From 04601da6055c271d3fbf0fba2532ea09007486cd Mon Sep 17 00:00:00 2001 From: Chuang Wang Date: Tue, 4 Apr 2023 19:11:26 -0700 Subject: [PATCH] Promote the provenance field in status Fixes https://github.com/tektoncd/pipeline/issues/6309. Prior, the `provenance` field in status was gated by the dedicated feature flag named `enable-provenance-in-status`. This PR moves the field out of the feature flag. Signed-off-by: Chuang Wang --- config/config-feature-flags.yaml | 5 -- docs/additional-configs.md | 5 -- pkg/apis/config/feature_flags.go | 7 --- pkg/apis/config/feature_flags_test.go | 3 -- .../testdata/feature-flags-all-flags-set.yaml | 1 - .../v1beta1/pipelinerun_conversion_test.go | 11 ++-- .../v1beta1/taskrun_conversion_test.go | 11 ++-- pkg/reconciler/pipelinerun/pipelinerun.go | 22 ++++---- .../pipelinerun/pipelinerun_test.go | 51 ++++++++++++++----- pkg/reconciler/taskrun/taskrun.go | 26 +++++----- pkg/reconciler/taskrun/taskrun_test.go | 35 ++++++++----- test/custom_task_test.go | 11 ++++ test/e2e-tests.sh | 2 +- test/status_test.go | 37 ++------------ 14 files changed, 104 insertions(+), 123 deletions(-) diff --git a/config/config-feature-flags.yaml b/config/config-feature-flags.yaml index 2baa580b8f9..80e951efb4a 100644 --- a/config/config-feature-flags.yaml +++ b/config/config-feature-flags.yaml @@ -81,11 +81,6 @@ data: # If it is set to "warn", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and an error will be logged. # If it is set to "ignore", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and no error will be logged. trusted-resources-verification-no-match-policy: "ignore" - # Setting this flag to "true" enables populating the "provenance" field in TaskRun - # and PipelineRun status. This field contains metadata about resources used - # in the TaskRun/PipelineRun such as the source from where a remote Task/Pipeline - # definition was fetched. - enable-provenance-in-status: "false" # Setting this flag will determine how Tekton pipelines will handle non-falsifiable provenance. # If set to "spire", then SPIRE will be used to ensure non-falsifiable provenance. # If set to "none", then Tekton will not have non-falsifiable provenance. diff --git a/docs/additional-configs.md b/docs/additional-configs.md index f0f3021d3e7..f606ba18071 100644 --- a/docs/additional-configs.md +++ b/docs/additional-configs.md @@ -245,10 +245,6 @@ Defaults to "ignore". - `results-from`: set this flag to "termination-message" to use the container's termination message to fetch results from. This is the default method of extracting results. Set it to "sidecar-logs" to enable use of a results sidecar logs to extract results instead of termination message. -- `enable-provenance-in-status`: set this flag to "true" to enable recording - the `provenance` field in `TaskRun` and `PipelineRun` status. The `provenance` - field contains metadata about resources used in the TaskRun/PipelineRun such as the - source from where a remote Task/Pipeline definition was fetched. For example: @@ -284,7 +280,6 @@ Features currently in "alpha" are: | [Task-level Resource Requirements](compute-resources.md#task-level-compute-resources-configuration) | [TEP-0104](https://github.com/tektoncd/community/blob/main/teps/0104-tasklevel-resource-requirements.md) | [v0.39.0](https://github.com/tektoncd/pipeline/releases/tag/v0.39.0) | | | [Object Params and Results](pipelineruns.md#specifying-parameters) | [TEP-0075](https://github.com/tektoncd/community/blob/main/teps/0075-object-param-and-result-types.md) | [v0.38.0](https://github.com/tektoncd/pipeline/releases/tag/v0.38.0) | | | | [Trusted Resources](./trusted-resources.md) | [TEP-0091](https://github.com/tektoncd/community/blob/main/teps/0091-trusted-resources.md) | N/A | `trusted-resources-verification-no-match-policy` | -| [`Provenance` field in Status](pipeline-api.md#provenance) | [issue#5550](https://github.com/tektoncd/pipeline/issues/5550) | N/A | `enable-provenance-in-status` | | [Larger