about resources used in the TaskRun/PipelineRun +// such as the source from where a remote build definition was fetched. +// This field aims to carry minimum amoumt of metadata in *Run status so that +// Tekton Chains can capture them in the provenance. type Provenance struct { - // ConfigSource identifies the source where a resource came from. - ConfigSource *ConfigSource `json:"configSource,omitempty"` + // RefSource identifies the source where a remote task/pipeline came from. + RefSource *RefSource `json:"refSource,omitempty"` + + // FeatureFlags identifies the feature flags that were used during the task/pipeline run + FeatureFlags *config.FeatureFlags `json:"featureFlags,omitempty"` } -// ConfigSource identifies the source where a resource came from. -// This can include Git repositories, Task Bundles, file checksums, or other information -// that allows users to identify where the resource came from and what version was used. -type ConfigSource struct { - // URI indicates the identity of the source of the config. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri +// RefSource contains the information that can uniquely identify where a remote +// built definition came from i.e. Git repositories, Tekton Bundles in OCI registry +// and hub. +type RefSource struct { + // URI indicates the identity of the source of the build definition. // Example: "https://github.com/tektoncd/catalog" URI string `json:"uri,omitempty"` // Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest // Example: {"sha1": "f99d13e554ffcb696dee719fa85b695cb5b0f428"} Digest map[string]string `json:"digest,omitempty"` // EntryPoint identifies the entry point into the build. This is often a path to a - // configuration file and/or a target label within that file. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint + // build definition file and/or a target label within that file. // Example: "task/git-clone/0.8/git-clone.yaml" EntryPoint string `json:"entryPoint,omitempty"` } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/register.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/register.go index b72b5467b5..df1db014d5 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/register.go @@ -50,8 +50,11 @@ func addKnownTypes(scheme *runtime.Scheme) error { &TaskList{}, &Pipeline{}, &PipelineList{}, - ) // TODO(#4983): v1 types go here - + &TaskRun{}, + &TaskRunList{}, + &PipelineRun{}, + &PipelineRunList{}, + ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resolver_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resolver_types.go index c27b0decfc..095a9d00a2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resolver_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resolver_types.go @@ -34,5 +34,5 @@ type ResolverRef struct { // the chosen resolver. // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_types.go index a64c867f22..3a5b97d919 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_types.go @@ -54,7 +54,7 @@ type ResultValue = ParamValue // ResultsType indicates the type of a result; // Used to distinguish between a single string and an array of strings. // Note that there is ResultType used to find out whether a -// PipelineResourceResult is from a task result or not, which is different from +// RunResult is from a task result or not, which is different from // this ResultsType. type ResultsType string diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_validation.go index 4d227cb6b1..1fd9ddd6b1 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/result_validation.go @@ -23,7 +23,7 @@ import ( "knative.dev/pkg/apis" ) -// ResultNameFormat Constant used to define the the regex Result.Name should follow +// ResultNameFormat Constant used to define the regex Result.Name should follow const ResultNameFormat = `^([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]$` var resultNameFormatRegex = regexp.MustCompile(ResultNameFormat) @@ -33,22 +33,24 @@ func (tr TaskResult) Validate(ctx context.Context) (errs *apis.FieldError) { if !resultNameFormatRegex.MatchString(tr.Name) { return apis.ErrInvalidKeyName(tr.Name, "name", fmt.Sprintf("Name must consist of alphanumeric characters, '-', '_', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my-name', or 'my_name', regex used for validation is '%s')", ResultNameFormat)) } - // Array and Object are alpha features - if tr.Type == ResultsTypeArray || tr.Type == ResultsTypeObject { + + switch { + // Object results is beta feature - check if the feature flag is set to "beta" or "alpha" + case tr.Type == ResultsTypeObject: errs := validateObjectResult(tr) - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.AlphaAPIFields)) + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.BetaAPIFields)) + return errs + // Array results is a beta feature - check if the feature flag is set to "beta" or "alpha" + case tr.Type == ResultsTypeArray: + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.BetaAPIFields)) return errs - } - // Resources created before the result. Type was introduced may not have Type set // and should be considered valid - if tr.Type == "" { + case tr.Type == "": return nil - } - - // By default the result type is string - if tr.Type != ResultsTypeString { - return apis.ErrInvalidValue(tr.Type, "type", fmt.Sprintf("type must be string")) + // By default, the result type is string + case tr.Type != ResultsTypeString: + return apis.ErrInvalidValue(tr.Type, "type", "type must be string") } return nil diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resultref.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resultref.go index 8fcc1b9f5a..1dcd06e6e2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resultref.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/resultref.go @@ -200,19 +200,13 @@ func ParseResultName(resultName string) (string, string) { // in a PipelineTask and returns a list of any references that are found. func PipelineTaskResultRefs(pt *PipelineTask) []*ResultRef { refs := []*ResultRef{} - var matrixParams []Param - if pt.IsMatrixed() { - matrixParams = pt.Matrix.Params - } - for _, p := range append(pt.Params, matrixParams...) { + for _, p := range pt.extractAllParams() { expressions, _ := GetVarSubstitutionExpressionsForParam(p) refs = append(refs, NewResultRefs(expressions)...) } - for _, whenExpression := range pt.When { expressions, _ := whenExpression.GetVarSubstitutionExpressions() refs = append(refs, NewResultRefs(expressions)...) } - return refs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/status_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/status_validation.go deleted file mode 100644 index c5a8ac36f7..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/status_validation.go +++ /dev/null @@ -1,36 +0,0 @@ -/* -Copyright 2022 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import ( - "context" - "fmt" - - "github.com/tektoncd/pipeline/pkg/apis/config" - "knative.dev/pkg/apis" -) - -// ValidateEmbeddedStatus checks that the embedded-status feature gate is set to the wantEmbeddedStatus value and, -// if not, returns an error stating which feature is dependent on the status and what the current status actually is. -func ValidateEmbeddedStatus(ctx context.Context, featureName, wantEmbeddedStatus string) *apis.FieldError { - embeddedStatus := config.FromContextOrDefaults(ctx).FeatureFlags.EmbeddedStatus - if embeddedStatus != wantEmbeddedStatus { - message := fmt.Sprintf(`%s requires "embedded-status" feature gate to be %q but it is %q`, featureName, wantEmbeddedStatus, embeddedStatus) - return apis.ErrGeneric(message) - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json index 0960125b90..f7b05c14f2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json @@ -63,6 +63,17 @@ "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", "type": "boolean" }, + "env": { + "description": "List of environment variables that can be provided to the containers belonging to the pod.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.EnvVar" + }, + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, "hostAliases": { "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", "type": "array", @@ -169,28 +180,6 @@ } } }, - "v1.ConfigSource": { - "description": "ConfigSource identifies the source where a resource came from. This can include Git repositories, Task Bundles, file checksums, or other information that allows users to identify where the resource came from and what version was used.", - "type": "object", - "properties": { - "digest": { - "description": "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", - "type": "object", - "additionalProperties": { - "type": "string", - "default": "" - } - }, - "entryPoint": { - "description": "EntryPoint identifies the entry point into the build. This is often a path to a configuration file and/or a target label within that file. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint Example: \"task/git-clone/0.8/git-clone.yaml\"", - "type": "string" - }, - "uri": { - "description": "URI indicates the identity of the source of the config. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri Example: \"https://github.com/tektoncd/catalog\"", - "type": "string" - } - } - }, "v1.EmbeddedTask": { "description": "EmbeddedTask is used to define a Task inline within a Pipeline's PipelineTasks.", "type": "object", @@ -202,6 +191,10 @@ "description": "Description is a user-facing description of the task that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the task that may be used to populate a UI.", + "type": "string" + }, "kind": { "type": "string" }, @@ -274,10 +267,38 @@ } } }, + "v1.IncludeParams": { + "description": "IncludeParams allows passing in a specific combinations of Parameters into the Matrix.", + "type": "object", + "properties": { + "name": { + "description": "Name the specified combination", + "type": "string" + }, + "params": { + "description": "Params takes only `Parameters` of type `\"string\"` The names of the `params` must match the names of the `params` in the underlying `Task`", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.Param" + }, + "x-kubernetes-list-type": "atomic" + } + } + }, "v1.Matrix": { "description": "Matrix is used to fan out Tasks in a Pipeline", "type": "object", "properties": { + "include": { + "description": "Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.IncludeParams" + }, + "x-kubernetes-list-type": "atomic" + }, "params": { "description": "Params is a list of parameters used to fan out the pipelineTask Params takes only `Parameters` of type `\"array\"` Each array element is supplied to the `PipelineTask` by substituting `params` of type `\"string\"` in the underlying `Task`. The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting.", "type": "array", @@ -345,13 +366,13 @@ "description": "ResultValue is a type alias of ParamValue", "type": "object", "required": [ - "type", - "stringVal", - "arrayVal", - "objectVal" + "Type", + "StringVal", + "ArrayVal", + "ObjectVal" ], "properties": { - "arrayVal": { + "ArrayVal": { "type": "array", "items": { "type": "string", @@ -359,19 +380,19 @@ }, "x-kubernetes-list-type": "atomic" }, - "objectVal": { + "ObjectVal": { "type": "object", "additionalProperties": { "type": "string", "default": "" } }, - "stringVal": { + "StringVal": { "description": "Represents the stored type of ParamValues.", "type": "string", "default": "" }, - "type": { + "Type": { "type": "string", "default": "" } @@ -552,7 +573,7 @@ }, "status": { "description": "Status is the RunStatus for the corresponding Run", - "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.run.v1alpha1.RunStatus" + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.run.v1beta1.CustomRunStatus" }, "whenExpressions": { "description": "WhenExpressions is the list of checks guarding the execution of the PipelineTask", @@ -687,6 +708,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the PipelineRun is actually started.", "$ref": "#/definitions/v1.Time" @@ -740,6 +769,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the PipelineRun is actually started.", "$ref": "#/definitions/v1.Time" @@ -777,6 +814,10 @@ "description": "Description is a user-facing description of the pipeline that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the pipeline that may be used to populate a UI.", + "type": "string" + }, "finally": { "description": "Finally declares the list of Tasks that execute just before leaving the Pipeline i.e. either after all Tasks are finished executing successfully or after a failure which would result in ending the Pipeline", "type": "array", @@ -828,6 +869,14 @@ "description": "PipelineTask defines a task in a Pipeline, passing inputs from both Params and from the output of previous tasks.", "type": "object", "properties": { + "description": { + "description": "Description is the description of this task within the context of a Pipeline. This description may be used to populate a UI.", + "type": "string" + }, + "displayName": { + "description": "DisplayName is the display name of this task within the context of a Pipeline. This display name may be used to populate a UI.", + "type": "string" + }, "matrix": { "description": "Matrix declares parameters used to fan out this task.", "$ref": "#/definitions/v1.Matrix" @@ -988,7 +1037,7 @@ } }, "v1.PipelineWorkspaceDeclaration": { - "description": "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding. Deprecated: use PipelineWorkspaceDeclaration type instead", + "description": "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding.\n\nDeprecated: use PipelineWorkspaceDeclaration type instead", "type": "object", "required": [ "name" @@ -1019,12 +1068,38 @@ } }, "v1.Provenance": { - "description": "Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield `ConfigSource` that identifies the source where a build config file came from. In future, it can be expanded as needed to include more metadata about the build. This field aims to be used to carry minimum amount of the authenticated metadata in *Run status so that Tekton Chains can pick it up and record in the provenance it generates.", + "description": "Provenance contains metadata about resources used in the TaskRun/PipelineRun such as the source from where a remote build definition was fetched. This field aims to carry minimum amoumt of metadata in *Run status so that Tekton Chains can capture them in the provenance.", "type": "object", "properties": { - "configSource": { - "description": "ConfigSource identifies the source where a resource came from.", - "$ref": "#/definitions/v1.ConfigSource" + "featureFlags": { + "description": "FeatureFlags identifies the feature flags that were used during the task/pipeline run", + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.config.FeatureFlags" + }, + "refSource": { + "description": "RefSource identifies the source where a remote task/pipeline came from.", + "$ref": "#/definitions/v1.RefSource" + } + } + }, + "v1.RefSource": { + "description": "RefSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", + "type": "object", + "properties": { + "digest": { + "description": "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, + "entryPoint": { + "description": "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", + "type": "string" + }, + "uri": { + "description": "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", + "type": "string" } } }, @@ -1595,11 +1670,11 @@ "type": "object", "properties": { "apiVersion": { - "description": "API version of the referent", + "description": "API version of the referent Note: A Task with non-empty APIVersion and Kind is considered a Custom Task", "type": "string" }, "kind": { - "description": "TaskKind indicates the kind of the task, namespaced or cluster scoped.", + "description": "TaskKind indicates the Kind of the Task: 1. Namespaced Task when Kind is set to \"Task\". If Kind is \"\", it defaults to \"Task\". 2. Custom Task when Kind is non-empty and APIVersion is non-empty", "type": "string" }, "name": { @@ -1787,6 +1862,11 @@ "description": "PodTemplate holds pod specific configuration", "$ref": "#/definitions/pod.Template" }, + "retries": { + "description": "Retries represents how many times this TaskRun should be retried in the event of task failure.", + "type": "integer", + "format": "int32" + }, "serviceAccountName": { "type": "string", "default": "" @@ -1801,7 +1881,7 @@ "x-kubernetes-list-type": "atomic" }, "status": { - "description": "Used for cancelling a taskrun (and maybe more later on)", + "description": "Used for cancelling a TaskRun (and maybe more later on)", "type": "string" }, "statusMessage": { @@ -1825,7 +1905,7 @@ "$ref": "#/definitions/v1.TaskSpec" }, "timeout": { - "description": "Time after which the build times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + "description": "Time after which one retry attempt times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", "$ref": "#/definitions/v1.Duration" }, "workspaces": { @@ -1909,6 +1989,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the build is actually started.", "$ref": "#/definitions/v1.Time" @@ -1975,6 +2063,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the build is actually started.", "$ref": "#/definitions/v1.Time" @@ -2022,6 +2118,10 @@ "description": "Description is a user-facing description of the task that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the task that may be used to populate a UI.", + "type": "string" + }, "params": { "description": "Params is a list of input parameters required to run the task. Params must be supplied as inputs in TaskRuns unless they declare a default value.", "type": "array", diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_types.go index 4283e8119c..9a46de41b8 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_types.go @@ -54,13 +54,17 @@ func (*Task) GetGroupVersionKind() schema.GroupVersionKind { // TaskSpec defines the desired state of Task. type TaskSpec struct { - // Params is a list of input parameters required to run the task. Params // must be supplied as inputs in TaskRuns unless they declare a default // value. // +optional // +listType=atomic - Params []ParamSpec `json:"params,omitempty"` + Params ParamSpecs `json:"params,omitempty"` + + // DisplayName is a user-facing name of the task that may be + // used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` // Description is a user-facing description of the task that may be // used to populate a UI. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_validation.go index d2ce8de157..5848053bf6 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/task_validation.go @@ -25,6 +25,7 @@ import ( "time" "github.com/tektoncd/pipeline/pkg/apis/config" + "github.com/tektoncd/pipeline/pkg/apis/pipeline" "github.com/tektoncd/pipeline/pkg/apis/validate" "github.com/tektoncd/pipeline/pkg/apis/version" "github.com/tektoncd/pipeline/pkg/substitution" @@ -92,13 +93,27 @@ func (ts *TaskSpec) Validate(ctx context.Context) (errs *apis.FieldError) { } errs = errs.Also(validateSteps(ctx, mergedSteps).ViaField("steps")) + errs = errs.Also(validateSidecarNames(ts.Sidecars)) errs = errs.Also(ValidateParameterTypes(ctx, ts.Params).ViaField("params")) errs = errs.Also(ValidateParameterVariables(ctx, ts.Steps, ts.Params)) errs = errs.Also(validateTaskContextVariables(ctx, ts.Steps)) + errs = errs.Also(validateTaskResultsVariables(ctx, ts.Steps, ts.Results)) errs = errs.Also(validateResults(ctx, ts.Results).ViaField("results")) return errs } +func validateSidecarNames(sidecars []Sidecar) (errs *apis.FieldError) { + for _, sc := range sidecars { + if sc.Name == pipeline.ReservedResultsSidecarName { + errs = errs.Also(&apis.FieldError{ + Message: fmt.Sprintf("Invalid: cannot use reserved sidecar name %v ", sc.Name), + Paths: []string{"sidecars"}, + }) + } + } + return errs +} + func validateResults(ctx context.Context, results []TaskResult) (errs *apis.FieldError) { for index, result := range results { errs = errs.Also(result.Validate(ctx).ViaIndex(index)) @@ -210,7 +225,7 @@ func validateStep(ctx context.Context, s Step, names sets.String) (errs *apis.Fi if s.Script != "" { if len(s.Command) > 0 { errs = errs.Also(&apis.FieldError{ - Message: fmt.Sprintf("script cannot be used with command"), + Message: "script cannot be used with command", Paths: []string{"script"}, }) } @@ -280,9 +295,9 @@ func validateStep(ctx context.Context, s Step, names sets.String) (errs *apis.Fi func ValidateParameterTypes(ctx context.Context, params []ParamSpec) (errs *apis.FieldError) { for _, p := range params { if p.Type == ParamTypeObject { - // Object type parameter is an alpha feature and will fail validation if it's used in a task spec - // when the enable-api-fields feature gate is not "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.AlphaAPIFields)) + // Object type parameter is a beta feature and will fail validation if it's used in a task spec + // when the enable-api-fields feature gate is not "alpha" or "beta". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.BetaAPIFields)) } errs = errs.Also(p.ValidateType(ctx)) } @@ -325,7 +340,7 @@ func (p ParamSpec) ValidateObjectType(ctx context.Context) *apis.FieldError { if p.Type == ParamTypeObject && p.Properties == nil { // If this we are not skipping validation checks due to propagated params // then properties field is required. - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { return apis.ErrMissingField(fmt.Sprintf("%s.properties", p.Name)) } } @@ -366,12 +381,14 @@ func ValidateParameterVariables(ctx context.Context, steps []Step, params []Para arrayParameterNames.Insert(p.Name) case ParamTypeObject: objectParamSpecs = append(objectParamSpecs, p) + case ParamTypeString: + fallthrough default: stringParameterNames.Insert(p.Name) } } errs = errs.Also(validateNameFormat(stringParameterNames.Insert(arrayParameterNames.List()...), objectParamSpecs)) - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { errs = errs.Also(validateVariables(ctx, steps, "params", allParameterNames)) errs = errs.Also(validateObjectUsage(ctx, steps, objectParamSpecs)) } @@ -392,6 +409,18 @@ func validateTaskContextVariables(ctx context.Context, steps []Step) *apis.Field return errs.Also(validateVariables(ctx, steps, "context\\.task", taskContextNames)) } +// validateTaskResultsVariables validates if the results referenced in step script are defined in task results +func validateTaskResultsVariables(ctx context.Context, steps []Step, results []TaskResult) (errs *apis.FieldError) { + resultsNames := sets.NewString() + for _, r := range results { + resultsNames.Insert(r.Name) + } + for idx, step := range steps { + errs = errs.Also(validateTaskVariable(step.Script, "results", resultsNames).ViaField("script").ViaFieldIndex("steps", idx)) + } + return errs +} + // validateObjectUsage validates the usage of individual attributes of an object param and the usage of the entire object func validateObjectUsage(ctx context.Context, steps []Step, params []ParamSpec) (errs *apis.FieldError) { objectParameterNames := sets.NewString() @@ -431,7 +460,6 @@ func validateStepObjectUsageAsWhole(step Step, prefix string, vars sets.String) } for i, arg := range step.Args { errs = errs.Also(validateTaskNoObjectReferenced(arg, prefix, vars).ViaFieldIndex("args", i)) - } for _, env := range step.Env { errs = errs.Also(validateTaskNoObjectReferenced(env.Value, prefix, vars).ViaFieldKey("env", env.Name)) @@ -461,7 +489,6 @@ func validateStepArrayUsage(step Step, prefix string, vars sets.String) *apis.Fi } for i, arg := range step.Args { errs = errs.Also(validateTaskArraysIsolated(arg, prefix, vars).ViaFieldIndex("args", i)) - } for _, env := range step.Env { errs = errs.Also(validateTaskNoArrayReferenced(env.Value, prefix, vars).ViaFieldKey("env", env.Name)) @@ -575,3 +602,39 @@ func validateTaskArraysIsolated(value, prefix string, arrayNames sets.String) *a func isParamRefs(s string) bool { return strings.HasPrefix(s, "$("+ParamsPrefix) } + +// ValidateParamArrayIndex validates if the param reference to an array param is out of bound. +// error is returned when the array indexing reference is out of bound of the array param +// e.g. if a param reference of $(params.array-param[2]) and the array param is of length 2. +// - `trParams` are params from taskrun. +// - `taskSpec` contains params declarations. +func (ts *TaskSpec) ValidateParamArrayIndex(ctx context.Context, params Params) error { + cfg := config.FromContextOrDefaults(ctx) + if cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields { + return nil + } + + // Collect all array params lengths + arrayParamsLengths := ts.Params.extractParamArrayLengths() + for k, v := range params.extractParamArrayLengths() { + arrayParamsLengths[k] = v + } + + // collect all the possible places to use param references + paramsRefs := []string{} + paramsRefs = append(paramsRefs, extractParamRefsFromSteps(ts.Steps)...) + paramsRefs = append(paramsRefs, extractParamRefsFromStepTemplate(ts.StepTemplate)...) + paramsRefs = append(paramsRefs, extractParamRefsFromVolumes(ts.Volumes)...) + for _, v := range ts.Workspaces { + paramsRefs = append(paramsRefs, v.MountPath) + } + paramsRefs = append(paramsRefs, extractParamRefsFromSidecars(ts.Sidecars)...) + + // extract all array indexing references, for example []{"$(params.array-params[1])"} + arrayIndexParamRefs := []string{} + for _, p := range paramsRefs { + arrayIndexParamRefs = append(arrayIndexParamRefs, extractArrayIndexingParamRefs(p)...) + } + + return validateOutofBoundArrayParams(arrayIndexParamRefs, arrayParamsLengths) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_types.go index 74a319dd71..2bb395dac2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_types.go @@ -20,9 +20,12 @@ package v1 type TaskRef struct { // Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names Name string `json:"name,omitempty"` - // TaskKind indicates the kind of the task, namespaced or cluster scoped. + // TaskKind indicates the Kind of the Task: + // 1. Namespaced Task when Kind is set to "Task". If Kind is "", it defaults to "Task". + // 2. Custom Task when Kind is non-empty and APIVersion is non-empty Kind TaskKind `json:"kind,omitempty"` // API version of the referent + // Note: A Task with non-empty APIVersion and Kind is considered a Custom Task // +optional APIVersion string `json:"apiVersion,omitempty"` @@ -40,3 +43,10 @@ const ( // NamespacedTaskKind indicates that the task type has a namespaced scope. NamespacedTaskKind TaskKind = "Task" ) + +// IsCustomTask checks whether the reference is to a Custom Task +func (tr *TaskRef) IsCustomTask() bool { + // Note that if `apiVersion` is set to `"tekton.dev/v1beta1"` and `kind` is set to `"Task"`, + // the reference will be considered a Custom Task - https://github.com/tektoncd/pipeline/issues/6457 + return tr != nil && tr.APIVersion != "" && tr.Kind != "" +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_validation.go index 9de4940517..02dca53018 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskref_validation.go @@ -39,7 +39,7 @@ func (ref *TaskRef) Validate(ctx context.Context) (errs *apis.FieldError) { } } if ref.Params != nil { - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "params", config.BetaAPIFields).ViaField("params")) + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "resolver params", config.BetaAPIFields).ViaField("params")) if ref.Name != "" { errs = errs.Also(apis.ErrMultipleOneOf("name", "params")) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_defaults.go index 61932f4668..9f34e6b5c7 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_defaults.go @@ -50,8 +50,13 @@ func (tr *TaskRun) SetDefaults(ctx context.Context) { // SetDefaults implements apis.Defaultable func (trs *TaskRunSpec) SetDefaults(ctx context.Context) { cfg := config.FromContextOrDefaults(ctx) - if trs.TaskRef != nil && trs.TaskRef.Kind == "" { - trs.TaskRef.Kind = NamespacedTaskKind + if trs.TaskRef != nil { + if trs.TaskRef.Kind == "" { + trs.TaskRef.Kind = NamespacedTaskKind + } + if trs.TaskRef.Name == "" && trs.TaskRef.Resolver == "" { + trs.TaskRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) + } } if trs.Timeout == nil { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go index bf29a83642..7375c01ff5 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go @@ -1,12 +1,9 @@ /* Copyright 2022 The Tekton Authors - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -40,7 +37,7 @@ type TaskRunSpec struct { Debug *TaskRunDebug `json:"debug,omitempty"` // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // +optional ServiceAccountName string `json:"serviceAccountName"` // no more than one of the TaskRef and TaskSpec may be specified. @@ -48,13 +45,16 @@ type TaskRunSpec struct { TaskRef *TaskRef `json:"taskRef,omitempty"` // +optional TaskSpec *TaskSpec `json:"taskSpec,omitempty"` - // Used for cancelling a taskrun (and maybe more later on) + // Used for cancelling a TaskRun (and maybe more later on) // +optional Status TaskRunSpecStatus `json:"status,omitempty"` // Status message for cancellation. // +optional StatusMessage TaskRunSpecStatusMessage `json:"statusMessage,omitempty"` - // Time after which the build times out. Defaults to 1 hour. + // Retries represents how many times this TaskRun should be retried in the event of task failure. + // +optional + Retries int `json:"retries,omitempty"` + // Time after which one retry attempt times out. Defaults to 1 hour. // Specified build timeout should be less than 24h. // Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration // +optional @@ -83,7 +83,7 @@ type TaskRunSpec struct { ComputeResources *corev1.ResourceRequirements `json:"computeResources,omitempty"` } -// TaskRunSpecStatus defines the taskrun spec status the user can provide +// TaskRunSpecStatus defines the TaskRun spec status the user can provide type TaskRunSpecStatus string const ( @@ -114,7 +114,7 @@ type TaskRunDebug struct { type TaskRunInputs struct { // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` } var taskRunCondSet = apis.NewBatchConditionSet() @@ -141,15 +141,21 @@ const ( TaskRunReasonSuccessful TaskRunReason = "Succeeded" // TaskRunReasonFailed is the reason set when the TaskRun completed with a failure TaskRunReasonFailed TaskRunReason = "Failed" - // TaskRunReasonCancelled is the reason set when the Taskrun is cancelled by the user + // TaskRunReasonToBeRetried is the reason set when the last TaskRun execution failed, and will be retried + TaskRunReasonToBeRetried TaskRunReason = "ToBeRetried" + // TaskRunReasonCancelled is the reason set when the TaskRun is cancelled by the user TaskRunReasonCancelled TaskRunReason = "TaskRunCancelled" - // TaskRunReasonTimedOut is the reason set when the Taskrun has timed out + // TaskRunReasonTimedOut is the reason set when one TaskRun execution has timed out TaskRunReasonTimedOut TaskRunReason = "TaskRunTimeout" // TaskRunReasonResolvingTaskRef indicates that the TaskRun is waiting for // its taskRef to be asynchronously resolved. TaskRunReasonResolvingTaskRef = "ResolvingTaskRef" // TaskRunReasonImagePullFailed is the reason set when the step of a task fails due to image not being pulled TaskRunReasonImagePullFailed TaskRunReason = "TaskRunImagePullFailed" + // TaskRunReasonResultLargerThanAllowedLimit is the reason set when one of the results exceeds its maximum allowed limit of 1 KB + TaskRunReasonResultLargerThanAllowedLimit TaskRunReason = "TaskRunResultLargerThanAllowedLimit" + // TaskRunReasonStopSidecarFailed indicates that the sidecar is not properly stopped. + TaskRunReasonStopSidecarFailed = "TaskRunStopSidecarFailed" ) func (t TaskRunReason) String() string { @@ -201,11 +207,9 @@ type TaskRunStatusFields struct { PodName string `json:"podName"` // StartTime is the time the build is actually started. - // +optional StartTime *metav1.Time `json:"startTime,omitempty"` // CompletionTime is the time the build completed. - // +optional CompletionTime *metav1.Time `json:"completionTime,omitempty"` // Steps describes the state of each build step container. @@ -233,7 +237,11 @@ type TaskRunStatusFields struct { TaskSpec *TaskSpec `json:"taskSpec,omitempty"` // Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). + // +optional Provenance *Provenance `json:"provenance,omitempty"` + + // SpanContext contains tracing span context fields + SpanContext map[string]string `json:"spanContext,omitempty"` } // TaskRunStepSpec is used to override the values of a Step in the corresponding Task. @@ -339,7 +347,7 @@ type TaskRunList struct { Items []TaskRun `json:"items"` } -// GetPipelineRunPVCName for taskrun gets pipelinerun +// GetPipelineRunPVCName for TaskRun gets pipelinerun func (tr *TaskRun) GetPipelineRunPVCName() string { if tr == nil { return "" @@ -368,7 +376,7 @@ func (tr *TaskRun) IsDone() bool { return !tr.Status.GetCondition(apis.ConditionSucceeded).IsUnknown() } -// HasStarted function check whether taskrun has valid start time set in its status +// HasStarted function check whether TaskRun has valid start time set in its status func (tr *TaskRun) HasStarted() bool { return tr.Status.StartTime != nil && !tr.Status.StartTime.IsZero() } @@ -383,6 +391,11 @@ func (tr *TaskRun) IsCancelled() bool { return tr.Spec.Status == TaskRunSpecStatusCancelled } +// IsRetriable returns true if the TaskRun's Retries is not exhausted. +func (tr *TaskRun) IsRetriable() bool { + return len(tr.Status.RetriesStatus) < tr.Spec.Retries +} + // HasTimedOut returns true if the TaskRun runtime is beyond the allowed timeout func (tr *TaskRun) HasTimedOut(ctx context.Context, c clock.PassiveClock) bool { if tr.Status.StartTime.IsZero() { @@ -402,7 +415,7 @@ func (tr *TaskRun) GetTimeout(ctx context.Context) time.Duration { // Use the platform default is no timeout is set if tr.Spec.Timeout == nil { defaultTimeout := time.Duration(config.FromContextOrDefaults(ctx).Defaults.DefaultTimeoutMinutes) - return defaultTimeout * time.Minute + return defaultTimeout * time.Minute //nolint:durationcheck } return tr.Spec.Timeout.Duration } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go index 21139341e8..055094bb6a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go @@ -22,11 +22,13 @@ import ( "strings" "github.com/tektoncd/pipeline/pkg/apis/config" + "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" "github.com/tektoncd/pipeline/pkg/apis/validate" "github.com/tektoncd/pipeline/pkg/apis/version" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/utils/strings/slices" "knative.dev/pkg/apis" "knative.dev/pkg/webhook/resourcesemantics" ) @@ -105,6 +107,9 @@ func (ts *TaskRunSpec) Validate(ctx context.Context) (errs *apis.FieldError) { } } + if ts.PodTemplate != nil { + errs = errs.Also(validatePodTemplateEnv(ctx, *ts.PodTemplate)) + } return errs } @@ -141,6 +146,19 @@ func (ts *TaskRunSpec) validateInlineParameters(ctx context.Context) (errs *apis return errs } +func validatePodTemplateEnv(ctx context.Context, podTemplate pod.Template) (errs *apis.FieldError) { + forbiddenEnvsConfigured := config.FromContextOrDefaults(ctx).Defaults.DefaultForbiddenEnv + if len(forbiddenEnvsConfigured) == 0 { + return errs + } + for _, pEnv := range podTemplate.Env { + if slices.Contains(forbiddenEnvsConfigured, pEnv.Name) { + errs = errs.Also(apis.ErrInvalidValue("PodTemplate cannot update a forbidden env: "+pEnv.Name, "PodTemplate.Env")) + } + } + return errs +} + func createParamSpecFromParam(p Param, paramSpecForValidation map[string]ParamSpec) map[string]ParamSpec { value := p.Value pSpec := ParamSpec{ @@ -220,13 +238,13 @@ func ValidateWorkspaceBindings(ctx context.Context, wb []WorkspaceBinding) (errs } // ValidateParameters makes sure the params for the Task are valid. -func ValidateParameters(ctx context.Context, params []Param) (errs *apis.FieldError) { +func ValidateParameters(ctx context.Context, params Params) (errs *apis.FieldError) { var names []string for _, p := range params { if p.Value.Type == ParamTypeObject { - // Object type parameter is an alpha feature and will fail validation if it's used in a taskrun spec - // when the enable-api-fields feature gate is not "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.AlphaAPIFields)) + // Object type parameter is a beta feature and will fail validation if it's used in a taskrun spec + // when the enable-api-fields feature gate is not "alpha" or "beta". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.BetaAPIFields)) } names = append(names, p.Name) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/workspace_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/workspace_types.go index a68c3064eb..f556201c4b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/workspace_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/workspace_types.go @@ -87,6 +87,7 @@ type WorkspaceBinding struct { // WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun // is expected to populate with a workspace binding. +// // Deprecated: use PipelineWorkspaceDeclaration type instead type WorkspacePipelineDeclaration = PipelineWorkspaceDeclaration diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go index ef03a3bb5a..bd2f039f69 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go @@ -22,8 +22,9 @@ limitations under the License. package v1 import ( + config "github.com/tektoncd/pipeline/pkg/apis/config" pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" - v1alpha1 "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1" + v1beta1 "github.com/tektoncd/pipeline/pkg/apis/run/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -54,26 +55,53 @@ func (in *ChildStatusReference) DeepCopy() *ChildStatusReference { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigSource) DeepCopyInto(out *ConfigSource) { - *out = *in - if in.Digest != nil { - in, out := &in.Digest, &out.Digest - *out = make(map[string]string, len(*in)) +func (in Combination) DeepCopyInto(out *Combination) { + { + in := &in + *out = make(Combination, len(*in)) for key, val := range *in { (*out)[key] = val } + return } - return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigSource. -func (in *ConfigSource) DeepCopy() *ConfigSource { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Combination. +func (in Combination) DeepCopy() Combination { if in == nil { return nil } - out := new(ConfigSource) + out := new(Combination) in.DeepCopyInto(out) - return out + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in Combinations) DeepCopyInto(out *Combinations) { + { + in := &in + *out = make(Combinations, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(Combination, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Combinations. +func (in Combinations) DeepCopy() Combinations { + if in == nil { + return nil + } + out := new(Combinations) + in.DeepCopyInto(out) + return *out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -96,12 +124,64 @@ func (in *EmbeddedTask) DeepCopy() *EmbeddedTask { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeParams) DeepCopyInto(out *IncludeParams) { + *out = *in + if in.Params != nil { + in, out := &in.Params, &out.Params + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParams. +func (in *IncludeParams) DeepCopy() *IncludeParams { + if in == nil { + return nil + } + out := new(IncludeParams) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in IncludeParamsList) DeepCopyInto(out *IncludeParamsList) { + { + in := &in + *out = make(IncludeParamsList, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParamsList. +func (in IncludeParamsList) DeepCopy() IncludeParamsList { + if in == nil { + return nil + } + out := new(IncludeParamsList) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Matrix) DeepCopyInto(out *Matrix) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make(IncludeParamsList, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -164,6 +244,28 @@ func (in *ParamSpec) DeepCopy() *ParamSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ParamSpecs) DeepCopyInto(out *ParamSpecs) { + { + in := &in + *out = make(ParamSpecs, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParamSpecs. +func (in ParamSpecs) DeepCopy() ParamSpecs { + if in == nil { + return nil + } + out := new(ParamSpecs) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ParamValue) DeepCopyInto(out *ParamValue) { *out = *in @@ -192,6 +294,28 @@ func (in *ParamValue) DeepCopy() *ParamValue { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in Params) DeepCopyInto(out *Params) { + { + in := &in + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Params. +func (in Params) DeepCopy() Params { + if in == nil { + return nil + } + out := new(Params) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Pipeline) DeepCopyInto(out *Pipeline) { *out = *in @@ -369,7 +493,7 @@ func (in *PipelineRunRunStatus) DeepCopyInto(out *PipelineRunRunStatus) { *out = *in if in.Status != nil { in, out := &in.Status, &out.Status - *out = new(v1alpha1.RunStatus) + *out = new(v1beta1.CustomRunStatus) (*in).DeepCopyInto(*out) } if in.WhenExpressions != nil { @@ -407,7 +531,7 @@ func (in *PipelineRunSpec) DeepCopyInto(out *PipelineRunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -509,6 +633,13 @@ func (in *PipelineRunStatusFields) DeepCopyInto(out *PipelineRunStatusFields) { *out = new(Provenance) (*in).DeepCopyInto(*out) } + if in.SpanContext != nil { + in, out := &in.SpanContext, &out.SpanContext + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } return } @@ -562,7 +693,7 @@ func (in *PipelineSpec) DeepCopyInto(out *PipelineSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]ParamSpec, len(*in)) + *out = make(ParamSpecs, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -626,7 +757,7 @@ func (in *PipelineTask) DeepCopyInto(out *PipelineTask) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -844,11 +975,16 @@ func (in *PropertySpec) DeepCopy() *PropertySpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Provenance) DeepCopyInto(out *Provenance) { *out = *in - if in.ConfigSource != nil { - in, out := &in.ConfigSource, &out.ConfigSource - *out = new(ConfigSource) + if in.RefSource != nil { + in, out := &in.RefSource, &out.RefSource + *out = new(RefSource) (*in).DeepCopyInto(*out) } + if in.FeatureFlags != nil { + in, out := &in.FeatureFlags, &out.FeatureFlags + *out = new(config.FeatureFlags) + **out = **in + } return } @@ -862,12 +998,35 @@ func (in *Provenance) DeepCopy() *Provenance { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RefSource) DeepCopyInto(out *RefSource) { + *out = *in + if in.Digest != nil { + in, out := &in.Digest, &out.Digest + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RefSource. +func (in *RefSource) DeepCopy() *RefSource { + if in == nil { + return nil + } + out := new(RefSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResolverRef) DeepCopyInto(out *ResolverRef) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1352,7 +1511,7 @@ func (in *TaskRunInputs) DeepCopyInto(out *TaskRunInputs) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1447,7 +1606,7 @@ func (in *TaskRunSpec) DeepCopyInto(out *TaskRunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1578,6 +1737,13 @@ func (in *TaskRunStatusFields) DeepCopyInto(out *TaskRunStatusFields) { *out = new(Provenance) (*in).DeepCopyInto(*out) } + if in.SpanContext != nil { + in, out := &in.SpanContext, &out.SpanContext + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } return } @@ -1613,7 +1779,7 @@ func (in *TaskSpec) DeepCopyInto(out *TaskSpec) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]ParamSpec, len(*in)) + *out = make(ParamSpecs, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/register.