diff --git a/go.mod b/go.mod index 53a3f675ca..837226fa26 100644 --- a/go.mod +++ b/go.mod @@ -18,7 +18,7 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/viper v1.19.0 github.com/stretchr/testify v1.9.0 - github.com/tektoncd/pipeline v0.62.2 + github.com/tektoncd/pipeline v0.63.0 github.com/tektoncd/plumbing v0.0.0-20231109154454-9ef46b417293 github.com/tektoncd/triggers v0.29.0 go.opencensus.io v0.24.0 diff --git a/go.sum b/go.sum index dbffe0c1b2..26a5ceb653 100644 --- a/go.sum +++ b/go.sum @@ -1761,8 +1761,8 @@ github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d h1:vfofYNRScrDd github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d/go.mod h1:RRCYJbIwD5jmqPI9XoAFR0OcDxqUctll6zUj/+B4S48= github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= -github.com/tektoncd/pipeline v0.62.2 h1:TnTPSbx19wMsqx5N/xWJ3TEpxNj2SoeFmz7Mb6POj4Q= -github.com/tektoncd/pipeline v0.62.2/go.mod h1:cYPH4n3X8t39arNMhgyU7swyv3hVeWToz1yYDRzTLT8= +github.com/tektoncd/pipeline v0.63.0 h1:QLkhYr970jgs6vmHopXz8pcXbz5c3i0a0FX7ggGtn94= +github.com/tektoncd/pipeline v0.63.0/go.mod h1:HA7r0XJzhhcajNBcl0GErmcT5Omow1jVfLKwbVGjojY= github.com/tektoncd/plumbing v0.0.0-20231109154454-9ef46b417293 h1:kNmGaAtPS9LnfNZG/JrF4Y0Qx5Ju+384aqKJNtk4PU0= github.com/tektoncd/plumbing v0.0.0-20231109154454-9ef46b417293/go.mod h1:7eWs1XNkmReggow7ggRbRyRuHi7646B8b2XipCZ3VOw= github.com/tektoncd/triggers v0.29.0 h1:piRTJT1Sjq3xmGnR50V54oG0NlsszKETLxdCGhgSNQQ= diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/affinity_assitant_template.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/affinity_assitant_template.go index 2dace6398a..aba3f97b3a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/affinity_assitant_template.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/affinity_assitant_template.go @@ -42,6 +42,10 @@ type AffinityAssistantTemplate struct { // +optional // +listType=atomic ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"` + + // SecurityContext sets the security context for the pod + // +optional + SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` } // Equals checks if this Template is identical to the given Template. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go index 855a6ea9b8..68d7e61af3 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/template.go @@ -151,6 +151,7 @@ func (tpl *Template) ToAffinityAssistantTemplate() *AffinityAssistantTemplate { NodeSelector: tpl.NodeSelector, Tolerations: tpl.Tolerations, ImagePullSecrets: tpl.ImagePullSecrets, + SecurityContext: tpl.SecurityContext, } } @@ -247,6 +248,10 @@ func MergeAAPodTemplateWithDefault(tpl, defaultTpl *AAPodTemplate) *AAPodTemplat if tpl.ImagePullSecrets == nil { tpl.ImagePullSecrets = defaultTpl.ImagePullSecrets } + if tpl.SecurityContext == nil { + tpl.SecurityContext = defaultTpl.SecurityContext + } + return tpl } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go index 450128e3a9..90b2d24326 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/pod/zz_generated.deepcopy.go @@ -47,6 +47,11 @@ func (in *AffinityAssistantTemplate) DeepCopyInto(out *AffinityAssistantTemplate *out = make([]v1.LocalObjectReference, len(*in)) copy(*out, *in) } + if in.SecurityContext != nil { + in, out := &in.SecurityContext, &out.SecurityContext + *out = new(v1.PodSecurityContext) + (*in).DeepCopyInto(*out) + } return } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go index ff713753d0..9971a9b79d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/register.go @@ -34,12 +34,18 @@ const ( // TaskRunLabelKey is used as the label identifier for a TaskRun TaskRunLabelKey = GroupName + "/taskRun" + // TaskRunLabelKey is used as the label identifier for a TaskRun + TaskRunUIDLabelKey = GroupName + "/taskRunUID" + // PipelineLabelKey is used as the label identifier for a Pipeline PipelineLabelKey = GroupName + "/pipeline" // PipelineRunLabelKey is used as the label identifier for a PipelineRun PipelineRunLabelKey = GroupName + "/pipelineRun" + // PipelineRunLabelKey is used as the label identifier for a PipelineRun + PipelineRunUIDLabelKey = GroupName + "/pipelineRunUID" + // PipelineTaskLabelKey is used as the label identifier for a PipelineTask PipelineTaskLabelKey = GroupName + "/pipelineTask" diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/artifact_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/artifact_types.go index 21a0d8fc2f..6281c3e1e4 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/artifact_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/artifact_types.go @@ -52,29 +52,30 @@ type Artifacts struct { Outputs []Artifact `json:"outputs,omitempty"` } -func (a *Artifacts) Merge(another Artifacts) { +func (a *Artifacts) Merge(another *Artifacts) { inputMap := make(map[string][]ArtifactValue) var newInputs []Artifact for _, v := range a.Inputs { inputMap[v.Name] = v.Values } - - for _, v := range another.Inputs { - _, ok := inputMap[v.Name] - if !ok { - inputMap[v.Name] = []ArtifactValue{} - } - for _, vv := range v.Values { - exists := false - for _, av := range inputMap[v.Name] { - if cmp.Equal(vv, av) { - exists = true - break - } + if another != nil { + for _, v := range another.Inputs { + _, ok := inputMap[v.Name] + if !ok { + inputMap[v.Name] = []ArtifactValue{} } - if !exists { - inputMap[v.Name] = append(inputMap[v.Name], vv) + for _, vv := range v.Values { + exists := false + for _, av := range inputMap[v.Name] { + if cmp.Equal(vv, av) { + exists = true + break + } + } + if !exists { + inputMap[v.Name] = append(inputMap[v.Name], vv) + } } } } @@ -92,31 +93,33 @@ func (a *Artifacts) Merge(another Artifacts) { outputMap[v.Name] = v } - for _, v := range another.Outputs { - _, ok := outputMap[v.Name] - if !ok { - outputMap[v.Name] = Artifact{Name: v.Name, Values: []ArtifactValue{}, BuildOutput: v.BuildOutput} - } - // only update buildOutput to true. - // Do not convert to false if it was true before. - if v.BuildOutput { - art := outputMap[v.Name] - art.BuildOutput = v.BuildOutput - outputMap[v.Name] = art - } - for _, vv := range v.Values { - exists := false - for _, av := range outputMap[v.Name].Values { - if cmp.Equal(vv, av) { - exists = true - break - } + if another != nil { + for _, v := range another.Outputs { + _, ok := outputMap[v.Name] + if !ok { + outputMap[v.Name] = Artifact{Name: v.Name, Values: []ArtifactValue{}, BuildOutput: v.BuildOutput} } - if !exists { + // only update buildOutput to true. + // Do not convert to false if it was true before. + if v.BuildOutput { art := outputMap[v.Name] - art.Values = append(art.Values, vv) + art.BuildOutput = v.BuildOutput outputMap[v.Name] = art } + for _, vv := range v.Values { + exists := false + for _, av := range outputMap[v.Name].Values { + if cmp.Equal(vv, av) { + exists = true + break + } + } + if !exists { + art := outputMap[v.Name] + art.Values = append(art.Values, vv) + outputMap[v.Name] = art + } + } } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go index 42bf6748b1..7e801069b7 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/openapi_generated.go @@ -162,11 +162,17 @@ func schema_pkg_apis_pipeline_pod_AffinityAssistantTemplate(ref common.Reference }, }, }, + "securityContext": { + SchemaProps: spec.SchemaProps{ + Description: "SecurityContext sets the security context for the pod", + Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.Toleration"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration"}, } } @@ -3561,6 +3567,25 @@ func schema_pkg_apis_pipeline_v1_TaskBreakpoints(ref common.ReferenceCallback) c Format: "", }, }, + "beforeSteps": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, @@ -4214,7 +4239,6 @@ func schema_pkg_apis_pipeline_v1_TaskRunStatus(ref common.ReferenceCallback) com }, SchemaProps: spec.SchemaProps{ Description: "Artifacts are the list of artifacts written out by the task's containers", - Default: map[string]interface{}{}, Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Artifacts"), }, }, @@ -4366,7 +4390,6 @@ func schema_pkg_apis_pipeline_v1_TaskRunStatusFields(ref common.ReferenceCallbac }, SchemaProps: spec.SchemaProps{ Description: "Artifacts are the list of artifacts written out by the task's containers", - Default: map[string]interface{}{}, Ref: ref("github.com/tektoncd/pipeline/pkg/apis/pipeline/v1.Artifacts"), }, }, diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json index 584220d0b8..7c3ebefb8b 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/swagger.json @@ -28,6 +28,10 @@ "default": "" } }, + "securityContext": { + "description": "SecurityContext sets the security context for the pod", + "$ref": "#/definitions/v1.PodSecurityContext" + }, "tolerations": { "description": "If specified, the pod's tolerations.", "type": "array", @@ -1821,6 +1825,14 @@ "description": "TaskBreakpoints defines the breakpoint config for a particular Task", "type": "object", "properties": { + "beforeSteps": { + "type": "array", + "items": { + "type": "string", + "default": "" + }, + "x-kubernetes-list-type": "atomic" + }, "onFailure": { "description": "if enabled, pause TaskRun on failure of a step failed step will not exit", "type": "string" @@ -2125,7 +2137,6 @@ }, "artifacts": { "description": "Artifacts are the list of artifacts written out by the task's containers", - "default": {}, "$ref": "#/definitions/v1.Artifacts", "x-kubernetes-list-type": "atomic" }, @@ -2220,7 +2231,6 @@ "properties": { "artifacts": { "description": "Artifacts are the list of artifacts written out by the task's containers", - "default": {}, "$ref": "#/definitions/v1.Artifacts", "x-kubernetes-list-type": "atomic" }, diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go index ea6e517649..b530593726 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_types.go @@ -26,6 +26,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/utils/clock" "knative.dev/pkg/apis" duckv1 "knative.dev/pkg/apis/duck/v1" @@ -121,6 +122,9 @@ type TaskBreakpoints struct { // failed step will not exit // +optional OnFailure string `json:"onFailure,omitempty"` + // +optional + // +listType=atomic + BeforeSteps []string `json:"beforeSteps,omitempty"` } // NeedsDebugOnFailure return true if the TaskRun is configured to debug on failure @@ -131,14 +135,28 @@ func (trd *TaskRunDebug) NeedsDebugOnFailure() bool { return trd.Breakpoints.OnFailure == EnabledOnFailureBreakpoint } +// NeedsDebugBeforeStep return true if the step is configured to debug before execution +func (trd *TaskRunDebug) NeedsDebugBeforeStep(stepName string) bool { + if trd.Breakpoints == nil { + return false + } + beforeStepSets := sets.NewString(trd.Breakpoints.BeforeSteps...) + return beforeStepSets.Has(stepName) +} + // StepNeedsDebug return true if the step is configured to debug func (trd *TaskRunDebug) StepNeedsDebug(stepName string) bool { - return trd.NeedsDebugOnFailure() + return trd.NeedsDebugOnFailure() || trd.NeedsDebugBeforeStep(stepName) } // NeedsDebug return true if defined onfailure or have any before, after steps func (trd *TaskRunDebug) NeedsDebug() bool { - return trd.NeedsDebugOnFailure() + return trd.NeedsDebugOnFailure() || trd.HaveBeforeSteps() +} + +// HaveBeforeSteps return true if have any before steps +func (trd *TaskRunDebug) HaveBeforeSteps() bool { + return trd.Breakpoints != nil && len(trd.Breakpoints.BeforeSteps) > 0 } // TaskRunInputs holds the input values that this task was invoked with. @@ -282,7 +300,7 @@ type TaskRunStatusFields struct { // Artifacts are the list of artifacts written out by the task's containers // +optional // +listType=atomic - Artifacts Artifacts `json:"artifacts,omitempty"` + Artifacts *Artifacts `json:"artifacts,omitempty"` // The list has one entry per sidecar in the manifest. Each entry is // represents the imageid of the corresponding sidecar. diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go index cfdd423e99..e162672a66 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/taskrun_validation.go @@ -264,6 +264,13 @@ func validateDebug(db *TaskRunDebug) (errs *apis.FieldError) { if db.Breakpoints.OnFailure != "" && db.Breakpoints.OnFailure != EnabledOnFailureBreakpoint { errs = errs.Also(apis.ErrInvalidValue(db.Breakpoints.OnFailure+" is not a valid onFailure breakpoint value, onFailure breakpoint is only allowed to be set as enabled", "breakpoints.onFailure")) } + beforeSteps := sets.NewString() + for i, step := range db.Breakpoints.BeforeSteps { + if beforeSteps.Has(step) { + errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("before step must be unique, the same step: %s is defined multiple times at", step), fmt.Sprintf("breakpoints.beforeSteps[%d]", i))) + } + beforeSteps.Insert(step) + } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go index 12dbe03bf8..c3057d3356 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/zz_generated.deepcopy.go @@ -1580,6 +1580,11 @@ func (in *Task) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TaskBreakpoints) DeepCopyInto(out *TaskBreakpoints) { *out = *in + if in.BeforeSteps != nil { + in, out := &in.BeforeSteps, &out.BeforeSteps + *out = make([]string, len(*in)) + copy(*out, *in) + } return } @@ -1705,7 +1710,7 @@ func (in *TaskRunDebug) DeepCopyInto(out *TaskRunDebug) { if in.Breakpoints != nil { in, out := &in.Breakpoints, &out.Breakpoints *out = new(TaskBreakpoints) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -1934,7 +1939,11 @@ func (in *TaskRunStatusFields) DeepCopyInto(out *TaskRunStatusFields) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - in.Artifacts.DeepCopyInto(&out.Artifacts) + if in.Artifacts != nil { + in, out := &in.Artifacts, &out.Artifacts + *out = new(Artifacts) + (*in).DeepCopyInto(*out) + } if in.Sidecars != nil { in, out := &in.Sidecars, &out.Sidecars *out = make([]SidecarState, len(*in)) diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/openapi_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/openapi_generated.go index 7bb3912b7e..03d5a5967e 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/openapi_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/openapi_generated.go @@ -109,11 +109,17 @@ func schema_pkg_apis_pipeline_pod_AffinityAssistantTemplate(ref common.Reference }, }, }, + "securityContext": { + SchemaProps: spec.SchemaProps{ + Description: "SecurityContext sets the security context for the pod", + Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.Toleration"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration"}, } } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/swagger.json b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/swagger.json index 4efd50c2fc..5ab14febfc 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/swagger.json +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1/swagger.json @@ -28,6 +28,10 @@ "default": "" } }, + "securityContext": { + "description": "SecurityContext sets the security context for the pod", + "$ref": "#/definitions/v1.PodSecurityContext" + }, "tolerations": { "description": "If specified, the pod's tolerations.", "type": "array", diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go index 0e2f436ca6..126888e63d 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/openapi_generated.go @@ -189,11 +189,17 @@ func schema_pkg_apis_pipeline_pod_AffinityAssistantTemplate(ref common.Reference }, }, }, + "securityContext": { + SchemaProps: spec.SchemaProps{ + Description: "SecurityContext sets the security context for the pod", + Ref: ref("k8s.io/api/core/v1.PodSecurityContext"), + }, + }, }, }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.Toleration"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PodSecurityContext", "k8s.io/api/core/v1.Toleration"}, } } @@ -4809,6 +4815,25 @@ func schema_pkg_apis_pipeline_v1beta1_TaskBreakpoints(ref common.ReferenceCallba Format: "", }, }, + "beforeSteps": { + VendorExtensible: spec.VendorExtensible{ + Extensions: spec.Extensions{ + "x-kubernetes-list-type": "atomic", + }, + }, + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, }, }, }, diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/stepaction_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/stepaction_types.go index 495c9ee010..ab000a6db0 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/stepaction_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/stepaction_types.go @@ -14,6 +14,7 @@ limitations under the License. package v1beta1 import ( + "github.com/tektoncd/pipeline/pkg/apis/pipeline/internal/checksum" v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -63,6 +64,28 @@ func (*StepAction) GetGroupVersionKind() schema.GroupVersionKind { return SchemeGroupVersion.WithKind("StepAction") } +// Checksum computes the sha256 checksum of the stepaction object. +// Prior to computing the checksum, it performs some preprocessing on the +// metadata of the object where it removes system provided annotations. +// Only the name, namespace, generateName, user-provided labels and annotations +// and the taskSpec are included for the checksum computation. +func (s *StepAction) Checksum() ([]byte, error) { + objectMeta := checksum.PrepareObjectMeta(s) + preprocessedStepaction := StepAction{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "tekton.dev/v1beta1", + Kind: "StepAction", + }, + ObjectMeta: objectMeta, + Spec: s.Spec, + } + sha256Checksum, err := checksum.ComputeSha256Checksum(preprocessedStepaction) + if err != nil { + return nil, err + } + return sha256Checksum, nil +} + // StepActionList contains a list of StepActions // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type StepActionList struct { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json index a0b5a9f9dd..d83792633a 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/swagger.json @@ -28,6 +28,10 @@ "default": "" } }, + "securityContext": { + "description": "SecurityContext sets the security context for the pod", + "$ref": "#/definitions/v1.PodSecurityContext" + }, "tolerations": { "description": "If specified, the pod's tolerations.", "type": "array", @@ -2639,6 +2643,14 @@ "description": "TaskBreakpoints defines the breakpoint config for a particular Task", "type": "object", "properties": { + "beforeSteps": { + "type": "array", + "items": { + "type": "string", + "default": "" + }, + "x-kubernetes-list-type": "atomic" + }, "onFailure": { "description": "if enabled, pause TaskRun on failure of a step failed step will not exit", "type": "string" diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go index 7b749ac5af..fb01170254 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_conversion.go @@ -214,10 +214,18 @@ func (trd *TaskRunDebug) convertFrom(ctx context.Context, source v1.TaskRunDebug func (tbp TaskBreakpoints) convertTo(ctx context.Context, sink *v1.TaskBreakpoints) { sink.OnFailure = tbp.OnFailure + if len(tbp.BeforeSteps) > 0 { + sink.BeforeSteps = make([]string, 0) + sink.BeforeSteps = append(sink.BeforeSteps, tbp.BeforeSteps...) + } } func (tbp *TaskBreakpoints) convertFrom(ctx context.Context, source v1.TaskBreakpoints) { tbp.OnFailure = source.OnFailure + if len(source.BeforeSteps) > 0 { + tbp.BeforeSteps = make([]string, 0) + tbp.BeforeSteps = append(tbp.BeforeSteps, source.BeforeSteps...) + } } func (trso TaskRunStepOverride) convertTo(ctx context.Context, sink *v1.TaskRunStepSpec) { diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go index 