Results via Sidecar Logs](#enabling-larger-results-using-sidecar-logs) | [TEP-0127](https://github.com/tektoncd/community/blob/main/teps/0127-larger-results-via-sidecar-logs.md) | [v0.43.0](https://github.com/tektoncd/pipeline/releases/tag/v0.43.0) | `results-from` | | [Configure Default Resolver](./resolution.md#configuring-built-in-resolvers) | [TEP-0133](https://github.com/tektoncd/community/blob/main/teps/0133-configure-default-resolver.md) | N/A | | diff --git a/pkg/apis/config/feature_flags.go b/pkg/apis/config/feature_flags.go index 699a65516e4..778b24e2cc9 100644 --- a/pkg/apis/config/feature_flags.go +++ b/pkg/apis/config/feature_flags.go @@ -70,8 +70,6 @@ const ( DefaultEnforceNonfalsifiability = EnforceNonfalsifiabilityNone // DefaultNoMatchPolicyConfig is the default value for "trusted-resources-verification-no-match-policy". DefaultNoMatchPolicyConfig = IgnoreNoMatchPolicy - // DefaultEnableProvenanceInStatus is the default value for "enable-provenance-status". - DefaultEnableProvenanceInStatus = false // DefaultResultExtractionMethod is the default value for ResultExtractionMethod DefaultResultExtractionMethod = ResultExtractionMethodTerminationMessage // DefaultMaxResultSize is the default value in bytes for the size of a result @@ -87,7 +85,6 @@ const ( sendCloudEventsForRuns = "send-cloudevents-for-runs" enforceNonfalsifiability = "enforce-nonfalsifiability" verificationNoMatchPolicy = "trusted-resources-verification-no-match-policy" - enableProvenanceInStatus = "enable-provenance-in-status" resultExtractionMethod = "results-from" maxResultSize = "max-result-size" ) @@ -113,7 +110,6 @@ type FeatureFlags struct { // warn: skip trusted resources verification when no matching verification policies found and log a warning // fail: fail the taskrun or pipelines run if no matching verification policies found VerificationNoMatchPolicy string - EnableProvenanceInStatus bool ResultExtractionMethod string MaxResultSize int } @@ -167,9 +163,6 @@ func NewFeatureFlagsFromMap(cfgMap map[string]string) (*FeatureFlags, error) { if err := setVerificationNoMatchPolicy(cfgMap, DefaultNoMatchPolicyConfig, &tc.VerificationNoMatchPolicy); err != nil { return nil, err } - if err := setFeature(enableProvenanceInStatus, DefaultEnableProvenanceInStatus, &tc.EnableProvenanceInStatus); err != nil { - return nil, err - } if err := setResultExtractionMethod(cfgMap, DefaultResultExtractionMethod, &tc.ResultExtractionMethod); err != nil { return nil, err } diff --git a/pkg/apis/config/feature_flags_test.go b/pkg/apis/config/feature_flags_test.go index b4d5ad5d31e..85f49dd8c0b 100644 --- a/pkg/apis/config/feature_flags_test.go +++ b/pkg/apis/config/feature_flags_test.go @@ -48,7 +48,6 @@ func TestNewFeatureFlagsFromConfigMap(t *testing.T) { EnableAPIFields: config.DefaultEnableAPIFields, SendCloudEventsForRuns: config.DefaultSendCloudEventsForRuns, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: config.DefaultEnableProvenanceInStatus, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, }, @@ -65,7 +64,6 @@ func TestNewFeatureFlagsFromConfigMap(t *testing.T) { SendCloudEventsForRuns: true, EnforceNonfalsifiability: "spire", VerificationNoMatchPolicy: config.FailNoMatchPolicy, - EnableProvenanceInStatus: true, ResultExtractionMethod: "termination-message", MaxResultSize: 4096, }, @@ -172,7 +170,6 @@ func TestNewFeatureFlagsFromEmptyConfigMap(t *testing.T) { SendCloudEventsForRuns: config.DefaultSendCloudEventsForRuns, EnforceNonfalsifiability: config.DefaultEnforceNonfalsifiability, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: config.DefaultEnableProvenanceInStatus, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, } diff --git a/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml b/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml index 07f5f33a9de..af3c4377dbc 100644 --- a/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml +++ b/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml @@ -28,4 +28,3 @@ data: send-cloudevents-for-runs: "true" enforce-nonfalsifiability: "spire" trusted-resources-verification-no-match-policy: "fail" - enable-provenance-in-status: "true" diff --git a/pkg/apis/pipeline/v1beta1/pipelinerun_conversion_test.go b/pkg/apis/pipeline/v1beta1/pipelinerun_conversion_test.go index bf309b0a58d..8f357046769 100644 --- a/pkg/apis/pipeline/v1beta1/pipelinerun_conversion_test.go +++ b/pkg/apis/pipeline/v1beta1/pipelinerun_conversion_test.go @@ -138,6 +138,8 @@ func TestPipelineRunConversionBadType(t *testing.T) { } func TestPipelineRunConversion(t *testing.T) { + defaultFeatureFlags, _ := config.NewFeatureFlagsFromMap(map[string]string{}) + tests := []struct { name string in *v1beta1.PipelineRun @@ -305,14 +307,7 @@ func TestPipelineRunConversion(t *testing.T) { URI: "test-uri", Digest: map[string]string{"sha256": "digest"}, }, - FeatureFlags: &config.FeatureFlags{ - RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, - EnableAPIFields: config.DefaultEnableAPIFields, - AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, - VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - ResultExtractionMethod: config.DefaultResultExtractionMethod, - MaxResultSize: config.DefaultMaxResultSize, - }, + FeatureFlags: defaultFeatureFlags, }, }, }, diff --git a/pkg/apis/pipeline/v1beta1/taskrun_conversion_test.go b/pkg/apis/pipeline/v1beta1/taskrun_conversion_test.go index e0fe1b59127..874a8970d07 100644 --- a/pkg/apis/pipeline/v1beta1/taskrun_conversion_test.go +++ b/pkg/apis/pipeline/v1beta1/taskrun_conversion_test.go @@ -51,6 +51,8 @@ func TestTaskRunConversionBadType(t *testing.T) { } func TestTaskRunConversion(t *testing.T) { + defaultFeatureFlags, _ := config.NewFeatureFlagsFromMap(map[string]string{}) + tests := []struct { name string in *v1beta1.TaskRun @@ -237,14 +239,7 @@ func TestTaskRunConversion(t *testing.T) { URI: "test-uri", Digest: map[string]string{"sha256": "digest"}, }, - FeatureFlags: &config.FeatureFlags{ - RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, - EnableAPIFields: config.DefaultEnableAPIFields, - AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, - VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - ResultExtractionMethod: config.DefaultResultExtractionMethod, - MaxResultSize: config.DefaultMaxResultSize, - }, + FeatureFlags: defaultFeatureFlags, }}, }, }, diff --git a/pkg/reconciler/pipelinerun/pipelinerun.go b/pkg/reconciler/pipelinerun/pipelinerun.go index 39f89587e43..de58f5c45f1 100644 --- a/pkg/reconciler/pipelinerun/pipelinerun.go +++ b/pkg/reconciler/pipelinerun/pipelinerun.go @@ -1224,19 +1224,17 @@ func storePipelineSpecAndMergeMeta(ctx context.Context, pr *v1beta1.PipelineRun, // Propagate refSource from remote resolution to PipelineRun Status // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and source comes in next reconcile. cfg := config.FromContextOrDefaults(ctx) - if cfg.FeatureFlags.EnableProvenanceInStatus { - if pr.Status.Provenance == nil { - pr.Status.Provenance = &v1beta1.Provenance{} - } - // Store FeatureFlags in the Provenance. - pr.Status.Provenance.FeatureFlags = cfg.FeatureFlags + if pr.Status.Provenance == nil { + pr.Status.Provenance = &v1beta1.Provenance{} + } + // Store FeatureFlags in the Provenance. + pr.Status.Provenance.FeatureFlags = cfg.FeatureFlags - if meta != nil && meta.RefSource != nil && pr.Status.Provenance.RefSource == nil { - pr.Status.Provenance.RefSource = meta.RefSource - } - if meta != nil && meta.RefSource != nil && pr.Status.Provenance.ConfigSource == nil { - pr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) - } + if meta != nil && meta.RefSource != nil && pr.Status.Provenance.RefSource == nil { + pr.Status.Provenance.RefSource = meta.RefSource + } + if meta != nil && meta.RefSource != nil && pr.Status.Provenance.ConfigSource == nil { + pr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) } return nil diff --git a/pkg/reconciler/pipelinerun/pipelinerun_test.go