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/register.go index 42b5e4b18e..fe5e76f459 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/register.go @@ -48,6 +48,8 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &Run{}, &RunList{}, + &VerificationPolicy{}, + &VerificationPolicyList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/run_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/run_types.go index d10e2dc3d1..68198cf44f 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/run_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/run_types.go @@ -55,7 +55,7 @@ type RunSpec struct { Spec *EmbeddedRunSpec `json:"spec,omitempty"` // +optional - Params []v1beta1.Param `json:"params,omitempty"` + Params v1beta1.Params `json:"params,omitempty"` // Used for cancelling a run (and maybe more later on) // +optional @@ -263,3 +263,8 @@ func (r *Run) GetTimeout() time.Duration { } return r.Spec.Timeout.Duration } + +// GetRetryCount returns the number of times this Run has already been retried +func (r *Run) GetRetryCount() int { + return len(r.Status.RetriesStatus) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_defaults.go similarity index 65% rename from vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_defaults.go rename to vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_defaults.go index faf03c08c1..6b18c31866 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_defaults.go @@ -1,5 +1,5 @@ /* -Copyright 2019 The Tekton Authors +Copyright 2020 The Tekton Authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -22,13 +22,9 @@ import ( "knative.dev/pkg/apis" ) -var _ apis.Defaultable = (*PipelineResource)(nil) +var _ apis.Defaultable = (*VerificationPolicy)(nil) -// SetDefaults implements api.Defaultable -func (t *PipelineResource) SetDefaults(ctx context.Context) { - t.Spec.SetDefaults(ctx) -} +// SetDefaults implements apis.Defaultable +func (v *VerificationPolicy) SetDefaults(ctx context.Context) { -// SetDefaults implements api.Defaultable -func (ts *PipelineResourceSpec) SetDefaults(ctx context.Context) { } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_types.go new file mode 100644 index 0000000000..c16483cb8c --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_types.go @@ -0,0 +1,139 @@ +/* +Copyright 2022 The Tekton Authors +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + "crypto" + + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// +genclient +// +genclient:noStatus +// +genreconciler:krshapedlogic=false +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// VerificationPolicy defines the rules to verify Tekton resources. +// VerificationPolicy can config the mapping from resources to a list of public +// keys, so when verifying the resources we can use the corresponding public keys. +// +k8s:openapi-gen=true +type VerificationPolicy struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ObjectMeta `json:"metadata"` + + // Spec holds the desired state of the VerificationPolicy. + Spec VerificationPolicySpec `json:"spec"` +} + +// VerificationPolicyList contains a list of VerificationPolicy +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type VerificationPolicyList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + Items []VerificationPolicy `json:"items"` +} + +// GetGroupVersionKind implements kmeta.OwnerRefable. +func (*VerificationPolicy) GetGroupVersionKind() schema.GroupVersionKind { + return SchemeGroupVersion.WithKind("VerificationPolicy") +} + +// VerificationPolicySpec defines the patterns and authorities. +type VerificationPolicySpec struct { + // Resources defines the patterns of resources sources that should be subject to this policy. + // For example, we may want to apply this Policy from a certain GitHub repo. + // Then the ResourcesPattern should be valid regex. E.g. If using gitresolver, and we want to config keys from a certain git repo. + // `ResourcesPattern` can be `https://github.com/tektoncd/catalog.git`, we will use regex to filter out those resources. + Resources []ResourcePattern `json:"resources"` + // Authorities defines the rules for validating signatures. + Authorities []Authority `json:"authorities"` + // Mode controls whether a failing policy will fail the taskrun/pipelinerun, or only log the warnings + // enforce - fail the taskrun/pipelinerun if verification fails (default) + // warn - don't fail the taskrun/pipelinerun if verification fails but log warnings + // +optional + Mode ModeType `json:"mode,omitempty"` +} + +// ResourcePattern defines the pattern of the resource source +type ResourcePattern struct { + // Pattern defines a resource pattern. Regex is created to filter resources based on `Pattern` + // Example patterns: + // GitHub resource: https://github.com/tektoncd/catalog.git, https://github.com/tektoncd/* + // Bundle resource: gcr.io/tekton-releases/catalog/upstream/git-clone, gcr.io/tekton-releases/catalog/upstream/* + // Hub resource: https://artifacthub.io/*, + Pattern string `json:"pattern"` +} + +// The Authority block defines the keys for validating signatures. +type Authority struct { + // Name is the name for this authority. + Name string `json:"name"` + // Key contains the public key to validate the resource. + Key *KeyRef `json:"key,omitempty"` +} + +// ModeType indicates the type of a mode for VerificationPolicy +type ModeType string + +// Valid ModeType: +const ( + ModeWarn ModeType = "warn" + ModeEnforce ModeType = "enforce" +) + +// KeyRef defines the reference to a public key +type KeyRef struct { + // SecretRef sets a reference to a secret with the key. + // +optional + SecretRef *v1.SecretReference `json:"secretRef,omitempty"` + // Data contains the inline public key. + // +optional + Data string `json:"data,omitempty"` + // KMS contains the KMS url of the public key + // Supported formats differ based on the KMS system used. + // One example of a KMS url could be: + // gcpkms://projects/[PROJECT]/locations/[LOCATION]>/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[KEY_VERSION] + // For more examples please refer https://docs.sigstore.dev/cosign/kms_support. + // Note that the KMS is not supported yet. + // +optional + KMS string `json:"kms,omitempty"` + // HashAlgorithm always defaults to sha256 if the algorithm hasn't been explicitly set + // +optional + HashAlgorithm HashAlgorithm `json:"hashAlgorithm,omitempty"` +} + +// HashAlgorithm defines the hash algorithm used for the public key +type HashAlgorithm string + +const ( + sha224 HashAlgorithm = "sha224" + sha256 HashAlgorithm = "sha256" + sha384 HashAlgorithm = "sha384" + sha512 HashAlgorithm = "sha512" + empty HashAlgorithm = "" +) + +// SupportedSignatureAlgorithms sets a list of support signature algorithms that is similar to the list supported by cosign. +// empty HashAlgorithm is allowed and will be set to SHA256. +var SupportedSignatureAlgorithms = map[HashAlgorithm]crypto.Hash{ + sha224: crypto.SHA224, + sha256: crypto.SHA256, + sha384: crypto.SHA384, + sha512: crypto.SHA512, + empty: crypto.SHA256, +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_validation.go new file mode 100644 index 0000000000..316ba55da2 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/verificationpolicy_validation.go @@ -0,0 +1,110 @@ +/* +Copyright 2022 The Tekton Authors +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + "context" + "fmt" + "regexp" + "strings" + + "github.com/tektoncd/pipeline/pkg/apis/validate" + "knative.dev/pkg/apis" +) + +var _ apis.Validatable = (*VerificationPolicy)(nil) + +var ( + // InvalidResourcePatternErr is returned when the pattern is not valid regex expression + InvalidResourcePatternErr = "resourcePattern cannot be compiled by regex" +) + +// Validate VerificationPolicy +func (v *VerificationPolicy) Validate(ctx context.Context) (errs *apis.FieldError) { + errs = errs.Also(validate.ObjectMetadata(v.GetObjectMeta()).ViaField("metadata")) + errs = errs.Also(v.Spec.Validate(ctx)) + return errs +} + +// Validate VerificationPolicySpec, the validation requires Resources is not empty, for each +// resource it must be able to be regex expression and can be compiled with no error. The Authorities +// shouldn't be empty and each Authority should be valid. +func (vs *VerificationPolicySpec) Validate(ctx context.Context) (errs *apis.FieldError) { + if len(vs.Resources) == 0 { + errs = errs.Also(apis.ErrMissingField("resources")) + } + for _, r := range vs.Resources { + errs = errs.Also(r.Validate(ctx)) + } + if len(vs.Authorities) == 0 { + errs = errs.Also(apis.ErrMissingField("authorities")) + } + for i, a := range vs.Authorities { + if a.Key != nil { + errs = errs.Also(a.Key.Validate(ctx).ViaFieldIndex("key", i)) + } + } + if vs.Mode != "" && vs.Mode != ModeEnforce && vs.Mode != ModeWarn { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("available values are: %s, %s, but got: %s", ModeEnforce, ModeWarn, vs.Mode), "mode")) + } + return errs +} + +// Validate KeyRef will check if one of KeyRef's Data or SecretRef exists, and the +// Supported HashAlgorithm is in supportedSignatureAlgorithms. +func (key *KeyRef) Validate(ctx context.Context) (errs *apis.FieldError) { + // Validate that one and only one of Data, SecretRef, KMS is defined. + keyCount := 0 + if key.Data != "" { + keyCount++ + } + if key.SecretRef != nil { + keyCount++ + } + if key.KMS != "" { + keyCount++ + } + + switch keyCount { + case 0: + errs = errs.Also(apis.ErrMissingOneOf("data", "kms", "secretref")) + case 1: + // do nothing -- a single key definition is valid + default: + errs = errs.Also(apis.ErrMultipleOneOf("data", "kms", "secretref")) + } + + errs = errs.Also(validateHashAlgorithm(key.HashAlgorithm)) + + return errs +} + +// Validate ResourcePattern and make sure the Pattern is valid regex expression +func (r *ResourcePattern) Validate(ctx context.Context) (errs *apis.FieldError) { + if _, err := regexp.Compile(r.Pattern); err != nil { + errs = errs.Also(apis.ErrInvalidValue(r.Pattern, "ResourcePattern", fmt.Sprintf("%v: %v", InvalidResourcePatternErr, err))) + return errs + } + return nil +} + +// validateHashAlgorithm checks if the algorithm is supported +func validateHashAlgorithm(algorithmName HashAlgorithm) (errs *apis.FieldError) { + normalizedAlgo := strings.ToLower(string(algorithmName)) + _, exists := SupportedSignatureAlgorithms[HashAlgorithm(normalizedAlgo)] + if !exists { + return apis.ErrInvalidValue(algorithmName, "HashAlgorithm") + } + return nil +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/zz_generated.deepcopy.go index 47123e63dd..2da3fac462 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/zz_generated.deepcopy.go @@ -24,10 +24,32 @@ package v1alpha1 import ( pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" v1beta1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Authority) DeepCopyInto(out *Authority) { + *out = *in + if in.Key != nil { + in, out := &in.Key, &out.Key + *out = new(KeyRef) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authority. +func (in *Authority) DeepCopy() *Authority { + if in == nil { + return nil + } + out := new(Authority) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EmbeddedRunSpec) DeepCopyInto(out *EmbeddedRunSpec) { *out = *in @@ -47,6 +69,43 @@ func (in *EmbeddedRunSpec) DeepCopy() *EmbeddedRunSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeyRef) DeepCopyInto(out *KeyRef) { + *out = *in + if in.SecretRef != nil { + in, out := &in.SecretRef, &out.SecretRef + *out = new(v1.SecretReference) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRef. +func (in *KeyRef) DeepCopy() *KeyRef { + if in == nil { + return nil + } + out := new(KeyRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ResourcePattern) DeepCopyInto(out *ResourcePattern) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePattern. +func (in *ResourcePattern) DeepCopy() *ResourcePattern { + if in == nil { + return nil + } + out := new(ResourcePattern) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Run) DeepCopyInto(out *Run) { *out = *in @@ -123,7 +182,7 @@ func (in *RunSpec) DeepCopyInto(out *RunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]v1beta1.Param, len(*in)) + *out = make(v1beta1.Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -135,7 +194,7 @@ func (in *RunSpec) DeepCopyInto(out *RunSpec) { } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout - *out = new(v1.Duration) + *out = new(metav1.Duration) **out = **in } if in.Workspaces != nil { @@ -157,3 +216,91 @@ func (in *RunSpec) DeepCopy() *RunSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VerificationPolicy) DeepCopyInto(out *VerificationPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicy. +func (in *VerificationPolicy) DeepCopy() *VerificationPolicy { + if in == nil { + return nil + } + out := new(VerificationPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VerificationPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VerificationPolicyList) DeepCopyInto(out *VerificationPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]VerificationPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicyList. +func (in *VerificationPolicyList) DeepCopy() *VerificationPolicyList { + if in == nil { + return nil + } + out := new(VerificationPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VerificationPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VerificationPolicySpec) DeepCopyInto(out *VerificationPolicySpec) { + *out = *in + if in.Resources != nil { + in, out := &in.Resources, &out.Resources + *out = make([]ResourcePattern, len(*in)) + copy(*out, *in) + } + if in.Authorities != nil { + in, out := &in.Authorities, &out.Authorities + *out = make([]Authority, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicySpec. +func (in *VerificationPolicySpec) DeepCopy() *VerificationPolicySpec { + if in == nil { + return nil + } + out := new(VerificationPolicySpec) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/cluster_task_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/cluster_task_types.go index 1a78de2605..aaaf03b9cf 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/cluster_task_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/cluster_task_types.go @@ -31,7 +31,9 @@ import ( // ClusterTask is a Task with a cluster scope. ClusterTasks are used to // represent Tasks that should be publicly addressable from any namespace in the -// cluster. Deprecated: Please use the cluster resolver instead. +// cluster. +// +// Deprecated: Please use the cluster resolver instead. type ClusterTask struct { metav1.TypeMeta `json:",inline"` // +optional diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_conversion.go index 746831bfda..816e4e9918 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_types.go index 624a1c373f..980ad392c8 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/container_types.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( @@ -7,7 +23,6 @@ import ( // Step runs a subcomponent of a Task type Step struct { - // Name of the Step specified as a DNS_LABEL. // Each Step in a Task must have a unique name. Name string `json:"name" protobuf:"bytes,1,opt,name=name"` @@ -43,7 +58,6 @@ type Step struct { // Cannot be updated. // +optional WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` - // Deprecated. This field will be removed in a future release. // List of ports to expose from the Step's container. Exposing a port here gives // the system additional information about the network connections a // container uses, but is primarily informational. Not specifying a port here @@ -51,6 +65,9 @@ type Step struct { // listening on the default "0.0.0.0" address inside a container will be // accessible from the network. // Cannot be updated. + // + // Deprecated: This field will be removed in a future release. + // // +optional // +patchMergeKey=containerPort // +patchStrategy=merge @@ -92,21 +109,25 @@ type Step struct { // +optional // +listType=atomic VolumeDevices []corev1.VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` - // Deprecated. This field will be removed in a future release. // Periodic probe of container liveness. // Step will be restarted if the probe fails. // Cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedLivenessProbe *corev1.Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` - // Deprecated. This field will be removed in a future release. // Periodic probe of container service readiness. // Step will be removed from service endpoints if the probe fails. // Cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedReadinessProbe *corev1.Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` - // Deprecated. This field will be removed in a future release. + // DeprecatedStartupProbe indicates that the Pod this Step runs in has successfully initialized. // If specified, no other probes are executed until this completes successfully. // If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. @@ -114,17 +135,22 @@ type Step struct { // when it might take a long time to load data or warm a cache, than during steady-state operation. // This cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStartupProbe *corev1.Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` - // Deprecated. This field will be removed in a future release. // Actions that the management system should take in response to container lifecycle events. // Cannot be updated. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedLifecycle *corev1.Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` - // Deprecated. This field will be removed in a future release and can't be meaningfully used. + // Deprecated: This field will be removed in a future release and can't be meaningfully used. // +optional DeprecatedTerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` - // Deprecated. This field will be removed in a future release and can't be meaningfully used. + // Deprecated: This field will be removed in a future release and can't be meaningfully used. // +optional DeprecatedTerminationMessagePolicy corev1.TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` // Image pull policy. @@ -142,13 +168,14 @@ type Step struct { // Variables for interactive containers, these are deprecated and should not be used. - // Deprecated. This field will be removed in a future release. // Whether this container should allocate a buffer for stdin in the container runtime. If this // is not set, reads from stdin in the container will always result in EOF. // Default is false. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` - // Deprecated. This field will be removed in a future release. // Whether the container runtime should close the stdin channel after it has been opened by // a single attach. When stdin is true the stdin stream will remain open across multiple attach // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the @@ -156,11 +183,16 @@ type Step struct { // at which time stdin is closed and remains closed until the container is restarted. If this // flag is false, a container processes that reads from stdin will never receive an EOF. // Default is false + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` - // Deprecated. This field will be removed in a future release. // Whether this container should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. // Default is false. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedTTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` @@ -271,11 +303,12 @@ func (s *Step) SetContainerFields(c corev1.Container) { // StepTemplate is a template for a Step type StepTemplate struct { - - // Deprecated. This field will be removed in a future release. // Default name for each Step specified as a DNS_LABEL. // Each Step in a Task must have a unique name. // Cannot be updated. + // + // Deprecated: This field will be removed in a future release. + // DeprecatedName string `json:"name" protobuf:"bytes,1,opt,name=name"` // Default image name to use for each Step. // More info: https://kubernetes.io/docs/concepts/containers/images @@ -311,7 +344,6 @@ type StepTemplate struct { // Cannot be updated. // +optional WorkingDir string `json:"workingDir,omitempty" protobuf:"bytes,5,opt,name=workingDir"` - // Deprecated. This field will be removed in a future release. // List of ports to expose from the Step's container. Exposing a port here gives // the system additional information about the network connections a // container uses, but is primarily informational. Not specifying a port here @@ -319,6 +351,9 @@ type StepTemplate struct { // listening on the default "0.0.0.0" address inside a container will be // accessible from the network. // Cannot be updated. + // + // Deprecated: This field will be removed in a future release. + // // +optional // +patchMergeKey=containerPort // +patchStrategy=merge @@ -360,21 +395,24 @@ type StepTemplate struct { // +optional // +listType=atomic VolumeDevices []corev1.VolumeDevice `json:"volumeDevices,omitempty" patchStrategy:"merge" patchMergeKey:"devicePath" protobuf:"bytes,21,rep,name=volumeDevices"` - // Deprecated. This field will be removed in a future release. // Periodic probe of container liveness. // Container will be restarted if the probe fails. // Cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedLivenessProbe *corev1.Probe `json:"livenessProbe,omitempty" protobuf:"bytes,10,opt,name=livenessProbe"` - // Deprecated. This field will be removed in a future release. // Periodic probe of container service readiness. // Container will be removed from service endpoints if the probe fails. // Cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedReadinessProbe *corev1.Probe `json:"readinessProbe,omitempty" protobuf:"bytes,11,opt,name=readinessProbe"` - // Deprecated. This field will be removed in a future release. // DeprecatedStartupProbe indicates that the Pod has successfully initialized. // If specified, no other probes are executed until this completes successfully. // If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. @@ -382,17 +420,22 @@ type StepTemplate struct { // when it might take a long time to load data or warm a cache, than during steady-state operation. // This cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStartupProbe *corev1.Probe `json:"startupProbe,omitempty" protobuf:"bytes,22,opt,name=startupProbe"` - // Deprecated. This field will be removed in a future release. // Actions that the management system should take in response to container lifecycle events. // Cannot be updated. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedLifecycle *corev1.Lifecycle `json:"lifecycle,omitempty" protobuf:"bytes,12,opt,name=lifecycle"` - // Deprecated. This field will be removed in a future release and cannot be meaningfully used. + // Deprecated: This field will be removed in a future release and cannot be meaningfully used. // +optional DeprecatedTerminationMessagePath string `json:"terminationMessagePath,omitempty" protobuf:"bytes,13,opt,name=terminationMessagePath"` - // Deprecated. This field will be removed in a future release and cannot be meaningfully used. + // Deprecated: This field will be removed in a future release and cannot be meaningfully used. // +optional DeprecatedTerminationMessagePolicy corev1.TerminationMessagePolicy `json:"terminationMessagePolicy,omitempty" protobuf:"bytes,20,opt,name=terminationMessagePolicy,casttype=TerminationMessagePolicy"` // Image pull policy. @@ -410,13 +453,14 @@ type StepTemplate struct { // Variables for interactive containers, these are deprecated and should not be used. - // Deprecated. This field will be removed in a future release. // Whether this Step should allocate a buffer for stdin in the container runtime. If this // is not set, reads from stdin in the Step will always result in EOF. // Default is false. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStdin bool `json:"stdin,omitempty" protobuf:"varint,16,opt,name=stdin"` - // Deprecated. This field will be removed in a future release. // Whether the container runtime should close the stdin channel after it has been opened by // a single attach. When stdin is true the stdin stream will remain open across multiple attach // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the @@ -424,11 +468,16 @@ type StepTemplate struct { // at which time stdin is closed and remains closed until the container is restarted. If this // flag is false, a container processes that reads from stdin will never receive an EOF. // Default is false + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedStdinOnce bool `json:"stdinOnce,omitempty" protobuf:"varint,17,opt,name=stdinOnce"` - // Deprecated. This field will be removed in a future release. // Whether this Step should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. // Default is false. + // + // Deprecated: This field will be removed in a future release. + // // +optional DeprecatedTTY bool `json:"tty,omitempty" protobuf:"varint,18,opt,name=tty"` } @@ -489,7 +538,6 @@ func (s *StepTemplate) ToK8sContainer() *corev1.Container { // Sidecar has nearly the same data structure as Step but does not have the ability to timeout. type Sidecar struct { - // Name of the Sidecar specified as a DNS_LABEL. // Each Sidecar in a Task must have a unique name (DNS_LABEL). // Cannot be updated. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/customrun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/customrun_types.go index a24f57a1e0..233270037d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/customrun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/customrun_types.go @@ -54,7 +54,7 @@ type CustomRunSpec struct { // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // Used for cancelling a customrun (and maybe more later on) // +optional @@ -194,7 +194,7 @@ func (r *CustomRun) GetStatusCondition() apis.ConditionAccessor { // GetGroupVersionKind implements kmeta.OwnerRefable. func (*CustomRun) GetGroupVersionKind() schema.GroupVersionKind { - return SchemeGroupVersion.WithKind(pipeline.RunControllerName) + return SchemeGroupVersion.WithKind(pipeline.CustomRunControllerName) } // HasPipelineRunOwnerReference returns true of CustomRun has @@ -256,3 +256,8 @@ func (r *CustomRun) GetTimeout() time.Duration { } return r.Spec.Timeout.Duration } + +// GetRetryCount returns the number of times this CustomRun has already been retried +func (r *CustomRun) GetRetryCount() int { + return len(r.Status.RetriesStatus) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/matrix_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/matrix_types.go new file mode 100644 index 0000000000..f1c86d4e06 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/matrix_types.go @@ -0,0 +1,362 @@ +/* +Copyright 2023 The Tekton Authors +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + "fmt" + "sort" + + "github.com/tektoncd/pipeline/pkg/apis/config" + "golang.org/x/exp/maps" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/utils/strings/slices" + "knative.dev/pkg/apis" +) + +// Matrix is used to fan out Tasks in a Pipeline +type Matrix struct { + // Params is a list of parameters used to fan out the pipelineTask + // Params takes only `Parameters` of type `"array"` + // Each array element is supplied to the `PipelineTask` by substituting `params` of type `"string"` in the underlying `Task`. + // The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting. + // +listType=atomic + Params Params `json:"params,omitempty"` + + // Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix. + // +optional + // +listType=atomic + Include IncludeParamsList `json:"include,omitempty"` +} + +// IncludeParamsList is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix. +type IncludeParamsList []IncludeParams + +// IncludeParams allows passing in a specific combinations of Parameters into the Matrix. +type IncludeParams struct { + // Name the specified combination + Name string `json:"name,omitempty"` + + // Params takes only `Parameters` of type `"string"` + // The names of the `params` must match the names of the `params` in the underlying `Task` + // +listType=atomic + Params Params `json:"params,omitempty"` +} + +// Combination is a map, mainly defined to hold a single combination from a Matrix with key as param.Name and value as param.Value +type Combination map[string]string + +// Combinations is a Combination list +type Combinations []Combination + +// FanOut returns an list of params that represent combinations +func (m *Matrix) FanOut() []Params { + var combinations, includeCombinations Combinations + includeCombinations = m.getIncludeCombinations() + if m.HasInclude() && !m.HasParams() { + // If there are only Matrix Include Parameters return explicit combinations + return includeCombinations.toParams() + } + // Generate combinations from Matrix Parameters + for _, parameter := range m.Params { + combinations = combinations.fanOutMatrixParams(parameter) + } + combinations.overwriteCombinations(includeCombinations) + combinations = combinations.addNewCombinations(includeCombinations) + return combinations.toParams() +} + +// overwriteCombinations replaces any missing include params in the initial +// matrix params combinations by overwriting the initial combinations with the +// include combinations +func (cs Combinations) overwriteCombinations(ics Combinations) { + for _, paramCombination := range cs { + for _, includeCombination := range ics { + if paramCombination.contains(includeCombination) { + // overwrite the parameter name and value in existing combination + // with the include combination + for name, val := range includeCombination { + paramCombination[name] = val + } + } + } + } +} + +// addNewCombinations creates a new combination for any include parameter +// values that are missing entirely from the initial combinations and +// returns all combinations +func (cs Combinations) addNewCombinations(ics Combinations) Combinations { + for _, includeCombination := range ics { + if cs.shouldAddNewCombination(includeCombination) { + cs = append(cs, includeCombination) + } + } + return cs +} + +// contains returns true if the include parameter name and value exists in combinations +func (c Combination) contains(includeCombination Combination) bool { + for name, val := range includeCombination { + if _, exist := c[name]; exist { + if c[name] != val { + return false + } + } + } + return true +} + +// shouldAddNewCombination returns true if the include parameter name exists but the value is +// missing from combinations +func (cs Combinations) shouldAddNewCombination(includeCombination map[string]string) bool { + if len(includeCombination) == 0 { + return false + } + for _, paramCombination := range cs { + for name, val := range includeCombination { + if _, exist := paramCombination[name]; exist { + if paramCombination[name] == val { + return false + } + } + } + } + return true +} + +// toParams transforms Combinations from a slice of map[string]string to a slice of Params +// such that, these combinations can be directly consumed in creating taskRun/run object +func (cs Combinations) toParams() []Params { + listOfParams := make([]Params, len(cs)) + for i := range cs { + var params Params + combination := cs[i] + order, _ := combination.sortCombination() + for _, key := range order { + params = append(params, Param{ + Name: key, + Value: ParamValue{Type: ParamTypeString, StringVal: combination[key]}, + }) + } + listOfParams[i] = params + } + return listOfParams +} + +// fanOutMatrixParams generates new combinations based on Matrix Parameters. +func (cs Combinations) fanOutMatrixParams(param Param) Combinations { + if len(cs) == 0 { + return initializeCombinations(param) + } + return cs.distribute(param) +} + +// getIncludeCombinations generates combinations based on Matrix Include Parameters +func (m *Matrix) getIncludeCombinations() Combinations { + var combinations Combinations + for i := range m.Include { + includeParams := m.Include[i].Params + newCombination := make(Combination) + for _, param := range includeParams { + newCombination[param.Name] = param.Value.StringVal + } + combinations = append(combinations, newCombination) + } + return combinations +} + +// distribute generates a new Combination of Parameters by adding a new Parameter to an existing list of Combinations. +func (cs Combinations) distribute(param Param) Combinations { + var expandedCombinations Combinations + for _, value := range param.Value.ArrayVal { + for _, combination := range cs { + newCombination := make(Combination) + maps.Copy(newCombination, combination) + newCombination[param.Name] = value + _, orderedCombination := newCombination.sortCombination() + expandedCombinations = append(expandedCombinations, orderedCombination) + } + } + return expandedCombinations +} + +// initializeCombinations generates a new Combination based on the first Parameter in the Matrix. +func initializeCombinations(param Param) Combinations { + var combinations Combinations + for _, value := range param.Value.ArrayVal { + combinations = append(combinations, Combination{param.Name: value}) + } + return combinations +} + +// sortCombination sorts the given Combination based on the Parameter names to produce a deterministic ordering +func (c Combination) sortCombination() ([]string, Combination) { + sortedCombination := make(Combination, len(c)) + order := make([]string, 0, len(c)) + for key := range c { + order = append(order, key) + } + sort.Slice(order, func(i, j int) bool { + return order[i] <= order[j] + }) + for _, key := range order { + sortedCombination[key] = c[key] + } + return order, sortedCombination +} + +// CountCombinations returns the count of Combinations of Parameters generated from the Matrix in PipelineTask. +func (m *Matrix) CountCombinations() int { + // Iterate over Matrix Parameters and compute count of all generated Combinations + count := m.countGeneratedCombinationsFromParams() + + // Add any additional Combinations generated from Matrix Include Parameters + count += m.countNewCombinationsFromInclude() + + return count +} + +// countGeneratedCombinationsFromParams returns the count of Combinations of Parameters generated from the Matrix +// Parameters +func (m *Matrix) countGeneratedCombinationsFromParams() int { + if !m.HasParams() { + return 0 + } + count := 1 + for _, param := range m.Params { + count *= len(param.Value.ArrayVal) + } + return count +} + +// countNewCombinationsFromInclude returns the count of Combinations of Parameters generated from the Matrix +// Include Parameters +func (m *Matrix) countNewCombinationsFromInclude() int { + if !m.HasInclude() { + return 0 + } + if !m.HasParams() { + return len(m.Include) + } + count := 0 + matrixParamMap := m.Params.extractParamMapArrVals() + for _, include := range m.Include { + for _, param := range include.Params { + if val, exist := matrixParamMap[param.Name]; exist { + // If the Matrix Include param values does not exist, a new Combination will be generated + if !slices.Contains(val, param.Value.StringVal) { + count++ + } else { + break + } + } + } + } + return count +} + +// HasInclude returns true if the Matrix has Include Parameters +func (m *Matrix) HasInclude() bool { + return m != nil && m.Include != nil && len(m.Include) > 0 +} + +// HasParams returns true if the Matrix has Parameters +func (m *Matrix) HasParams() bool { + return m != nil && m.Params != nil && len(m.Params) > 0 +} + +// GetAllParams returns a list of all Matrix Parameters +func (m *Matrix) GetAllParams() Params { + var params Params + if m.HasParams() { + params = append(params, m.Params...) + } + if m.HasInclude() { + for _, include := range m.Include { + params = append(params, include.Params...) + } + } + return params +} + +func (m *Matrix) validateCombinationsCount(ctx context.Context) (errs *apis.FieldError) { + matrixCombinationsCount := m.CountCombinations() + maxMatrixCombinationsCount := config.FromContextOrDefaults(ctx).Defaults.DefaultMaxMatrixCombinationsCount + if matrixCombinationsCount > maxMatrixCombinationsCount { + errs = errs.Also(apis.ErrOutOfBoundsValue(matrixCombinationsCount, 0, maxMatrixCombinationsCount, "matrix")) + } + return errs +} + +// validateParams validates the type of Parameter for Matrix.Params and Matrix.Include.Params +// Matrix.Params must be of type array. Matrix.Include.Params must be of type string. +// validateParams also validates Matrix.Params for a unique list of params +// and a unique list of params in each Matrix.Include.Params specification +func (m *Matrix) validateParams() (errs *apis.FieldError) { + if m != nil { + if m.HasInclude() { + for i, include := range m.Include { + errs = errs.Also(include.Params.validateDuplicateParameters().ViaField(fmt.Sprintf("matrix.include[%d].params", i))) + for _, param := range include.Params { + if param.Value.Type != ParamTypeString { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("parameters of type string only are allowed, but got param type %s", string(param.Value.Type)), "").ViaFieldKey("matrix.include.params", param.Name)) + } + } + } + } + if m.HasParams() { + errs = errs.Also(m.Params.validateDuplicateParameters().ViaField("matrix.params")) + for _, param := range m.Params { + if param.Value.Type != ParamTypeArray { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("parameters of type array only are allowed, but got param type %s", string(param.Value.Type)), "").ViaFieldKey("matrix.params", param.Name)) + } + } + } + } + return errs +} + +// validatePipelineParametersVariablesInMatrixParameters validates all pipeline parameter variables including Matrix.Params and Matrix.Include.Params +// that may contain the reference(s) to other params to make sure those references are used appropriately. +func (m *Matrix) validatePipelineParametersVariablesInMatrixParameters(prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { + if m.HasInclude() { + for _, include := range m.Include { + for idx, param := range include.Params { + stringElement := param.Value.StringVal + // Matrix Include Params must be of type string + errs = errs.Also(validateStringVariable(stringElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("", idx).ViaField("matrix.include.params", "")) + } + } + } + if m.HasParams() { + for _, param := range m.Params { + for idx, arrayElement := range param.Value.ArrayVal { + // Matrix Params must be of type array + errs = errs.Also(validateArrayVariable(arrayElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("value", idx).ViaFieldKey("matrix.params", param.Name)) + } + } + } + return errs +} + +func (m *Matrix) validateParameterInOneOfMatrixOrParams(params Params) (errs *apis.FieldError) { + matrixParamNames := m.GetAllParams().ExtractNames() + for _, param := range params { + if matrixParamNames.Has(param.Name) { + errs = errs.Also(apis.ErrMultipleOneOf("matrix["+param.Name+"]", "params["+param.Name+"]")) + } + } + return errs +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/merge.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/merge.go index 335a43f777..c34bb13e0a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/merge.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/merge.go @@ -58,6 +58,8 @@ func MergeStepsWithStepTemplate(template *StepTemplate, steps []Step) ([]Step, e merged.Args = []string{} } + amendConflictingContainerFields(&merged, s) + // Pass through original step Script, for later conversion. newStep := Step{Script: s.Script, OnError: s.OnError, Timeout: s.Timeout, StdoutConfig: s.StdoutConfig, StderrConfig: s.StderrConfig} newStep.SetContainerFields(merged) @@ -174,3 +176,24 @@ func mergeObjWithTemplateBytes(md *mergeData, obj, out interface{}) error { // Unmarshal the merged JSON to a pointer, and return it. return json.Unmarshal(mergedAsJSON, out) } + +// amendConflictingContainerFields amends conflicting container fields after merge, and overrides conflicting fields +// by fields in step. +func amendConflictingContainerFields(container *corev1.Container, step Step) { + if container == nil || len(step.Env) == 0 { + return + } + + envNameToStepEnv := make(map[string]corev1.EnvVar, len(step.Env)) + for _, e := range step.Env { + envNameToStepEnv[e.Name] = e + } + + for index, env := range container.Env { + if env.ValueFrom != nil && len(env.Value) > 0 { + if e, ok := envNameToStepEnv[env.Name]; ok { + container.Env[index] = e + } + } + } +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go index 10ee016640..df879cd588 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go @@ -43,6 +43,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.CustomRunSpec": schema_pkg_apis_pipeline_v1beta1_CustomRunSpec(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.EmbeddedCustomRunSpec": schema_pkg_apis_pipeline_v1beta1_EmbeddedCustomRunSpec(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.EmbeddedTask": schema_pkg_apis_pipeline_v1beta1_EmbeddedTask(ref), + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.IncludeParams": schema_pkg_apis_pipeline_v1beta1_IncludeParams(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.InternalTaskModifier": schema_pkg_apis_pipeline_v1beta1_InternalTaskModifier(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Matrix": schema_pkg_apis_pipeline_v1beta1_Matrix(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Param": schema_pkg_apis_pipeline_v1beta1_Param(ref), @@ -54,7 +55,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineRef": schema_pkg_apis_pipeline_v1beta1_PipelineRef(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceBinding": schema_pkg_apis_pipeline_v1beta1_PipelineResourceBinding(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceRef": schema_pkg_apis_pipeline_v1beta1_PipelineResourceRef(ref), - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceResult": schema_pkg_apis_pipeline_v1beta1_PipelineResourceResult(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResult": schema_pkg_apis_pipeline_v1beta1_PipelineResult(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineRun": schema_pkg_apis_pipeline_v1beta1_PipelineRun(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineRunList": schema_pkg_apis_pipeline_v1beta1_PipelineRunList(ref), @@ -76,6 +76,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineWorkspaceDeclaration": schema_pkg_apis_pipeline_v1beta1_PipelineWorkspaceDeclaration(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PropertySpec": schema_pkg_apis_pipeline_v1beta1_PropertySpec(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance": schema_pkg_apis_pipeline_v1beta1_Provenance(ref), + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource": schema_pkg_apis_pipeline_v1beta1_RefSource(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ResolverRef": schema_pkg_apis_pipeline_v1beta1_ResolverRef(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ResultRef": schema_pkg_apis_pipeline_v1beta1_ResultRef(ref), "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Sidecar": schema_pkg_apis_pipeline_v1beta1_Sidecar(ref), @@ -116,13 +117,6 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1.ResolutionRequestSpec": schema_pkg_apis_resolution_v1beta1_ResolutionRequestSpec(ref), "github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1.ResolutionRequestStatus": schema_pkg_apis_resolution_v1beta1_ResolutionRequestStatus(ref), "github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1.ResolutionRequestStatusFields": schema_pkg_apis_resolution_v1beta1_ResolutionRequestStatusFields(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResource": schema_pkg_apis_resource_v1alpha1_PipelineResource(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceList": schema_pkg_apis_resource_v1alpha1_PipelineResourceList(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceSpec": schema_pkg_apis_resource_v1alpha1_PipelineResourceSpec(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceStatus": schema_pkg_apis_resource_v1alpha1_PipelineResourceStatus(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.ResourceDeclaration": schema_pkg_apis_resource_v1alpha1_ResourceDeclaration(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.ResourceParam": schema_pkg_apis_resource_v1alpha1_ResourceParam(ref), - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.SecretParam": schema_pkg_apis_resource_v1alpha1_SecretParam(ref), } } @@ -218,6 +212,27 @@ func schema_pkg_apis_pipeline_pod_Template(ref common.ReferenceCallback) common. }, }, }, + "env": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "List of environment variables that can be provided to the containers belonging to the pod.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/api/core/v1.EnvVar"), + }, + }, + }, + }, + }, "tolerations": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ @@ -386,7 +401,7 @@ func schema_pkg_apis_pipeline_pod_Template(ref common.ReferenceCallback) common. }, }, Dependencies: []string{ - "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume"}, + "k8s.io/api/core/v1.Affinity", "k8s.io/api/core/v1.EnvVar", "k8s.io/api/core/v1.HostAlias", "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodDNSConfig", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration", "k8s.io/api/core/v1.TopologySpreadConstraint", "k8s.io/api/core/v1.Volume"}, } } @@ -527,7 +542,7 @@ func schema_pkg_apis_pipeline_v1beta1_ClusterTask(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "ClusterTask is a Task with a cluster scope. ClusterTasks are used to represent Tasks that should be publicly addressable from any namespace in the cluster. Deprecated: Please use the cluster resolver instead.", + Description: "ClusterTask is a Task with a cluster scope. ClusterTasks are used to represent Tasks that should be publicly addressable from any namespace in the cluster.\n\nDeprecated: Please use the cluster resolver instead.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -618,19 +633,19 @@ func schema_pkg_apis_pipeline_v1beta1_ConfigSource(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "ConfigSource identifies the source where a resource came from. This can include Git repositories, Task Bundles, file checksums, or other information that allows users to identify where the resource came from and what version was used.", + Description: "ConfigSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "uri": { SchemaProps: spec.SchemaProps{ - Description: "URI indicates the identity of the source of the config. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri Example: \"https://github.com/tektoncd/catalog\"", + Description: "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", Type: []string{"string"}, Format: "", }, }, "digest": { SchemaProps: spec.SchemaProps{ - Description: "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + Description: "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -646,7 +661,7 @@ func schema_pkg_apis_pipeline_v1beta1_ConfigSource(ref common.ReferenceCallback) }, "entryPoint": { SchemaProps: spec.SchemaProps{ - Description: "EntryPoint identifies the entry point into the build. This is often a path to a configuration file and/or a target label within that file. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint Example: \"task/git-clone/0.8/git-clone.yaml\"", + Description: "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", Type: []string{"string"}, Format: "", }, @@ -924,7 +939,7 @@ func schema_pkg_apis_pipeline_v1beta1_EmbeddedTask(ref common.ReferenceCallback) }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.", + Description: "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.