26707ff337..2cd76f0e57 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_types.go @@ -28,6 +28,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/sets" "k8s.io/utils/clock" "knative.dev/pkg/apis" duckv1 "knative.dev/pkg/apis/duck/v1" @@ -126,6 +127,9 @@ type TaskBreakpoints struct { // failed step will not exit // +optional OnFailure string `json:"onFailure,omitempty"` + // +optional + // +listType=atomic + BeforeSteps []string `json:"beforeSteps,omitempty"` } // NeedsDebugOnFailure return true if the TaskRun is configured to debug on failure @@ -136,14 +140,28 @@ func (trd *TaskRunDebug) NeedsDebugOnFailure() bool { return trd.Breakpoints.OnFailure == EnabledOnFailureBreakpoint } +// NeedsDebugBeforeStep return true if the step is configured to debug before execution +func (trd *TaskRunDebug) NeedsDebugBeforeStep(stepName string) bool { + if trd.Breakpoints == nil { + return false + } + beforeStepSets := sets.NewString(trd.Breakpoints.BeforeSteps...) + return beforeStepSets.Has(stepName) +} + // StepNeedsDebug return true if the step is configured to debug func (trd *TaskRunDebug) StepNeedsDebug(stepName string) bool { - return trd.NeedsDebugOnFailure() + return trd.NeedsDebugOnFailure() || trd.NeedsDebugBeforeStep(stepName) +} + +// HaveBeforeSteps return true if have any before steps +func (trd *TaskRunDebug) HaveBeforeSteps() bool { + return trd.Breakpoints != nil && len(trd.Breakpoints.BeforeSteps) > 0 } // NeedsDebug return true if defined onfailure or have any before, after steps func (trd *TaskRunDebug) NeedsDebug() bool { - return trd.NeedsDebugOnFailure() + return trd.NeedsDebugOnFailure() || trd.HaveBeforeSteps() } var taskRunCondSet = apis.NewBatchConditionSet() diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go index a3f37caeee..ae14965c77 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/taskrun_validation.go @@ -264,6 +264,13 @@ func validateDebug(db *TaskRunDebug) (errs *apis.FieldError) { if db.Breakpoints.OnFailure != "" && db.Breakpoints.OnFailure != EnabledOnFailureBreakpoint { errs = errs.Also(apis.ErrInvalidValue(db.Breakpoints.OnFailure+" is not a valid onFailure breakpoint value, onFailure breakpoint is only allowed to be set as enabled", "breakpoints.onFailure")) } + beforeSteps := sets.NewString() + for i, step := range db.Breakpoints.BeforeSteps { + if beforeSteps.Has(step) { + errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("before step must be unique, the same step: %s is defined multiple times at", step), fmt.Sprintf("breakpoints.beforeSteps[%d]", i))) + } + beforeSteps.Insert(step) + } return errs } diff --git a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go index 7852edd8c7..8c2afe35a6 100644 --- a/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go +++ b/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/zz_generated.deepcopy.go @@ -2174,6 +2174,11 @@ func (in *Task) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TaskBreakpoints) DeepCopyInto(out *TaskBreakpoints) { *out = *in + if in.BeforeSteps != nil { + in, out := &in.BeforeSteps, &out.BeforeSteps + *out = make([]string, len(*in)) + copy(*out, *in) + } return } @@ -2364,7 +2369,7 @@ func (in *TaskRunDebug) DeepCopyInto(out *TaskRunDebug) { if in.Breakpoints != nil { in, out := &in.Breakpoints, &out.Breakpoints *out = new(TaskBreakpoints) - **out = **in + (*in).DeepCopyInto(*out) } return } diff --git a/vendor/modules.txt b/vendor/modules.txt index e73bb2b655..3719ea8c06 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1337,7 +1337,7 @@ github.com/syndtr/goleveldb/leveldb/util # github.com/tchap/go-patricia/v2 v2.3.1 ## explicit; go 1.16 github.com/tchap/go-patricia/v2/patricia -# github.com/tektoncd/pipeline v0.62.2 +# github.com/tektoncd/pipeline v0.63.0 ## explicit; go 1.22 github.com/tektoncd/pipeline/internal/artifactref github.com/tektoncd/pipeline/pkg/apis/config