\n\nDeprecated: Unused, preserved only for backwards compatibility", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskResources"), }, }, @@ -947,6 +962,13 @@ func schema_pkg_apis_pipeline_v1beta1_EmbeddedTask(ref common.ReferenceCallback) }, }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the task that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the task that may be used to populate a UI.", @@ -1063,11 +1085,52 @@ func schema_pkg_apis_pipeline_v1beta1_EmbeddedTask(ref common.ReferenceCallback) } } +func schema_pkg_apis_pipeline_v1beta1_IncludeParams(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IncludeParams allows passing in a specific combinations of Parameters into the Matrix.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name the specified combination", + Type: []string{"string"}, + Format: "", + }, + }, + "params": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Params takes only `Parameters` of type `\"string\"` The names of the `params` must match the names of the `params` in the underlying `Task`", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Param"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Param"}, + } +} + func schema_pkg_apis_pipeline_v1beta1_InternalTaskModifier(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "InternalTaskModifier implements TaskModifier for resources that are built-in to Tekton Pipelines.", + Description: "InternalTaskModifier implements TaskModifier for resources that are built-in to Tekton Pipelines.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "stepsToPrepend": { @@ -1159,11 +1222,30 @@ func schema_pkg_apis_pipeline_v1beta1_Matrix(ref common.ReferenceCallback) commo }, }, }, + "include": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Description: "Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.IncludeParams"), + }, + }, + }, + }, + }, }, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Param"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.IncludeParams", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Param"}, } } @@ -1262,14 +1344,14 @@ func schema_pkg_apis_pipeline_v1beta1_ParamValue(ref common.ReferenceCallback) c Description: "ResultValue is a type alias of ParamValue", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "type": { + "Type": { SchemaProps: spec.SchemaProps{ Default: "", Type: []string{"string"}, Format: "", }, }, - "stringVal": { + "StringVal": { SchemaProps: spec.SchemaProps{ Description: "Represents the stored type of ParamValues.", Default: "", @@ -1277,7 +1359,7 @@ func schema_pkg_apis_pipeline_v1beta1_ParamValue(ref common.ReferenceCallback) c Format: "", }, }, - "arrayVal": { + "ArrayVal": { VendorExtensible: spec.VendorExtensible{ Extensions: spec.Extensions{ "x-kubernetes-list-type": "atomic", @@ -1296,7 +1378,7 @@ func schema_pkg_apis_pipeline_v1beta1_ParamValue(ref common.ReferenceCallback) c }, }, }, - "objectVal": { + "ObjectVal": { SchemaProps: spec.SchemaProps{ Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ @@ -1312,7 +1394,7 @@ func schema_pkg_apis_pipeline_v1beta1_ParamValue(ref common.ReferenceCallback) c }, }, }, - Required: []string{"type", "stringVal", "arrayVal", "objectVal"}, + Required: []string{"Type", "StringVal", "ArrayVal", "ObjectVal"}, }, }, } @@ -1364,7 +1446,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineDeclaredResource(ref common.Refere return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineDeclaredResource is used by a Pipeline to declare the types of the PipelineResources that it will required to run and names which can be used to refer to these PipelineResources in PipelineTaskResourceBindings.", + Description: "PipelineDeclaredResource is used by a Pipeline to declare the types of the PipelineResources that it will required to run and names which can be used to refer to these PipelineResources in PipelineTaskResourceBindings.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -1469,7 +1551,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRef(ref common.ReferenceCallback) }, "bundle": { SchemaProps: spec.SchemaProps{ - Description: "Bundle url reference to a Tekton Bundle. Deprecated: Please use ResolverRef with the bundles resolver instead.", + Description: "Bundle url reference to a Tekton Bundle.\n\nDeprecated: Please use ResolverRef with the bundles resolver instead.", Type: []string{"string"}, Format: "", }, @@ -1484,7 +1566,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineResourceBinding(ref common.Referen return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceBinding connects a reference to an instance of a PipelineResource with a PipelineResource dependency that the Pipeline has declared", + Description: "PipelineResourceBinding connects a reference to an instance of a PipelineResource with a PipelineResource dependency that the Pipeline has declared\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -1518,7 +1600,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineResourceRef(ref common.ReferenceCa return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceRef can be used to refer to a specific instance of a Resource", + Description: "PipelineResourceRef can be used to refer to a specific instance of a Resource\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -1541,46 +1623,6 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineResourceRef(ref common.ReferenceCa } } -func schema_pkg_apis_pipeline_v1beta1_PipelineResourceResult(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceResult used to export the image name and digest as json", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "key": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "value": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "resourceName": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - Required: []string{"key", "value"}, - }, - }, - } -} - func schema_pkg_apis_pipeline_v1beta1_PipelineResult(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -1757,7 +1799,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunRunStatus(ref common.ReferenceC return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineRunRunStatus contains the name of the PipelineTask for this Run and the Run's Status", + Description: "PipelineRunRunStatus contains the name of the PipelineTask for this CustomRun or Run and the CustomRun or Run's Status", Type: []string{"object"}, Properties: map[string]spec.Schema{ "pipelineTaskName": { @@ -1769,8 +1811,8 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunRunStatus(ref common.ReferenceC }, "status": { SchemaProps: spec.SchemaProps{ - Description: "Status is the RunStatus for the corresponding Run", - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1.RunStatus"), + Description: "Status is the CustomRunStatus for the corresponding CustomRun or Run", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/run/v1beta1.CustomRunStatus"), }, }, "whenExpressions": { @@ -1796,7 +1838,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunRunStatus(ref common.ReferenceC }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.WhenExpression", "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1.RunStatus"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.WhenExpression", "github.com/tektoncd/pipeline/pkg/apis/run/v1beta1.CustomRunStatus"}, } } @@ -1824,7 +1866,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunSpec(ref common.ReferenceCallba }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources is a list of bindings specifying which actual instances of PipelineResources to use for the resources the Pipeline has declared it needs.", + Description: "Resources is a list of bindings specifying which actual instances of PipelineResources to use for the resources the Pipeline has declared it needs.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -1876,7 +1918,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunSpec(ref common.ReferenceCallba }, "timeout": { SchemaProps: spec.SchemaProps{ - Description: "Timeout Deprecated: use pipelineRunSpec.Timeouts.Pipeline instead Time after which the Pipeline times out. Defaults to never. Refer to Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + Description: "Timeout is the Time after which the Pipeline times out. Defaults to never. Refer to Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration\n\nDeprecated: use pipelineRunSpec.Timeouts.Pipeline instead", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"), }, }, @@ -1996,7 +2038,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatus(ref common.ReferenceCall }, "taskRuns": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated - use ChildReferences instead. map of PipelineRunTaskRunStatus with the taskRun name as the key", + Description: "TaskRuns is a map of PipelineRunTaskRunStatus with the taskRun name as the key.\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -2010,7 +2052,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatus(ref common.ReferenceCall }, "runs": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated - use ChildReferences instead. map of PipelineRunRunStatus with the run name as the key", + Description: "Runs is a map of PipelineRunRunStatus with the run name as the key\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -2097,6 +2139,22 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatus(ref common.ReferenceCall Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, @@ -2126,7 +2184,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatusFields(ref common.Referen }, "taskRuns": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated - use ChildReferences instead. map of PipelineRunTaskRunStatus with the taskRun name as the key", + Description: "TaskRuns is a map of PipelineRunTaskRunStatus with the taskRun name as the key.\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -2140,7 +2198,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatusFields(ref common.Referen }, "runs": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated - use ChildReferences instead. map of PipelineRunRunStatus with the run name as the key", + Description: "Runs is a map of PipelineRunRunStatus with the run name as the key\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", Type: []string{"object"}, AdditionalProperties: &spec.SchemaOrBool{ Allows: true, @@ -2227,6 +2285,22 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineRunStatusFields(ref common.Referen Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, @@ -2289,6 +2363,13 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineSpec(ref common.ReferenceCallback) Description: "PipelineSpec defines the desired state of Pipeline.", Type: []string{"object"}, Properties: map[string]spec.Schema{ + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the pipeline that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the pipeline that may be used to populate a UI.", @@ -2303,7 +2384,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineSpec(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Resources declares the names and types of the resources given to the Pipeline's tasks as inputs and outputs.", + Description: "Deprecated: Unused, preserved only for backwards compatibility", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -2432,6 +2513,20 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineTask(ref common.ReferenceCallback) Format: "", }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is the display name of this task within the context of a Pipeline. This display name may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, + "description": { + SchemaProps: spec.SchemaProps{ + Description: "Description is the description of this task within the context of a Pipeline. This description may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "taskRef": { SchemaProps: spec.SchemaProps{ Description: "TaskRef is a reference to a task definition.", @@ -2487,7 +2582,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineTask(ref common.ReferenceCallback) }, "resources": { SchemaProps: spec.SchemaProps{ - Description: "Resources declares the resources given to this task as inputs and outputs.", + Description: "Deprecated: Unused, preserved only for backwards compatibility", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineTaskResources"), }, }, @@ -2553,7 +2648,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineTaskInputResource(ref common.Refer return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineTaskInputResource maps the name of a declared PipelineResource input dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used. This input may come from a previous task.", + Description: "PipelineTaskInputResource maps the name of a declared PipelineResource input dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used. This input may come from a previous task.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2646,7 +2741,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineTaskOutputResource(ref common.Refe return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineTaskOutputResource maps the name of a declared PipelineResource output dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used.", + Description: "PipelineTaskOutputResource maps the name of a declared PipelineResource output dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2704,7 +2799,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineTaskResources(ref common.Reference return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.", + Description: "PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "inputs": { @@ -2855,7 +2950,7 @@ func schema_pkg_apis_pipeline_v1beta1_PipelineWorkspaceDeclaration(ref common.Re return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding. Deprecated: use PipelineWorkspaceDeclaration type instead", + Description: "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding.\n\nDeprecated: use PipelineWorkspaceDeclaration type instead", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -2910,20 +3005,75 @@ func schema_pkg_apis_pipeline_v1beta1_Provenance(ref common.ReferenceCallback) c return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield `ConfigSource` that identifies the source where a build config file came from. In future, it can be expanded as needed to include more metadata about the build. This field aims to be used to carry minimum amount of the authenticated metadata in *Run status so that Tekton Chains can pick it up and record in the provenance it generates.", + Description: "Provenance contains metadata about resources used in the TaskRun/PipelineRun such as the source from where a remote build definition was fetched. This field aims to carry minimum amoumt of metadata in *Run status so that Tekton Chains can capture them in the provenance.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "configSource": { SchemaProps: spec.SchemaProps{ - Description: "ConfigSource identifies the source where a resource came from.", + Description: "Deprecated: Use RefSource instead", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource"), }, }, + "refSource": { + SchemaProps: spec.SchemaProps{ + Description: "RefSource identifies the source where a remote task/pipeline came from.", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource"), + }, + }, + "featureFlags": { + SchemaProps: spec.SchemaProps{ + Description: "FeatureFlags identifies the feature flags that were used during the task/pipeline run", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/config.FeatureFlags"), + }, + }, }, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource"}, + "github.com/tektoncd/pipeline/pkg/apis/config.FeatureFlags", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource"}, + } +} + +func schema_pkg_apis_pipeline_v1beta1_RefSource(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "RefSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "uri": { + SchemaProps: spec.SchemaProps{ + Description: "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", + Type: []string{"string"}, + Format: "", + }, + }, + "digest": { + SchemaProps: spec.SchemaProps{ + Description: "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + "entryPoint": { + SchemaProps: spec.SchemaProps{ + Description: "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, } } @@ -3484,7 +3634,7 @@ func schema_pkg_apis_pipeline_v1beta1_Step(ref common.ReferenceCallback) common. }, }, SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + Description: "List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3587,38 +3737,38 @@ func schema_pkg_apis_pipeline_v1beta1_Step(ref common.ReferenceCallback) common. }, "livenessProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Periodic probe of container liveness. Step will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "Periodic probe of container liveness. Step will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Periodic probe of container service readiness. Step will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "Periodic probe of container service readiness. Step will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. DeprecatedStartupProbe indicates that the Pod this Step runs in has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "DeprecatedStartupProbe indicates that the Pod this Step runs in has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Lifecycle"), }, }, "terminationMessagePath": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release and can't be meaningfully used.", + Description: "Deprecated: This field will be removed in a future release and can't be meaningfully used.", Type: []string{"string"}, Format: "", }, }, "terminationMessagePolicy": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release and can't be meaningfully used.", + Description: "Deprecated: This field will be removed in a future release and can't be meaningfully used.", Type: []string{"string"}, Format: "", }, @@ -3638,21 +3788,21 @@ func schema_pkg_apis_pipeline_v1beta1_Step(ref common.ReferenceCallback) common. }, "stdin": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + Description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, }, "stdinOnce": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + Description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, }, "tty": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether this container should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.", + Description: "Whether this container should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, @@ -3797,7 +3947,7 @@ func schema_pkg_apis_pipeline_v1beta1_StepTemplate(ref common.ReferenceCallback) Properties: map[string]spec.Schema{ "name": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Default name for each Step specified as a DNS_LABEL. Each Step in a Task must have a unique name. Cannot be updated.", + Description: "Default name for each Step specified as a DNS_LABEL. Each Step in a Task must have a unique name. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", Default: "", Type: []string{"string"}, Format: "", @@ -3870,7 +4020,7 @@ func schema_pkg_apis_pipeline_v1beta1_StepTemplate(ref common.ReferenceCallback) }, }, SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + Description: "List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -3973,38 +4123,38 @@ func schema_pkg_apis_pipeline_v1beta1_StepTemplate(ref common.ReferenceCallback) }, "livenessProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "readinessProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "startupProbe": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. DeprecatedStartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + Description: "DeprecatedStartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Probe"), }, }, "lifecycle": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + Description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", Ref: ref("k8s.io/api/core/v1.Lifecycle"), }, }, "terminationMessagePath": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release and cannot be meaningfully used.", + Description: "Deprecated: This field will be removed in a future release and cannot be meaningfully used.", Type: []string{"string"}, Format: "", }, }, "terminationMessagePolicy": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release and cannot be meaningfully used.", + Description: "Deprecated: This field will be removed in a future release and cannot be meaningfully used.", Type: []string{"string"}, Format: "", }, @@ -4024,21 +4174,21 @@ func schema_pkg_apis_pipeline_v1beta1_StepTemplate(ref common.ReferenceCallback) }, "stdin": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether this Step should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the Step will always result in EOF. Default is false.", + Description: "Whether this Step should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the Step will always result in EOF. Default is false.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, }, "stdinOnce": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + Description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, }, "tty": { SchemaProps: spec.SchemaProps{ - Description: "Deprecated. This field will be removed in a future release. Whether this Step should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.", + Description: "Whether this Step should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.\n\nDeprecated: This field will be removed in a future release.", Type: []string{"boolean"}, Format: "", }, @@ -4159,21 +4309,21 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRef(ref common.ReferenceCallback) comm }, "kind": { SchemaProps: spec.SchemaProps{ - Description: "TaskKind indicates the kind of the task, namespaced or cluster scoped.", + Description: "TaskKind indicates the Kind of the Task: 1. Namespaced Task when Kind is set to \"Task\". If Kind is \"\", it defaults to \"Task\". 2. Cluster-Scoped Task when Kind is set to \"ClusterTask\" 3. Custom Task when Kind is non-empty and APIVersion is non-empty", Type: []string{"string"}, Format: "", }, }, "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "API version of the referent", + Description: "API version of the referent Note: A Task with non-empty APIVersion and Kind is considered a Custom Task", Type: []string{"string"}, Format: "", }, }, "bundle": { SchemaProps: spec.SchemaProps{ - Description: "Bundle url reference to a Tekton Bundle. Deprecated: Please use ResolverRef with the bundles resolver instead.", + Description: "Bundle url reference to a Tekton Bundle.\n\nDeprecated: Please use ResolverRef with the bundles resolver instead.", Type: []string{"string"}, Format: "", }, @@ -4188,7 +4338,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskResource(ref common.ReferenceCallback) return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskResource defines an input or output Resource declared as a requirement by a Task. The Name field will be used to refer to these Resources within the Task definition, and when provided as an Input, the Name will be the path to the volume mounted containing this Resource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).", + Description: "TaskResource defines an input or output Resource declared as a requirement by a Task. The Name field will be used to refer to these Resources within the Task definition, and when provided as an Input, the Name will be the path to the volume mounted containing this Resource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -4239,7 +4389,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskResourceBinding(ref common.ReferenceCa return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskResourceBinding points to the PipelineResource that will be used for the Task input or output called Name.", + Description: "TaskResourceBinding points to the PipelineResource that will be used for the Task input or output called Name.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "name": { @@ -4293,7 +4443,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskResources(ref common.ReferenceCallback return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.", + Description: "TaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "inputs": { @@ -4478,7 +4628,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunInputs(ref common.ReferenceCallback return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskRunInputs holds the input values that this task was invoked with.", + Description: "TaskRunInputs holds the input values that this task was invoked with.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "resources": { @@ -4578,7 +4728,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunOutputs(ref common.ReferenceCallbac return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskRunOutputs holds the output values that this task was invoked with.", + Description: "TaskRunOutputs holds the output values that this task was invoked with.\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "resources": { @@ -4611,7 +4761,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunResources(ref common.ReferenceCallb return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "TaskRunResources allows a TaskRun to declare inputs and outputs TaskResourceBinding", + Description: "TaskRunResources allows a TaskRun to declare inputs and outputs TaskResourceBinding\n\nDeprecated: Unused, preserved only for backwards compatibility", Type: []string{"object"}, Properties: map[string]spec.Schema{ "inputs": { @@ -4761,7 +4911,8 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunSpec(ref common.ReferenceCallback) }, "resources": { SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResources"), + Description: "Deprecated: Unused, preserved only for backwards compatibility", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResources"), }, }, "serviceAccountName": { @@ -4784,7 +4935,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunSpec(ref common.ReferenceCallback) }, "status": { SchemaProps: spec.SchemaProps{ - Description: "Used for cancelling a taskrun (and maybe more later on)", + Description: "Used for cancelling a TaskRun (and maybe more later on)", Type: []string{"string"}, Format: "", }, @@ -4796,9 +4947,16 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunSpec(ref common.ReferenceCallback) Format: "", }, }, + "retries": { + SchemaProps: spec.SchemaProps{ + Description: "Retries represents how many times this TaskRun should be retried in the event of Task failure.", + Type: []string{"integer"}, + Format: "int32", + }, + }, "timeout": { SchemaProps: spec.SchemaProps{ - Description: "Time after which the build times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + Description: "Time after which one retry attempt times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Duration"), }, }, @@ -4975,7 +5133,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatus(ref common.ReferenceCallback }, }, SchemaProps: spec.SchemaProps{ - Description: "CloudEvents describe the state of each cloud event requested via a CloudEventResource.", + Description: "CloudEvents describe the state of each cloud event requested via a CloudEventResource.\n\nDeprecated: Removed in v0.44.0.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -5013,13 +5171,13 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatus(ref common.ReferenceCallback }, }, SchemaProps: spec.SchemaProps{ - Description: "Results from Resources built during the taskRun. currently includes the digest of build container images", + Description: "Results from Resources built during the TaskRun. This is tomb-stoned along with the removal of pipelineResources Deprecated: this field is not populated and is preserved only for backwards compatibility", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceResult"), + Ref: ref("github.com/tektoncd/pipeline/pkg/result.RunResult"), }, }, }, @@ -5075,12 +5233,28 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatus(ref common.ReferenceCallback Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, Required: []string{"podName"}, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.CloudEventDelivery", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.SidecarState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.StepState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunStatus", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "knative.dev/pkg/apis.Condition"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.CloudEventDelivery", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.SidecarState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.StepState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunStatus", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskSpec", "github.com/tektoncd/pipeline/pkg/result.RunResult", "k8s.io/apimachinery/pkg/apis/meta/v1.Time", "knative.dev/pkg/apis.Condition"}, } } @@ -5137,7 +5311,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatusFields(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "CloudEvents describe the state of each cloud event requested via a CloudEventResource.", + Description: "CloudEvents describe the state of each cloud event requested via a CloudEventResource.\n\nDeprecated: Removed in v0.44.0.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -5175,13 +5349,13 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatusFields(ref common.ReferenceCa }, }, SchemaProps: spec.SchemaProps{ - Description: "Results from Resources built during the taskRun. currently includes the digest of build container images", + Description: "Results from Resources built during the TaskRun. This is tomb-stoned along with the removal of pipelineResources Deprecated: this field is not populated and is preserved only for backwards compatibility", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceResult"), + Ref: ref("github.com/tektoncd/pipeline/pkg/result.RunResult"), }, }, }, @@ -5237,12 +5411,28 @@ func schema_pkg_apis_pipeline_v1beta1_TaskRunStatusFields(ref common.ReferenceCa Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance"), }, }, + "spanContext": { + SchemaProps: spec.SchemaProps{ + Description: "SpanContext contains tracing span context fields", + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, Required: []string{"podName"}, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.CloudEventDelivery", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.PipelineResourceResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.SidecarState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.StepState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunStatus", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskSpec", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.CloudEventDelivery", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.Provenance", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.SidecarState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.StepState", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunResult", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskRunStatus", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskSpec", "github.com/tektoncd/pipeline/pkg/result.RunResult", "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } @@ -5286,7 +5476,7 @@ func schema_pkg_apis_pipeline_v1beta1_TaskSpec(ref common.ReferenceCallback) com Properties: map[string]spec.Schema{ "resources": { SchemaProps: spec.SchemaProps{ - Description: "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.", + Description: "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.\n\nDeprecated: Unused, preserved only for backwards compatibility", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.TaskResources"), }, }, @@ -5309,6 +5499,13 @@ func schema_pkg_apis_pipeline_v1beta1_TaskSpec(ref common.ReferenceCallback) com }, }, }, + "displayName": { + SchemaProps: spec.SchemaProps{ + Description: "DisplayName is a user-facing name of the task that may be used to populate a UI.", + Type: []string{"string"}, + Format: "", + }, + }, "description": { SchemaProps: spec.SchemaProps{ Description: "Description is a user-facing description of the task that may be used to populate a UI.", @@ -5889,16 +6086,22 @@ func schema_pkg_apis_resolution_v1beta1_ResolutionRequestStatus(ref common.Refer }, "source": { SchemaProps: spec.SchemaProps{ - Description: "Source is the source reference of the remote data that records the url, digest and the entrypoint.", + Description: "Deprecated: Use RefSource instead", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource"), }, }, + "refSource": { + SchemaProps: spec.SchemaProps{ + Description: "RefSource is the source reference of the remote data that records the url, digest and the entrypoint.", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource"), + }, + }, }, - Required: []string{"data", "source"}, + Required: []string{"data", "source", "refSource"}, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource", "knative.dev/pkg/apis.Condition"}, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource", "knative.dev/pkg/apis.Condition"}, } } @@ -5919,304 +6122,21 @@ func schema_pkg_apis_resolution_v1beta1_ResolutionRequestStatusFields(ref common }, "source": { SchemaProps: spec.SchemaProps{ - Description: "Source is the source reference of the remote data that records the url, digest and the entrypoint.", + Description: "Deprecated: Use RefSource instead", Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource"), }, }, - }, - Required: []string{"data", "source"}, - }, - }, - Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource"}, - } -} - -func schema_pkg_apis_resource_v1alpha1_PipelineResource(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PipelineResource describes a resource that is an input to or output from a Task.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { + "refSource": { SchemaProps: spec.SchemaProps{ - Description: "Spec holds the desired state of the PipelineResource from the client", - Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "Status is deprecated. It usually is used to communicate the observed state of the PipelineResource from the controller, but was unused as there is no controller for PipelineResource.", - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceStatus"), + Description: "RefSource is the source reference of the remote data that records the url, digest and the entrypoint.", + Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource"), }, }, }, + Required: []string{"data", "source", "refSource"}, }, }, Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceSpec", "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResourceStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_resource_v1alpha1_PipelineResourceList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceList contains a list of PipelineResources", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResource"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.PipelineResource", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_pkg_apis_resource_v1alpha1_PipelineResourceSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceSpec defines an individual resources used in the pipeline.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "description": { - SchemaProps: spec.SchemaProps{ - Description: "Description is a user-facing description of the resource that may be used to populate a UI.", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "params": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.ResourceParam"), - }, - }, - }, - }, - }, - "secrets": { - VendorExtensible: spec.VendorExtensible{ - Extensions: spec.Extensions{ - "x-kubernetes-list-type": "atomic", - }, - }, - SchemaProps: spec.SchemaProps{ - Description: "Secrets to fetch to populate some of resource fields", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Default: map[string]interface{}{}, - Ref: ref("github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.SecretParam"), - }, - }, - }, - }, - }, - }, - Required: []string{"type", "params"}, - }, - }, - Dependencies: []string{ - "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.ResourceParam", "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1.SecretParam"}, - } -} - -func schema_pkg_apis_resource_v1alpha1_PipelineResourceStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "PipelineResourceStatus does not contain anything because PipelineResources on their own do not have a status Deprecated", - Type: []string{"object"}, - }, - }, - } -} - -func schema_pkg_apis_resource_v1alpha1_ResourceDeclaration(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ResourceDeclaration defines an input or output PipelineResource declared as a requirement by another type such as a Task or Condition. The Name field will be used to refer to these PipelineResources within the type's definition, and when provided as an Input, the Name will be the path to the volume mounted containing this PipelineResource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "Name declares the name by which a resource is referenced in the definition. Resources may be referenced by name in the definition of a Task's steps.", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "type": { - SchemaProps: spec.SchemaProps{ - Description: "Type is the type of this resource;", - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "description": { - SchemaProps: spec.SchemaProps{ - Description: "Description is a user-facing description of the declared resource that may be used to populate a UI.", - Type: []string{"string"}, - Format: "", - }, - }, - "targetPath": { - SchemaProps: spec.SchemaProps{ - Description: "TargetPath is the path in workspace directory where the resource will be copied.", - Type: []string{"string"}, - Format: "", - }, - }, - "optional": { - SchemaProps: spec.SchemaProps{ - Description: "Optional declares the resource as optional. By default optional is set to false which makes a resource required. optional: true - the resource is considered optional optional: false - the resource is considered required (equivalent of not specifying it)", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"name", "type"}, - }, - }, - } -} - -func schema_pkg_apis_resource_v1alpha1_ResourceParam(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ResourceParam declares a string value to use for the parameter called Name, and is used in the specific context of PipelineResources.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "value": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"name", "value"}, - }, - }, - } -} - -func schema_pkg_apis_resource_v1alpha1_SecretParam(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "SecretParam indicates which secret can be used to populate a field of the resource", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "fieldName": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "secretKey": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - "secretName": { - SchemaProps: spec.SchemaProps{ - Default: "", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"fieldName", "secretKey", "secretName"}, - }, - }, + "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.ConfigSource", "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1.RefSource"}, } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_conversion.go index 443c94ddde..18de6bd71d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_types.go index 959d6b7ca7..a2d7e78f3d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/param_types.go @@ -22,8 +22,8 @@ import ( "fmt" "strings" - resource "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1" "github.com/tektoncd/pipeline/pkg/substitution" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" "knative.dev/pkg/apis" ) @@ -55,6 +55,9 @@ type ParamSpec struct { Default *ParamValue `json:"default,omitempty"` } +// ParamSpecs is a list of ParamSpec +type ParamSpecs []ParamSpec + // PropertySpec defines the struct for object keys type PropertySpec struct { Type ParamType `json:"type,omitempty"` @@ -100,16 +103,253 @@ func (pp *ParamSpec) setDefaultsForProperties() { } } -// ResourceParam declares a string value to use for the parameter called Name, and is used in -// the specific context of PipelineResources. -type ResourceParam = resource.ResourceParam - // Param declares an ParamValues to use for the parameter called name. type Param struct { Name string `json:"name"` Value ParamValue `json:"value"` } +// Params is a list of Param +type Params []Param + +// ExtractNames returns a set of unique names +func (ps Params) ExtractNames() sets.String { + names := sets.String{} + for _, p := range ps { + names.Insert(p.Name) + } + return names +} + +func (ps Params) extractValues() []string { + pvs := []string{} + for i := range ps { + pvs = append(pvs, ps[i].Value.StringVal) + pvs = append(pvs, ps[i].Value.ArrayVal...) + for _, v := range ps[i].Value.ObjectVal { + pvs = append(pvs, v) + } + } + return pvs +} + +// extractParamMapArrVals creates a param map with the key: param.Name and +// val: param.Value.ArrayVal +func (ps Params) extractParamMapArrVals() map[string][]string { + paramsMap := make(map[string][]string) + for _, p := range ps { + paramsMap[p.Name] = p.Value.ArrayVal + } + return paramsMap +} + +// extractParamArrayLengths extract and return the lengths of all array params +// Example of returned value: {"a-array-params": 2,"b-array-params": 2 } +func (ps Params) extractParamArrayLengths() map[string]int { + // Collect all array params + arrayParamsLengths := make(map[string]int) + + // Collect array params lengths from params + for _, p := range ps { + if p.Value.Type == ParamTypeArray { + arrayParamsLengths[p.Name] = len(p.Value.ArrayVal) + } + } + return arrayParamsLengths +} + +// validateDuplicateParameters checks if a parameter with the same name is defined more than once +func (ps Params) validateDuplicateParameters() (errs *apis.FieldError) { + taskParamNames := sets.NewString() + for i, param := range ps { + if taskParamNames.Has(param.Name) { + errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("parameter names must be unique,"+ + " the parameter \"%s\" is also defined at", param.Name), fmt.Sprintf("[%d].name", i))) + } + taskParamNames.Insert(param.Name) + } + return errs +} + +// extractParamArrayLengths extract and return the lengths of all array params +// Example of returned value: {"a-array-params": 2,"b-array-params": 2 } +func (ps ParamSpecs) extractParamArrayLengths() map[string]int { + // Collect all array params + arrayParamsLengths := make(map[string]int) + + // Collect array params lengths from defaults + for _, p := range ps { + if p.Default != nil { + if p.Default.Type == ParamTypeArray { + arrayParamsLengths[p.Name] = len(p.Default.ArrayVal) + } + } + } + return arrayParamsLengths +} + +// validateOutofBoundArrayParams validates if the array indexing params are out of bound +// example of arrayIndexingParams: ["$(params.a-array-param[1])", "$(params.b-array-param[2])"] +// example of arrayParamsLengths: {"a-array-params": 2,"b-array-params": 2 } +func validateOutofBoundArrayParams(arrayIndexingParams []string, arrayParamsLengths map[string]int) error { + outofBoundParams := sets.String{} + for _, val := range arrayIndexingParams { + indexString := substitution.ExtractIndexString(val) + idx, _ := substitution.ExtractIndex(indexString) + // this will extract the param name from reference + // e.g. $(params.a-array-param[1]) -> a-array-param + paramName, _, _ := substitution.ExtractVariablesFromString(substitution.TrimArrayIndex(val), "params") + + if paramLength, ok := arrayParamsLengths[paramName[0]]; ok { + if idx >= paramLength { + outofBoundParams.Insert(val) + } + } + } + if outofBoundParams.Len() > 0 { + return fmt.Errorf("non-existent param references:%v", outofBoundParams.List()) + } + return nil +} + +// extractArrayIndexingParamRefs takes a string of the form `foo-$(params.array-param[1])-bar` and extracts the portions of the string that reference an element in an array param. +// For example, for the string “foo-$(params.array-param[1])-bar-$(params.other-array-param[2])-$(params.string-param)`, +// it would return ["$(params.array-param[1])", "$(params.other-array-param[2])"]. +func extractArrayIndexingParamRefs(paramReference string) []string { + l := []string{} + list := substitution.ExtractParamsExpressions(paramReference) + for _, val := range list { + indexString := substitution.ExtractIndexString(val) + if indexString != "" { + l = append(l, val) + } + } + return l +} + +// extractParamRefsFromSteps get all array indexing references from steps +func extractParamRefsFromSteps(steps []Step) []string { + paramsRefs := []string{} + for _, step := range steps { + paramsRefs = append(paramsRefs, step.Script) + container := step.ToK8sContainer() + paramsRefs = append(paramsRefs, extractParamRefsFromContainer(container)...) + } + return paramsRefs +} + +// extractParamRefsFromStepTemplate get all array indexing references from StepsTemplate +func extractParamRefsFromStepTemplate(stepTemplate *StepTemplate) []string { + if stepTemplate == nil { + return nil + } + container := stepTemplate.ToK8sContainer() + return extractParamRefsFromContainer(container) +} + +// extractParamRefsFromSidecars get all array indexing references from sidecars +func extractParamRefsFromSidecars(sidecars []Sidecar) []string { + paramsRefs := []string{} + for _, s := range sidecars { + paramsRefs = append(paramsRefs, s.Script) + container := s.ToK8sContainer() + paramsRefs = append(paramsRefs, extractParamRefsFromContainer(container)...) + } + return paramsRefs +} + +// extractParamRefsFromVolumes get all array indexing references from volumes +func extractParamRefsFromVolumes(volumes []corev1.Volume) []string { + paramsRefs := []string{} + for i, v := range volumes { + paramsRefs = append(paramsRefs, v.Name) + if v.VolumeSource.ConfigMap != nil { + paramsRefs = append(paramsRefs, v.ConfigMap.Name) + for _, item := range v.ConfigMap.Items { + paramsRefs = append(paramsRefs, item.Key) + paramsRefs = append(paramsRefs, item.Path) + } + } + if v.VolumeSource.Secret != nil { + paramsRefs = append(paramsRefs, v.Secret.SecretName) + for _, item := range v.Secret.Items { + paramsRefs = append(paramsRefs, item.Key) + paramsRefs = append(paramsRefs, item.Path) + } + } + if v.PersistentVolumeClaim != nil { + paramsRefs = append(paramsRefs, v.PersistentVolumeClaim.ClaimName) + } + if v.Projected != nil { + for _, s := range volumes[i].Projected.Sources { + if s.ConfigMap != nil { + paramsRefs = append(paramsRefs, s.ConfigMap.Name) + } + if s.Secret != nil { + paramsRefs = append(paramsRefs, s.Secret.Name) + } + if s.ServiceAccountToken != nil { + paramsRefs = append(paramsRefs, s.ServiceAccountToken.Audience) + } + } + } + if v.CSI != nil { + if v.CSI.NodePublishSecretRef != nil { + paramsRefs = append(paramsRefs, v.CSI.NodePublishSecretRef.Name) + } + if v.CSI.VolumeAttributes != nil { + for _, value := range v.CSI.VolumeAttributes { + paramsRefs = append(paramsRefs, value) + } + } + } + } + return paramsRefs +} + +// extractParamRefsFromContainer get all array indexing references from container +func extractParamRefsFromContainer(c *corev1.Container) []string { + paramsRefs := []string{} + paramsRefs = append(paramsRefs, c.Name) + paramsRefs = append(paramsRefs, c.Image) + paramsRefs = append(paramsRefs, string(c.ImagePullPolicy)) + paramsRefs = append(paramsRefs, c.Args...) + + for ie, e := range c.Env { + paramsRefs = append(paramsRefs, e.Value) + if c.Env[ie].ValueFrom != nil { + if e.ValueFrom.SecretKeyRef != nil { + paramsRefs = append(paramsRefs, e.ValueFrom.SecretKeyRef.LocalObjectReference.Name) + paramsRefs = append(paramsRefs, e.ValueFrom.SecretKeyRef.Key) + } + if e.ValueFrom.ConfigMapKeyRef != nil { + paramsRefs = append(paramsRefs, e.ValueFrom.ConfigMapKeyRef.LocalObjectReference.Name) + paramsRefs = append(paramsRefs, e.ValueFrom.ConfigMapKeyRef.Key) + } + } + } + + for _, e := range c.EnvFrom { + paramsRefs = append(paramsRefs, e.Prefix) + if e.ConfigMapRef != nil { + paramsRefs = append(paramsRefs, e.ConfigMapRef.LocalObjectReference.Name) + } + if e.SecretRef != nil { + paramsRefs = append(paramsRefs, e.SecretRef.LocalObjectReference.Name) + } + } + + paramsRefs = append(paramsRefs, c.WorkingDir) + paramsRefs = append(paramsRefs, c.Command...) + + for _, v := range c.VolumeMounts { + paramsRefs = append(paramsRefs, v.Name) + paramsRefs = append(paramsRefs, v.MountPath) + paramsRefs = append(paramsRefs, v.SubPath) + } + return paramsRefs +} + // ParamType indicates the type of an input parameter; // Used to distinguish between a single string and an array of strings. type ParamType string @@ -130,14 +370,16 @@ var AllParamTypes = []ParamType{ParamTypeString, ParamTypeArray, ParamTypeObject // Used in JSON unmarshalling so that a single JSON field can accept // either an individual string or an array of strings. type ParamValue struct { - Type ParamType `json:"type"` // Represents the stored type of ParamValues. - StringVal string `json:"stringVal"` + Type ParamType // Represents the stored type of ParamValues. + StringVal string // +listType=atomic - ArrayVal []string `json:"arrayVal"` - ObjectVal map[string]string `json:"objectVal"` + ArrayVal []string + ObjectVal map[string]string } // ArrayOrString is deprecated, this is to keep backward compatibility +// +// Deprecated: Use ParamValue instead. type ArrayOrString = ParamValue // UnmarshalJSON implements the json.Unmarshaller interface. @@ -210,6 +452,8 @@ func (paramValues *ParamValue) ApplyReplacements(stringReplacements map[string]s newObjectVal[k] = substitution.ApplyReplacements(v, stringReplacements) } paramValues.ObjectVal = newObjectVal + case ParamTypeString: + fallthrough default: paramValues.applyOrCorrect(stringReplacements, arrayReplacements, objectReplacements) } @@ -285,12 +529,9 @@ func ArrayReference(a string) string { // validatePipelineParametersVariablesInTaskParameters validates param value that // may contain the reference(s) to other params to make sure those references are used appropriately. -func validatePipelineParametersVariablesInTaskParameters(params []Param, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { - taskParamNames := sets.NewString() - for i, param := range params { - if taskParamNames.Has(param.Name) { - errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("params names must be unique, the same param: %s is defined multiple times at", param.Name), fmt.Sprintf("params[%d].name", i))) - } +func validatePipelineParametersVariablesInTaskParameters(params Params, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { + errs = errs.Also(params.validateDuplicateParameters()).ViaField("params") + for _, param := range params { switch param.Value.Type { case ParamTypeArray: for idx, arrayElement := range param.Value.ArrayVal { @@ -300,47 +541,11 @@ func validatePipelineParametersVariablesInTaskParameters(params []Param, prefix for key, val := range param.Value.ObjectVal { errs = errs.Also(validateStringVariable(val, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldKey("properties", key).ViaFieldKey("params", param.Name)) } + case ParamTypeString: + fallthrough default: errs = errs.Also(validateParamStringValue(param, prefix, paramNames, arrayParamNames, objectParamNameKeys)) } - taskParamNames.Insert(param.Name) - } - return errs -} - -// validatePipelineParametersVariablesInMatrixParameters validates matrix param value -// that may contain the reference(s) to other params to make sure those references are used appropriately. -func validatePipelineParametersVariablesInMatrixParameters(matrix []Param, prefix string, paramNames sets.String, arrayParamNames sets.String, objectParamNameKeys map[string][]string) (errs *apis.FieldError) { - for _, param := range matrix { - for idx, arrayElement := range param.Value.ArrayVal { - errs = errs.Also(validateArrayVariable(arrayElement, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaFieldIndex("value", idx).ViaFieldKey("matrix", param.Name)) - } - } - return errs -} - -func validateParametersInTaskMatrix(matrix *Matrix) (errs *apis.FieldError) { - if matrix != nil { - for _, param := range matrix.Params { - if param.Value.Type != ParamTypeArray { - errs = errs.Also(apis.ErrInvalidValue("parameters of type array only are allowed in matrix", "").ViaFieldKey("matrix", param.Name)) - } - } - } - return errs -} - -func validateParameterInOneOfMatrixOrParams(matrix *Matrix, params []Param) (errs *apis.FieldError) { - matrixParameterNames := sets.NewString() - if matrix != nil { - for _, param := range matrix.Params { - matrixParameterNames.Insert(param.Name) - } - } - for _, param := range params { - if matrixParameterNames.Has(param.Name) { - errs = errs.Also(apis.ErrMultipleOneOf("matrix["+param.Name+"]", "params["+param.Name+"]")) - } } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_conversion.go index 992d738d14..0c66a3bd13 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_conversion.go @@ -21,8 +21,6 @@ import ( "fmt" v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" - "github.com/tektoncd/pipeline/pkg/apis/version" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "knative.dev/pkg/apis" ) @@ -36,9 +34,6 @@ func (p *Pipeline) ConvertTo(ctx context.Context, to apis.Convertible) error { switch sink := to.(type) { case *v1.Pipeline: sink.ObjectMeta = p.ObjectMeta - if err := serializePipelineResources(&sink.ObjectMeta, &p.Spec); err != nil { - return err - } return p.Spec.ConvertTo(ctx, &sink.Spec) default: return fmt.Errorf("unknown version, got: %T", sink) @@ -47,6 +42,7 @@ func (p *Pipeline) ConvertTo(ctx context.Context, to apis.Convertible) error { // ConvertTo implements apis.Convertible func (ps *PipelineSpec) ConvertTo(ctx context.Context, sink *v1.PipelineSpec) error { + sink.DisplayName = ps.DisplayName sink.Description = ps.Description sink.Tasks = nil for _, t := range ps.Tasks { @@ -92,9 +88,6 @@ func (p *Pipeline) ConvertFrom(ctx context.Context, from apis.Convertible) error switch source := from.(type) { case *v1.Pipeline: p.ObjectMeta = source.ObjectMeta - if err := deserializePipelineResources(&p.ObjectMeta, &p.Spec); err != nil { - return err - } return p.Spec.ConvertFrom(ctx, &source.Spec) default: return fmt.Errorf("unknown version, got: %T", p) @@ -103,6 +96,7 @@ func (p *Pipeline) ConvertFrom(ctx context.Context, from apis.Convertible) error // ConvertFrom implements apis.Convertible func (ps *PipelineSpec) ConvertFrom(ctx context.Context, source *v1.PipelineSpec) error { + ps.DisplayName = source.DisplayName ps.Description = source.Description ps.Tasks = nil for _, t := range source.Tasks { @@ -145,6 +139,8 @@ func (ps *PipelineSpec) ConvertFrom(ctx context.Context, source *v1.PipelineSpec func (pt PipelineTask) convertTo(ctx context.Context, sink *v1.PipelineTask) error { sink.Name = pt.Name + sink.DisplayName = pt.DisplayName + sink.Description = pt.Description if pt.TaskRef != nil { sink.TaskRef = &v1.TaskRef{} pt.TaskRef.convertTo(ctx, sink.TaskRef) @@ -189,6 +185,8 @@ func (pt PipelineTask) convertTo(ctx context.Context, sink *v1.PipelineTask) err func (pt *PipelineTask) convertFrom(ctx context.Context, source v1.PipelineTask) error { pt.Name = source.Name + pt.DisplayName = source.DisplayName + pt.Description = source.Description if source.TaskRef != nil { newTaskRef := TaskRef{} newTaskRef.convertFrom(ctx, *source.TaskRef) @@ -267,6 +265,14 @@ func (m *Matrix) convertTo(ctx context.Context, sink *v1.Matrix) { param.convertTo(ctx, &new) sink.Params = append(sink.Params, new) } + for i, include := range m.Include { + sink.Include = append(sink.Include, v1.IncludeParams{Name: include.Name}) + for _, param := range include.Params { + newIncludeParam := v1.Param{} + param.convertTo(ctx, &newIncludeParam) + sink.Include[i].Params = append(sink.Include[i].Params, newIncludeParam) + } + } } func (m *Matrix) convertFrom(ctx context.Context, source v1.Matrix) { @@ -275,6 +281,15 @@ func (m *Matrix) convertFrom(ctx context.Context, source v1.Matrix) { new.convertFrom(ctx, param) m.Params = append(m.Params, new) } + + for i, include := range source.Include { + m.Include = append(m.Include, IncludeParams{Name: include.Name}) + for _, p := range include.Params { + new := Param{} + new.convertFrom(ctx, p) + m.Include[i].Params = append(m.Include[i].Params, new) + } + } } func (pr PipelineResult) convertTo(ctx context.Context, sink *v1.PipelineResult) { @@ -304,22 +319,3 @@ func (ptm *PipelineTaskMetadata) convertFrom(ctx context.Context, source v1.Pipe ptm.Labels = source.Labels ptm.Annotations = source.Labels } - -func serializePipelineResources(meta *metav1.ObjectMeta, spec *PipelineSpec) error { - if spec.Resources == nil { - return nil - } - return version.SerializeToMetadata(meta, spec.Resources, resourcesAnnotationKey) -} - -func deserializePipelineResources(meta *metav1.ObjectMeta, spec *PipelineSpec) error { - resources := &[]PipelineDeclaredResource{} - err := version.DeserializeFromMetadata(meta, resources, resourcesAnnotationKey) - if err != nil { - return err - } - if len(*resources) != 0 { - spec.Resources = *resources - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_defaults.go index a7463ae53e..ec28f038e9 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_defaults.go @@ -19,6 +19,7 @@ package v1beta1 import ( "context" + "github.com/tektoncd/pipeline/pkg/apis/config" "knative.dev/pkg/apis" ) @@ -36,25 +37,27 @@ func (ps *PipelineSpec) SetDefaults(ctx context.Context) { } for _, pt := range ps.Tasks { - if pt.TaskRef != nil { - if pt.TaskRef.Kind == "" { - pt.TaskRef.Kind = NamespacedTaskKind - } - } - if pt.TaskSpec != nil { - pt.TaskSpec.SetDefaults(ctx) - } + pt.SetDefaults(ctx) } for _, ft := range ps.Finally { ctx := ctx // Ensure local scoping per Task - if ft.TaskRef != nil { - if ft.TaskRef.Kind == "" { - ft.TaskRef.Kind = NamespacedTaskKind - } + ft.SetDefaults(ctx) + } +} + +// SetDefaults sets default values for a PipelineTask +func (pt *PipelineTask) SetDefaults(ctx context.Context) { + cfg := config.FromContextOrDefaults(ctx) + if pt.TaskRef != nil { + if pt.TaskRef.Kind == "" { + pt.TaskRef.Kind = NamespacedTaskKind } - if ft.TaskSpec != nil { - ft.TaskSpec.SetDefaults(ctx) + if pt.TaskRef.Name == "" && pt.TaskRef.Resolver == "" { + pt.TaskRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) } } + if pt.TaskSpec != nil { + pt.TaskSpec.SetDefaults(ctx) + } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_interface.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_interface.go index fb21e16daf..58768ceea4 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_interface.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_interface.go @@ -21,7 +21,7 @@ import ( "knative.dev/pkg/apis" ) -// PipelineObject is implemented by Pipeline and ClusterPipeline +// PipelineObject is implemented by Pipeline type PipelineObject interface { apis.Defaultable PipelineMetadata() metav1.ObjectMeta diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_types.go index dc2bdf6de3..efb6607dfc 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_types.go @@ -17,22 +17,12 @@ limitations under the License. package v1beta1 import ( - "context" - "fmt" - "strings" - - "github.com/google/go-containerregistry/pkg/name" - "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" - "github.com/tektoncd/pipeline/pkg/apis/version" - "github.com/tektoncd/pipeline/pkg/reconciler/pipeline/dag" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/validation" - "knative.dev/pkg/apis" "knative.dev/pkg/kmeta" ) @@ -87,12 +77,15 @@ func (*Pipeline) GetGroupVersionKind() schema.GroupVersionKind { // PipelineSpec defines the desired state of Pipeline. type PipelineSpec struct { + // DisplayName is a user-facing name of the pipeline that may be + // used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` // Description is a user-facing description of the pipeline that may be // used to populate a UI. // +optional Description string `json:"description,omitempty"` - // Resources declares the names and types of the resources given to the - // Pipeline's tasks as inputs and outputs. + // Deprecated: Unused, preserved only for backwards compatibility // +listType=atomic Resources []PipelineDeclaredResource `json:"resources,omitempty"` // Tasks declares the graph of Tasks that execute when this Pipeline is run. @@ -101,7 +94,7 @@ type PipelineSpec struct { // Params declares a list of input parameters that must be supplied when // this Pipeline is run. // +listType=atomic - Params []ParamSpec `json:"params,omitempty"` + Params ParamSpecs `json:"params,omitempty"` // Workspaces declares a set of named workspaces that are expected to be // provided by a PipelineRun. // +optional @@ -162,16 +155,6 @@ type EmbeddedTask struct { TaskSpec `json:",inline,omitempty"` } -// Matrix is used to fan out Tasks in a Pipeline -type Matrix struct { - // Params is a list of parameters used to fan out the pipelineTask - // Params takes only `Parameters` of type `"array"` - // Each array element is supplied to the `PipelineTask` by substituting `params` of type `"string"` in the underlying `Task`. - // The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting. - // +listType=atomic - Params []Param `json:"params,omitempty"` -} - // PipelineTask defines a task in a Pipeline, passing inputs from both // Params and from the output of previous tasks. type PipelineTask struct { @@ -180,6 +163,16 @@ type PipelineTask struct { // the execution order of tasks relative to one another. Name string `json:"name,omitempty"` + // DisplayName is the display name of this task within the context of a Pipeline. + // This display name may be used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` + + // Description is the description of this task within the context of a Pipeline. + // This description may be used to populate a UI. + // +optional + Description string `json:"description,omitempty"` + // TaskRef is a reference to a task definition. // +optional TaskRef *TaskRef `json:"taskRef,omitempty"` @@ -202,15 +195,14 @@ type PipelineTask struct { // +listType=atomic RunAfter []string `json:"runAfter,omitempty"` - // Resources declares the resources given to this task as inputs and - // outputs. + // Deprecated: Unused, preserved only for backwards compatibility // +optional Resources *PipelineTaskResources `json:"resources,omitempty"` // Parameters declares parameters passed to this task. // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // Matrix declares parameters used to fan out this task. // +optional @@ -229,207 +221,16 @@ type PipelineTask struct { Timeout *metav1.Duration `json:"timeout,omitempty"` } -// validateRefOrSpec validates at least one of taskRef or taskSpec is specified -func (pt PipelineTask) validateRefOrSpec() (errs *apis.FieldError) { - // can't have both taskRef and taskSpec at the same time - if pt.TaskRef != nil && pt.TaskSpec != nil { - errs = errs.Also(apis.ErrMultipleOneOf("taskRef", "taskSpec")) - } - // Check that one of TaskRef and TaskSpec is present - if pt.TaskRef == nil && pt.TaskSpec == nil { - errs = errs.Also(apis.ErrMissingOneOf("taskRef", "taskSpec")) - } - return errs -} - -// validateCustomTask validates custom task specifications - checking kind and fail if not yet supported features specified -func (pt PipelineTask) validateCustomTask() (errs *apis.FieldError) { - if pt.TaskRef != nil && pt.TaskRef.Kind == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify kind", "taskRef.kind")) - } - if pt.TaskSpec != nil && pt.TaskSpec.Kind == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify kind", "taskSpec.kind")) - } - if pt.TaskRef != nil && pt.TaskRef.APIVersion == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify apiVersion", "taskRef.apiVersion")) - } - if pt.TaskSpec != nil && pt.TaskSpec.APIVersion == "" { - errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify apiVersion", "taskSpec.apiVersion")) - } - - // TODO(#3133): Support these features if possible. - if pt.Resources != nil { - errs = errs.Also(apis.ErrInvalidValue("custom tasks do not support PipelineResources", "resources")) - } - return errs -} - -// validateBundle validates bundle specifications - checking name and bundle -func (pt PipelineTask) validateBundle() (errs *apis.FieldError) { - // bundle requires a TaskRef to be specified - if (pt.TaskRef != nil && pt.TaskRef.Bundle != "") && pt.TaskRef.Name == "" { - errs = errs.Also(apis.ErrMissingField("taskRef.name")) - } - // If a bundle url is specified, ensure it is parsable - if pt.TaskRef != nil && pt.TaskRef.Bundle != "" { - if _, err := name.ParseReference(pt.TaskRef.Bundle); err != nil { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("invalid bundle reference (%s)", err.Error()), "taskRef.bundle")) - } - } - return errs -} - -// validateTask validates a pipeline task or a final task for taskRef and taskSpec -func (pt PipelineTask) validateTask(ctx context.Context) (errs *apis.FieldError) { - cfg := config.FromContextOrDefaults(ctx) - // Validate TaskSpec if it's present - if pt.TaskSpec != nil { - errs = errs.Also(pt.TaskSpec.Validate(ctx).ViaField("taskSpec")) - } - if pt.TaskRef != nil { - if pt.TaskRef.Name != "" { - // TaskRef name must be a valid k8s name - if errSlice := validation.IsQualifiedName(pt.TaskRef.Name); len(errSlice) != 0 { - errs = errs.Also(apis.ErrInvalidValue(strings.Join(errSlice, ","), "name")) - } - } else if pt.TaskRef.Resolver == "" { - errs = errs.Also(apis.ErrInvalidValue("taskRef must specify name", "taskRef.name")) - } - // fail if bundle is present when EnableTektonOCIBundles feature flag is off (as it won't be allowed nor used) - if !cfg.FeatureFlags.EnableTektonOCIBundles && pt.TaskRef.Bundle != "" { - errs = errs.Also(apis.ErrDisallowedFields("taskref.bundle")) - } - } - return errs +// IsCustomTask checks whether an embedded TaskSpec is a Custom Task +func (et *EmbeddedTask) IsCustomTask() bool { + // Note that if `apiVersion` is set to `"tekton.dev/v1beta1"` and `kind` is set to `"Task"`, + // the reference will be considered a Custom Task - https://github.com/tektoncd/pipeline/issues/6457 + return et != nil && et.APIVersion != "" && et.Kind != "" } // IsMatrixed return whether pipeline task is matrixed func (pt *PipelineTask) IsMatrixed() bool { - return pt.Matrix != nil && len(pt.Matrix.Params) > 0 -} - -func (pt *PipelineTask) validateMatrix(ctx context.Context) (errs *apis.FieldError) { - if pt.IsMatrixed() { - // This is an alpha feature and will fail validation if it's used in a pipeline spec - // when the enable-api-fields feature gate is anything but "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "matrix", config.AlphaAPIFields)) - // Matrix requires "embedded-status" feature gate to be set to "minimal", and will fail - // validation if it is anything but "minimal". - errs = errs.Also(ValidateEmbeddedStatus(ctx, "matrix", config.MinimalEmbeddedStatus)) - errs = errs.Also(pt.validateMatrixCombinationsCount(ctx)) - } - errs = errs.Also(validateParameterInOneOfMatrixOrParams(pt.Matrix, pt.Params)) - errs = errs.Also(validateParametersInTaskMatrix(pt.Matrix)) - return errs -} - -func (pt *PipelineTask) validateMatrixCombinationsCount(ctx context.Context) (errs *apis.FieldError) { - matrixCombinationsCount := pt.GetMatrixCombinationsCount() - maxMatrixCombinationsCount := config.FromContextOrDefaults(ctx).Defaults.DefaultMaxMatrixCombinationsCount - if matrixCombinationsCount > maxMatrixCombinationsCount { - errs = errs.Also(apis.ErrOutOfBoundsValue(matrixCombinationsCount, 0, maxMatrixCombinationsCount, "matrix")) - } - return errs -} - -func (pt PipelineTask) validateEmbeddedOrType() (errs *apis.FieldError) { - // Reject cases where APIVersion and/or Kind are specified alongside an embedded Task. - // We determine if this is an embedded Task by checking of TaskSpec.TaskSpec.Steps has items. - if pt.TaskSpec != nil && len(pt.TaskSpec.TaskSpec.Steps) > 0 { - if pt.TaskSpec.APIVersion != "" { - errs = errs.Also(&apis.FieldError{ - Message: "taskSpec.apiVersion cannot be specified when using taskSpec.steps", - Paths: []string{"taskSpec.apiVersion"}, - }) - } - if pt.TaskSpec.Kind != "" { - errs = errs.Also(&apis.FieldError{ - Message: "taskSpec.kind cannot be specified when using taskSpec.steps", - Paths: []string{"taskSpec.kind"}, - }) - } - } - return -} - -// GetMatrixCombinationsCount returns the count of combinations of Parameters generated from the Matrix in PipelineTask. -func (pt *PipelineTask) GetMatrixCombinationsCount() int { - if !pt.IsMatrixed() { - return 0 - } - count := 1 - for _, param := range pt.Matrix.Params { - count *= len(param.Value.ArrayVal) - } - return count -} - -func (pt *PipelineTask) validateResultsFromMatrixedPipelineTasksNotConsumed(matrixedPipelineTasks sets.String) (errs *apis.FieldError) { - for _, ref := range PipelineTaskResultRefs(pt) { - if matrixedPipelineTasks.Has(ref.PipelineTask) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("consuming results from matrixed task %s is not allowed", ref.PipelineTask), "")) - } - } - return errs -} - -func (pt *PipelineTask) validateExecutionStatusVariablesDisallowed() (errs *apis.FieldError) { - for _, param := range pt.Params { - if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { - errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, "value"). - ViaFieldKey("params", param.Name)) - } - } - for i, we := range pt.WhenExpressions { - if expressions, ok := we.GetVarSubstitutionExpressions(); ok { - errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, ""). - ViaFieldIndex("when", i)) - } - } - return errs -} - -func (pt *PipelineTask) validateExecutionStatusVariablesAllowed(ptNames sets.String) (errs *apis.FieldError) { - for _, param := range pt.Params { - if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { - errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, "value"). - ViaFieldKey("params", param.Name)) - } - } - for i, we := range pt.WhenExpressions { - if expressions, ok := we.GetVarSubstitutionExpressions(); ok { - errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, ""). - ViaFieldIndex("when", i)) - } - } - return errs -} - -func (pt *PipelineTask) validateWorkspaces(workspaceNames sets.String) (errs *apis.FieldError) { - workspaceBindingNames := sets.NewString() - for i, ws := range pt.Workspaces { - if workspaceBindingNames.Has(ws.Name) { - errs = errs.Also(apis.ErrGeneric( - fmt.Sprintf("workspace name %q must be unique", ws.Name), "").ViaFieldIndex("workspaces", i)) - } - - if ws.Workspace == "" { - if !workspaceNames.Has(ws.Name) { - errs = errs.Also(apis.ErrInvalidValue( - fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Name), - "", - ).ViaFieldIndex("workspaces", i)) - } - } else if !workspaceNames.Has(ws.Workspace) { - errs = errs.Also(apis.ErrInvalidValue( - fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Workspace), - "", - ).ViaFieldIndex("workspaces", i)) - } - - workspaceBindingNames.Insert(ws.Name) - } - return errs + return pt.Matrix.HasParams() || pt.Matrix.HasInclude() } // TaskSpecMetadata returns the metadata of the PipelineTask's EmbeddedTask spec. @@ -442,57 +243,11 @@ func (pt PipelineTask) HashKey() string { return pt.Name } -// ValidateName checks whether the PipelineTask's name is a valid DNS label -func (pt PipelineTask) ValidateName() *apis.FieldError { - if err := validation.IsDNS1123Label(pt.Name); len(err) > 0 { - return &apis.FieldError{ - Message: fmt.Sprintf("invalid value %q", pt.Name), - Paths: []string{"name"}, - Details: "Pipeline Task name must be a valid DNS Label." + - "For more info refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", - } - } - return nil -} - -// Validate classifies whether a task is a custom task, bundle, or a regular task(dag/final) -// calls the validation routine based on the type of the task -func (pt PipelineTask) Validate(ctx context.Context) (errs *apis.FieldError) { - errs = errs.Also(pt.validateRefOrSpec()) - - errs = errs.Also(pt.validateEmbeddedOrType()) - - cfg := config.FromContextOrDefaults(ctx) - // If EnableCustomTasks feature flag is on, validate custom task specifications - // pipeline task having taskRef with APIVersion is classified as custom task - switch { - case cfg.FeatureFlags.EnableCustomTasks && pt.TaskRef != nil && pt.TaskRef.APIVersion != "": - errs = errs.Also(pt.validateCustomTask()) - case cfg.FeatureFlags.EnableCustomTasks && pt.TaskSpec != nil && pt.TaskSpec.APIVersion != "": - errs = errs.Also(pt.validateCustomTask()) - // If EnableTektonOCIBundles feature flag is on, validate bundle specifications - case cfg.FeatureFlags.EnableTektonOCIBundles && pt.TaskRef != nil && pt.TaskRef.Bundle != "": - errs = errs.Also(pt.validateBundle()) - default: - errs = errs.Also(pt.validateTask(ctx)) - } - return -} - // Deps returns all other PipelineTask dependencies of this PipelineTask, based on resource usage or ordering func (pt PipelineTask) Deps() []string { // hold the list of dependencies in a set to avoid duplicates deps := sets.NewString() - // add any new dependents from a resource/workspace - if pt.Resources != nil { - for _, rd := range pt.Resources.Inputs { - for _, f := range rd.From { - deps.Insert(f) - } - } - } - // add any new dependents from result references - resource dependency for _, ref := range PipelineTaskResultRefs(&pt) { deps.Insert(ref.PipelineTask) @@ -541,83 +296,12 @@ func (l PipelineTaskList) Names() sets.String { return names } -// Validate a list of pipeline tasks including custom task and bundles -func (l PipelineTaskList) Validate(ctx context.Context, taskNames sets.String, path string) (errs *apis.FieldError) { - for i, t := range l { - // validate pipeline task name - errs = errs.Also(t.ValidateName().ViaFieldIndex(path, i)) - // names cannot be duplicated - checking that pipelineTask names are unique - if _, ok := taskNames[t.Name]; ok { - errs = errs.Also(apis.ErrMultipleOneOf("name").ViaFieldIndex(path, i)) - } - taskNames.Insert(t.Name) - // validate custom task, bundle, dag, or final task - errs = errs.Also(t.Validate(ctx).ViaFieldIndex(path, i)) - } - return errs -} - // PipelineTaskParam is used to provide arbitrary string parameters to a Task. type PipelineTaskParam struct { Name string `json:"name"` Value string `json:"value"` } -// PipelineDeclaredResource is used by a Pipeline to declare the types of the -// PipelineResources that it will required to run and names which can be used to -// refer to these PipelineResources in PipelineTaskResourceBindings. -type PipelineDeclaredResource struct { - // Name is the name that will be used by the Pipeline to refer to this resource. - // It does not directly correspond to the name of any PipelineResources Task - // inputs or outputs, and it does not correspond to the actual names of the - // PipelineResources that will be bound in the PipelineRun. - Name string `json:"name"` - // Type is the type of the PipelineResource. - Type PipelineResourceType `json:"type"` - // Optional declares the resource as optional. - // optional: true - the resource is considered optional - // optional: false - the resource is considered required (default/equivalent of not specifying it) - Optional bool `json:"optional,omitempty"` -} - -// PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources -// should be provided to a Task as its inputs and outputs. -type PipelineTaskResources struct { - // Inputs holds the mapping from the PipelineResources declared in - // DeclaredPipelineResources to the input PipelineResources required by the Task. - // +listType=atomic - Inputs []PipelineTaskInputResource `json:"inputs,omitempty"` - // Outputs holds the mapping from the PipelineResources declared in - // DeclaredPipelineResources to the input PipelineResources required by the Task. - // +listType=atomic - Outputs []PipelineTaskOutputResource `json:"outputs,omitempty"` -} - -// PipelineTaskInputResource maps the name of a declared PipelineResource input -// dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources -// that should be used. This input may come from a previous task. -type PipelineTaskInputResource struct { - // Name is the name of the PipelineResource as declared by the Task. - Name string `json:"name"` - // Resource is the name of the DeclaredPipelineResource to use. - Resource string `json:"resource"` - // From is the list of PipelineTask names that the resource has to come from. - // (Implies an ordering in the execution graph.) - // +optional - // +listType=atomic - From []string `json:"from,omitempty"` -} - -// PipelineTaskOutputResource maps the name of a declared PipelineResource output -// dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources -// that should be used. -type PipelineTaskOutputResource struct { - // Name is the name of the PipelineResource as declared by the Task. - Name string `json:"name"` - // Resource is the name of the DeclaredPipelineResource to use. - Resource string `json:"resource"` -} - // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // PipelineList contains a list of Pipeline @@ -627,47 +311,3 @@ type PipelineList struct { metav1.ListMeta `json:"metadata,omitempty"` Items []Pipeline `json:"items"` } - -func validateContainsExecutionStatusVariablesDisallowed(expressions []string, path string) (errs *apis.FieldError) { - if containsExecutionStatusReferences(expressions) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline tasks can not refer to execution status"+ - " of any other pipeline task or aggregate status of tasks"), path)) - } - return errs -} - -func containsExecutionStatusReferences(expressions []string) bool { - // validate tasks.pipelineTask.status/tasks.status if this expression is not a result reference - if !LooksLikeContainsResultRefs(expressions) { - for _, e := range expressions { - // check if it contains context variable accessing execution status - $(tasks.taskname.status) - // or an aggregate status - $(tasks.status) - if containsExecutionStatusRef(e) { - return true - } - } - } - return false -} - -func validateExecutionStatusVariablesExpressions(expressions []string, ptNames sets.String, fieldPath string) (errs *apis.FieldError) { - // validate tasks.pipelineTask.status if this expression is not a result reference - if !LooksLikeContainsResultRefs(expressions) { - for _, expression := range expressions { - // its a reference to aggregate status of dag tasks - $(tasks.status) - if expression == PipelineTasksAggregateStatus { - continue - } - // check if it contains context variable accessing execution status - $(tasks.taskname.status) - if containsExecutionStatusRef(expression) { - // strip tasks. and .status from tasks.taskname.status to further verify task name - pt := strings.TrimSuffix(strings.TrimPrefix(expression, "tasks."), ".status") - // report an error if the task name does not exist in the list of dag tasks - if !ptNames.Has(pt) { - errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline task %s is not defined in the pipeline", pt), fieldPath)) - } - } - } - } - return errs -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_validation.go index c3d9cd1cd7..c170e85a3b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipeline_validation.go @@ -21,14 +21,16 @@ import ( "fmt" "strings" + "github.com/google/go-containerregistry/pkg/name" "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/validate" - "github.com/tektoncd/pipeline/pkg/list" + "github.com/tektoncd/pipeline/pkg/apis/version" "github.com/tektoncd/pipeline/pkg/reconciler/pipeline/dag" "github.com/tektoncd/pipeline/pkg/substitution" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/validation" "knative.dev/pkg/apis" "knative.dev/pkg/webhook/resourcesemantics" ) @@ -57,11 +59,9 @@ func (ps *PipelineSpec) Validate(ctx context.Context) (errs *apis.FieldError) { } // PipelineTask must have a valid unique label and at least one of taskRef or taskSpec should be specified errs = errs.Also(ValidatePipelineTasks(ctx, ps.Tasks, ps.Finally)) - // All declared resources should be used, and the Pipeline shouldn't try to use any resources - // that aren't declared - errs = errs.Also(validateDeclaredResources(ps.Resources, ps.Tasks, ps.Finally)) - // The from values should make sense - errs = errs.Also(validateFrom(ps.Tasks)) + if len(ps.Resources) > 0 { + errs = errs.Also(apis.ErrDisallowedFields("resources")) + } // Validate the pipeline task graph errs = errs.Also(validateGraph(ps.Tasks)) // The parameter variables should be valid @@ -95,6 +95,199 @@ func ValidatePipelineTasks(ctx context.Context, tasks []PipelineTask, finalTasks return errs } +// Validate a list of pipeline tasks including custom task and bundles +func (l PipelineTaskList) Validate(ctx context.Context, taskNames sets.String, path string) (errs *apis.FieldError) { + for i, t := range l { + // validate pipeline task name + errs = errs.Also(t.ValidateName().ViaFieldIndex(path, i)) + // names cannot be duplicated - checking that pipelineTask names are unique + if _, ok := taskNames[t.Name]; ok { + errs = errs.Also(apis.ErrMultipleOneOf("name").ViaFieldIndex(path, i)) + } + taskNames.Insert(t.Name) + // validate custom task, bundle, dag, or final task + errs = errs.Also(t.Validate(ctx).ViaFieldIndex(path, i)) + } + return errs +} + +// ValidateName checks whether the PipelineTask's name is a valid DNS label +func (pt PipelineTask) ValidateName() *apis.FieldError { + if err := validation.IsDNS1123Label(pt.Name); len(err) > 0 { + return &apis.FieldError{ + Message: fmt.Sprintf("invalid value %q", pt.Name), + Paths: []string{"name"}, + Details: "Pipeline Task name must be a valid DNS Label." + + "For more info refer to https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", + } + } + return nil +} + +// Validate classifies whether a task is a custom task, bundle, or a regular task(dag/final) +// calls the validation routine based on the type of the task +func (pt PipelineTask) Validate(ctx context.Context) (errs *apis.FieldError) { + errs = errs.Also(pt.validateRefOrSpec()) + + errs = errs.Also(pt.validateEmbeddedOrType()) + + if pt.Resources != nil { + errs = errs.Also(apis.ErrDisallowedFields("resources")) + } + + cfg := config.FromContextOrDefaults(ctx) + // Pipeline task having taskRef/taskSpec with APIVersion is classified as custom task + switch { + case pt.TaskRef != nil && pt.TaskRef.APIVersion != "": + errs = errs.Also(pt.validateCustomTask()) + case pt.TaskSpec != nil && pt.TaskSpec.APIVersion != "": + errs = errs.Also(pt.validateCustomTask()) + // If EnableTektonOCIBundles feature flag is on, validate bundle specifications + case cfg.FeatureFlags.EnableTektonOCIBundles && pt.TaskRef != nil && pt.TaskRef.Bundle != "": + errs = errs.Also(pt.validateBundle()) + default: + errs = errs.Also(pt.validateTask(ctx)) + } + return +} + +func (pt *PipelineTask) validateMatrix(ctx context.Context) (errs *apis.FieldError) { + if pt.IsMatrixed() { + // This is an alpha feature and will fail validation if it's used in a pipeline spec + // when the enable-api-fields feature gate is anything but "alpha". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "matrix", config.AlphaAPIFields)) + errs = errs.Also(pt.Matrix.validateCombinationsCount(ctx)) + } + errs = errs.Also(pt.Matrix.validateParameterInOneOfMatrixOrParams(pt.Params)) + errs = errs.Also(pt.Matrix.validateParams()) + return errs +} + +func (pt PipelineTask) validateEmbeddedOrType() (errs *apis.FieldError) { + // Reject cases where APIVersion and/or Kind are specified alongside an embedded Task. + // We determine if this is an embedded Task by checking of TaskSpec.TaskSpec.Steps has items. + if pt.TaskSpec != nil && len(pt.TaskSpec.TaskSpec.Steps) > 0 { + if pt.TaskSpec.APIVersion != "" { + errs = errs.Also(&apis.FieldError{ + Message: "taskSpec.apiVersion cannot be specified when using taskSpec.steps", + Paths: []string{"taskSpec.apiVersion"}, + }) + } + if pt.TaskSpec.Kind != "" { + errs = errs.Also(&apis.FieldError{ + Message: "taskSpec.kind cannot be specified when using taskSpec.steps", + Paths: []string{"taskSpec.kind"}, + }) + } + } + return +} + +func (pt *PipelineTask) validateResultsFromMatrixedPipelineTasksNotConsumed(matrixedPipelineTasks sets.String) (errs *apis.FieldError) { + for _, ref := range PipelineTaskResultRefs(pt) { + if matrixedPipelineTasks.Has(ref.PipelineTask) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("consuming results from matrixed task %s is not allowed", ref.PipelineTask), "")) + } + } + return errs +} + +func (pt *PipelineTask) validateWorkspaces(workspaceNames sets.String) (errs *apis.FieldError) { + workspaceBindingNames := sets.NewString() + for i, ws := range pt.Workspaces { + if workspaceBindingNames.Has(ws.Name) { + errs = errs.Also(apis.ErrGeneric( + fmt.Sprintf("workspace name %q must be unique", ws.Name), "").ViaFieldIndex("workspaces", i)) + } + + if ws.Workspace == "" { + if !workspaceNames.Has(ws.Name) { + errs = errs.Also(apis.ErrInvalidValue( + fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Name), + "", + ).ViaFieldIndex("workspaces", i)) + } + } else if !workspaceNames.Has(ws.Workspace) { + errs = errs.Also(apis.ErrInvalidValue( + fmt.Sprintf("pipeline task %q expects workspace with name %q but none exists in pipeline spec", pt.Name, ws.Workspace), + "", + ).ViaFieldIndex("workspaces", i)) + } + + workspaceBindingNames.Insert(ws.Name) + } + return errs +} + +// validateRefOrSpec validates at least one of taskRef or taskSpec is specified +func (pt PipelineTask) validateRefOrSpec() (errs *apis.FieldError) { + // can't have both taskRef and taskSpec at the same time + if pt.TaskRef != nil && pt.TaskSpec != nil { + errs = errs.Also(apis.ErrMultipleOneOf("taskRef", "taskSpec")) + } + // Check that one of TaskRef and TaskSpec is present + if pt.TaskRef == nil && pt.TaskSpec == nil { + errs = errs.Also(apis.ErrMissingOneOf("taskRef", "taskSpec")) + } + return errs +} + +// validateCustomTask validates custom task specifications - checking kind and fail if not yet supported features specified +func (pt PipelineTask) validateCustomTask() (errs *apis.FieldError) { + if pt.TaskRef != nil && pt.TaskRef.Kind == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify kind", "taskRef.kind")) + } + if pt.TaskSpec != nil && pt.TaskSpec.Kind == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify kind", "taskSpec.kind")) + } + if pt.TaskRef != nil && pt.TaskRef.APIVersion == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task ref must specify apiVersion", "taskRef.apiVersion")) + } + if pt.TaskSpec != nil && pt.TaskSpec.APIVersion == "" { + errs = errs.Also(apis.ErrInvalidValue("custom task spec must specify apiVersion", "taskSpec.apiVersion")) + } + return errs +} + +// validateBundle validates bundle specifications - checking name and bundle +func (pt PipelineTask) validateBundle() (errs *apis.FieldError) { + // bundle requires a TaskRef to be specified + if (pt.TaskRef != nil && pt.TaskRef.Bundle != "") && pt.TaskRef.Name == "" { + errs = errs.Also(apis.ErrMissingField("taskRef.name")) + } + // If a bundle url is specified, ensure it is parsable + if pt.TaskRef != nil && pt.TaskRef.Bundle != "" { + if _, err := name.ParseReference(pt.TaskRef.Bundle); err != nil { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("invalid bundle reference (%s)", err.Error()), "taskRef.bundle")) + } + } + return errs +} + +// validateTask validates a pipeline task or a final task for taskRef and taskSpec +func (pt PipelineTask) validateTask(ctx context.Context) (errs *apis.FieldError) { + cfg := config.FromContextOrDefaults(ctx) + // Validate TaskSpec if it's present + if pt.TaskSpec != nil { + errs = errs.Also(pt.TaskSpec.Validate(ctx).ViaField("taskSpec")) + } + if pt.TaskRef != nil { + if pt.TaskRef.Name != "" { + // TaskRef name must be a valid k8s name + if errSlice := validation.IsQualifiedName(pt.TaskRef.Name); len(errSlice) != 0 { + errs = errs.Also(apis.ErrInvalidValue(strings.Join(errSlice, ","), "taskRef.name")) + } + } else if pt.TaskRef.Resolver == "" { + errs = errs.Also(apis.ErrInvalidValue("taskRef must specify name", "taskRef.name")) + } + // fail if bundle is present when EnableTektonOCIBundles feature flag is off (as it won't be allowed nor used) + if !cfg.FeatureFlags.EnableTektonOCIBundles && pt.TaskRef.Bundle != "" { + errs = errs.Also(apis.ErrDisallowedFields("taskRef.bundle")) + } + } + return errs +} + // validatePipelineWorkspacesDeclarations validates the specified workspaces, ensuring having unique name without any // empty string, func validatePipelineWorkspacesDeclarations(wss []PipelineWorkspaceDeclaration) (errs *apis.FieldError) { @@ -117,7 +310,7 @@ func validatePipelineWorkspacesDeclarations(wss []PipelineWorkspaceDeclaration) // validatePipelineWorkspacesUsage validates that all the referenced workspaces (by pipeline tasks) are specified in // the pipeline func validatePipelineWorkspacesUsage(ctx context.Context, wss []PipelineWorkspaceDeclaration, pts []PipelineTask) (errs *apis.FieldError) { - if config.ValidateParameterVariablesAndWorkspaces(ctx) == false { + if !config.ValidateParameterVariablesAndWorkspaces(ctx) { return nil } workspaceNames := sets.NewString() @@ -158,7 +351,7 @@ func ValidatePipelineParameterVariables(ctx context.Context, tasks []PipelineTas } } } - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { errs = errs.Also(validatePipelineParametersVariables(tasks, "params", parameterNames, arrayParameterNames, objectParameterNameKeys)) } return errs @@ -168,7 +361,7 @@ func validatePipelineParametersVariables(tasks []PipelineTask, prefix string, pa for idx, task := range tasks { errs = errs.Also(validatePipelineParametersVariablesInTaskParameters(task.Params, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) if task.IsMatrixed() { - errs = errs.Also(validatePipelineParametersVariablesInMatrixParameters(task.Matrix.Params, prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) + errs = errs.Also(task.Matrix.validatePipelineParametersVariablesInMatrixParameters(prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) } errs = errs.Also(task.WhenExpressions.validatePipelineParametersVariables(prefix, paramNames, arrayParamNames, objectParamNameKeys).ViaIndex(idx)) } @@ -189,14 +382,7 @@ func validatePipelineContextVariables(tasks []PipelineTask) *apis.FieldError { ) var paramValues []string for _, task := range tasks { - var matrixParams []Param - if task.IsMatrixed() { - matrixParams = task.Matrix.Params - } - for _, param := range append(task.Params, matrixParams...) { - paramValues = append(paramValues, param.Value.StringVal) - paramValues = append(paramValues, param.Value.ArrayVal...) - } + paramValues = task.extractAllParams().extractValues() } errs := validatePipelineContextVariablesInParamValues(paramValues, "context\\.pipelineRun", pipelineRunContextNames). Also(validatePipelineContextVariablesInParamValues(paramValues, "context\\.pipeline", pipelineContextNames)). @@ -204,6 +390,23 @@ func validatePipelineContextVariables(tasks []PipelineTask) *apis.FieldError { return errs } +// extractAllParams extracts all the parameters in a PipelineTask: +// - pt.Params +// - pt.Matrix.Params +// - pt.Matrix.Include.Params +func (pt *PipelineTask) extractAllParams() Params { + allParams := pt.Params + if pt.Matrix.HasParams() { + allParams = append(allParams, pt.Matrix.Params...) + } + if pt.Matrix.HasInclude() { + for _, include := range pt.Matrix.Include { + allParams = append(allParams, include.Params...) + } + } + return allParams +} + func containsExecutionStatusRef(p string) bool { if strings.HasPrefix(p, "tasks.") && strings.HasSuffix(p, ".status") { return true @@ -211,6 +414,12 @@ func containsExecutionStatusRef(p string) bool { return false } +func validateExecutionStatusVariables(tasks []PipelineTask, finallyTasks []PipelineTask) (errs *apis.FieldError) { + errs = errs.Also(validateExecutionStatusVariablesInTasks(tasks).ViaField("tasks")) + errs = errs.Also(validateExecutionStatusVariablesInFinally(PipelineTaskList(tasks).Names(), finallyTasks).ViaField("finally")) + return errs +} + // validate dag pipeline tasks, task params can not access execution status of any other task // dag tasks cannot have param value as $(tasks.pipelineTask.status) func validateExecutionStatusVariablesInTasks(tasks []PipelineTask) (errs *apis.FieldError) { @@ -229,9 +438,79 @@ func validateExecutionStatusVariablesInFinally(tasksNames sets.String, finally [ return errs } -func validateExecutionStatusVariables(tasks []PipelineTask, finallyTasks []PipelineTask) (errs *apis.FieldError) { - errs = errs.Also(validateExecutionStatusVariablesInTasks(tasks).ViaField("tasks")) - errs = errs.Also(validateExecutionStatusVariablesInFinally(PipelineTaskList(tasks).Names(), finallyTasks).ViaField("finally")) +func (pt *PipelineTask) validateExecutionStatusVariablesDisallowed() (errs *apis.FieldError) { + for _, param := range pt.Params { + if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { + errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, "value"). + ViaFieldKey("params", param.Name)) + } + } + for i, we := range pt.WhenExpressions { + if expressions, ok := we.GetVarSubstitutionExpressions(); ok { + errs = errs.Also(validateContainsExecutionStatusVariablesDisallowed(expressions, ""). + ViaFieldIndex("when", i)) + } + } + return errs +} + +func validateContainsExecutionStatusVariablesDisallowed(expressions []string, path string) (errs *apis.FieldError) { + if containsExecutionStatusReferences(expressions) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline tasks can not refer to execution status"+ + " of any other pipeline task or aggregate status of tasks"), path)) + } + return errs +} + +func containsExecutionStatusReferences(expressions []string) bool { + // validate tasks.pipelineTask.status/tasks.status if this expression is not a result reference + if !LooksLikeContainsResultRefs(expressions) { + for _, e := range expressions { + // check if it contains context variable accessing execution status - $(tasks.taskname.status) + // or an aggregate status - $(tasks.status) + if containsExecutionStatusRef(e) { + return true + } + } + } + return false +} + +func (pt *PipelineTask) validateExecutionStatusVariablesAllowed(ptNames sets.String) (errs *apis.FieldError) { + for _, param := range pt.Params { + if expressions, ok := GetVarSubstitutionExpressionsForParam(param); ok { + errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, "value"). + ViaFieldKey("params", param.Name)) + } + } + for i, we := range pt.WhenExpressions { + if expressions, ok := we.GetVarSubstitutionExpressions(); ok { + errs = errs.Also(validateExecutionStatusVariablesExpressions(expressions, ptNames, ""). + ViaFieldIndex("when", i)) + } + } + return errs +} + +func validateExecutionStatusVariablesExpressions(expressions []string, ptNames sets.String, fieldPath string) (errs *apis.FieldError) { + // validate tasks.pipelineTask.status if this expression is not a result reference + if !LooksLikeContainsResultRefs(expressions) { + for _, expression := range expressions { + // its a reference to aggregate status of dag tasks - $(tasks.status) + if expression == PipelineTasksAggregateStatus { + continue + } + // check if it contains context variable accessing execution status - $(tasks.taskname.status) + if containsExecutionStatusRef(expression) { + // strip tasks. and .status from tasks.taskname.status to further verify task name + pt := strings.TrimSuffix(strings.TrimPrefix(expression, "tasks."), ".status") + // report an error if the task name does not exist in the list of dag tasks + if !ptNames.Has(pt) { + errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("pipeline task %s is not defined in the pipeline", pt), fieldPath)) + } + } + } + } return errs } @@ -315,7 +594,6 @@ func taskContainsResult(resultExpression string, pipelineTaskNames sets.String, if strings.HasPrefix(value, "finally") && !pipelineFinallyTaskNames.Has(pipelineTaskName) { return false } - } } return true @@ -339,7 +617,6 @@ func validateFinalTasks(tasks []PipelineTask, finalTasks []PipelineTask) (errs * fts := PipelineTaskList(finalTasks).Names() errs = errs.Also(validateTaskResultReferenceInFinallyTasks(finalTasks, ts, fts)) - errs = errs.Also(validateTasksInputFrom(finalTasks).ViaField("finally")) return errs } @@ -379,22 +656,6 @@ func validateResultsVariablesExpressionsInFinally(expressions []string, pipeline return errs } -func validateTasksInputFrom(tasks []PipelineTask) (errs *apis.FieldError) { - for idx, t := range tasks { - inputResources := []PipelineTaskInputResource{} - if t.Resources != nil { - inputResources = append(inputResources, t.Resources.Inputs...) - } - for i, rd := range inputResources { - if len(rd.From) != 0 { - errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("no from allowed under inputs,"+ - " final task %s has from specified", rd.Name), "").ViaFieldIndex("inputs", i).ViaField("resources").ViaIndex(idx)) - } - } - } - return errs -} - func validateWhenExpressions(tasks []PipelineTask, finalTasks []PipelineTask) (errs *apis.FieldError) { for i, t := range tasks { errs = errs.Also(t.WhenExpressions.validate().ViaFieldIndex("tasks", i)) @@ -405,94 +666,6 @@ func validateWhenExpressions(tasks []PipelineTask, finalTasks []PipelineTask) (e return errs } -// validateDeclaredResources ensures that the specified resources have unique names and -// validates that all the resources referenced by pipeline tasks are declared in the pipeline -func validateDeclaredResources(resources []PipelineDeclaredResource, tasks []PipelineTask, finalTasks []PipelineTask) *apis.FieldError { - encountered := sets.NewString() - for _, r := range resources { - if encountered.Has(r.Name) { - return apis.ErrInvalidValue(fmt.Sprintf("resource with name %q appears more than once", r.Name), "resources") - } - encountered.Insert(r.Name) - } - required := []string{} - for _, t := range tasks { - if t.Resources != nil { - for _, input := range t.Resources.Inputs { - required = append(required, input.Resource) - } - for _, output := range t.Resources.Outputs { - required = append(required, output.Resource) - } - } - - } - for _, t := range finalTasks { - if t.Resources != nil { - for _, input := range t.Resources.Inputs { - required = append(required, input.Resource) - } - for _, output := range t.Resources.Outputs { - required = append(required, output.Resource) - } - } - } - - provided := make([]string, 0, len(resources)) - for _, resource := range resources { - provided = append(provided, resource.Name) - } - missing := list.DiffLeft(required, provided) - if len(missing) > 0 { - return apis.ErrInvalidValue(fmt.Sprintf("pipeline declared resources didn't match usage in Tasks: Didn't provide required values: %s", missing), "resources") - } - return nil -} - -func isOutput(outputs []PipelineTaskOutputResource, resource string) bool { - for _, output := range outputs { - if output.Resource == resource { - return true - } - } - return false -} - -// validateFrom ensures that the `from` values make sense: that they rely on values from Tasks -// that ran previously, and that the PipelineResource is actually an output of the Task it should come from. -func validateFrom(tasks []PipelineTask) (errs *apis.FieldError) { - taskOutputs := map[string][]PipelineTaskOutputResource{} - for _, task := range tasks { - var to []PipelineTaskOutputResource - if task.Resources != nil { - to = make([]PipelineTaskOutputResource, len(task.Resources.Outputs)) - copy(to, task.Resources.Outputs) - } - taskOutputs[task.Name] = to - } - for i, t := range tasks { - inputResources := []PipelineTaskInputResource{} - if t.Resources != nil { - inputResources = append(inputResources, t.Resources.Inputs...) - } - - for j, rd := range inputResources { - for _, pt := range rd.From { - outputs, found := taskOutputs[pt] - if !found { - return apis.ErrInvalidValue(fmt.Sprintf("expected resource %s to be from task %s, but task %s doesn't exist", rd.Resource, pt, pt), - "from").ViaFieldIndex("inputs", j).ViaField("resources").ViaFieldIndex("tasks", i) - } - if !isOutput(outputs, rd.Resource) { - return apis.ErrInvalidValue(fmt.Sprintf("the resource %s from %s must be an output but is an input", rd.Resource, pt), - "from").ViaFieldIndex("inputs", j).ViaField("resources").ViaFieldIndex("tasks", i) - } - } - } - } - return errs -} - // validateGraph ensures the Pipeline's dependency Graph (DAG) make sense: that there is no dependency // cycle or that they rely on values from Tasks that ran previously, and that the PipelineResource // is actually an output of the Task it should come from. @@ -525,3 +698,51 @@ func validateResultsFromMatrixedPipelineTasksNotConsumed(tasks []PipelineTask, f } return errs } + +// ValidateParamArrayIndex validates if the param reference to an array param is out of bound. +// error is returned when the array indexing reference is out of bound of the array param +// e.g. if a param reference of $(params.array-param[2]) and the array param is of length 2. +func (ps *PipelineSpec) ValidateParamArrayIndex(ctx context.Context, params Params) error { + if !config.CheckAlphaOrBetaAPIFields(ctx) { + return nil + } + + // Collect all array params lengths + arrayParamsLengths := ps.Params.extractParamArrayLengths() + for k, v := range params.extractParamArrayLengths() { + arrayParamsLengths[k] = v + } + + paramsRefs := []string{} + for i := range ps.Tasks { + paramsRefs = append(paramsRefs, ps.Tasks[i].Params.extractValues()...) + if ps.Tasks[i].IsMatrixed() { + paramsRefs = append(paramsRefs, ps.Tasks[i].Matrix.Params.extractValues()...) + } + for j := range ps.Tasks[i].Workspaces { + paramsRefs = append(paramsRefs, ps.Tasks[i].Workspaces[j].SubPath) + } + for _, wes := range ps.Tasks[i].WhenExpressions { + paramsRefs = append(paramsRefs, wes.Input) + paramsRefs = append(paramsRefs, wes.Values...) + } + } + + for i := range ps.Finally { + paramsRefs = append(paramsRefs, ps.Finally[i].Params.extractValues()...) + if ps.Finally[i].IsMatrixed() { + paramsRefs = append(paramsRefs, ps.Finally[i].Matrix.Params.extractValues()...) + } + for _, wes := range ps.Finally[i].WhenExpressions { + paramsRefs = append(paramsRefs, wes.Values...) + } + } + + // extract all array indexing references, for example []{"$(params.array-params[1])"} + arrayIndexParamRefs := []string{} + for _, p := range paramsRefs { + arrayIndexParamRefs = append(arrayIndexParamRefs, extractArrayIndexingParamRefs(p)...) + } + + return validateOutofBoundArrayParams(arrayIndexParamRefs, arrayParamsLengths) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_conversion.go index d2c7d4bda4..88fed430cc 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( @@ -32,7 +48,7 @@ func (pr PipelineRef) convertBundleToResolver(sink *v1.PipelineRef) { if pr.Bundle != "" { sink.ResolverRef = v1.ResolverRef{ Resolver: "bundles", - Params: []v1.Param{{ + Params: v1.Params{{ Name: "bundle", Value: v1.ParamValue{StringVal: pr.Bundle, Type: v1.ParamTypeString}, }, { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_types.go index efb6f13cd3..ab943a3242 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_types.go @@ -24,6 +24,7 @@ type PipelineRef struct { // +optional APIVersion string `json:"apiVersion,omitempty"` // Bundle url reference to a Tekton Bundle. + // // Deprecated: Please use ResolverRef with the bundles resolver instead. // +optional Bundle string `json:"bundle,omitempty"` diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_validation.go index c52e2d1de3..6186c177a2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelineref_validation.go @@ -64,7 +64,7 @@ func (ref *PipelineRef) Validate(ctx context.Context) (errs *apis.FieldError) { } } } - return + return //nolint:nakedret } func validateBundleFeatureFlag(ctx context.Context, featureName string, wantValue bool) *apis.FieldError { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_conversion.go index 85f538e914..68a475233f 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_conversion.go @@ -21,8 +21,6 @@ import ( "fmt" v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" - "github.com/tektoncd/pipeline/pkg/apis/version" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "knative.dev/pkg/apis" ) @@ -36,7 +34,7 @@ func (pr *PipelineRun) ConvertTo(ctx context.Context, to apis.Convertible) error switch sink := to.(type) { case *v1.PipelineRun: sink.ObjectMeta = pr.ObjectMeta - if err := serializePipelineRunResources(&sink.ObjectMeta, &pr.Spec); err != nil { + if err := pr.Status.convertTo(ctx, &sink.Status); err != nil { return err } return pr.Spec.ConvertTo(ctx, &sink.Spec) @@ -96,7 +94,7 @@ func (pr *PipelineRun) ConvertFrom(ctx context.Context, from apis.Convertible) e switch source := from.(type) { case *v1.PipelineRun: pr.ObjectMeta = source.ObjectMeta - if err := deserializePipelineRunResources(&pr.ObjectMeta, &pr.Spec); err != nil { + if err := pr.Status.convertFrom(ctx, &source.Status); err != nil { return err } return pr.Spec.ConvertFrom(ctx, &source.Spec) @@ -208,21 +206,140 @@ func (ptrs *PipelineTaskRunSpec) convertFrom(ctx context.Context, source v1.Pipe ptrs.ComputeResources = source.ComputeResources } -func serializePipelineRunResources(meta *metav1.ObjectMeta, spec *PipelineRunSpec) error { - if spec.Resources == nil { - return nil +func (prs *PipelineRunStatus) convertTo(ctx context.Context, sink *v1.PipelineRunStatus) error { + sink.Status = prs.Status + sink.StartTime = prs.StartTime + sink.CompletionTime = prs.CompletionTime + sink.Results = nil + for _, pr := range prs.PipelineResults { + new := v1.PipelineRunResult{} + pr.convertTo(ctx, &new) + sink.Results = append(sink.Results, new) + } + if prs.PipelineSpec != nil { + sink.PipelineSpec = &v1.PipelineSpec{} + err := prs.PipelineSpec.ConvertTo(ctx, sink.PipelineSpec) + if err != nil { + return err + } + } + sink.SkippedTasks = nil + for _, st := range prs.SkippedTasks { + new := v1.SkippedTask{} + st.convertTo(ctx, &new) + sink.SkippedTasks = append(sink.SkippedTasks, new) + } + sink.ChildReferences = nil + for _, cr := range prs.ChildReferences { + new := v1.ChildStatusReference{} + cr.convertTo(ctx, &new) + sink.ChildReferences = append(sink.ChildReferences, new) } - return version.SerializeToMetadata(meta, spec.Resources, resourcesAnnotationKey) + sink.FinallyStartTime = prs.FinallyStartTime + if prs.Provenance != nil { + new := v1.Provenance{} + prs.Provenance.convertTo(ctx, &new) + sink.Provenance = &new + } + return nil } -func deserializePipelineRunResources(meta *metav1.ObjectMeta, spec *PipelineRunSpec) error { - resources := []PipelineResourceBinding{} - err := version.DeserializeFromMetadata(meta, &resources, resourcesAnnotationKey) - if err != nil { - return err +func (prs *PipelineRunStatus) convertFrom(ctx context.Context, source *v1.PipelineRunStatus) error { + prs.Status = source.Status + prs.StartTime = source.StartTime + prs.CompletionTime = source.CompletionTime + prs.PipelineResults = nil + for _, pr := range source.Results { + new := PipelineRunResult{} + new.convertFrom(ctx, pr) + prs.PipelineResults = append(prs.PipelineResults, new) + } + if source.PipelineSpec != nil { + newPipelineSpec := PipelineSpec{} + err := newPipelineSpec.ConvertFrom(ctx, source.PipelineSpec) + if err != nil { + return err + } + prs.PipelineSpec = &newPipelineSpec } - if len(resources) != 0 { - spec.Resources = resources + prs.SkippedTasks = nil + for _, st := range source.SkippedTasks { + new := SkippedTask{} + new.convertFrom(ctx, st) + prs.SkippedTasks = append(prs.SkippedTasks, new) + } + prs.ChildReferences = nil + for _, cr := range source.ChildReferences { + new := ChildStatusReference{} + new.convertFrom(ctx, cr) + prs.ChildReferences = append(prs.ChildReferences, new) + } + + prs.FinallyStartTime = source.FinallyStartTime + if source.Provenance != nil { + new := Provenance{} + new.convertFrom(ctx, *source.Provenance) + prs.Provenance = &new } return nil } + +func (prr PipelineRunResult) convertTo(ctx context.Context, sink *v1.PipelineRunResult) { + sink.Name = prr.Name + newValue := v1.ParamValue{} + prr.Value.convertTo(ctx, &newValue) + sink.Value = newValue +} + +func (prr *PipelineRunResult) convertFrom(ctx context.Context, source v1.PipelineRunResult) { + prr.Name = source.Name + newValue := ParamValue{} + newValue.convertFrom(ctx, source.Value) + prr.Value = newValue +} + +func (st SkippedTask) convertTo(ctx context.Context, sink *v1.SkippedTask) { + sink.Name = st.Name + sink.Reason = v1.SkippingReason(st.Reason) + sink.WhenExpressions = nil + for _, we := range st.WhenExpressions { + new := v1.WhenExpression{} + we.convertTo(ctx, &new) + sink.WhenExpressions = append(sink.WhenExpressions, new) + } +} + +func (st *SkippedTask) convertFrom(ctx context.Context, source v1.SkippedTask) { + st.Name = source.Name + st.Reason = SkippingReason(source.Reason) + st.WhenExpressions = nil + for _, we := range source.WhenExpressions { + new := WhenExpression{} + new.convertFrom(ctx, we) + st.WhenExpressions = append(st.WhenExpressions, new) + } +} + +func (csr ChildStatusReference) convertTo(ctx context.Context, sink *v1.ChildStatusReference) { + sink.TypeMeta = csr.TypeMeta + sink.Name = csr.Name + sink.PipelineTaskName = csr.PipelineTaskName + sink.WhenExpressions = nil + for _, we := range csr.WhenExpressions { + new := v1.WhenExpression{} + we.convertTo(ctx, &new) + sink.WhenExpressions = append(sink.WhenExpressions, new) + } +} + +func (csr *ChildStatusReference) convertFrom(ctx context.Context, source v1.ChildStatusReference) { + csr.TypeMeta = source.TypeMeta + csr.Name = source.Name + csr.PipelineTaskName = source.PipelineTaskName + csr.WhenExpressions = nil + for _, we := range source.WhenExpressions { + new := WhenExpression{} + new.convertFrom(ctx, we) + csr.WhenExpressions = append(csr.WhenExpressions, new) + } +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_defaults.go index a47a0d3e55..86592824a2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_defaults.go @@ -36,6 +36,10 @@ func (pr *PipelineRun) SetDefaults(ctx context.Context) { // SetDefaults implements apis.Defaultable func (prs *PipelineRunSpec) SetDefaults(ctx context.Context) { cfg := config.FromContextOrDefaults(ctx) + if prs.PipelineRef != nil && prs.PipelineRef.Name == "" && prs.PipelineRef.Resolver == "" { + prs.PipelineRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) + } + if prs.Timeout == nil && prs.Timeouts == nil { prs.Timeout = &metav1.Duration{Duration: time.Duration(cfg.Defaults.DefaultTimeoutMinutes) * time.Minute} } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_types.go index 6e81abd7be..83bf2c22e1 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_types.go @@ -18,22 +18,21 @@ package v1beta1 import ( "context" + "fmt" "time" - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" - "github.com/tektoncd/pipeline/pkg/apis/config" apisconfig "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" - runv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "k8s.io/utils/clock" "knative.dev/pkg/apis" - duckv1beta1 "knative.dev/pkg/apis/duck/v1beta1" + duckv1 "knative.dev/pkg/apis/duck/v1" ) // +genclient @@ -98,7 +97,7 @@ func (pr *PipelineRun) IsGracefullyStopped() bool { return pr.Spec.Status == PipelineRunSpecStatusStoppedRunFinally } -// PipelineTimeout returns the the applicable timeout for the PipelineRun +// PipelineTimeout returns the applicable timeout for the PipelineRun func (pr *PipelineRun) PipelineTimeout(ctx context.Context) time.Duration { if pr.Spec.Timeout != nil { return pr.Spec.Timeout.Duration @@ -109,7 +108,7 @@ func (pr *PipelineRun) PipelineTimeout(ctx context.Context) time.Duration { return time.Duration(config.FromContextOrDefaults(ctx).Defaults.DefaultTimeoutMinutes) * time.Minute } -// TasksTimeout returns the the tasks timeout for the PipelineRun, if set, +// TasksTimeout returns the tasks timeout for the PipelineRun, if set, // or the tasks timeout computed from the Pipeline and Finally timeouts, if those are set. func (pr *PipelineRun) TasksTimeout() *metav1.Duration { t := pr.Spec.Timeouts @@ -128,7 +127,7 @@ func (pr *PipelineRun) TasksTimeout() *metav1.Duration { return nil } -// FinallyTimeout returns the the finally timeout for the PipelineRun, if set, +// FinallyTimeout returns the finally timeout for the PipelineRun, if set, // or the finally timeout computed from the Pipeline and Tasks timeouts, if those are set. func (pr *PipelineRun) FinallyTimeout() *metav1.Duration { t := pr.Spec.Timeouts @@ -157,6 +156,22 @@ func (pr *PipelineRun) GetNamespacedName() types.NamespacedName { return types.NamespacedName{Namespace: pr.Namespace, Name: pr.Name} } +// IsTimeoutConditionSet returns true when the pipelinerun has the pipelinerun timed out reason +func (pr *PipelineRun) IsTimeoutConditionSet() bool { + condition := pr.Status.GetCondition(apis.ConditionSucceeded) + return condition.IsFalse() && condition.Reason == PipelineRunReasonTimedOut.String() +} + +// SetTimeoutCondition sets the status of the PipelineRun to timed out. +func (pr *PipelineRun) SetTimeoutCondition(ctx context.Context) { + pr.Status.SetCondition(&apis.Condition{ + Type: apis.ConditionSucceeded, + Status: corev1.ConditionFalse, + Reason: PipelineRunReasonTimedOut.String(), + Message: fmt.Sprintf("PipelineRun %q failed to finish within %q", pr.Name, pr.PipelineTimeout(ctx).String()), + }) +} + // HasTimedOut returns true if a pipelinerun has exceeded its spec.Timeout based on its status.Timeout func (pr *PipelineRun) HasTimedOut(ctx context.Context, c clock.PassiveClock) bool { timeout := pr.PipelineTimeout(ctx) @@ -174,6 +189,19 @@ func (pr *PipelineRun) HasTimedOut(ctx context.Context, c clock.PassiveClock) bo return false } +// HasTimedOutForALongTime returns true if a pipelinerun has exceeed its spec.Timeout based its status.StartTime +// by a large margin +func (pr *PipelineRun) HasTimedOutForALongTime(ctx context.Context, c clock.PassiveClock) bool { + if !pr.HasTimedOut(ctx, c) { + return false + } + timeout := pr.PipelineTimeout(ctx) + startTime := pr.Status.StartTime + runtime := c.Since(startTime.Time) + // We are arbitrarily defining large margin as doubling the spec.timeout + return runtime >= 2*timeout +} + // HaveTasksTimedOut returns true if a pipelinerun has exceeded its spec.Timeouts.Tasks func (pr *PipelineRun) HaveTasksTimedOut(ctx context.Context, c clock.PassiveClock) bool { timeout := pr.TasksTimeout() @@ -228,11 +256,13 @@ type PipelineRunSpec struct { // Resources is a list of bindings specifying which actual instances of // PipelineResources to use for the resources the Pipeline has declared // it needs. + // + // Deprecated: Unused, preserved only for backwards compatibility // +listType=atomic Resources []PipelineResourceBinding `json:"resources,omitempty"` // Params is a list of parameter names and values. // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` @@ -246,9 +276,12 @@ type PipelineRunSpec struct { // +optional Timeouts *TimeoutFields `json:"timeouts,omitempty"` - // Timeout Deprecated: use pipelineRunSpec.Timeouts.Pipeline instead - // Time after which the Pipeline times out. Defaults to never. + // Timeout is the Time after which the Pipeline times out. + // Defaults to never. // Refer to Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration + // + // Deprecated: use pipelineRunSpec.Timeouts.Pipeline instead + // // +optional Timeout *metav1.Duration `json:"timeout,omitempty"` // PodTemplate holds pod specific configuration @@ -298,7 +331,7 @@ const ( // PipelineRunStatus defines the observed state of PipelineRun type PipelineRunStatus struct { - duckv1beta1.Status `json:",inline"` + duckv1.Status `json:",inline"` // PipelineRunStatusFields inlines the status fields. PipelineRunStatusFields `json:",inline"` @@ -352,12 +385,6 @@ func (pr *PipelineRunStatus) GetCondition(t apis.ConditionType) *apis.Condition // and set the started time to the current time func (pr *PipelineRunStatus) InitializeConditions(c clock.PassiveClock) { started := false - if pr.TaskRuns == nil { - pr.TaskRuns = make(map[string]*PipelineRunTaskRunStatus) - } - if pr.Runs == nil { - pr.Runs = make(map[string]*PipelineRunRunStatus) - } if pr.StartTime.IsZero() { pr.StartTime = &metav1.Time{Time: c.Now()} started = true @@ -418,20 +445,24 @@ type ChildStatusReference struct { // consume these fields via duck typing. type PipelineRunStatusFields struct { // StartTime is the time the PipelineRun is actually started. - // +optional StartTime *metav1.Time `json:"startTime,omitempty"` // CompletionTime is the time the PipelineRun completed. - // +optional CompletionTime *metav1.Time `json:"completionTime,omitempty"` - // Deprecated - use ChildReferences instead. - // map of PipelineRunTaskRunStatus with the taskRun name as the key + // TaskRuns is a map of PipelineRunTaskRunStatus with the taskRun name as the key. + // + // Deprecated: use ChildReferences instead. As of v0.45.0, this field is no + // longer populated and is only included for backwards compatibility with + // older server versions. // +optional TaskRuns map[string]*PipelineRunTaskRunStatus `json:"taskRuns,omitempty"` - // Deprecated - use ChildReferences instead. - // map of PipelineRunRunStatus with the run name as the key + // Runs is a map of PipelineRunRunStatus with the run name as the key + // + // Deprecated: use ChildReferences instead. As of v0.45.0, this field is no + // longer populated and is only included for backwards compatibility with + // older server versions. // +optional Runs map[string]*PipelineRunRunStatus `json:"runs,omitempty"` @@ -458,7 +489,11 @@ type PipelineRunStatusFields struct { FinallyStartTime *metav1.Time `json:"finallyStartTime,omitempty"` // Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). + // +optional Provenance *Provenance `json:"provenance,omitempty"` + + // SpanContext contains tracing span context fields + SpanContext map[string]string `json:"spanContext,omitempty"` } // SkippedTask is used to describe the Tasks that were skipped due to their When Expressions @@ -497,6 +532,8 @@ const ( TasksTimedOutSkip SkippingReason = "PipelineRun Tasks timeout has been reached" // FinallyTimedOutSkip means the task was skipped because the PipelineRun has passed its Timeouts.Finally. FinallyTimedOutSkip SkippingReason = "PipelineRun Finally timeout has been reached" + // EmptyArrayInMatrixParams means the task was skipped because Matrix parameters contain empty array. + EmptyArrayInMatrixParams SkippingReason = "Matrix Parameters have an empty array" // None means the task was not skipped None SkippingReason = "None" ) @@ -523,13 +560,13 @@ type PipelineRunTaskRunStatus struct { WhenExpressions []WhenExpression `json:"whenExpressions,omitempty"` } -// PipelineRunRunStatus contains the name of the PipelineTask for this Run and the Run's Status +// PipelineRunRunStatus contains the name of the PipelineTask for this CustomRun or Run and the CustomRun or Run's Status type PipelineRunRunStatus struct { // PipelineTaskName is the name of the PipelineTask. PipelineTaskName string `json:"pipelineTaskName,omitempty"` - // Status is the RunStatus for the corresponding Run + // Status is the CustomRunStatus for the corresponding CustomRun or Run // +optional - Status *runv1alpha1.RunStatus `json:"status,omitempty"` + Status *CustomRunStatus `json:"status,omitempty"` // WhenExpressions is the list of checks guarding the execution of the PipelineTask // +optional // +listType=atomic diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_validation.go index 4e874f12c6..ed7ac5cce1 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/pipelinerun_validation.go @@ -128,6 +128,12 @@ func (ps *PipelineRunSpec) Validate(ctx context.Context) (errs *apis.FieldError) for idx, trs := range ps.TaskRunSpecs { errs = errs.Also(validateTaskRunSpec(ctx, trs).ViaIndex(idx).ViaField("taskRunSpecs")) } + if ps.PodTemplate != nil { + errs = errs.Also(validatePodTemplateEnv(ctx, *ps.PodTemplate)) + } + if ps.Resources != nil { + errs = errs.Also(apis.ErrDisallowedFields("resources")) + } return errs } @@ -236,7 +242,7 @@ func (ps *PipelineRunSpec) validateInlineParameters(ctx context.Context) (errs * return errs } -func appendPipelineTaskParams(paramSpecForValidation map[string]ParamSpec, params []Param) map[string]ParamSpec { +func appendPipelineTaskParams(paramSpecForValidation map[string]ParamSpec, params Params) map[string]ParamSpec { for _, p := range params { if pSpec, ok := paramSpecForValidation[p.Name]; ok { if p.Value.ObjectVal != nil { @@ -270,7 +276,6 @@ func validateSpecStatus(status PipelineRunSpecStatus) *apis.FieldError { PipelineRunSpecStatusCancelledRunFinally, PipelineRunSpecStatusStoppedRunFinally, PipelineRunSpecStatusPending), "status") - } func validateTimeoutDuration(field string, d *metav1.Duration) (errs *apis.FieldError) { @@ -334,5 +339,8 @@ func validateTaskRunSpec(ctx context.Context, trs PipelineTaskRunSpec) (errs *ap errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "computeResources", config.AlphaAPIFields).ViaField("computeResources")) errs = errs.Also(validateTaskRunComputeResources(trs.ComputeResources, trs.StepOverrides)) } + if trs.TaskPodTemplate != nil { + errs = errs.Also(validatePodTemplateEnv(ctx, *trs.TaskPodTemplate)) + } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance.go index 7ab90ae3fc..3ae27eb55d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance.go @@ -13,34 +13,55 @@ limitations under the License. package v1beta1 -// Provenance contains some key authenticated metadata about how a software artifact was -// built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield -// `ConfigSource` that identifies the source where a build config file came from. -// In future, it can be expanded as needed to include more metadata about the build. -// This field aims to be used to carry minimum amount of the authenticated metadata in *Run status -// so that Tekton Chains can pick it up and record in the provenance it generates. +import "github.com/tektoncd/pipeline/pkg/apis/config" + +// Provenance contains metadata about resources used in the TaskRun/PipelineRun +// such as the source from where a remote build definition was fetched. +// This field aims to carry minimum amoumt of metadata in *Run status so that +// Tekton Chains can capture them in the provenance. type Provenance struct { - // ConfigSource identifies the source where a resource came from. + // Deprecated: Use RefSource instead ConfigSource *ConfigSource `json:"configSource,omitempty"` + + // RefSource identifies the source where a remote task/pipeline came from. + RefSource *RefSource `json:"refSource,omitempty"` + + // FeatureFlags identifies the feature flags that were used during the task/pipeline run + FeatureFlags *config.FeatureFlags `json:"featureFlags,omitempty"` +} + +// RefSource contains the information that can uniquely identify where a remote +// built definition came from i.e. Git repositories, Tekton Bundles in OCI registry +// and hub. +type RefSource struct { + // URI indicates the identity of the source of the build definition. + // Example: "https://github.com/tektoncd/catalog" + URI string `json:"uri,omitempty"` + + // Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. + // Example: {"sha1": "f99d13e554ffcb696dee719fa85b695cb5b0f428"} + Digest map[string]string `json:"digest,omitempty"` + + // EntryPoint identifies the entry point into the build. This is often a path to a + // build definition file and/or a target label within that file. + // Example: "task/git-clone/0.8/git-clone.yaml" + EntryPoint string `json:"entryPoint,omitempty"` } -// ConfigSource identifies the source where a resource came from. -// This can include Git repositories, Task Bundles, file checksums, or other information -// that allows users to identify where the resource came from and what version was used. +// ConfigSource contains the information that can uniquely identify where a remote +// built definition came from i.e. Git repositories, Tekton Bundles in OCI registry +// and hub. type ConfigSource struct { - // URI indicates the identity of the source of the config. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri + // URI indicates the identity of the source of the build definition. // Example: "https://github.com/tektoncd/catalog" URI string `json:"uri,omitempty"` // Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest // Example: {"sha1": "f99d13e554ffcb696dee719fa85b695cb5b0f428"} Digest map[string]string `json:"digest,omitempty"` // EntryPoint identifies the entry point into the build. This is often a path to a - // configuration file and/or a target label within that file. - // Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint + // build definition file and/or a target label within that file. // Example: "task/git-clone/0.8/git-clone.yaml" EntryPoint string `json:"entryPoint,omitempty"` } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance_conversion.go new file mode 100644 index 0000000000..4e4afe25b5 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/provenance_conversion.go @@ -0,0 +1,54 @@ +/* +Copyright 2022 The Tekton Authors +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + + v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" +) + +func (p Provenance) convertTo(ctx context.Context, sink *v1.Provenance) { + if p.RefSource != nil { + new := v1.RefSource{} + p.RefSource.convertTo(ctx, &new) + sink.RefSource = &new + } + if p.FeatureFlags != nil { + sink.FeatureFlags = p.FeatureFlags + } +} + +func (p *Provenance) convertFrom(ctx context.Context, source v1.Provenance) { + if source.RefSource != nil { + new := RefSource{} + new.convertFrom(ctx, *source.RefSource) + p.RefSource = &new + } + if source.FeatureFlags != nil { + p.FeatureFlags = source.FeatureFlags + } +} + +func (cs RefSource) convertTo(ctx context.Context, sink *v1.RefSource) { + sink.URI = cs.URI + sink.Digest = cs.Digest + sink.EntryPoint = cs.EntryPoint +} + +func (cs *RefSource) convertFrom(ctx context.Context, source v1.RefSource) { + cs.URI = source.URI + cs.Digest = source.Digest + cs.EntryPoint = source.EntryPoint +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_conversion.go index 18d3c07bb6..3bbed85032 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_types.go index 1cb0c85fe2..70b1c78867 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resolver_types.go @@ -33,5 +33,5 @@ type ResolverRef struct { // the chosen resolver. // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_paths.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_paths.go deleted file mode 100644 index 260a2ed5f9..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_paths.go +++ /dev/null @@ -1,40 +0,0 @@ -/* - Copyright 2019 The Tekton Authors - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -package v1beta1 - -import "path/filepath" - -// InputResourcePath returns the path where the given input resource -// will get mounted in a Pod -func InputResourcePath(r ResourceDeclaration) string { - return path("/workspace", r) -} - -// OutputResourcePath returns the path to the output resource in a Pod -func OutputResourcePath(r ResourceDeclaration) string { - return path("/workspace/output", r) -} - -func path(root string, r ResourceDeclaration) string { - if r.TargetPath != "" { - if filepath.IsAbs(r.TargetPath) { - return r.TargetPath - } - return filepath.Join("/workspace", r.TargetPath) - } - return filepath.Join(root, r.Name) -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types.go index 203a87c40a..0e5ec62de3 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types.go @@ -17,50 +17,59 @@ limitations under the License. package v1beta1 import ( - "encoding/json" - "fmt" - - "github.com/google/go-cmp/cmp" - "github.com/hashicorp/go-multierror" resource "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1" + "github.com/tektoncd/pipeline/pkg/result" v1 "k8s.io/api/core/v1" ) -// PipelineResourceType represents the type of endpoint the pipelineResource is, so that the -// controller will know this pipelineResource should be fetched and optionally what -// additional metatdata should be provided for it. -type PipelineResourceType = resource.PipelineResourceType - -var ( - // AllowedOutputResources are the resource types that can be used as outputs - AllowedOutputResources = resource.AllowedOutputResources -) +// RunResult is used to write key/value pairs to TaskRun pod termination messages. +// It has been migrated to the result package and kept for backward compatibility +type RunResult = result.RunResult -const ( - // PipelineResourceTypeGit indicates that this source is a GitHub repo. - PipelineResourceTypeGit PipelineResourceType = resource.PipelineResourceTypeGit +// PipelineResourceResult has been deprecated with the migration of PipelineResources +// Deprecated: Use RunResult instead +type PipelineResourceResult = result.RunResult - // PipelineResourceTypeStorage indicates that this source is a storage blob resource. - PipelineResourceTypeStorage PipelineResourceType = resource.PipelineResourceTypeStorage +// ResultType of PipelineResourceResult has been deprecated with the migration of PipelineResources +// Deprecated: v1beta1.ResultType is only kept for backward compatibility +type ResultType = result.ResultType - // PipelineResourceTypeImage indicates that this source is a docker Image. - PipelineResourceTypeImage PipelineResourceType = resource.PipelineResourceTypeImage +// ResourceParam declares a string value to use for the parameter called Name, and is used in +// the specific context of PipelineResources. +// +// Deprecated: Unused, preserved only for backwards compatibility +type ResourceParam = resource.ResourceParam - // PipelineResourceTypeCluster indicates that this source is a k8s cluster Image. - PipelineResourceTypeCluster PipelineResourceType = resource.PipelineResourceTypeCluster - - // PipelineResourceTypePullRequest indicates that this source is a SCM Pull Request. - PipelineResourceTypePullRequest PipelineResourceType = resource.PipelineResourceTypePullRequest - - // PipelineResourceTypeCloudEvent indicates that this source is a cloud event URI - PipelineResourceTypeCloudEvent PipelineResourceType = resource.PipelineResourceTypeCloudEvent -) +// PipelineResourceType represents the type of endpoint the pipelineResource is, so that the +// controller will know this pipelineResource should be fetched and optionally what +// additional metatdata should be provided for it. +// +// Deprecated: Unused, preserved only for backwards compatibility +type PipelineResourceType = resource.PipelineResourceType -// AllResourceTypes can be used for validation to check if a provided Resource type is one of the known types. -var AllResourceTypes = resource.AllResourceTypes +// PipelineDeclaredResource is used by a Pipeline to declare the types of the +// PipelineResources that it will required to run and names which can be used to +// refer to these PipelineResources in PipelineTaskResourceBindings. +// +// Deprecated: Unused, preserved only for backwards compatibility +type PipelineDeclaredResource struct { + // Name is the name that will be used by the Pipeline to refer to this resource. + // It does not directly correspond to the name of any PipelineResources Task + // inputs or outputs, and it does not correspond to the actual names of the + // PipelineResources that will be bound in the PipelineRun. + Name string `json:"name"` + // Type is the type of the PipelineResource. + Type PipelineResourceType `json:"type"` + // Optional declares the resource as optional. + // optional: true - the resource is considered optional + // optional: false - the resource is considered required (default/equivalent of not specifying it) + Optional bool `json:"optional,omitempty"` +} // TaskResources allows a Pipeline to declare how its DeclaredPipelineResources // should be provided to a Task as its inputs and outputs. +// +// Deprecated: Unused, preserved only for backwards compatibility type TaskResources struct { // Inputs holds the mapping from the PipelineResources declared in // DeclaredPipelineResources to the input PipelineResources required by the Task. @@ -77,11 +86,15 @@ type TaskResources struct { // the Task definition, and when provided as an Input, the Name will be the // path to the volume mounted containing this Resource as an input (e.g. // an input Resource named `workspace` will be mounted at `/workspace`). +// +// Deprecated: Unused, preserved only for backwards compatibility type TaskResource struct { ResourceDeclaration `json:",inline"` } // TaskRunResources allows a TaskRun to declare inputs and outputs TaskResourceBinding +// +// Deprecated: Unused, preserved only for backwards compatibility type TaskRunResources struct { // Inputs holds the inputs resources this task was invoked with // +listType=atomic @@ -93,6 +106,8 @@ type TaskRunResources struct { // TaskResourceBinding points to the PipelineResource that // will be used for the Task input or output called Name. +// +// Deprecated: Unused, preserved only for backwards compatibility type TaskResourceBinding struct { PipelineResourceBinding `json:",inline"` // Paths will probably be removed in #1284, and then PipelineResourceBinding can be used instead. @@ -108,10 +123,14 @@ type TaskResourceBinding struct { // PipelineResources within the type's definition, and when provided as an Input, the Name will be the // path to the volume mounted containing this PipelineResource as an input (e.g. // an input Resource named `workspace` will be mounted at `/workspace`). +// +// Deprecated: Unused, preserved only for backwards compatibility type ResourceDeclaration = resource.ResourceDeclaration // PipelineResourceBinding connects a reference to an instance of a PipelineResource // with a PipelineResource dependency that the Pipeline has declared +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceBinding struct { // Name is the name of the PipelineResource in the Pipeline's declaration Name string `json:"name,omitempty"` @@ -126,59 +145,74 @@ type PipelineResourceBinding struct { ResourceSpec *resource.PipelineResourceSpec `json:"resourceSpec,omitempty"` } -// PipelineResourceResult used to export the image name and digest as json -type PipelineResourceResult struct { - Key string `json:"key"` - Value string `json:"value"` - ResourceName string `json:"resourceName,omitempty"` - ResultType ResultType `json:"type,omitempty"` +// PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources +// should be provided to a Task as its inputs and outputs. +// +// Deprecated: Unused, preserved only for backwards compatibility +type PipelineTaskResources struct { + // Inputs holds the mapping from the PipelineResources declared in + // DeclaredPipelineResources to the input PipelineResources required by the Task. + // +listType=atomic + Inputs []PipelineTaskInputResource `json:"inputs,omitempty"` + // Outputs holds the mapping from the PipelineResources declared in + // DeclaredPipelineResources to the input PipelineResources required by the Task. + // +listType=atomic + Outputs []PipelineTaskOutputResource `json:"outputs,omitempty"` } -// ResultType used to find out whether a PipelineResourceResult is from a task result or not -// Note that ResultsType is another type which is used to define the data type -// (e.g. string, array, etc) we used for Results -type ResultType int - -// UnmarshalJSON unmarshals either an int or a string into a ResultType. String -// ResultTypes were removed because they made JSON messages bigger, which in -// turn limited the amount of space in termination messages for task results. String -// support is maintained for backwards compatibility - the Pipelines controller could -// be stopped midway through TaskRun execution, updated with support for int in place -// of string, and then fail the running TaskRun because it doesn't know how to interpret -// the string value that the TaskRun's entrypoint will emit when it completes. -func (r *ResultType) UnmarshalJSON(data []byte) error { - - var asInt int - var intErr error - - if err := json.Unmarshal(data, &asInt); err != nil { - intErr = err - } else { - *r = ResultType(asInt) - return nil - } - - var asString string +// PipelineTaskInputResource maps the name of a declared PipelineResource input +// dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources +// that should be used. This input may come from a previous task. +// +// Deprecated: Unused, preserved only for backwards compatibility +type PipelineTaskInputResource struct { + // Name is the name of the PipelineResource as declared by the Task. + Name string `json:"name"` + // Resource is the name of the DeclaredPipelineResource to use. + Resource string `json:"resource"` + // From is the list of PipelineTask names that the resource has to come from. + // (Implies an ordering in the execution graph.) + // +optional + // +listType=atomic + From []string `json:"from,omitempty"` +} - if err := json.Unmarshal(data, &asString); err != nil { - return fmt.Errorf("unsupported value type, neither int nor string: %v", multierror.Append(intErr, err).ErrorOrNil()) - } +// PipelineTaskOutputResource maps the name of a declared PipelineResource output +// dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources +// that should be used. +// +// Deprecated: Unused, preserved only for backwards compatibility +type PipelineTaskOutputResource struct { + // Name is the name of the PipelineResource as declared by the Task. + Name string `json:"name"` + // Resource is the name of the DeclaredPipelineResource to use. + Resource string `json:"resource"` +} - switch asString { - case "TaskRunResult": - *r = TaskRunResultType - case "PipelineResourceResult": - *r = PipelineResourceResultType - case "InternalTektonResult": - *r = InternalTektonResultType - default: - *r = UnknownResultType - } +// TaskRunInputs holds the input values that this task was invoked with. +// +// Deprecated: Unused, preserved only for backwards compatibility +type TaskRunInputs struct { + // +optional + // +listType=atomic + Resources []TaskResourceBinding `json:"resources,omitempty"` + // +optional + // +listType=atomic + Params []Param `json:"params,omitempty"` +} - return nil +// TaskRunOutputs holds the output values that this task was invoked with. +// +// Deprecated: Unused, preserved only for backwards compatibility +type TaskRunOutputs struct { + // +optional + // +listType=atomic + Resources []TaskResourceBinding `json:"resources,omitempty"` } // PipelineResourceRef can be used to refer to a specific instance of a Resource +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceRef struct { // Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names Name string `json:"name,omitempty"` @@ -188,6 +222,8 @@ type PipelineResourceRef struct { } // PipelineResourceInterface interface to be implemented by different PipelineResource types +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceInterface interface { // GetName returns the name of this PipelineResource instance. GetName() string @@ -205,6 +241,8 @@ type PipelineResourceInterface interface { } // TaskModifier is an interface to be implemented by different PipelineResources +// +// Deprecated: Unused, preserved only for backwards compatibility type TaskModifier interface { GetStepsToPrepend() []Step GetStepsToAppend() []Step @@ -212,6 +250,8 @@ type TaskModifier interface { } // InternalTaskModifier implements TaskModifier for resources that are built-in to Tekton Pipelines. +// +// Deprecated: Unused, preserved only for backwards compatibility type InternalTaskModifier struct { // +listType=atomic StepsToPrepend []Step `json:"stepsToPrepend"` @@ -220,69 +260,3 @@ type InternalTaskModifier struct { // +listType=atomic Volumes []v1.Volume `json:"volumes"` } - -// GetStepsToPrepend returns a set of Steps to prepend to the Task. -func (tm *InternalTaskModifier) GetStepsToPrepend() []Step { - return tm.StepsToPrepend -} - -// GetStepsToAppend returns a set of Steps to append to the Task. -func (tm *InternalTaskModifier) GetStepsToAppend() []Step { - return tm.StepsToAppend -} - -// GetVolumes returns a set of Volumes to prepend to the Task pod. -func (tm *InternalTaskModifier) GetVolumes() []v1.Volume { - return tm.Volumes -} - -// ApplyTaskModifier applies a modifier to the task by appending and prepending steps and volumes. -// If steps with the same name exist in ts an error will be returned. If identical Volumes have -// been added, they will not be added again. If Volumes with the same name but different contents -// have been added, an error will be returned. -func ApplyTaskModifier(ts *TaskSpec, tm TaskModifier) error { - steps := tm.GetStepsToPrepend() - for _, step := range steps { - if err := checkStepNotAlreadyAdded(step, ts.Steps); err != nil { - return err - } - } - ts.Steps = append(steps, ts.Steps...) - - steps = tm.GetStepsToAppend() - for _, step := range steps { - if err := checkStepNotAlreadyAdded(step, ts.Steps); err != nil { - return err - } - } - ts.Steps = append(ts.Steps, steps...) - - volumes := tm.GetVolumes() - for _, volume := range volumes { - var alreadyAdded bool - for _, v := range ts.Volumes { - if volume.Name == v.Name { - // If a Volume with the same name but different contents has already been added, we can't add both - if d := cmp.Diff(volume, v); d != "" { - return fmt.Errorf("tried to add volume %s already added but with different contents", volume.Name) - } - // If an identical Volume has already been added, don't add it again - alreadyAdded = true - } - } - if !alreadyAdded { - ts.Volumes = append(ts.Volumes, volume) - } - } - - return nil -} - -func checkStepNotAlreadyAdded(s Step, steps []Step) error { - for _, step := range steps { - if s.Name == step.Name { - return fmt.Errorf("Step %s cannot be added again", step.Name) - } - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types_validation.go deleted file mode 100644 index 2898fd9dfc..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resource_types_validation.go +++ /dev/null @@ -1,102 +0,0 @@ -/* -Copyright 2019 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - "context" - "fmt" - "strings" - - "k8s.io/apimachinery/pkg/util/sets" - "knative.dev/pkg/apis" -) - -// Validate implements apis.Validatable -func (tr *TaskResources) Validate(context.Context) (errs *apis.FieldError) { - if tr != nil { - errs = errs.Also(validateTaskResources(tr.Inputs).ViaField("inputs")) - errs = errs.Also(validateTaskResources(tr.Outputs).ViaField("outputs")) - } - return errs -} - -func validateTaskResources(resources []TaskResource) (errs *apis.FieldError) { - for idx, resource := range resources { - errs = errs.Also(validateResourceType(resource, fmt.Sprintf("%s.type", resource.Name))).ViaIndex(idx) - } - return errs.Also(checkForDuplicates(resources, "name")) -} - -func checkForDuplicates(resources []TaskResource, path string) *apis.FieldError { - encountered := sets.NewString() - for _, r := range resources { - if encountered.Has(strings.ToLower(r.Name)) { - return apis.ErrMultipleOneOf(path) - } - encountered.Insert(strings.ToLower(r.Name)) - } - return nil -} - -func validateResourceType(r TaskResource, path string) *apis.FieldError { - for _, allowed := range AllResourceTypes { - if r.Type == allowed { - return nil - } - } - return apis.ErrInvalidValue(r.Type, path) -} - -// Validate implements apis.Validatable -func (tr *TaskRunResources) Validate(ctx context.Context) *apis.FieldError { - if tr == nil { - return nil - } - if err := validateTaskRunResources(ctx, tr.Inputs, "spec.resources.inputs.name"); err != nil { - return err - } - return validateTaskRunResources(ctx, tr.Outputs, "spec.resources.outputs.name") -} - -// validateTaskRunResources validates that -// 1. resource is not declared more than once -// 2. if both resource reference and resource spec is defined at the same time -// 3. at least resource ref or resource spec is defined -func validateTaskRunResources(ctx context.Context, resources []TaskResourceBinding, path string) *apis.FieldError { - encountered := sets.NewString() - for _, r := range resources { - // We should provide only one binding for each resource required by the Task. - name := strings.ToLower(r.Name) - if encountered.Has(strings.ToLower(name)) { - return apis.ErrMultipleOneOf(path) - } - encountered.Insert(name) - // Check that both resource ref and resource Spec are not present - if r.ResourceRef != nil && r.ResourceSpec != nil { - return apis.ErrDisallowedFields(fmt.Sprintf("%s.resourceRef", path), fmt.Sprintf("%s.resourceSpec", path)) - } - // Check that one of resource ref and resource Spec is present - if (r.ResourceRef == nil || r.ResourceRef.Name == "") && r.ResourceSpec == nil { - return apis.ErrMissingField(fmt.Sprintf("%s.resourceRef", path), fmt.Sprintf("%s.resourceSpec", path)) - } - if r.ResourceSpec != nil && r.ResourceSpec.Validate(ctx) != nil { - return r.ResourceSpec.Validate(ctx) - } - - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_conversion.go index 70197bed16..5e0facad2a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_types.go index d71f513c4b..b4e3764c89 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_types.go @@ -54,7 +54,7 @@ type ResultValue = ParamValue // ResultsType indicates the type of a result; // Used to distinguish between a single string and an array of strings. // Note that there is ResultType used to find out whether a -// PipelineResourceResult is from a task result or not, which is different from +// RunResult is from a task result or not, which is different from // this ResultsType. type ResultsType string diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_validation.go index 4232b174fa..fe2fca41a6 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/result_validation.go @@ -27,22 +27,24 @@ func (tr TaskResult) Validate(ctx context.Context) (errs *apis.FieldError) { if !resultNameFormatRegex.MatchString(tr.Name) { return apis.ErrInvalidKeyName(tr.Name, "name", fmt.Sprintf("Name must consist of alphanumeric characters, '-', '_', and must start and end with an alphanumeric character (e.g. 'MyName', or 'my-name', or 'my_name', regex used for validation is '%s')", ResultNameFormat)) } - // Array and Object is alpha feature - if tr.Type == ResultsTypeArray || tr.Type == ResultsTypeObject { + + switch { + // Object results is a beta feature - make sure the feature flag is set to "beta" + case tr.Type == ResultsTypeObject: errs := validateObjectResult(tr) - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.AlphaAPIFields)) + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.BetaAPIFields)) + return errs + // Array results is a beta feature - make sure the feature flag is set to "beta" + case tr.Type == ResultsTypeArray: + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "results type", config.BetaAPIFields)) return errs - } - // Resources created before the result. Type was introduced may not have Type set // and should be considered valid - if tr.Type == "" { + case tr.Type == "": return nil - } - - // By default the result type is string - if tr.Type != ResultsTypeString { - return apis.ErrInvalidValue(tr.Type, "type", fmt.Sprintf("type must be string")) + // By default, the result type is string + case tr.Type != ResultsTypeString: + return apis.ErrInvalidValue(tr.Type, "type", "type must be string") } return nil diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resultref.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resultref.go index c6d2526fc3..43ad32036f 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resultref.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/resultref.go @@ -51,7 +51,7 @@ const ( exactVariableSubstitutionFormat = `^\$\([_a-zA-Z0-9.-]+(\.[_a-zA-Z0-9.-]+)*(\[([0-9]+|\*)\])?\)$` // arrayIndexing will match all `[int]` and `[*]` for parseExpression arrayIndexing = `\[([0-9])*\*?\]` - // ResultNameFormat Constant used to define the the regex Result.Name should follow + // ResultNameFormat Constant used to define the regex Result.Name should follow ResultNameFormat = `^([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]$` ) @@ -171,7 +171,6 @@ func stripVarSubExpression(expression string) string { // - Output: "", "", 0, "", error // TODO: may use regex for each type to handle possible reference formats func parseExpression(substitutionExpression string) (string, string, int, string, error) { - if looksLikeResultRef(substitutionExpression) { subExpressions := strings.Split(substitutionExpression, ".") // For string result: tasks..results. @@ -209,19 +208,13 @@ func ParseResultName(resultName string) (string, string) { // in a PipelineTask and returns a list of any references that are found. func PipelineTaskResultRefs(pt *PipelineTask) []*ResultRef { refs := []*ResultRef{} - var matrixParams []Param - if pt.IsMatrixed() { - matrixParams = pt.Matrix.Params - } - for _, p := range append(pt.Params, matrixParams...) { + for _, p := range pt.extractAllParams() { expressions, _ := GetVarSubstitutionExpressionsForParam(p) refs = append(refs, NewResultRefs(expressions)...) } - for _, whenExpression := range pt.WhenExpressions { expressions, _ := whenExpression.GetVarSubstitutionExpressions() refs = append(refs, NewResultRefs(expressions)...) } - return refs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/run_interface.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/run_interface.go new file mode 100644 index 0000000000..2a0ada19d6 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/run_interface.go @@ -0,0 +1,43 @@ +/* + Copyright 2022 The Tekton Authors + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +*/ + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "knative.dev/pkg/apis" +) + +// RunObject is implemented by CustomRun and Run +type RunObject interface { + // Object requires GetObjectKind() and DeepCopyObject() + runtime.Object + + // ObjectMetaAccessor requires a GetObjectMeta that returns the ObjectMeta + metav1.ObjectMetaAccessor + + // GetStatusCondition returns a ConditionAccessor for the status of the objectWithCondition + GetStatusCondition() apis.ConditionAccessor + + IsSuccessful() bool + IsCancelled() bool + HasStarted() bool + IsDone() bool + + GetRetryCount() int +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/status_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/status_validation.go deleted file mode 100644 index 860bd7f1f8..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/status_validation.go +++ /dev/null @@ -1,36 +0,0 @@ -/* -Copyright 2022 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - "context" - "fmt" - - "github.com/tektoncd/pipeline/pkg/apis/config" - "knative.dev/pkg/apis" -) - -// ValidateEmbeddedStatus checks that the embedded-status feature gate is set to the wantEmbeddedStatus value and, -// if not, returns an error stating which feature is dependent on the status and what the current status actually is. -func ValidateEmbeddedStatus(ctx context.Context, featureName, wantEmbeddedStatus string) *apis.FieldError { - embeddedStatus := config.FromContextOrDefaults(ctx).FeatureFlags.EmbeddedStatus - if embeddedStatus != wantEmbeddedStatus { - message := fmt.Sprintf(`%s requires "embedded-status" feature gate to be %q but it is %q`, featureName, wantEmbeddedStatus, embeddedStatus) - return apis.ErrGeneric(message) - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json index 1f45183282..c0b8e2770c 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json @@ -63,6 +63,17 @@ "description": "EnableServiceLinks indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. Optional: Defaults to true.", "type": "boolean" }, + "env": { + "description": "List of environment variables that can be provided to the containers belonging to the pod.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1.EnvVar" + }, + "x-kubernetes-list-type": "atomic", + "x-kubernetes-patch-merge-key": "name", + "x-kubernetes-patch-strategy": "merge" + }, "hostAliases": { "description": "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.", "type": "array", @@ -140,173 +151,6 @@ } } }, - "v1alpha1.PipelineResource": { - "description": "PipelineResource describes a resource that is an input to or output from a Task.", - "type": "object", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "default": {}, - "$ref": "#/definitions/v1.ObjectMeta" - }, - "spec": { - "description": "Spec holds the desired state of the PipelineResource from the client", - "default": {}, - "$ref": "#/definitions/v1alpha1.PipelineResourceSpec" - }, - "status": { - "description": "Status is deprecated. It usually is used to communicate the observed state of the PipelineResource from the controller, but was unused as there is no controller for PipelineResource.", - "$ref": "#/definitions/v1alpha1.PipelineResourceStatus" - } - } - }, - "v1alpha1.PipelineResourceList": { - "description": "PipelineResourceList contains a list of PipelineResources", - "type": "object", - "required": [ - "items" - ], - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "items": { - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/v1alpha1.PipelineResource" - } - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "default": {}, - "$ref": "#/definitions/v1.ListMeta" - } - } - }, - "v1alpha1.PipelineResourceSpec": { - "description": "PipelineResourceSpec defines an individual resources used in the pipeline.", - "type": "object", - "required": [ - "type", - "params" - ], - "properties": { - "description": { - "description": "Description is a user-facing description of the resource that may be used to populate a UI.", - "type": "string" - }, - "params": { - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/v1alpha1.ResourceParam" - }, - "x-kubernetes-list-type": "atomic" - }, - "secrets": { - "description": "Secrets to fetch to populate some of resource fields", - "type": "array", - "items": { - "default": {}, - "$ref": "#/definitions/v1alpha1.SecretParam" - }, - "x-kubernetes-list-type": "atomic" - }, - "type": { - "type": "string", - "default": "" - } - } - }, - "v1alpha1.PipelineResourceStatus": { - "description": "PipelineResourceStatus does not contain anything because PipelineResources on their own do not have a status Deprecated", - "type": "object" - }, - "v1alpha1.ResourceDeclaration": { - "description": "ResourceDeclaration defines an input or output PipelineResource declared as a requirement by another type such as a Task or Condition. The Name field will be used to refer to these PipelineResources within the type's definition, and when provided as an Input, the Name will be the path to the volume mounted containing this PipelineResource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).", - "type": "object", - "required": [ - "name", - "type" - ], - "properties": { - "description": { - "description": "Description is a user-facing description of the declared resource that may be used to populate a UI.", - "type": "string" - }, - "name": { - "description": "Name declares the name by which a resource is referenced in the definition. Resources may be referenced by name in the definition of a Task's steps.", - "type": "string", - "default": "" - }, - "optional": { - "description": "Optional declares the resource as optional. By default optional is set to false which makes a resource required. optional: true - the resource is considered optional optional: false - the resource is considered required (equivalent of not specifying it)", - "type": "boolean" - }, - "targetPath": { - "description": "TargetPath is the path in workspace directory where the resource will be copied.", - "type": "string" - }, - "type": { - "description": "Type is the type of this resource;", - "type": "string", - "default": "" - } - } - }, - "v1alpha1.ResourceParam": { - "description": "ResourceParam declares a string value to use for the parameter called Name, and is used in the specific context of PipelineResources.", - "type": "object", - "required": [ - "name", - "value" - ], - "properties": { - "name": { - "type": "string", - "default": "" - }, - "value": { - "type": "string", - "default": "" - } - } - }, - "v1alpha1.SecretParam": { - "description": "SecretParam indicates which secret can be used to populate a field of the resource", - "type": "object", - "required": [ - "fieldName", - "secretKey", - "secretName" - ], - "properties": { - "fieldName": { - "type": "string", - "default": "" - }, - "secretKey": { - "type": "string", - "default": "" - }, - "secretName": { - "type": "string", - "default": "" - } - } - }, "v1beta1.ChildStatusReference": { "description": "ChildStatusReference is used to point to the statuses of individual TaskRuns and Runs within this PipelineRun.", "type": "object", @@ -380,7 +224,7 @@ } }, "v1beta1.ClusterTask": { - "description": "ClusterTask is a Task with a cluster scope. ClusterTasks are used to represent Tasks that should be publicly addressable from any namespace in the cluster. Deprecated: Please use the cluster resolver instead.", + "description": "ClusterTask is a Task with a cluster scope. ClusterTasks are used to represent Tasks that should be publicly addressable from any namespace in the cluster.\n\nDeprecated: Please use the cluster resolver instead.", "type": "object", "properties": { "apiVersion": { @@ -431,11 +275,11 @@ } }, "v1beta1.ConfigSource": { - "description": "ConfigSource identifies the source where a resource came from. This can include Git repositories, Task Bundles, file checksums, or other information that allows users to identify where the resource came from and what version was used.", + "description": "ConfigSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", "type": "object", "properties": { "digest": { - "description": "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.digest Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + "description": "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", "type": "object", "additionalProperties": { "type": "string", @@ -443,11 +287,11 @@ } }, "entryPoint": { - "description": "EntryPoint identifies the entry point into the build. This is often a path to a configuration file and/or a target label within that file. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.entryPoint Example: \"task/git-clone/0.8/git-clone.yaml\"", + "description": "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", "type": "string" }, "uri": { - "description": "URI indicates the identity of the source of the config. Definition: https://slsa.dev/provenance/v0.2#invocation.configSource.uri Example: \"https://github.com/tektoncd/catalog\"", + "description": "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", "type": "string" } } @@ -589,6 +433,10 @@ "description": "Description is a user-facing description of the task that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the task that may be used to populate a UI.", + "type": "string" + }, "kind": { "type": "string" }, @@ -606,7 +454,7 @@ "x-kubernetes-list-type": "atomic" }, "resources": { - "description": "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.", + "description": "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.\n\nDeprecated: Unused, preserved only for backwards compatibility", "$ref": "#/definitions/v1beta1.TaskResources" }, "results": { @@ -665,8 +513,27 @@ } } }, + "v1beta1.IncludeParams": { + "description": "IncludeParams allows passing in a specific combinations of Parameters into the Matrix.", + "type": "object", + "properties": { + "name": { + "description": "Name the specified combination", + "type": "string" + }, + "params": { + "description": "Params takes only `Parameters` of type `\"string\"` The names of the `params` must match the names of the `params` in the underlying `Task`", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1beta1.Param" + }, + "x-kubernetes-list-type": "atomic" + } + } + }, "v1beta1.InternalTaskModifier": { - "description": "InternalTaskModifier implements TaskModifier for resources that are built-in to Tekton Pipelines.", + "description": "InternalTaskModifier implements TaskModifier for resources that are built-in to Tekton Pipelines.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "required": [ "stepsToPrepend", @@ -704,6 +571,15 @@ "description": "Matrix is used to fan out Tasks in a Pipeline", "type": "object", "properties": { + "include": { + "description": "Include is a list of IncludeParams which allows passing in specific combinations of Parameters into the Matrix.", + "type": "array", + "items": { + "default": {}, + "$ref": "#/definitions/v1beta1.IncludeParams" + }, + "x-kubernetes-list-type": "atomic" + }, "params": { "description": "Params is a list of parameters used to fan out the pipelineTask Params takes only `Parameters` of type `\"array\"` Each array element is supplied to the `PipelineTask` by substituting `params` of type `\"string\"` in the underlying `Task`. The names of the `params` in the `Matrix` must match the names of the `params` in the underlying `Task` that they will be substituting.", "type": "array", @@ -771,13 +647,13 @@ "description": "ResultValue is a type alias of ParamValue", "type": "object", "required": [ - "type", - "stringVal", - "arrayVal", - "objectVal" + "Type", + "StringVal", + "ArrayVal", + "ObjectVal" ], "properties": { - "arrayVal": { + "ArrayVal": { "type": "array", "items": { "type": "string", @@ -785,19 +661,19 @@ }, "x-kubernetes-list-type": "atomic" }, - "objectVal": { + "ObjectVal": { "type": "object", "additionalProperties": { "type": "string", "default": "" } }, - "stringVal": { + "StringVal": { "description": "Represents the stored type of ParamValues.", "type": "string", "default": "" }, - "type": { + "Type": { "type": "string", "default": "" } @@ -827,7 +703,7 @@ } }, "v1beta1.PipelineDeclaredResource": { - "description": "PipelineDeclaredResource is used by a Pipeline to declare the types of the PipelineResources that it will required to run and names which can be used to refer to these PipelineResources in PipelineTaskResourceBindings.", + "description": "PipelineDeclaredResource is used by a Pipeline to declare the types of the PipelineResources that it will required to run and names which can be used to refer to these PipelineResources in PipelineTaskResourceBindings.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "required": [ "name", @@ -887,7 +763,7 @@ "type": "string" }, "bundle": { - "description": "Bundle url reference to a Tekton Bundle. Deprecated: Please use ResolverRef with the bundles resolver instead.", + "description": "Bundle url reference to a Tekton Bundle.\n\nDeprecated: Please use ResolverRef with the bundles resolver instead.", "type": "string" }, "name": { @@ -897,7 +773,7 @@ } }, "v1beta1.PipelineResourceBinding": { - "description": "PipelineResourceBinding connects a reference to an instance of a PipelineResource with a PipelineResource dependency that the Pipeline has declared", + "description": "PipelineResourceBinding connects a reference to an instance of a PipelineResource with a PipelineResource dependency that the Pipeline has declared\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "name": { @@ -915,7 +791,7 @@ } }, "v1beta1.PipelineResourceRef": { - "description": "PipelineResourceRef can be used to refer to a specific instance of a Resource", + "description": "PipelineResourceRef can be used to refer to a specific instance of a Resource\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "apiVersion": { @@ -928,31 +804,6 @@ } } }, - "v1beta1.PipelineResourceResult": { - "description": "PipelineResourceResult used to export the image name and digest as json", - "type": "object", - "required": [ - "key", - "value" - ], - "properties": { - "key": { - "type": "string", - "default": "" - }, - "resourceName": { - "type": "string" - }, - "type": { - "type": "integer", - "format": "int32" - }, - "value": { - "type": "string", - "default": "" - } - } - }, "v1beta1.PipelineResult": { "description": "PipelineResult used to describe the results of a pipeline", "type": "object", @@ -1054,7 +905,7 @@ } }, "v1beta1.PipelineRunRunStatus": { - "description": "PipelineRunRunStatus contains the name of the PipelineTask for this Run and the Run's Status", + "description": "PipelineRunRunStatus contains the name of the PipelineTask for this CustomRun or Run and the CustomRun or Run's Status", "type": "object", "properties": { "pipelineTaskName": { @@ -1062,8 +913,8 @@ "type": "string" }, "status": { - "description": "Status is the RunStatus for the corresponding Run", - "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.run.v1alpha1.RunStatus" + "description": "Status is the CustomRunStatus for the corresponding CustomRun or Run", + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.run.v1beta1.CustomRunStatus" }, "whenExpressions": { "description": "WhenExpressions is the list of checks guarding the execution of the PipelineTask", @@ -1100,7 +951,7 @@ "$ref": "#/definitions/pod.Template" }, "resources": { - "description": "Resources is a list of bindings specifying which actual instances of PipelineResources to use for the resources the Pipeline has declared it needs.", + "description": "Resources is a list of bindings specifying which actual instances of PipelineResources to use for the resources the Pipeline has declared it needs.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "array", "items": { "default": {}, @@ -1125,7 +976,7 @@ "x-kubernetes-list-type": "atomic" }, "timeout": { - "description": "Timeout Deprecated: use pipelineRunSpec.Timeouts.Pipeline instead Time after which the Pipeline times out. Defaults to never. Refer to Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + "description": "Timeout is the Time after which the Pipeline times out. Defaults to never. Refer to Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration\n\nDeprecated: use pipelineRunSpec.Timeouts.Pipeline instead", "$ref": "#/definitions/v1.Duration" }, "timeouts": { @@ -1205,7 +1056,7 @@ "$ref": "#/definitions/v1beta1.Provenance" }, "runs": { - "description": "Deprecated - use ChildReferences instead. map of PipelineRunRunStatus with the run name as the key", + "description": "Runs is a map of PipelineRunRunStatus with the run name as the key\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", "type": "object", "additionalProperties": { "$ref": "#/definitions/v1beta1.PipelineRunRunStatus" @@ -1220,12 +1071,20 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the PipelineRun is actually started.", "$ref": "#/definitions/v1.Time" }, "taskRuns": { - "description": "Deprecated - use ChildReferences instead. map of PipelineRunTaskRunStatus with the taskRun name as the key", + "description": "TaskRuns is a map of PipelineRunTaskRunStatus with the taskRun name as the key.\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", "type": "object", "additionalProperties": { "$ref": "#/definitions/v1beta1.PipelineRunTaskRunStatus" @@ -1272,7 +1131,7 @@ "$ref": "#/definitions/v1beta1.Provenance" }, "runs": { - "description": "Deprecated - use ChildReferences instead. map of PipelineRunRunStatus with the run name as the key", + "description": "Runs is a map of PipelineRunRunStatus with the run name as the key\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", "type": "object", "additionalProperties": { "$ref": "#/definitions/v1beta1.PipelineRunRunStatus" @@ -1287,12 +1146,20 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the PipelineRun is actually started.", "$ref": "#/definitions/v1.Time" }, "taskRuns": { - "description": "Deprecated - use ChildReferences instead. map of PipelineRunTaskRunStatus with the taskRun name as the key", + "description": "TaskRuns is a map of PipelineRunTaskRunStatus with the taskRun name as the key.\n\nDeprecated: use ChildReferences instead. As of v0.45.0, this field is no longer populated and is only included for backwards compatibility with older server versions.", "type": "object", "additionalProperties": { "$ref": "#/definitions/v1beta1.PipelineRunTaskRunStatus" @@ -1331,6 +1198,10 @@ "description": "Description is a user-facing description of the pipeline that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the pipeline that may be used to populate a UI.", + "type": "string" + }, "finally": { "description": "Finally declares the list of Tasks that execute just before leaving the Pipeline i.e. either after all Tasks are finished executing successfully or after a failure which would result in ending the Pipeline", "type": "array", @@ -1350,7 +1221,7 @@ "x-kubernetes-list-type": "atomic" }, "resources": { - "description": "Resources declares the names and types of the resources given to the Pipeline's tasks as inputs and outputs.", + "description": "Deprecated: Unused, preserved only for backwards compatibility", "type": "array", "items": { "default": {}, @@ -1391,6 +1262,14 @@ "description": "PipelineTask defines a task in a Pipeline, passing inputs from both Params and from the output of previous tasks.", "type": "object", "properties": { + "description": { + "description": "Description is the description of this task within the context of a Pipeline. This description may be used to populate a UI.", + "type": "string" + }, + "displayName": { + "description": "DisplayName is the display name of this task within the context of a Pipeline. This display name may be used to populate a UI.", + "type": "string" + }, "matrix": { "description": "Matrix declares parameters used to fan out this task.", "$ref": "#/definitions/v1beta1.Matrix" @@ -1409,7 +1288,7 @@ "x-kubernetes-list-type": "atomic" }, "resources": { - "description": "Resources declares the resources given to this task as inputs and outputs.", + "description": "Deprecated: Unused, preserved only for backwards compatibility", "$ref": "#/definitions/v1beta1.PipelineTaskResources" }, "retries": { @@ -1458,7 +1337,7 @@ } }, "v1beta1.PipelineTaskInputResource": { - "description": "PipelineTaskInputResource maps the name of a declared PipelineResource input dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used. This input may come from a previous task.", + "description": "PipelineTaskInputResource maps the name of a declared PipelineResource input dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used. This input may come from a previous task.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "required": [ "name", @@ -1507,7 +1386,7 @@ } }, "v1beta1.PipelineTaskOutputResource": { - "description": "PipelineTaskOutputResource maps the name of a declared PipelineResource output dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used.", + "description": "PipelineTaskOutputResource maps the name of a declared PipelineResource output dependency in a Task to the resource in the Pipeline's DeclaredPipelineResources that should be used.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "required": [ "name", @@ -1545,7 +1424,7 @@ } }, "v1beta1.PipelineTaskResources": { - "description": "PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.", + "description": "PipelineTaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "inputs": { @@ -1616,7 +1495,7 @@ } }, "v1beta1.PipelineWorkspaceDeclaration": { - "description": "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding. Deprecated: use PipelineWorkspaceDeclaration type instead", + "description": "WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun is expected to populate with a workspace binding.\n\nDeprecated: use PipelineWorkspaceDeclaration type instead", "type": "object", "required": [ "name" @@ -1647,12 +1526,42 @@ } }, "v1beta1.Provenance": { - "description": "Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). For now, it only contains the subfield `ConfigSource` that identifies the source where a build config file came from. In future, it can be expanded as needed to include more metadata about the build. This field aims to be used to carry minimum amount of the authenticated metadata in *Run status so that Tekton Chains can pick it up and record in the provenance it generates.", + "description": "Provenance contains metadata about resources used in the TaskRun/PipelineRun such as the source from where a remote build definition was fetched. This field aims to carry minimum amoumt of metadata in *Run status so that Tekton Chains can capture them in the provenance.", "type": "object", "properties": { "configSource": { - "description": "ConfigSource identifies the source where a resource came from.", + "description": "Deprecated: Use RefSource instead", "$ref": "#/definitions/v1beta1.ConfigSource" + }, + "featureFlags": { + "description": "FeatureFlags identifies the feature flags that were used during the task/pipeline run", + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.apis.config.FeatureFlags" + }, + "refSource": { + "description": "RefSource identifies the source where a remote task/pipeline came from.", + "$ref": "#/definitions/v1beta1.RefSource" + } + } + }, + "v1beta1.RefSource": { + "description": "RefSource contains the information that can uniquely identify where a remote built definition came from i.e. Git repositories, Tekton Bundles in OCI registry and hub.", + "type": "object", + "properties": { + "digest": { + "description": "Digest is a collection of cryptographic digests for the contents of the artifact specified by URI. Example: {\"sha1\": \"f99d13e554ffcb696dee719fa85b695cb5b0f428\"}", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, + "entryPoint": { + "description": "EntryPoint identifies the entry point into the build. This is often a path to a build definition file and/or a target label within that file. Example: \"task/git-clone/0.8/git-clone.yaml\"", + "type": "string" + }, + "uri": { + "description": "URI indicates the identity of the source of the build definition. Example: \"https://github.com/tektoncd/catalog\"", + "type": "string" } } }, @@ -1732,7 +1641,8 @@ "type": "object", "required": [ "data", - "source" + "source", + "refSource" ], "properties": { "annotations": { @@ -1763,8 +1673,12 @@ "type": "integer", "format": "int64" }, + "refSource": { + "description": "RefSource is the source reference of the remote data that records the url, digest and the entrypoint.", + "$ref": "#/definitions/v1beta1.RefSource" + }, "source": { - "description": "Source is the source reference of the remote data that records the url, digest and the entrypoint.", + "description": "Deprecated: Use RefSource instead", "$ref": "#/definitions/v1beta1.ConfigSource" } } @@ -1774,7 +1688,8 @@ "type": "object", "required": [ "data", - "source" + "source", + "refSource" ], "properties": { "data": { @@ -1782,8 +1697,12 @@ "type": "string", "default": "" }, + "refSource": { + "description": "RefSource is the source reference of the remote data that records the url, digest and the entrypoint.", + "$ref": "#/definitions/v1beta1.RefSource" + }, "source": { - "description": "Source is the source reference of the remote data that records the url, digest and the entrypoint.", + "description": "Deprecated: Use RefSource instead", "$ref": "#/definitions/v1beta1.ConfigSource" } } @@ -2105,11 +2024,11 @@ "type": "string" }, "lifecycle": { - "description": "Deprecated. This field will be removed in a future release. Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Lifecycle" }, "livenessProbe": { - "description": "Deprecated. This field will be removed in a future release. Periodic probe of container liveness. Step will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "Periodic probe of container liveness. Step will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "name": { @@ -2122,7 +2041,7 @@ "type": "string" }, "ports": { - "description": "Deprecated. This field will be removed in a future release. List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "description": "List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", "type": "array", "items": { "default": {}, @@ -2137,7 +2056,7 @@ "x-kubernetes-patch-strategy": "merge" }, "readinessProbe": { - "description": "Deprecated. This field will be removed in a future release. Periodic probe of container service readiness. Step will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "Periodic probe of container service readiness. Step will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "resources": { @@ -2154,7 +2073,7 @@ "$ref": "#/definitions/v1.SecurityContext" }, "startupProbe": { - "description": "Deprecated. This field will be removed in a future release. DeprecatedStartupProbe indicates that the Pod this Step runs in has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "DeprecatedStartupProbe indicates that the Pod this Step runs in has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "stderrConfig": { @@ -2162,11 +2081,11 @@ "$ref": "#/definitions/v1beta1.StepOutputConfig" }, "stdin": { - "description": "Deprecated. This field will be removed in a future release. Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.", + "description": "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "stdinOnce": { - "description": "Deprecated. This field will be removed in a future release. Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "stdoutConfig": { @@ -2174,11 +2093,11 @@ "$ref": "#/definitions/v1beta1.StepOutputConfig" }, "terminationMessagePath": { - "description": "Deprecated. This field will be removed in a future release and can't be meaningfully used.", + "description": "Deprecated: This field will be removed in a future release and can't be meaningfully used.", "type": "string" }, "terminationMessagePolicy": { - "description": "Deprecated. This field will be removed in a future release and can't be meaningfully used.", + "description": "Deprecated: This field will be removed in a future release and can't be meaningfully used.", "type": "string" }, "timeout": { @@ -2186,7 +2105,7 @@ "$ref": "#/definitions/v1.Duration" }, "tty": { - "description": "Deprecated. This field will be removed in a future release. Whether this container should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.", + "description": "Whether this container should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "volumeDevices": { @@ -2317,20 +2236,20 @@ "type": "string" }, "lifecycle": { - "description": "Deprecated. This field will be removed in a future release. Actions that the management system should take in response to container lifecycle events. Cannot be updated.", + "description": "Actions that the management system should take in response to container lifecycle events. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Lifecycle" }, "livenessProbe": { - "description": "Deprecated. This field will be removed in a future release. Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "name": { - "description": "Deprecated. This field will be removed in a future release. Default name for each Step specified as a DNS_LABEL. Each Step in a Task must have a unique name. Cannot be updated.", + "description": "Default name for each Step specified as a DNS_LABEL. Each Step in a Task must have a unique name. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", "type": "string", "default": "" }, "ports": { - "description": "Deprecated. This field will be removed in a future release. List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.", + "description": "List of ports to expose from the Step's container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Cannot be updated.\n\nDeprecated: This field will be removed in a future release.", "type": "array", "items": { "default": {}, @@ -2345,7 +2264,7 @@ "x-kubernetes-patch-strategy": "merge" }, "readinessProbe": { - "description": "Deprecated. This field will be removed in a future release. Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "resources": { @@ -2358,27 +2277,27 @@ "$ref": "#/definitions/v1.SecurityContext" }, "startupProbe": { - "description": "Deprecated. This field will be removed in a future release. DeprecatedStartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes", + "description": "DeprecatedStartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes\n\nDeprecated: This field will be removed in a future release.", "$ref": "#/definitions/v1.Probe" }, "stdin": { - "description": "Deprecated. This field will be removed in a future release. Whether this Step should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the Step will always result in EOF. Default is false.", + "description": "Whether this Step should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the Step will always result in EOF. Default is false.\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "stdinOnce": { - "description": "Deprecated. This field will be removed in a future release. Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false", + "description": "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "terminationMessagePath": { - "description": "Deprecated. This field will be removed in a future release and cannot be meaningfully used.", + "description": "Deprecated: This field will be removed in a future release and cannot be meaningfully used.", "type": "string" }, "terminationMessagePolicy": { - "description": "Deprecated. This field will be removed in a future release and cannot be meaningfully used.", + "description": "Deprecated: This field will be removed in a future release and cannot be meaningfully used.", "type": "string" }, "tty": { - "description": "Deprecated. This field will be removed in a future release. Whether this Step should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.", + "description": "Whether this Step should allocate a DeprecatedTTY for itself, also requires 'stdin' to be true. Default is false.\n\nDeprecated: This field will be removed in a future release.", "type": "boolean" }, "volumeDevices": { @@ -2465,15 +2384,15 @@ "type": "object", "properties": { "apiVersion": { - "description": "API version of the referent", + "description": "API version of the referent Note: A Task with non-empty APIVersion and Kind is considered a Custom Task", "type": "string" }, "bundle": { - "description": "Bundle url reference to a Tekton Bundle. Deprecated: Please use ResolverRef with the bundles resolver instead.", + "description": "Bundle url reference to a Tekton Bundle.\n\nDeprecated: Please use ResolverRef with the bundles resolver instead.", "type": "string" }, "kind": { - "description": "TaskKind indicates the kind of the task, namespaced or cluster scoped.", + "description": "TaskKind indicates the Kind of the Task: 1. Namespaced Task when Kind is set to \"Task\". If Kind is \"\", it defaults to \"Task\". 2. Cluster-Scoped Task when Kind is set to \"ClusterTask\" 3. Custom Task when Kind is non-empty and APIVersion is non-empty", "type": "string" }, "name": { @@ -2483,7 +2402,7 @@ } }, "v1beta1.TaskResource": { - "description": "TaskResource defines an input or output Resource declared as a requirement by a Task. The Name field will be used to refer to these Resources within the Task definition, and when provided as an Input, the Name will be the path to the volume mounted containing this Resource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).", + "description": "TaskResource defines an input or output Resource declared as a requirement by a Task. The Name field will be used to refer to these Resources within the Task definition, and when provided as an Input, the Name will be the path to the volume mounted containing this Resource as an input (e.g. an input Resource named `workspace` will be mounted at `/workspace`).\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "required": [ "name", @@ -2515,7 +2434,7 @@ } }, "v1beta1.TaskResourceBinding": { - "description": "TaskResourceBinding points to the PipelineResource that will be used for the Task input or output called Name.", + "description": "TaskResourceBinding points to the PipelineResource that will be used for the Task input or output called Name.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "name": { @@ -2542,7 +2461,7 @@ } }, "v1beta1.TaskResources": { - "description": "TaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.", + "description": "TaskResources allows a Pipeline to declare how its DeclaredPipelineResources should be provided to a Task as its inputs and outputs.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "inputs": { @@ -2636,7 +2555,7 @@ } }, "v1beta1.TaskRunInputs": { - "description": "TaskRunInputs holds the input values that this task was invoked with.", + "description": "TaskRunInputs holds the input values that this task was invoked with.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "params": { @@ -2686,7 +2605,7 @@ } }, "v1beta1.TaskRunOutputs": { - "description": "TaskRunOutputs holds the output values that this task was invoked with.", + "description": "TaskRunOutputs holds the output values that this task was invoked with.\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "resources": { @@ -2700,7 +2619,7 @@ } }, "v1beta1.TaskRunResources": { - "description": "TaskRunResources allows a TaskRun to declare inputs and outputs TaskResourceBinding", + "description": "TaskRunResources allows a TaskRun to declare inputs and outputs TaskResourceBinding\n\nDeprecated: Unused, preserved only for backwards compatibility", "type": "object", "properties": { "inputs": { @@ -2791,8 +2710,14 @@ "$ref": "#/definitions/pod.Template" }, "resources": { + "description": "Deprecated: Unused, preserved only for backwards compatibility", "$ref": "#/definitions/v1beta1.TaskRunResources" }, + "retries": { + "description": "Retries represents how many times this TaskRun should be retried in the event of Task failure.", + "type": "integer", + "format": "int32" + }, "serviceAccountName": { "type": "string", "default": "" @@ -2807,7 +2732,7 @@ "x-kubernetes-list-type": "atomic" }, "status": { - "description": "Used for cancelling a taskrun (and maybe more later on)", + "description": "Used for cancelling a TaskRun (and maybe more later on)", "type": "string" }, "statusMessage": { @@ -2831,7 +2756,7 @@ "$ref": "#/definitions/v1beta1.TaskSpec" }, "timeout": { - "description": "Time after which the build times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", + "description": "Time after which one retry attempt times out. Defaults to 1 hour. Specified build timeout should be less than 24h. Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration", "$ref": "#/definitions/v1.Duration" }, "workspaces": { @@ -2861,7 +2786,7 @@ } }, "cloudEvents": { - "description": "CloudEvents describe the state of each cloud event requested via a CloudEventResource.", + "description": "CloudEvents describe the state of each cloud event requested via a CloudEventResource.\n\nDeprecated: Removed in v0.44.0.", "type": "array", "items": { "default": {}, @@ -2898,11 +2823,11 @@ "$ref": "#/definitions/v1beta1.Provenance" }, "resourcesResult": { - "description": "Results from Resources built during the taskRun. currently includes the digest of build container images", + "description": "Results from Resources built during the TaskRun. This is tomb-stoned along with the removal of pipelineResources Deprecated: this field is not populated and is preserved only for backwards compatibility", "type": "array", "items": { "default": {}, - "$ref": "#/definitions/v1beta1.PipelineResourceResult" + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.result.RunResult" }, "x-kubernetes-list-type": "atomic" }, @@ -2924,6 +2849,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the build is actually started.", "$ref": "#/definitions/v1.Time" @@ -2960,7 +2893,7 @@ ], "properties": { "cloudEvents": { - "description": "CloudEvents describe the state of each cloud event requested via a CloudEventResource.", + "description": "CloudEvents describe the state of each cloud event requested via a CloudEventResource.\n\nDeprecated: Removed in v0.44.0.", "type": "array", "items": { "default": {}, @@ -2982,11 +2915,11 @@ "$ref": "#/definitions/v1beta1.Provenance" }, "resourcesResult": { - "description": "Results from Resources built during the taskRun. currently includes the digest of build container images", + "description": "Results from Resources built during the TaskRun. This is tomb-stoned along with the removal of pipelineResources Deprecated: this field is not populated and is preserved only for backwards compatibility", "type": "array", "items": { "default": {}, - "$ref": "#/definitions/v1beta1.PipelineResourceResult" + "$ref": "#/definitions/github.com.tektoncd.pipeline.pkg.result.RunResult" }, "x-kubernetes-list-type": "atomic" }, @@ -3008,6 +2941,14 @@ }, "x-kubernetes-list-type": "atomic" }, + "spanContext": { + "description": "SpanContext contains tracing span context fields", + "type": "object", + "additionalProperties": { + "type": "string", + "default": "" + } + }, "startTime": { "description": "StartTime is the time the build is actually started.", "$ref": "#/definitions/v1.Time" @@ -3064,6 +3005,10 @@ "description": "Description is a user-facing description of the task that may be used to populate a UI.", "type": "string" }, + "displayName": { + "description": "DisplayName is a user-facing name of the task that may be used to populate a UI.", + "type": "string" + }, "params": { "description": "Params is a list of input parameters required to run the task. Params must be supplied as inputs in TaskRuns unless they declare a default value.", "type": "array", @@ -3074,7 +3019,7 @@ "x-kubernetes-list-type": "atomic" }, "resources": { - "description": "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.", + "description": "Resources is a list input and output resource to run the task Resources are represented in TaskRuns as bindings to instances of PipelineResources.\n\nDeprecated: Unused, preserved only for backwards compatibility", "$ref": "#/definitions/v1beta1.TaskResources" }, "results": { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_conversion.go index ee0e8bd7b1..19bbec3fde 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_conversion.go @@ -21,13 +21,9 @@ import ( "fmt" v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" - "github.com/tektoncd/pipeline/pkg/apis/version" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "knative.dev/pkg/apis" ) -const resourcesAnnotationKey = "tekton.dev/v1beta1Resources" - var _ apis.Convertible = (*Task)(nil) // ConvertTo implements apis.Convertible @@ -38,9 +34,6 @@ func (t *Task) ConvertTo(ctx context.Context, to apis.Convertible) error { switch sink := to.(type) { case *v1.Task: sink.ObjectMeta = t.ObjectMeta - if err := serializeResources(&sink.ObjectMeta, &t.Spec); err != nil { - return err - } return t.Spec.ConvertTo(ctx, &sink.Spec) default: return fmt.Errorf("unknown version, got: %T", sink) @@ -85,6 +78,7 @@ func (ts *TaskSpec) ConvertTo(ctx context.Context, sink *v1.TaskSpec) error { p.convertTo(ctx, &new) sink.Params = append(sink.Params, new) } + sink.DisplayName = ts.DisplayName sink.Description = ts.Description return nil } @@ -97,9 +91,6 @@ func (t *Task) ConvertFrom(ctx context.Context, from apis.Convertible) error { switch source := from.(type) { case *v1.Task: t.ObjectMeta = source.ObjectMeta - if err := deserializeResources(&t.ObjectMeta, &t.Spec); err != nil { - return err - } return t.Spec.ConvertFrom(ctx, &source.Spec) default: return fmt.Errorf("unknown version, got: %T", t) @@ -144,25 +135,7 @@ func (ts *TaskSpec) ConvertFrom(ctx context.Context, source *v1.TaskSpec) error new.convertFrom(ctx, p) ts.Params = append(ts.Params, new) } + ts.DisplayName = source.DisplayName ts.Description = source.Description return nil } - -func serializeResources(meta *metav1.ObjectMeta, spec *TaskSpec) error { - if spec.Resources == nil { - return nil - } - return version.SerializeToMetadata(meta, spec.Resources, resourcesAnnotationKey) -} - -func deserializeResources(meta *metav1.ObjectMeta, spec *TaskSpec) error { - resources := &TaskResources{} - err := version.DeserializeFromMetadata(meta, resources, resourcesAnnotationKey) - if err != nil { - return err - } - if resources.Inputs != nil || resources.Outputs != nil { - spec.Resources = resources - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_types.go index 957b0aef69..850929d015 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_types.go @@ -24,17 +24,6 @@ import ( "knative.dev/pkg/kmeta" ) -const ( - // TaskRunResultType default task run result value - TaskRunResultType ResultType = 1 - // PipelineResourceResultType default pipeline result value - PipelineResourceResultType = 2 - // InternalTektonResultType default internal tekton result value - InternalTektonResultType = 3 - // UnknownResultType default unknown result type value - UnknownResultType = 10 -) - // +genclient // +genclient:noStatus // +genreconciler:krshapedlogic=false @@ -83,6 +72,8 @@ type TaskSpec struct { // Resources is a list input and output resource to run the task // Resources are represented in TaskRuns as bindings to instances of // PipelineResources. + // + // Deprecated: Unused, preserved only for backwards compatibility // +optional Resources *TaskResources `json:"resources,omitempty"` @@ -91,7 +82,12 @@ type TaskSpec struct { // value. // +optional // +listType=atomic - Params []ParamSpec `json:"params,omitempty"` + Params ParamSpecs `json:"params,omitempty"` + + // DisplayName is a user-facing name of the task that may be + // used to populate a UI. + // +optional + DisplayName string `json:"displayName,omitempty"` // Description is a user-facing description of the task that may be // used to populate a UI. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go index a64d5bdb81..e76f342121 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go @@ -25,6 +25,7 @@ import ( "time" "github.com/tektoncd/pipeline/pkg/apis/config" + "github.com/tektoncd/pipeline/pkg/apis/pipeline" "github.com/tektoncd/pipeline/pkg/apis/validate" "github.com/tektoncd/pipeline/pkg/apis/version" "github.com/tektoncd/pipeline/pkg/substitution" @@ -92,12 +93,27 @@ func (ts *TaskSpec) Validate(ctx context.Context) (errs *apis.FieldError) { } errs = errs.Also(validateSteps(ctx, mergedSteps).ViaField("steps")) - errs = errs.Also(ts.Resources.Validate(ctx).ViaField("resources")) + errs = errs.Also(validateSidecarNames(ts.Sidecars)) errs = errs.Also(ValidateParameterTypes(ctx, ts.Params).ViaField("params")) errs = errs.Also(ValidateParameterVariables(ctx, ts.Steps, ts.Params)) - errs = errs.Also(ValidateResourcesVariables(ctx, ts.Steps, ts.Resources)) errs = errs.Also(validateTaskContextVariables(ctx, ts.Steps)) + errs = errs.Also(validateTaskResultsVariables(ctx, ts.Steps, ts.Results)) errs = errs.Also(validateResults(ctx, ts.Results).ViaField("results")) + if ts.Resources != nil { + errs = errs.Also(apis.ErrDisallowedFields("resources")) + } + return errs +} + +func validateSidecarNames(sidecars []Sidecar) (errs *apis.FieldError) { + for _, sc := range sidecars { + if sc.Name == pipeline.ReservedResultsSidecarName { + errs = errs.Also(&apis.FieldError{ + Message: fmt.Sprintf("Invalid: cannot use reserved sidecar name %v ", sc.Name), + Paths: []string{"sidecars"}, + }) + } + } return errs } @@ -212,7 +228,7 @@ func validateStep(ctx context.Context, s Step, names sets.String) (errs *apis.Fi if s.Script != "" { if len(s.Command) > 0 { errs = errs.Also(&apis.FieldError{ - Message: fmt.Sprintf("script cannot be used with command"), + Message: "script cannot be used with command", Paths: []string{"script"}, }) } @@ -282,9 +298,9 @@ func validateStep(ctx context.Context, s Step, names sets.String) (errs *apis.Fi func ValidateParameterTypes(ctx context.Context, params []ParamSpec) (errs *apis.FieldError) { for _, p := range params { if p.Type == ParamTypeObject { - // Object type parameter is an alpha feature and will fail validation if it's used in a task spec - // when the enable-api-fields feature gate is not "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.AlphaAPIFields)) + // Object type parameter is a beta feature and will fail validation if it's used in a task spec + // when the enable-api-fields feature gate is not "alpha" or "beta". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.BetaAPIFields)) } errs = errs.Also(p.ValidateType(ctx)) } @@ -327,7 +343,7 @@ func (p ParamSpec) ValidateObjectType(ctx context.Context) *apis.FieldError { if p.Type == ParamTypeObject && p.Properties == nil { // If this we are not skipping validation checks due to propagated params // then properties field is required. - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { return apis.ErrMissingField(fmt.Sprintf("%s.properties", p.Name)) } } @@ -368,12 +384,14 @@ func ValidateParameterVariables(ctx context.Context, steps []Step, params []Para arrayParameterNames.Insert(p.Name) case ParamTypeObject: objectParamSpecs = append(objectParamSpecs, p) + case ParamTypeString: + fallthrough default: stringParameterNames.Insert(p.Name) } } errs = errs.Also(validateNameFormat(stringParameterNames.Insert(arrayParameterNames.List()...), objectParamSpecs)) - if config.ValidateParameterVariablesAndWorkspaces(ctx) == true { + if config.ValidateParameterVariablesAndWorkspaces(ctx) { errs = errs.Also(validateVariables(ctx, steps, "params", allParameterNames)) errs = errs.Also(validateObjectUsage(ctx, steps, objectParamSpecs)) } @@ -394,23 +412,16 @@ func validateTaskContextVariables(ctx context.Context, steps []Step) *apis.Field return errs.Also(validateVariables(ctx, steps, "context\\.task", taskContextNames)) } -// ValidateResourcesVariables validates all variables within a TaskResources against a slice of Steps -func ValidateResourcesVariables(ctx context.Context, steps []Step, resources *TaskResources) *apis.FieldError { - if resources == nil { - return nil - } - resourceNames := sets.NewString() - if resources.Inputs != nil { - for _, r := range resources.Inputs { - resourceNames.Insert(r.Name) - } +// validateTaskResultsVariables validates if the results referenced in step script are defined in task results +func validateTaskResultsVariables(ctx context.Context, steps []Step, results []TaskResult) (errs *apis.FieldError) { + resultsNames := sets.NewString() + for _, r := range results { + resultsNames.Insert(r.Name) } - if resources.Outputs != nil { - for _, r := range resources.Outputs { - resourceNames.Insert(r.Name) - } + for idx, step := range steps { + errs = errs.Also(validateTaskVariable(step.Script, "results", resultsNames).ViaField("script").ViaFieldIndex("steps", idx)) } - return validateVariables(ctx, steps, "resources.(?:inputs|outputs)", resourceNames) + return errs } // validateObjectUsage validates the usage of individual attributes of an object param and the usage of the entire object @@ -452,7 +463,6 @@ func validateStepObjectUsageAsWhole(step Step, prefix string, vars sets.String) } for i, arg := range step.Args { errs = errs.Also(validateTaskNoObjectReferenced(arg, prefix, vars).ViaFieldIndex("args", i)) - } for _, env := range step.Env { errs = errs.Also(validateTaskNoObjectReferenced(env.Value, prefix, vars).ViaFieldKey("env", env.Name)) @@ -482,7 +492,6 @@ func validateStepArrayUsage(step Step, prefix string, vars sets.String) *apis.Fi } for i, arg := range step.Args { errs = errs.Also(validateTaskArraysIsolated(arg, prefix, vars).ViaFieldIndex("args", i)) - } for _, env := range step.Env { errs = errs.Also(validateTaskNoArrayReferenced(env.Value, prefix, vars).ViaFieldKey("env", env.Name)) @@ -596,3 +605,39 @@ func validateTaskArraysIsolated(value, prefix string, arrayNames sets.String) *a func isParamRefs(s string) bool { return strings.HasPrefix(s, "$("+ParamsPrefix) } + +// ValidateParamArrayIndex validates if the param reference to an array param is out of bound. +// error is returned when the array indexing reference is out of bound of the array param +// e.g. if a param reference of $(params.array-param[2]) and the array param is of length 2. +// - `trParams` are params from taskrun. +// - `taskSpec` contains params declarations. +func (ts *TaskSpec) ValidateParamArrayIndex(ctx context.Context, params Params) error { + cfg := config.FromContextOrDefaults(ctx) + if cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields { + return nil + } + + // Collect all array params lengths + arrayParamsLengths := ts.Params.extractParamArrayLengths() + for k, v := range params.extractParamArrayLengths() { + arrayParamsLengths[k] = v + } + + // collect all the possible places to use param references + paramsRefs := []string{} + paramsRefs = append(paramsRefs, extractParamRefsFromSteps(ts.Steps)...) + paramsRefs = append(paramsRefs, extractParamRefsFromStepTemplate(ts.StepTemplate)...) + paramsRefs = append(paramsRefs, extractParamRefsFromVolumes(ts.Volumes)...) + for _, v := range ts.Workspaces { + paramsRefs = append(paramsRefs, v.MountPath) + } + paramsRefs = append(paramsRefs, extractParamRefsFromSidecars(ts.Sidecars)...) + + // extract all array indexing references, for example []{"$(params.array-params[1])"} + arrayIndexParamRefs := []string{} + for _, p := range paramsRefs { + arrayIndexParamRefs = append(arrayIndexParamRefs, extractArrayIndexingParamRefs(p)...) + } + + return validateOutofBoundArrayParams(arrayIndexParamRefs, arrayParamsLengths) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_conversion.go index 2816dc2437..e8e695194b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( @@ -34,7 +50,7 @@ func (tr TaskRef) convertBundleToResolver(sink *v1.TaskRef) { if tr.Bundle != "" { sink.ResolverRef = v1.ResolverRef{ Resolver: "bundles", - Params: []v1.Param{{ + Params: v1.Params{{ Name: "bundle", Value: v1.ParamValue{StringVal: tr.Bundle, Type: v1.ParamTypeString}, }, { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_types.go index 49f9ff66ea..f8f231cd96 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_types.go @@ -20,12 +20,17 @@ package v1beta1 type TaskRef struct { // Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names Name string `json:"name,omitempty"` - // TaskKind indicates the kind of the task, namespaced or cluster scoped. + // TaskKind indicates the Kind of the Task: + // 1. Namespaced Task when Kind is set to "Task". If Kind is "", it defaults to "Task". + // 2. Cluster-Scoped Task when Kind is set to "ClusterTask" + // 3. Custom Task when Kind is non-empty and APIVersion is non-empty Kind TaskKind `json:"kind,omitempty"` // API version of the referent + // Note: A Task with non-empty APIVersion and Kind is considered a Custom Task // +optional APIVersion string `json:"apiVersion,omitempty"` // Bundle url reference to a Tekton Bundle. + // // Deprecated: Please use ResolverRef with the bundles resolver instead. // +optional Bundle string `json:"bundle,omitempty"` @@ -48,3 +53,10 @@ const ( // ClusterTaskKind indicates that task type has a cluster scope. ClusterTaskKind TaskKind = "ClusterTask" ) + +// IsCustomTask checks whether the reference is to a Custom Task +func (tr *TaskRef) IsCustomTask() bool { + // Note that if `apiVersion` is set to `"tekton.dev/v1beta1"` and `kind` is set to `"Task"`, + // the reference will be considered a Custom Task - https://github.com/tektoncd/pipeline/issues/6457 + return tr != nil && tr.APIVersion != "" && tr.Kind != "" +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_validation.go index 971a78498b..0297139922 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskref_validation.go @@ -62,5 +62,5 @@ func (ref *TaskRef) Validate(ctx context.Context) (errs *apis.FieldError) { } } } - return + return //nolint:nakedret } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go index d6d5cd09a4..b2745ec5c7 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go @@ -26,6 +26,11 @@ import ( "knative.dev/pkg/apis" ) +const ( + cloudEventsAnnotationKey = "tekton.dev/v1beta1CloudEvents" + resourcesResultAnnotationKey = "tekton.dev/v1beta1ResourcesResult" +) + var _ apis.Convertible = (*TaskRun)(nil) // ConvertTo implements apis.Convertible @@ -36,7 +41,10 @@ func (tr *TaskRun) ConvertTo(ctx context.Context, to apis.Convertible) error { switch sink := to.(type) { case *v1.TaskRun: sink.ObjectMeta = tr.ObjectMeta - if err := serializeTaskRunResources(&sink.ObjectMeta, &tr.Spec); err != nil { + if err := serializeTaskRunCloudEvents(&sink.ObjectMeta, &tr.Status); err != nil { + return err + } + if err := tr.Status.ConvertTo(ctx, &sink.Status); err != nil { return err } return tr.Spec.ConvertTo(ctx, &sink.Spec) @@ -71,6 +79,7 @@ func (trs *TaskRunSpec) ConvertTo(ctx context.Context, sink *v1.TaskRunSpec) err } sink.Status = v1.TaskRunSpecStatus(trs.Status) sink.StatusMessage = v1.TaskRunSpecStatusMessage(trs.StatusMessage) + sink.Retries = trs.Retries sink.Timeout = trs.Timeout sink.PodTemplate = trs.PodTemplate sink.Workspaces = nil @@ -103,7 +112,10 @@ func (tr *TaskRun) ConvertFrom(ctx context.Context, from apis.Convertible) error switch source := from.(type) { case *v1.TaskRun: tr.ObjectMeta = source.ObjectMeta - if err := deserializeTaskRunResources(&tr.ObjectMeta, &tr.Spec); err != nil { + if err := deserializeTaskRunCloudEvents(&tr.ObjectMeta, &tr.Status); err != nil { + return err + } + if err := tr.Status.ConvertFrom(ctx, source.Status); err != nil { return err } return tr.Spec.ConvertFrom(ctx, &source.Spec) @@ -141,6 +153,7 @@ func (trs *TaskRunSpec) ConvertFrom(ctx context.Context, source *v1.TaskRunSpec) } trs.Status = TaskRunSpecStatus(source.Status) trs.StatusMessage = TaskRunSpecStatusMessage(source.StatusMessage) + trs.Retries = source.Retries trs.Timeout = source.Timeout trs.PodTemplate = source.PodTemplate trs.Workspaces = nil @@ -193,21 +206,163 @@ func (trso *TaskRunSidecarOverride) convertFrom(ctx context.Context, source v1.T trso.Resources = source.ComputeResources } -func serializeTaskRunResources(meta *metav1.ObjectMeta, spec *TaskRunSpec) error { - if spec.Resources == nil { +// ConvertTo implements apis.Convertible +func (trs *TaskRunStatus) ConvertTo(ctx context.Context, sink *v1.TaskRunStatus) error { + sink.Status = trs.Status + sink.PodName = trs.PodName + sink.StartTime = trs.StartTime + sink.CompletionTime = trs.CompletionTime + sink.Steps = nil + for _, ss := range trs.Steps { + new := v1.StepState{} + ss.convertTo(ctx, &new) + sink.Steps = append(sink.Steps, new) + } + sink.RetriesStatus = nil + for _, rr := range trs.RetriesStatus { + new := v1.TaskRunStatus{} + err := rr.ConvertTo(ctx, &new) + if err != nil { + return err + } + sink.RetriesStatus = append(sink.RetriesStatus, new) + } + sink.Results = nil + for _, trr := range trs.TaskRunResults { + new := v1.TaskRunResult{} + trr.convertTo(ctx, &new) + sink.Results = append(sink.Results, new) + } + sink.Sidecars = nil + for _, sc := range trs.Sidecars { + new := v1.SidecarState{} + sc.convertTo(ctx, &new) + sink.Sidecars = append(sink.Sidecars, new) + } + + if trs.TaskSpec != nil { + sink.TaskSpec = &v1.TaskSpec{} + err := trs.TaskSpec.ConvertTo(ctx, sink.TaskSpec) + if err != nil { + return err + } + } + if trs.Provenance != nil { + new := v1.Provenance{} + trs.Provenance.convertTo(ctx, &new) + sink.Provenance = &new + } + return nil +} + +// ConvertFrom implements apis.Convertible +func (trs *TaskRunStatus) ConvertFrom(ctx context.Context, source v1.TaskRunStatus) error { + trs.Status = source.Status + trs.PodName = source.PodName + trs.StartTime = source.StartTime + trs.CompletionTime = source.CompletionTime + trs.Steps = nil + for _, ss := range source.Steps { + new := StepState{} + new.convertFrom(ctx, ss) + trs.Steps = append(trs.Steps, new) + } + trs.RetriesStatus = nil + for _, rr := range source.RetriesStatus { + new := TaskRunStatus{} + err := new.ConvertFrom(ctx, rr) + if err != nil { + return err + } + trs.RetriesStatus = append(trs.RetriesStatus, new) + } + trs.TaskRunResults = nil + for _, trr := range source.Results { + new := TaskRunResult{} + new.convertFrom(ctx, trr) + trs.TaskRunResults = append(trs.TaskRunResults, new) + } + trs.Sidecars = nil + for _, sc := range source.Sidecars { + new := SidecarState{} + new.convertFrom(ctx, sc) + trs.Sidecars = append(trs.Sidecars, new) + } + + if source.TaskSpec != nil { + trs.TaskSpec = &TaskSpec{} + err := trs.TaskSpec.ConvertFrom(ctx, source.TaskSpec) + if err != nil { + return err + } + } + if source.Provenance != nil { + new := Provenance{} + new.convertFrom(ctx, *source.Provenance) + trs.Provenance = &new + } + return nil +} + +func (ss StepState) convertTo(ctx context.Context, sink *v1.StepState) { + sink.ContainerState = ss.ContainerState + sink.Name = ss.Name + sink.Container = ss.ContainerName + sink.ImageID = ss.ImageID +} + +func (ss *StepState) convertFrom(ctx context.Context, source v1.StepState) { + ss.ContainerState = source.ContainerState + ss.Name = source.Name + ss.ContainerName = source.Container + ss.ImageID = source.ImageID +} + +func (trr TaskRunResult) convertTo(ctx context.Context, sink *v1.TaskRunResult) { + sink.Name = trr.Name + sink.Type = v1.ResultsType(trr.Type) + newValue := v1.ParamValue{} + trr.Value.convertTo(ctx, &newValue) + sink.Value = newValue +} + +func (trr *TaskRunResult) convertFrom(ctx context.Context, source v1.TaskRunResult) { + trr.Name = source.Name + trr.Type = ResultsType(source.Type) + newValue := ParamValue{} + newValue.convertFrom(ctx, source.Value) + trr.Value = newValue +} + +func (ss SidecarState) convertTo(ctx context.Context, sink *v1.SidecarState) { + sink.ContainerState = ss.ContainerState + sink.Name = ss.Name + sink.Container = ss.ContainerName + sink.ImageID = ss.ImageID +} + +func (ss *SidecarState) convertFrom(ctx context.Context, source v1.SidecarState) { + ss.ContainerState = source.ContainerState + ss.Name = source.Name + ss.ContainerName = source.Container + ss.ImageID = source.ImageID +} + +func serializeTaskRunCloudEvents(meta *metav1.ObjectMeta, status *TaskRunStatus) error { + if status.CloudEvents == nil { return nil } - return version.SerializeToMetadata(meta, spec.Resources, resourcesAnnotationKey) + return version.SerializeToMetadata(meta, status.CloudEvents, cloudEventsAnnotationKey) } -func deserializeTaskRunResources(meta *metav1.ObjectMeta, spec *TaskRunSpec) error { - resources := &TaskRunResources{} - err := version.DeserializeFromMetadata(meta, resources, resourcesAnnotationKey) +func deserializeTaskRunCloudEvents(meta *metav1.ObjectMeta, status *TaskRunStatus) error { + cloudEvents := []CloudEventDelivery{} + err := version.DeserializeFromMetadata(meta, &cloudEvents, cloudEventsAnnotationKey) if err != nil { return err } - if resources.Inputs != nil || resources.Outputs != nil { - spec.Resources = resources + if len(cloudEvents) != 0 { + status.CloudEvents = cloudEvents } return nil } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_defaults.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_defaults.go index feecece526..61f3285dec 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_defaults.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_defaults.go @@ -50,8 +50,13 @@ func (tr *TaskRun) SetDefaults(ctx context.Context) { // SetDefaults implements apis.Defaultable func (trs *TaskRunSpec) SetDefaults(ctx context.Context) { cfg := config.FromContextOrDefaults(ctx) - if trs.TaskRef != nil && trs.TaskRef.Kind == "" { - trs.TaskRef.Kind = NamespacedTaskKind + if trs.TaskRef != nil { + if trs.TaskRef.Kind == "" { + trs.TaskRef.Kind = NamespacedTaskKind + } + if trs.TaskRef.Name == "" && trs.TaskRef.Resolver == "" { + trs.TaskRef.Resolver = ResolverName(cfg.Defaults.DefaultResolverType) + } } if trs.Timeout == nil { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go index 76b3dee647..27bb514322 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go @@ -31,7 +31,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/utils/clock" "knative.dev/pkg/apis" - duckv1beta1 "knative.dev/pkg/apis/duck/v1beta1" + duckv1 "knative.dev/pkg/apis/duck/v1" ) // TaskRunSpec defines the desired state of TaskRun @@ -40,7 +40,8 @@ type TaskRunSpec struct { Debug *TaskRunDebug `json:"debug,omitempty"` // +optional // +listType=atomic - Params []Param `json:"params,omitempty"` + Params Params `json:"params,omitempty"` + // Deprecated: Unused, preserved only for backwards compatibility // +optional Resources *TaskRunResources `json:"resources,omitempty"` // +optional @@ -50,13 +51,16 @@ type TaskRunSpec struct { TaskRef *TaskRef `json:"taskRef,omitempty"` // +optional TaskSpec *TaskSpec `json:"taskSpec,omitempty"` - // Used for cancelling a taskrun (and maybe more later on) + // Used for cancelling a TaskRun (and maybe more later on) // +optional Status TaskRunSpecStatus `json:"status,omitempty"` // Status message for cancellation. // +optional StatusMessage TaskRunSpecStatusMessage `json:"statusMessage,omitempty"` - // Time after which the build times out. Defaults to 1 hour. + // Retries represents how many times this TaskRun should be retried in the event of Task failure. + // +optional + Retries int `json:"retries,omitempty"` + // Time after which one retry attempt times out. Defaults to 1 hour. // Specified build timeout should be less than 24h. // Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration // +optional @@ -85,7 +89,7 @@ type TaskRunSpec struct { ComputeResources *corev1.ResourceRequirements `json:"computeResources,omitempty"` } -// TaskRunSpecStatus defines the taskrun spec status the user can provide +// TaskRunSpecStatus defines the TaskRun spec status the user can provide type TaskRunSpecStatus string const ( @@ -112,34 +116,17 @@ type TaskRunDebug struct { Breakpoint []string `json:"breakpoint,omitempty"` } -// TaskRunInputs holds the input values that this task was invoked with. -type TaskRunInputs struct { - // +optional - // +listType=atomic - Resources []TaskResourceBinding `json:"resources,omitempty"` - // +optional - // +listType=atomic - Params []Param `json:"params,omitempty"` -} - -// TaskRunOutputs holds the output values that this task was invoked with. -type TaskRunOutputs struct { - // +optional - // +listType=atomic - Resources []TaskResourceBinding `json:"resources,omitempty"` -} - var taskRunCondSet = apis.NewBatchConditionSet() // TaskRunStatus defines the observed state of TaskRun type TaskRunStatus struct { - duckv1beta1.Status `json:",inline"` + duckv1.Status `json:",inline"` // TaskRunStatusFields inlines the status fields. TaskRunStatusFields `json:",inline"` } -// TaskRunConditionType is an enum used to store TaskRun custom conditions +// TaskRunConditionType is an enum used to store TaskRun custom // conditions such as one used in spire results verification type TaskRunConditionType string @@ -166,9 +153,11 @@ const ( TaskRunReasonSuccessful TaskRunReason = "Succeeded" // TaskRunReasonFailed is the reason set when the TaskRun completed with a failure TaskRunReasonFailed TaskRunReason = "Failed" - // TaskRunReasonCancelled is the reason set when the Taskrun is cancelled by the user + // TaskRunReasonToBeRetried is the reason set when the last TaskRun execution failed, and will be retried + TaskRunReasonToBeRetried TaskRunReason = "ToBeRetried" + // TaskRunReasonCancelled is the reason set when the TaskRun is cancelled by the user TaskRunReasonCancelled TaskRunReason = "TaskRunCancelled" - // TaskRunReasonTimedOut is the reason set when the Taskrun has timed out + // TaskRunReasonTimedOut is the reason set when one TaskRun execution has timed out TaskRunReasonTimedOut TaskRunReason = "TaskRunTimeout" // TaskRunReasonResolvingTaskRef indicates that the TaskRun is waiting for // its taskRef to be asynchronously resolved. @@ -181,6 +170,10 @@ const ( TaskRunReasonsResultsVerificationFailed TaskRunReason = "TaskRunResultsVerificationFailed" // AwaitingTaskRunResults is the reason set when waiting upon `TaskRun` results and signatures to verify AwaitingTaskRunResults TaskRunReason = "AwaitingTaskRunResults" + // TaskRunReasonResultLargerThanAllowedLimit is the reason set when one of the results exceeds its maximum allowed limit of 1 KB + TaskRunReasonResultLargerThanAllowedLimit TaskRunReason = "TaskRunResultLargerThanAllowedLimit" + // TaskRunReasonStopSidecarFailed indicates that the sidecar is not properly stopped. + TaskRunReasonStopSidecarFailed = "TaskRunStopSidecarFailed" ) func (t TaskRunReason) String() string { @@ -232,11 +225,9 @@ type TaskRunStatusFields struct { PodName string `json:"podName"` // StartTime is the time the build is actually started. - // +optional StartTime *metav1.Time `json:"startTime,omitempty"` // CompletionTime is the time the build completed. - // +optional CompletionTime *metav1.Time `json:"completionTime,omitempty"` // Steps describes the state of each build step container. @@ -246,6 +237,9 @@ type TaskRunStatusFields struct { // CloudEvents describe the state of each cloud event requested via a // CloudEventResource. + // + // Deprecated: Removed in v0.44.0. + // // +optional // +listType=atomic CloudEvents []CloudEventDelivery `json:"cloudEvents,omitempty"` @@ -256,8 +250,9 @@ type TaskRunStatusFields struct { // +listType=atomic RetriesStatus []TaskRunStatus `json:"retriesStatus,omitempty"` - // Results from Resources built during the taskRun. currently includes - // the digest of build container images + // Results from Resources built during the TaskRun. + // This is tomb-stoned along with the removal of pipelineResources + // Deprecated: this field is not populated and is preserved only for backwards compatibility // +optional // +listType=atomic ResourcesResult []PipelineResourceResult `json:"resourcesResult,omitempty"` @@ -276,7 +271,11 @@ type TaskRunStatusFields struct { TaskSpec *TaskSpec `json:"taskSpec,omitempty"` // Provenance contains some key authenticated metadata about how a software artifact was built (what sources, what inputs/outputs, etc.). + // +optional Provenance *Provenance `json:"provenance,omitempty"` + + // SpanContext contains tracing span context fields + SpanContext map[string]string `json:"spanContext,omitempty"` } // TaskRunStepOverride is used to override the values of a Step in the corresponding Task. @@ -417,7 +416,7 @@ type TaskRunList struct { Items []TaskRun `json:"items"` } -// GetPipelineRunPVCName for taskrun gets pipelinerun +// GetPipelineRunPVCName for TaskRun gets pipelinerun func (tr *TaskRun) GetPipelineRunPVCName() string { if tr == nil { return "" @@ -446,7 +445,7 @@ func (tr *TaskRun) IsDone() bool { return !tr.Status.GetCondition(apis.ConditionSucceeded).IsUnknown() } -// HasStarted function check whether taskrun has valid start time set in its status +// HasStarted function check whether TaskRun has valid start time set in its status func (tr *TaskRun) HasStarted() bool { return tr.Status.StartTime != nil && !tr.Status.StartTime.IsZero() } @@ -471,6 +470,11 @@ func (tr *TaskRun) IsTaskRunResultDone() bool { return !tr.Status.GetCondition(apis.ConditionType(TaskRunConditionResultsVerified.String())).IsUnknown() } +// IsRetriable returns true if the TaskRun's Retries is not exhausted. +func (tr *TaskRun) IsRetriable() bool { + return len(tr.Status.RetriesStatus) < tr.Spec.Retries +} + // HasTimedOut returns true if the TaskRun runtime is beyond the allowed timeout func (tr *TaskRun) HasTimedOut(ctx context.Context, c clock.PassiveClock) bool { if tr.Status.StartTime.IsZero() { @@ -490,7 +494,7 @@ func (tr *TaskRun) GetTimeout(ctx context.Context) time.Duration { // Use the platform default is no timeout is set if tr.Spec.Timeout == nil { defaultTimeout := time.Duration(config.FromContextOrDefaults(ctx).Defaults.DefaultTimeoutMinutes) - return defaultTimeout * time.Minute + return defaultTimeout * time.Minute //nolint:durationcheck } return tr.Spec.Timeout.Duration } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go index 94b639c4cb..ef414612b4 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go @@ -22,11 +22,13 @@ import ( "strings" "github.com/tektoncd/pipeline/pkg/apis/config" + pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" "github.com/tektoncd/pipeline/pkg/apis/validate" "github.com/tektoncd/pipeline/pkg/apis/version" admissionregistrationv1 "k8s.io/api/admissionregistration/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/utils/strings/slices" "knative.dev/pkg/apis" "knative.dev/pkg/webhook/resourcesemantics" ) @@ -70,7 +72,6 @@ func (ts *TaskRunSpec) Validate(ctx context.Context) (errs *apis.FieldError) { // Validate propagated parameters errs = errs.Also(ts.validateInlineParameters(ctx)) errs = errs.Also(ValidateWorkspaceBindings(ctx, ts.Workspaces).ViaField("workspaces")) - errs = errs.Also(ts.Resources.Validate(ctx).ViaField("resources")) if ts.Debug != nil { errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "debug", config.AlphaAPIFields).ViaField("debug")) errs = errs.Also(validateDebug(ts.Debug).ViaField("debug")) @@ -105,7 +106,12 @@ func (ts *TaskRunSpec) Validate(ctx context.Context) (errs *apis.FieldError) { errs = errs.Also(apis.ErrInvalidValue(fmt.Sprintf("%s should be >= 0", ts.Timeout.Duration.String()), "timeout")) } } - + if ts.PodTemplate != nil { + errs = errs.Also(validatePodTemplateEnv(ctx, *ts.PodTemplate)) + } + if ts.Resources != nil { + errs = errs.Also(apis.ErrDisallowedFields("resources")) + } return errs } @@ -142,6 +148,19 @@ func (ts *TaskRunSpec) validateInlineParameters(ctx context.Context) (errs *apis return errs } +func validatePodTemplateEnv(ctx context.Context, podTemplate pod.Template) (errs *apis.FieldError) { + forbiddenEnvsConfigured := config.FromContextOrDefaults(ctx).Defaults.DefaultForbiddenEnv + if len(forbiddenEnvsConfigured) == 0 { + return errs + } + for _, pEnv := range podTemplate.Env { + if slices.Contains(forbiddenEnvsConfigured, pEnv.Name) { + errs = errs.Also(apis.ErrInvalidValue("PodTemplate cannot update a forbidden env: "+pEnv.Name, "PodTemplate.Env")) + } + } + return errs +} + func createParamSpecFromParam(p Param, paramSpecForValidation map[string]ParamSpec) map[string]ParamSpec { value := p.Value pSpec := ParamSpec{ @@ -221,13 +240,13 @@ func ValidateWorkspaceBindings(ctx context.Context, wb []WorkspaceBinding) (errs } // ValidateParameters makes sure the params for the Task are valid. -func ValidateParameters(ctx context.Context, params []Param) (errs *apis.FieldError) { +func ValidateParameters(ctx context.Context, params Params) (errs *apis.FieldError) { var names []string for _, p := range params { if p.Value.Type == ParamTypeObject { - // Object type parameter is an alpha feature and will fail validation if it's used in a taskrun spec - // when the enable-api-fields feature gate is not "alpha". - errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.AlphaAPIFields)) + // Object type parameter is a beta feature and will fail validation if it's used in a taskrun spec + // when the enable-api-fields feature gate is not "alpha" or "beta". + errs = errs.Also(version.ValidateEnabledAPIFields(ctx, "object type parameter", config.BetaAPIFields)) } names = append(names, p.Name) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_conversion.go index 727e8e6f3a..f7daa5cfb4 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_conversion.go @@ -1,3 +1,19 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1beta1 import ( diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_types.go index f915fe13df..194821afce 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/workspace_types.go @@ -87,6 +87,7 @@ type WorkspaceBinding struct { // WorkspacePipelineDeclaration creates a named slot in a Pipeline that a PipelineRun // is expected to populate with a workspace binding. +// // Deprecated: use PipelineWorkspaceDeclaration type instead type WorkspacePipelineDeclaration = PipelineWorkspaceDeclaration diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go index 2706537bef..fdd0282578 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go @@ -22,9 +22,11 @@ limitations under the License. package v1beta1 import ( + config "github.com/tektoncd/pipeline/pkg/apis/config" pod "github.com/tektoncd/pipeline/pkg/apis/pipeline/pod" v1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1" - runv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1" + runv1beta1 "github.com/tektoncd/pipeline/pkg/apis/run/v1beta1" + result "github.com/tektoncd/pipeline/pkg/result" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -151,6 +153,56 @@ func (in *ClusterTaskList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in Combination) DeepCopyInto(out *Combination) { + { + in := &in + *out = make(Combination, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Combination. +func (in Combination) DeepCopy() Combination { + if in == nil { + return nil + } + out := new(Combination) + in.DeepCopyInto(out) + return *out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in Combinations) DeepCopyInto(out *Combinations) { + { + in := &in + *out = make(Combinations, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = make(Combination, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Combinations. +func (in Combinations) DeepCopy() Combinations { + if in == nil { + return nil + } + out := new(Combinations) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ConfigSource) DeepCopyInto(out *ConfigSource) { *out = *in @@ -250,7 +302,7 @@ func (in *CustomRunSpec) DeepCopyInto(out *CustomRunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -319,6 +371,51 @@ func (in *EmbeddedTask) DeepCopy() *EmbeddedTask { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IncludeParams) DeepCopyInto(out *IncludeParams) { + *out = *in + if in.Params != nil { + in, out := &in.Params, &out.Params + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParams. +func (in *IncludeParams) DeepCopy() *IncludeParams { + if in == nil { + return nil + } + out := new(IncludeParams) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in IncludeParamsList) DeepCopyInto(out *IncludeParamsList) { + { + in := &in + *out = make(IncludeParamsList, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IncludeParamsList. +func (in IncludeParamsList) DeepCopy() IncludeParamsList { + if in == nil { + return nil + } + out := new(IncludeParamsList) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InternalTaskModifier) DeepCopyInto(out *InternalTaskModifier) { *out = *in @@ -361,7 +458,14 @@ func (in *Matrix) DeepCopyInto(out *Matrix) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Include != nil { + in, out := &in.Include, &out.Include + *out = make(IncludeParamsList, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -424,6 +528,28 @@ func (in *ParamSpec) DeepCopy() *ParamSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in ParamSpecs) DeepCopyInto(out *ParamSpecs) { + { + in := &in + *out = make(ParamSpecs, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParamSpecs. +func (in ParamSpecs) DeepCopy() ParamSpecs { + if in == nil { + return nil + } + out := new(ParamSpecs) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ParamValue) DeepCopyInto(out *ParamValue) { *out = *in @@ -452,6 +578,28 @@ func (in *ParamValue) DeepCopy() *ParamValue { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in Params) DeepCopyInto(out *Params) { + { + in := &in + *out = make(Params, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + return + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Params. +func (in Params) DeepCopy() Params { + if in == nil { + return nil + } + out := new(Params) + in.DeepCopyInto(out) + return *out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Pipeline) DeepCopyInto(out *Pipeline) { *out = *in @@ -587,22 +735,6 @@ func (in *PipelineResourceRef) DeepCopy() *PipelineResourceRef { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PipelineResourceResult) DeepCopyInto(out *PipelineResourceResult) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PipelineResourceResult. -func (in *PipelineResourceResult) DeepCopy() *PipelineResourceResult { - if in == nil { - return nil - } - out := new(PipelineResourceResult) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PipelineResult) DeepCopyInto(out *PipelineResult) { *out = *in @@ -703,7 +835,7 @@ func (in *PipelineRunRunStatus) DeepCopyInto(out *PipelineRunRunStatus) { *out = *in if in.Status != nil { in, out := &in.Status, &out.Status - *out = new(runv1alpha1.RunStatus) + *out = new(runv1beta1.CustomRunStatus) (*in).DeepCopyInto(*out) } if in.WhenExpressions != nil { @@ -748,7 +880,7 @@ func (in *PipelineRunSpec) DeepCopyInto(out *PipelineRunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -889,6 +1021,13 @@ func (in *PipelineRunStatusFields) DeepCopyInto(out *PipelineRunStatusFields) { *out = new(Provenance) (*in).DeepCopyInto(*out) } + if in.SpanContext != nil { + in, out := &in.SpanContext, &out.SpanContext + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } return } @@ -947,7 +1086,7 @@ func (in *PipelineSpec) DeepCopyInto(out *PipelineSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]ParamSpec, len(*in)) + *out = make(ParamSpecs, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1016,7 +1155,7 @@ func (in *PipelineTask) DeepCopyInto(out *PipelineTask) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -1283,6 +1422,16 @@ func (in *Provenance) DeepCopyInto(out *Provenance) { *out = new(ConfigSource) (*in).DeepCopyInto(*out) } + if in.RefSource != nil { + in, out := &in.RefSource, &out.RefSource + *out = new(RefSource) + (*in).DeepCopyInto(*out) + } + if in.FeatureFlags != nil { + in, out := &in.FeatureFlags, &out.FeatureFlags + *out = new(config.FeatureFlags) + **out = **in + } return } @@ -1296,12 +1445,35 @@ func (in *Provenance) DeepCopy() *Provenance { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RefSource) DeepCopyInto(out *RefSource) { + *out = *in + if in.Digest != nil { + in, out := &in.Digest, &out.Digest + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RefSource. +func (in *RefSource) DeepCopy() *RefSource { + if in == nil { + return nil + } + out := new(RefSource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ResolverRef) DeepCopyInto(out *ResolverRef) { *out = *in if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2056,7 +2228,7 @@ func (in *TaskRunSpec) DeepCopyInto(out *TaskRunSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]Param, len(*in)) + *out = make(Params, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -2177,7 +2349,7 @@ func (in *TaskRunStatusFields) DeepCopyInto(out *TaskRunStatusFields) { } if in.ResourcesResult != nil { in, out := &in.ResourcesResult, &out.ResourcesResult - *out = make([]PipelineResourceResult, len(*in)) + *out = make([]result.RunResult, len(*in)) copy(*out, *in) } if in.TaskRunResults != nil { @@ -2204,6 +2376,13 @@ func (in *TaskRunStatusFields) DeepCopyInto(out *TaskRunStatusFields) { *out = new(Provenance) (*in).DeepCopyInto(*out) } + if in.SpanContext != nil { + in, out := &in.SpanContext, &out.SpanContext + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } return } @@ -2244,7 +2423,7 @@ func (in *TaskSpec) DeepCopyInto(out *TaskSpec) { } if in.Params != nil { in, out := &in.Params, &out.Params - *out = make([]ParamSpec, len(*in)) + *out = make(ParamSpecs, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/doc.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/doc.go index b2c8398ab3..65c3fe6b91 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/doc.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/doc.go @@ -1,12 +1,9 @@ /* Copyright 2019 The Tekton Authors - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -15,7 +12,6 @@ limitations under the License. */ // Package v1alpha1 contains API Schema definitions for the pipeline v1alpha1 API group -// +k8s:openapi-gen=true // +k8s:deepcopy-gen=package,register // +k8s:conversion-gen=github.com/tektoncd/pipeline/pkg/apis/resource // +k8s:defaulter-gen=TypeMeta diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_types.go index 9d1f2ff6e3..6cde87cb8a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipeline_resource_types.go @@ -1,12 +1,10 @@ /* +// Deprecated: Unused, preserved only for backwards compatibility Copyright 2019 The Tekton Authors - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -14,6 +12,7 @@ See the License for the specific language governing permissions and limitations under the License. */ +// The contents of this package are deprecated and unused. Preserved for backwards compatibility. package v1alpha1 import ( @@ -23,42 +22,10 @@ import ( // PipelineResourceType represents the type of endpoint the pipelineResource is, so that the // controller will know this pipelineResource shouldx be fetched and optionally what // additional metatdata should be provided for it. +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceType = string -var ( - // AllowedOutputResources are the resource types that can be used as outputs - AllowedOutputResources = map[PipelineResourceType]bool{ - PipelineResourceTypeStorage: true, - PipelineResourceTypeGit: true, - } -) - -const ( - // PipelineResourceTypeGit indicates that this source is a GitHub repo. - PipelineResourceTypeGit PipelineResourceType = "git" - - // PipelineResourceTypeStorage indicates that this source is a storage blob resource. - PipelineResourceTypeStorage PipelineResourceType = "storage" - - // PipelineResourceTypeImage indicates that this source is a docker Image. - PipelineResourceTypeImage PipelineResourceType = "image" - - // PipelineResourceTypeCluster indicates that this source is a k8s cluster Image. - PipelineResourceTypeCluster PipelineResourceType = "cluster" - - // PipelineResourceTypePullRequest indicates that this source is a SCM Pull Request. - PipelineResourceTypePullRequest PipelineResourceType = "pullRequest" - - // PipelineResourceTypeCloudEvent indicates that this source is a cloud event URI - PipelineResourceTypeCloudEvent PipelineResourceType = "cloudEvent" - - // PipelineResourceTypeGCS is the subtype for the GCSResources, which is backed by a GCS blob/directory. - PipelineResourceTypeGCS PipelineResourceType = "gcs" -) - -// AllResourceTypes can be used for validation to check if a provided Resource type is one of the known types. -var AllResourceTypes = []PipelineResourceType{PipelineResourceTypeGit, PipelineResourceTypeStorage, PipelineResourceTypeImage, PipelineResourceTypeCluster, PipelineResourceTypePullRequest, PipelineResourceTypeCloudEvent} - // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // +genclient:noStatus @@ -66,6 +33,7 @@ var AllResourceTypes = []PipelineResourceType{PipelineResourceTypeGit, PipelineR // PipelineResource describes a resource that is an input to or output from a // Task. // +// Deprecated: Unused, preserved only for backwards compatibility // +k8s:openapi-gen=true type PipelineResource struct { metav1.TypeMeta `json:",inline"` @@ -75,20 +43,23 @@ type PipelineResource struct { // Spec holds the desired state of the PipelineResource from the client Spec PipelineResourceSpec `json:"spec,omitempty"` - // Status is deprecated. - // It usually is used to communicate the observed state of the PipelineResource from + // Status is used to communicate the observed state of the PipelineResource from // the controller, but was unused as there is no controller for PipelineResource. + // // +optional Status *PipelineResourceStatus `json:"status,omitempty"` } // PipelineResourceStatus does not contain anything because PipelineResources on their own // do not have a status -// Deprecated +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceStatus struct { } -// PipelineResourceSpec defines an individual resources used in the pipeline. +// PipelineResourceSpec defines an individual resources used in the pipeline. +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceSpec struct { // Description is a user-facing description of the resource that may be // used to populate a UI. @@ -104,6 +75,8 @@ type PipelineResourceSpec struct { } // SecretParam indicates which secret can be used to populate a field of the resource +// +// Deprecated: Unused, preserved only for backwards compatibility type SecretParam struct { FieldName string `json:"fieldName"` SecretKey string `json:"secretKey"` @@ -112,6 +85,8 @@ type SecretParam struct { // ResourceParam declares a string value to use for the parameter called Name, and is used in // the specific context of PipelineResources. +// +// Deprecated: Unused, preserved only for backwards compatibility type ResourceParam struct { Name string `json:"name"` Value string `json:"value"` @@ -122,6 +97,8 @@ type ResourceParam struct { // PipelineResources within the type's definition, and when provided as an Input, the Name will be the // path to the volume mounted containing this PipelineResource as an input (e.g. // an input Resource named `workspace` will be mounted at `/workspace`). +// +// Deprecated: Unused, preserved only for backwards compatibility type ResourceDeclaration struct { // Name declares the name by which a resource is referenced in the // definition. Resources may be referenced by name in the definition of a @@ -147,6 +124,8 @@ type ResourceDeclaration struct { // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // PipelineResourceList contains a list of PipelineResources +// +// Deprecated: Unused, preserved only for backwards compatibility type PipelineResourceList struct { metav1.TypeMeta `json:",inline"` // +optional diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipelineresource_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipelineresource_validation.go deleted file mode 100644 index 5feb1afe28..0000000000 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/pipelineresource_validation.go +++ /dev/null @@ -1,157 +0,0 @@ -/* -Copyright 2019 The Tekton Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha1 - -import ( - "context" - "fmt" - "net/url" - "strconv" - "strings" - - "github.com/tektoncd/pipeline/pkg/apis/validate" - "k8s.io/apimachinery/pkg/api/equality" - "knative.dev/pkg/apis" -) - -var _ apis.Validatable = (*PipelineResource)(nil) - -// Validate validates the PipelineResource's ObjectMeta and Spec -func (r *PipelineResource) Validate(ctx context.Context) *apis.FieldError { - if err := validate.ObjectMetadata(r.GetObjectMeta()); err != nil { - return err.ViaField("metadata") - } - if apis.IsInDelete(ctx) { - return nil - } - return r.Spec.Validate(ctx) -} - -// Validate validates the PipelineResourceSpec based on its type -func (rs *PipelineResourceSpec) Validate(ctx context.Context) *apis.FieldError { - if equality.Semantic.DeepEqual(rs, &PipelineResourceSpec{}) { - return apis.ErrMissingField("spec.type") - } - if rs.Type == PipelineResourceTypeCluster { - var authFound, cadataFound, clientKeyDataFound, clientCertificateDataFound, isInsecure bool - for _, param := range rs.Params { - switch { - case strings.EqualFold(param.Name, "URL"): - if err := validateURL(param.Value, "URL"); err != nil { - return err - } - case strings.EqualFold(param.Name, "Username"): - authFound = true - case strings.EqualFold(param.Name, "CAData"): - authFound = true - cadataFound = true - case strings.EqualFold(param.Name, "ClientKeyData"): - clientKeyDataFound = true - case strings.EqualFold(param.Name, "ClientCertificateData"): - clientCertificateDataFound = true - case strings.EqualFold(param.Name, "Token"): - authFound = true - case strings.EqualFold(param.Name, "insecure"): - b, _ := strconv.ParseBool(param.Value) - isInsecure = b - } - } - - for _, secret := range rs.SecretParams { - switch { - case strings.EqualFold(secret.FieldName, "Username"): - authFound = true - case strings.EqualFold(secret.FieldName, "CAData"): - authFound = true - cadataFound = true - } - } - // if both clientKeyData and clientCertificateData found - if clientCertificateDataFound && clientKeyDataFound { - authFound = true - } - - // One auth method must be supplied - if !(authFound) { - return apis.ErrMissingField("username or CAData or token param or clientKeyData or ClientCertificateData") - } - if !cadataFound && !isInsecure { - return apis.ErrMissingField("CAData param") - } - } - if rs.Type == PipelineResourceTypeStorage { - foundTypeParam := false - var location string - for _, param := range rs.Params { - switch { - case strings.EqualFold(param.Name, "type"): - if !AllowedStorageType(param.Value) { - return apis.ErrInvalidValue(param.Value, "spec.params.type") - } - foundTypeParam = true - case strings.EqualFold(param.Name, "Location"): - location = param.Value - } - } - - if !foundTypeParam { - return apis.ErrMissingField("spec.params.type") - } - if location == "" { - return apis.ErrMissingField("spec.params.location") - } - } - - if rs.Type == PipelineResourceTypePullRequest { - if err := validatePullRequest(rs); err != nil { - return err - } - } - - for _, allowedType := range AllResourceTypes { - if allowedType == rs.Type { - return nil - } - } - - return apis.ErrInvalidValue("spec.type", rs.Type) -} - -// AllowedStorageType returns true if the provided string can be used as a storage type, and false otherwise -func AllowedStorageType(gotType string) bool { - return gotType == PipelineResourceTypeGCS -} - -func validateURL(u, path string) *apis.FieldError { - if u == "" { - return nil - } - _, err := url.ParseRequestURI(u) - if err != nil { - return apis.ErrInvalidValue(u, path) - } - return nil -} - -func validatePullRequest(s *PipelineResourceSpec) *apis.FieldError { - for _, param := range s.SecretParams { - if param.FieldName != "authToken" { - return apis.ErrInvalidValue(fmt.Sprintf("invalid field name %q in secret parameter. Expected %q", param.FieldName, "authToken"), "spec.secrets.fieldName") - } - } - return nil -} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/register.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/register.go index 78367093f3..67ccbd27b7 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1/register.go @@ -1,12 +1,9 @@ /* Copyright 2019 The Tekton Authors - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 - Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/run/v1beta1/customrunstatus_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/run/v1beta1/customrunstatus_types.go index ff41f0e4c8..2f8d9847c0 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/run/v1beta1/customrunstatus_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/run/v1beta1/customrunstatus_types.go @@ -20,6 +20,7 @@ import ( "encoding/json" "time" + "github.com/tektoncd/pipeline/pkg/apis/run/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "knative.dev/pkg/apis" @@ -145,3 +146,28 @@ func (r *CustomRunStatus) EncodeExtraFields(from interface{}) error { } return nil } + +// FromRunStatus converts a v1alpha1.RunStatus into a corresponding v1beta1.CustomRunStatus +func FromRunStatus(orig v1alpha1.RunStatus) CustomRunStatus { + crs := CustomRunStatus{ + Status: orig.Status, + CustomRunStatusFields: CustomRunStatusFields{ + StartTime: orig.StartTime, + CompletionTime: orig.CompletionTime, + ExtraFields: orig.ExtraFields, + }, + } + + for _, origRes := range orig.Results { + crs.Results = append(crs.Results, CustomRunResult{ + Name: origRes.Name, + Value: origRes.Value, + }) + } + + for _, origRetryStatus := range orig.RetriesStatus { + crs.RetriesStatus = append(crs.RetriesStatus, FromRunStatus(origRetryStatus)) + } + + return crs +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/version/conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/version/conversion.go index f32ca9a944..1d509ceadd 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/version/conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/version/conversion.go @@ -28,7 +28,7 @@ import ( func SerializeToMetadata(meta *metav1.ObjectMeta, field interface{}, key string) error { bytes, err := json.Marshal(field) if err != nil { - return fmt.Errorf("error serializing field: %s", err) + return fmt.Errorf("error serializing field: %w", err) } if meta.Annotations == nil { meta.Annotations = make(map[string]string) @@ -46,7 +46,7 @@ func DeserializeFromMetadata(meta *metav1.ObjectMeta, to interface{}, key string } if str, ok := meta.Annotations[key]; ok { if err := json.Unmarshal([]byte(str), to); err != nil { - return fmt.Errorf("error deserializing key %s from metadata: %s", key, err) + return fmt.Errorf("error deserializing key %s from metadata: %w", key, err) } delete(meta.Annotations, key) if len(meta.Annotations) == 0 { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/scheme/register.go b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/scheme/register.go index 21c3e532df..ffc8f29c1f 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/scheme/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/scheme/register.go @@ -41,14 +41,14 @@ var localSchemeBuilder = runtime.SchemeBuilder{ // AddToScheme adds all types of this clientset into the given scheme. This allows composition // of clientsets, like in: // -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) // -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) // // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types // correctly. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/generated_expansion.go b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/generated_expansion.go index 40814697cf..490c227c6d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/generated_expansion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/generated_expansion.go @@ -19,3 +19,5 @@ limitations under the License. package v1alpha1 type RunExpansion interface{} + +type VerificationPolicyExpansion interface{} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/pipeline_client.go b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/pipeline_client.go index 28d39482a6..19d91e935d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/pipeline_client.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/pipeline_client.go @@ -29,6 +29,7 @@ import ( type TektonV1alpha1Interface interface { RESTClient() rest.Interface RunsGetter + VerificationPoliciesGetter } // TektonV1alpha1Client is used to interact with features provided by the tekton.dev group. @@ -40,6 +41,10 @@ func (c *TektonV1alpha1Client) Runs(namespace string) RunInterface { return newRuns(c, namespace) } +func (c *TektonV1alpha1Client) VerificationPolicies(namespace string) VerificationPolicyInterface { + return newVerificationPolicies(c, namespace) +} + // NewForConfig creates a new TektonV1alpha1Client for the given config. // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), // where httpClient was generated with rest.HTTPClientFor(c). diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/verificationpolicy.go b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/verificationpolicy.go new file mode 100644 index 0000000000..92f534093f --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/clientset/versioned/typed/pipeline/v1alpha1/verificationpolicy.go @@ -0,0 +1,178 @@ +/* +Copyright 2020 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1" + scheme "github.com/tektoncd/pipeline/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// VerificationPoliciesGetter has a method to return a VerificationPolicyInterface. +// A group's client should implement this interface. +type VerificationPoliciesGetter interface { + VerificationPolicies(namespace string) VerificationPolicyInterface +} + +// VerificationPolicyInterface has methods to work with VerificationPolicy resources. +type VerificationPolicyInterface interface { + Create(ctx context.Context, verificationPolicy *v1alpha1.VerificationPolicy, opts v1.CreateOptions) (*v1alpha1.VerificationPolicy, error) + Update(ctx context.Context, verificationPolicy *v1alpha1.VerificationPolicy, opts v1.UpdateOptions) (*v1alpha1.VerificationPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.VerificationPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.VerificationPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.VerificationPolicy, err error) + VerificationPolicyExpansion +} + +// verificationPolicies implements VerificationPolicyInterface +type verificationPolicies struct { + client rest.Interface + ns string +} + +// newVerificationPolicies returns a VerificationPolicies +func newVerificationPolicies(c *TektonV1alpha1Client, namespace string) *verificationPolicies { + return &verificationPolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the verificationPolicy, and returns the corresponding verificationPolicy object, and an error if there is any. +func (c *verificationPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.VerificationPolicy, err error) { + result = &v1alpha1.VerificationPolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("verificationpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of VerificationPolicies that match those selectors. +func (c *verificationPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.VerificationPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.VerificationPolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("verificationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested verificationPolicies. +func (c *verificationPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("verificationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a verificationPolicy and creates it. Returns the server's representation of the verificationPolicy, and an error, if there is any. +func (c *verificationPolicies) Create(ctx context.Context, verificationPolicy *v1alpha1.VerificationPolicy, opts v1.CreateOptions) (result *v1alpha1.VerificationPolicy, err error) { + result = &v1alpha1.VerificationPolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("verificationpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(verificationPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a verificationPolicy and updates it. Returns the server's representation of the verificationPolicy, and an error, if there is any. +func (c *verificationPolicies) Update(ctx context.Context, verificationPolicy *v1alpha1.VerificationPolicy, opts v1.UpdateOptions) (result *v1alpha1.VerificationPolicy, err error) { + result = &v1alpha1.VerificationPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("verificationpolicies"). + Name(verificationPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(verificationPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the verificationPolicy and deletes it. Returns an error if one occurs. +func (c *verificationPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("verificationpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *verificationPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("verificationpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched verificationPolicy. +func (c *verificationPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.VerificationPolicy, err error) { + result = &v1alpha1.VerificationPolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("verificationpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/generic.go b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/generic.go index 3f3c58d271..50110a1fd2 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/generic.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/generic.go @@ -67,6 +67,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource // Group=tekton.dev, Version=v1alpha1 case v1alpha1.SchemeGroupVersion.WithResource("runs"): return &genericInformer{resource: resource.GroupResource(), informer: f.Tekton().V1alpha1().Runs().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("verificationpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Tekton().V1alpha1().VerificationPolicies().Informer()}, nil // Group=tekton.dev, Version=v1beta1 case v1beta1.SchemeGroupVersion.WithResource("clustertasks"): diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/interface.go b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/interface.go index 25a56f8134..c9b783d319 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/interface.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/interface.go @@ -26,6 +26,8 @@ import ( type Interface interface { // Runs returns a RunInformer. Runs() RunInformer + // VerificationPolicies returns a VerificationPolicyInformer. + VerificationPolicies() VerificationPolicyInformer } type version struct { @@ -43,3 +45,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList func (v *version) Runs() RunInformer { return &runInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} } + +// VerificationPolicies returns a VerificationPolicyInformer. +func (v *version) VerificationPolicies() VerificationPolicyInformer { + return &verificationPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/verificationpolicy.go b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/verificationpolicy.go new file mode 100644 index 0000000000..622a6a030d --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/informers/externalversions/pipeline/v1alpha1/verificationpolicy.go @@ -0,0 +1,90 @@ +/* +Copyright 2020 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + pipelinev1alpha1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1" + versioned "github.com/tektoncd/pipeline/pkg/client/clientset/versioned" + internalinterfaces "github.com/tektoncd/pipeline/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// VerificationPolicyInformer provides access to a shared informer and lister for +// VerificationPolicies. +type VerificationPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.VerificationPolicyLister +} + +type verificationPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewVerificationPolicyInformer constructs a new informer for VerificationPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewVerificationPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredVerificationPolicyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredVerificationPolicyInformer constructs a new informer for VerificationPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredVerificationPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.TektonV1alpha1().VerificationPolicies(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.TektonV1alpha1().VerificationPolicies(namespace).Watch(context.TODO(), options) + }, + }, + &pipelinev1alpha1.VerificationPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *verificationPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredVerificationPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *verificationPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&pipelinev1alpha1.VerificationPolicy{}, f.defaultInformer) +} + +func (f *verificationPolicyInformer) Lister() v1alpha1.VerificationPolicyLister { + return v1alpha1.NewVerificationPolicyLister(f.Informer().GetIndexer()) +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/expansion_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/expansion_generated.go index ef742ea349..459ebc6ce5 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/expansion_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/expansion_generated.go @@ -25,3 +25,11 @@ type RunListerExpansion interface{} // RunNamespaceListerExpansion allows custom methods to be added to // RunNamespaceLister. type RunNamespaceListerExpansion interface{} + +// VerificationPolicyListerExpansion allows custom methods to be added to +// VerificationPolicyLister. +type VerificationPolicyListerExpansion interface{} + +// VerificationPolicyNamespaceListerExpansion allows custom methods to be added to +// VerificationPolicyNamespaceLister. +type VerificationPolicyNamespaceListerExpansion interface{} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/verificationpolicy.go b/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/verificationpolicy.go new file mode 100644 index 0000000000..7682fa51ba --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1/verificationpolicy.go @@ -0,0 +1,99 @@ +/* +Copyright 2020 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// VerificationPolicyLister helps list VerificationPolicies. +// All objects returned here must be treated as read-only. +type VerificationPolicyLister interface { + // List lists all VerificationPolicies in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.VerificationPolicy, err error) + // VerificationPolicies returns an object that can list and get VerificationPolicies. + VerificationPolicies(namespace string) VerificationPolicyNamespaceLister + VerificationPolicyListerExpansion +} + +// verificationPolicyLister implements the VerificationPolicyLister interface. +type verificationPolicyLister struct { + indexer cache.Indexer +} + +// NewVerificationPolicyLister returns a new VerificationPolicyLister. +func NewVerificationPolicyLister(indexer cache.Indexer) VerificationPolicyLister { + return &verificationPolicyLister{indexer: indexer} +} + +// List lists all VerificationPolicies in the indexer. +func (s *verificationPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.VerificationPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.VerificationPolicy)) + }) + return ret, err +} + +// VerificationPolicies returns an object that can list and get VerificationPolicies. +func (s *verificationPolicyLister) VerificationPolicies(namespace string) VerificationPolicyNamespaceLister { + return verificationPolicyNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// VerificationPolicyNamespaceLister helps list and get VerificationPolicies. +// All objects returned here must be treated as read-only. +type VerificationPolicyNamespaceLister interface { + // List lists all VerificationPolicies in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1alpha1.VerificationPolicy, err error) + // Get retrieves the VerificationPolicy from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1alpha1.VerificationPolicy, error) + VerificationPolicyNamespaceListerExpansion +} + +// verificationPolicyNamespaceLister implements the VerificationPolicyNamespaceLister +// interface. +type verificationPolicyNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all VerificationPolicies in the indexer for a given namespace. +func (s verificationPolicyNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.VerificationPolicy, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.VerificationPolicy)) + }) + return ret, err +} + +// Get retrieves the VerificationPolicy from the indexer for a given namespace and name. +func (s verificationPolicyNamespaceLister) Get(name string) (*v1alpha1.VerificationPolicy, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("verificationpolicy"), name) + } + return obj.(*v1alpha1.VerificationPolicy), nil +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/result/result.go b/vendor/github.com/tektoncd/pipeline/pkg/result/result.go new file mode 100644 index 0000000000..cfcbc3e90a --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/result/result.go @@ -0,0 +1,92 @@ +/* +Copyright 2023 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package result + +import ( + "encoding/json" + "fmt" + + "github.com/hashicorp/go-multierror" +) + +const ( + // TaskRunResultType default task run result value + TaskRunResultType ResultType = 1 + // reserved: 2 + // was RunResultType + + // InternalTektonResultType default internal tekton result value + InternalTektonResultType = 3 + // UnknownResultType default unknown result type value + UnknownResultType = 10 +) + +// RunResult is used to write key/value pairs to TaskRun pod termination messages. +// The key/value pairs may come from the entrypoint binary, or represent a TaskRunResult. +// If they represent a TaskRunResult, the key is the name of the result and the value is the +// JSON-serialized value of the result. +type RunResult struct { + Key string `json:"key"` + Value string `json:"value"` + // ResourceName may be used in tests, but it is not populated in termination messages. + // It is preserved here for backwards compatibility and will not be ported to v1. + ResourceName string `json:"resourceName,omitempty"` + ResultType ResultType `json:"type,omitempty"` +} + +// ResultType used to find out whether a RunResult is from a task result or not +// Note that ResultsType is another type which is used to define the data type +// (e.g. string, array, etc) we used for Results +// +//nolint:revive // revive complains about stutter of `result.ResultType`. +type ResultType int + +// UnmarshalJSON unmarshals either an int or a string into a ResultType. String +// ResultTypes were removed because they made JSON messages bigger, which in +// turn limited the amount of space in termination messages for task results. String +// support is maintained for backwards compatibility - the Pipelines controller could +// be stopped midway through TaskRun execution, updated with support for int in place +// of string, and then fail the running TaskRun because it doesn't know how to interpret +// the string value that the TaskRun's entrypoint will emit when it completes. +func (r *ResultType) UnmarshalJSON(data []byte) error { + var asInt int + var intErr error + + if err := json.Unmarshal(data, &asInt); err != nil { + intErr = err + } else { + *r = ResultType(asInt) + return nil + } + + var asString string + + if err := json.Unmarshal(data, &asString); err != nil { + return fmt.Errorf("unsupported value type, neither int nor string: %w", multierror.Append(intErr, err).ErrorOrNil()) + } + + switch asString { + case "TaskRunResult": + *r = TaskRunResultType + case "InternalTektonResult": + *r = InternalTektonResultType + default: + *r = UnknownResultType + } + + return nil +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/spire/config/config.go b/vendor/github.com/tektoncd/pipeline/pkg/spire/config/config.go new file mode 100644 index 0000000000..f8fed32daf --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/spire/config/config.go @@ -0,0 +1,69 @@ +/* +Copyright 2022 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +import ( + "fmt" + "sort" + "strings" +) + +// SpireConfig holds the images reference for a number of container images used +// across tektoncd pipelines. +// +k8s:deepcopy-gen=true +type SpireConfig struct { + // The trust domain corresponds to the trust root of a SPIFFE identity provider. + TrustDomain string + // Path to the spire agent socket defined by the CSI driver + SocketPath string + // Spire server address + ServerAddr string + // Prefix to attach to the node name when registering it with the spire server + NodeAliasPrefix string + + // MockSpire only to be used for testing the controller, will not exhibit + // all characteristics of spire since it is only being used in the context + // of process memory. + MockSpire bool +} + +// Validate returns an error if any image is not set. +func (c SpireConfig) Validate() error { + var unset []string + for _, f := range []struct { + v, name string + }{ + {c.TrustDomain, "spire-trust-domain"}, + {c.SocketPath, "spire-socket-path"}, + {c.ServerAddr, "spire-server-addr"}, + {c.NodeAliasPrefix, "spire-node-alias-prefix"}, + } { + if f.v == "" { + unset = append(unset, f.name) + } + } + if len(unset) > 0 { + sort.Strings(unset) + return fmt.Errorf("found unset spire configuration flags: %s", unset) + } + + if !strings.HasPrefix(c.NodeAliasPrefix, "/") { + return fmt.Errorf("Spire node alias should start with a /") + } + + return nil +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/spire/config/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/spire/config/zz_generated.deepcopy.go new file mode 100644 index 0000000000..56590eee53 --- /dev/null +++ b/vendor/github.com/tektoncd/pipeline/pkg/spire/config/zz_generated.deepcopy.go @@ -0,0 +1,38 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +Copyright 2020 The Tekton Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package config + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SpireConfig) DeepCopyInto(out *SpireConfig) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpireConfig. +func (in *SpireConfig) DeepCopy() *SpireConfig { + if in == nil { + return nil + } + out := new(SpireConfig) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/tektoncd/pipeline/pkg/substitution/substitution.go b/vendor/github.com/tektoncd/pipeline/pkg/substitution/substitution.go index 78807fc33a..cb93bc8e7f 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/substitution/substitution.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/substitution/substitution.go @@ -72,7 +72,6 @@ func ValidateVariableP(value, prefix string, vars sets.String) *apis.FieldError Message: errString, Paths: []string{""}, } - } for _, v := range vs { v = TrimArrayIndex(v) @@ -112,7 +111,6 @@ func ValidateVariableProhibitedP(value, prefix string, vars sets.String) *apis.F Message: errString, Paths: []string{""}, } - } for _, v := range vs { v = strings.TrimSuffix(v, "[*]") @@ -180,7 +178,6 @@ func ValidateVariableIsolatedP(value, prefix string, vars sets.String) *apis.Fie Message: errString, Paths: []string{""}, } - } firstMatch, _ := extractExpressionFromString(value, prefix) for _, v := range vs { @@ -279,7 +276,7 @@ func extractEntireVariablesFromString(s, prefix string) ([]string, error) { pattern := fmt.Sprintf(braceMatchingRegex, prefix, parameterSubstitution, parameterSubstitution, parameterSubstitution) re, err := regexp.Compile(pattern) if err != nil { - return nil, fmt.Errorf("Fail to parse regex pattern: %v", err) + return nil, fmt.Errorf("Fail to parse regex pattern: %w", err) } matches := re.FindAllStringSubmatch(s, -1) diff --git a/vendor/golang.org/x/exp/LICENSE b/vendor/golang.org/x/exp/LICENSE new file mode 100644 index 0000000000..6a66aea5ea --- /dev/null +++ b/vendor/golang.org/x/exp/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/golang.org/x/exp/PATENTS b/vendor/golang.org/x/exp/PATENTS new file mode 100644 index 0000000000..733099041f --- /dev/null +++ b/vendor/golang.org/x/exp/PATENTS @@ -0,0 +1,22 @@ +Additional IP Rights Grant (Patents) + +"This implementation" means the copyrightable works distributed by +Google as part of the Go project. + +Google hereby grants to You a perpetual, worldwide, non-exclusive, +no-charge, royalty-free, irrevocable (except as stated in this section) +patent license to make, have made, use, offer to sell, sell, import, +transfer and otherwise run, modify and propagate the contents of this +implementation of Go, where such license applies only to those patent +claims, both currently owned or controlled by Google and acquired in +the future, licensable by Google that are necessarily infringed by this +implementation of Go. This grant does not include claims that would be +infringed only as a consequence of further modification of this +implementation. If you or your agent or exclusive licensee institute or +order or agree to the institution of patent litigation against any +entity (including a cross-claim or counterclaim in a lawsuit) alleging +that this implementation of Go or any code incorporated within this +implementation of Go constitutes direct or contributory patent +infringement, or inducement of patent infringement, then any patent +rights granted to you under this License for this implementation of Go +shall terminate as of the date such litigation is filed. diff --git a/vendor/golang.org/x/exp/maps/maps.go b/vendor/golang.org/x/exp/maps/maps.go new file mode 100644 index 0000000000..ecc0dabb74 --- /dev/null +++ b/vendor/golang.org/x/exp/maps/maps.go @@ -0,0 +1,94 @@ +// Copyright 2021 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package maps defines various functions useful with maps of any type. +package maps + +// Keys returns the keys of the map m. +// The keys will be in an indeterminate order. +func Keys[M ~map[K]V, K comparable, V any](m M) []K { + r := make([]K, 0, len(m)) + for k := range m { + r = append(r, k) + } + return r +} + +// Values returns the values of the map m. +// The values will be in an indeterminate order. +func Values[M ~map[K]V, K comparable, V any](m M) []V { + r := make([]V, 0, len(m)) + for _, v := range m { + r = append(r, v) + } + return r +} + +// Equal reports whether two maps contain the same key/value pairs. +// Values are compared using ==. +func Equal[M1, M2 ~map[K]V, K, V comparable](m1 M1, m2 M2) bool { + if len(m1) != len(m2) { + return false + } + for k, v1 := range m1 { + if v2, ok := m2[k]; !ok || v1 != v2 { + return false + } + } + return true +} + +// EqualFunc is like Equal, but compares values using eq. +// Keys are still compared with ==. +func EqualFunc[M1 ~map[K]V1, M2 ~map[K]V2, K comparable, V1, V2 any](m1 M1, m2 M2, eq func(V1, V2) bool) bool { + if len(m1) != len(m2) { + return false + } + for k, v1 := range m1 { + if v2, ok := m2[k]; !ok || !eq(v1, v2) { + return false + } + } + return true +} + +// Clear removes all entries from m, leaving it empty. +func Clear[M ~map[K]V, K comparable, V any](m M) { + for k := range m { + delete(m, k) + } +} + +// Clone returns a copy of m. This is a shallow clone: +// the new keys and values are set using ordinary assignment. +func Clone[M ~map[K]V, K comparable, V any](m M) M { + // Preserve nil in case it matters. + if m == nil { + return nil + } + r := make(M, len(m)) + for k, v := range m { + r[k] = v + } + return r +} + +// Copy copies all key/value pairs in src adding them to dst. +// When a key in src is already present in dst, +// the value in dst will be overwritten by the value associated +// with the key in src. +func Copy[M1 ~map[K]V, M2 ~map[K]V, K comparable, V any](dst M1, src M2) { + for k, v := range src { + dst[k] = v + } +} + +// DeleteFunc deletes any key/value pairs from m for which del returns true. +func DeleteFunc[M ~map[K]V, K comparable, V any](m M, del func(K, V) bool) { + for k, v := range m { + if del(k, v) { + delete(m, k) + } + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index cd4075ad3f..4cbbb13f63 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -62,7 +62,7 @@ github.com/Microsoft/go-winio/internal/socket github.com/Microsoft/go-winio/pkg/guid github.com/Microsoft/go-winio/pkg/security github.com/Microsoft/go-winio/vhd -# github.com/Microsoft/hcsshim v0.9.6 +# github.com/Microsoft/hcsshim v0.9.7 ## explicit; go 1.13 github.com/Microsoft/hcsshim github.com/Microsoft/hcsshim/computestorage @@ -109,7 +109,7 @@ github.com/ProtonMail/go-crypto/openpgp/internal/ecc github.com/ProtonMail/go-crypto/openpgp/internal/encoding github.com/ProtonMail/go-crypto/openpgp/packet github.com/ProtonMail/go-crypto/openpgp/s2k -# github.com/acomagu/bufpipe v1.0.3 +# github.com/acomagu/bufpipe v1.0.4 ## explicit; go 1.12 github.com/acomagu/bufpipe # github.com/agext/levenshtein v1.2.3 @@ -350,7 +350,7 @@ github.com/cloudflare/circl/sign/ed448 # github.com/containerd/cgroups v1.0.4 ## explicit; go 1.17 github.com/containerd/cgroups/stats/v1 -# github.com/containerd/containerd v1.6.18 +# github.com/containerd/containerd v1.6.19 ## explicit; go 1.17 github.com/containerd/containerd/errdefs github.com/containerd/containerd/log @@ -543,7 +543,7 @@ github.com/go-git/gcfg github.com/go-git/gcfg/scanner github.com/go-git/gcfg/token github.com/go-git/gcfg/types -# github.com/go-git/go-billy/v5 v5.4.0 +# github.com/go-git/go-billy/v5 v5.4.1 ## explicit; go 1.13 github.com/go-git/go-billy/v5 github.com/go-git/go-billy/v5/helper/chroot @@ -551,7 +551,7 @@ github.com/go-git/go-billy/v5/helper/polyfill github.com/go-git/go-billy/v5/memfs github.com/go-git/go-billy/v5/osfs github.com/go-git/go-billy/v5/util -# github.com/go-git/go-git/v5 v5.6.0 +# github.com/go-git/go-git/v5 v5.6.1 ## explicit; go 1.13 github.com/go-git/go-git/v5 github.com/go-git/go-git/v5/config @@ -1047,8 +1047,8 @@ github.com/tektoncd/cli/pkg/pipelinerun/sort github.com/tektoncd/cli/pkg/printer github.com/tektoncd/cli/pkg/taskrun github.com/tektoncd/cli/pkg/taskrun/sort -# github.com/tektoncd/pipeline v0.47.0 => github.com/tektoncd/pipeline v0.42.0 -## explicit; go 1.18 +# github.com/tektoncd/pipeline v0.47.0 +## explicit; go 1.19 github.com/tektoncd/pipeline/pkg/apis/config github.com/tektoncd/pipeline/pkg/apis/pipeline github.com/tektoncd/pipeline/pkg/apis/pipeline/pod @@ -1076,6 +1076,8 @@ github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1alpha1 github.com/tektoncd/pipeline/pkg/client/listers/pipeline/v1beta1 github.com/tektoncd/pipeline/pkg/list github.com/tektoncd/pipeline/pkg/reconciler/pipeline/dag +github.com/tektoncd/pipeline/pkg/result +github.com/tektoncd/pipeline/pkg/spire/config github.com/tektoncd/pipeline/pkg/substitution # github.com/tektoncd/triggers v0.23.1-0.20230420080448-bf603123cc0f ## explicit; go 1.17 @@ -1168,6 +1170,9 @@ golang.org/x/crypto/ssh golang.org/x/crypto/ssh/agent golang.org/x/crypto/ssh/internal/bcrypt_pbkdf golang.org/x/crypto/ssh/knownhosts +# golang.org/x/exp v0.0.0-20230307190834-24139beb5833 +## explicit; go 1.18 +golang.org/x/exp/maps # golang.org/x/mod v0.9.0 ## explicit; go 1.17 golang.org/x/mod/semver @@ -1884,7 +1889,6 @@ sigs.k8s.io/yaml # github.com/docker/docker => github.com/docker/docker v20.10.21+incompatible # github.com/hinshun/vt10x => github.com/hinshun/vt10x v0.0.0-20180809195222-d55458df857c # github.com/openshift/source-to-image => github.com/boson-project/source-to-image v1.3.2 -# github.com/tektoncd/pipeline => github.com/tektoncd/pipeline v0.42.0 # k8s.io/api => k8s.io/api v0.25.4 # k8s.io/apimachinery => k8s.io/apimachinery v0.25.4 # k8s.io/client-go => k8s.io/client-go v0.25.4