b/pkg/reconciler/pipelinerun/pipelinerun_test.go index b2ac6502d8c..eb2d35accdf 100644 --- a/pkg/reconciler/pipelinerun/pipelinerun_test.go +++ b/pkg/reconciler/pipelinerun/pipelinerun_test.go @@ -100,6 +100,11 @@ var ( now = time.Date(2022, time.January, 1, 0, 0, 0, 0, time.UTC) testClock = clock.NewFakePassiveClock(now) + + defaultFeatureFlags, _ = config.NewFeatureFlagsFromMap(map[string]string{}) + alphaFeatureFlags, _ = config.NewFeatureFlagsFromMap(map[string]string{ + "enable-api-fields": "alpha", + }) ) const ( @@ -4591,6 +4596,9 @@ status: `) expectedPr := expectedPrStatus + expectedPr.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: defaultFeatureFlags, + } if d := cmp.Diff(expectedPr, reconciledRun, ignoreResourceVersion, ignoreLastTransitionTime, ignoreCompletionTime, ignoreStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected to see pipeline run results created. Diff %s", diff.PrintWantGot(d)) @@ -4739,6 +4747,9 @@ status: `) expectedPr := expectedPrStatus + expectedPr.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: defaultFeatureFlags, + } if d := cmp.Diff(expectedPr, reconciledRun, ignoreResourceVersion, ignoreLastTransitionTime, ignoreCompletionTime, ignoreStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected to see pipeline run results created. Diff %s", diff.PrintWantGot(d)) @@ -4898,15 +4909,7 @@ metadata: Provenance: &v1beta1.Provenance{ RefSource: refSource.DeepCopy(), ConfigSource: (*v1beta1.ConfigSource)(refSource.DeepCopy()), - FeatureFlags: &config.FeatureFlags{ - RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, - EnableAPIFields: config.DefaultEnableAPIFields, - AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, - VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: true, - ResultExtractionMethod: config.DefaultResultExtractionMethod, - MaxResultSize: config.DefaultMaxResultSize, - }, + FeatureFlags: defaultFeatureFlags, }, }, } @@ -4957,9 +4960,8 @@ metadata: } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - ctx := ttesting.EnableFeatureFlagField(context.Background(), t, "enable-provenance-in-status") // mock first reconcile - if err := storePipelineSpecAndMergeMeta(ctx, pr, tc.reconcile1Args.pipelineSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { + if err := storePipelineSpecAndMergeMeta(context.Background(), pr, tc.reconcile1Args.pipelineSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(pr, tc.wantPipelineRun); d != "" { @@ -4967,7 +4969,7 @@ metadata: } // mock second reconcile - if err := storePipelineSpecAndMergeMeta(ctx, pr, tc.reconcile2Args.pipelineSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { + if err := storePipelineSpecAndMergeMeta(context.Background(), pr, tc.reconcile2Args.pipelineSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(pr, tc.wantPipelineRun); d != "" { @@ -8085,6 +8087,9 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -8332,6 +8337,10 @@ labels: t.Errorf("expected to see TaskRun %v created. Diff %s", expectedTaskRuns[i].Name, diff.PrintWantGot(d)) } } + + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("found PipelineRun does not match expected PipelineRun. Diff %s", diff.PrintWantGot(d)) } @@ -8870,6 +8879,9 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -9092,6 +9104,9 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -9685,6 +9700,9 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10033,6 +10051,9 @@ spec: } } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10477,6 +10498,9 @@ status: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, cmpopts.SortSlices(lessChildReferences), cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10997,6 +11021,9 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: alphaFeatureFlags, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } diff --git a/pkg/reconciler/taskrun/taskrun.go b/pkg/reconciler/taskrun/taskrun.go index bbcf5436553..00afe656dee 100644 --- a/pkg/reconciler/taskrun/taskrun.go +++ b/pkg/reconciler/taskrun/taskrun.go @@ -881,20 +881,18 @@ func storeTaskSpecAndMergeMeta(ctx context.Context, tr *v1beta1.TaskRun, ts *v1b } cfg := config.FromContextOrDefaults(ctx) - if cfg.FeatureFlags.EnableProvenanceInStatus { - if tr.Status.Provenance == nil { - tr.Status.Provenance = &v1beta1.Provenance{} - } - // Store FeatureFlags in the Provenance. - tr.Status.Provenance.FeatureFlags = cfg.FeatureFlags - // Propagate RefSource from remote resolution to TaskRun Status - // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and refSource comes in next reconcile. - if meta != nil && meta.RefSource != nil && tr.Status.Provenance.RefSource == nil { - tr.Status.Provenance.RefSource = meta.RefSource - } - if meta != nil && meta.RefSource != nil && tr.Status.Provenance.ConfigSource == nil { - tr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) - } + if tr.Status.Provenance == nil { + tr.Status.Provenance = &v1beta1.Provenance{} + } + // Store FeatureFlags in the Provenance. + tr.Status.Provenance.FeatureFlags = cfg.FeatureFlags + // Propagate RefSource from remote resolution to TaskRun Status + // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and refSource comes in next reconcile. + if meta != nil && meta.RefSource != nil && tr.Status.Provenance.RefSource == nil { + tr.Status.Provenance.RefSource = meta.RefSource + } + if meta != nil && meta.RefSource != nil && tr.Status.Provenance.ConfigSource == nil { + tr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) } return nil diff --git a/pkg/reconciler/taskrun/taskrun_test.go b/pkg/reconciler/taskrun/taskrun_test.go index 65bb2e93bd7..29ba4081c80 100644 --- a/pkg/reconciler/taskrun/taskrun_test.go +++ b/pkg/reconciler/taskrun/taskrun_test.go @@ -82,7 +82,9 @@ const ( var ( defaultActiveDeadlineSeconds = int64(config.DefaultTimeoutMinutes * 60 * 1.5) - images = pipeline.Images{ + defaultFeatureFlags, _ = config.NewFeatureFlagsFromMap(map[string]string{}) + + images = pipeline.Images{ EntrypointImage: "override-with-entrypoint:latest", NopImage: "override-with-nop:latest", ShellImage: "busybox", @@ -1697,6 +1699,22 @@ status: type: Succeeded `) ) + featureFlags, _ := config.NewFeatureFlagsFromMap(map[string]string{ + "enable-api-fields": "alpha", + }) + + failedOnReconcileFailureTaskRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: featureFlags, + } + failedOnReconcileFailureTaskRun.Status.RetriesStatus[0].Provenance = &v1beta1.Provenance{ + FeatureFlags: featureFlags, + } + + defaultFeatureFlags, _ := config.NewFeatureFlagsFromMap(map[string]string{}) + + retriedTaskRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: defaultFeatureFlags, + } for _, tc := range []struct { name string @@ -3768,15 +3786,7 @@ spec: Provenance: &v1beta1.Provenance{ RefSource: refSource.DeepCopy(), ConfigSource: (*v1beta1.ConfigSource)(refSource.DeepCopy()), - FeatureFlags: &config.FeatureFlags{ - RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, - EnableAPIFields: config.DefaultEnableAPIFields, - AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, - VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: true, - ResultExtractionMethod: config.DefaultResultExtractionMethod, - MaxResultSize: config.DefaultMaxResultSize, - }, + FeatureFlags: defaultFeatureFlags, }, }, } @@ -3828,9 +3838,8 @@ spec: for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - ctx := ttesting.EnableFeatureFlagField(context.Background(), t, "enable-provenance-in-status") // mock first reconcile - if err := storeTaskSpecAndMergeMeta(ctx, tr, tc.reconcile1Args.taskSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { + if err := storeTaskSpecAndMergeMeta(context.Background(), tr, tc.reconcile1Args.taskSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(tr, tc.wantTaskRun); d != "" { @@ -3838,7 +3847,7 @@ spec: } // mock second reconcile - if err := storeTaskSpecAndMergeMeta(ctx, tr, tc.reconcile2Args.taskSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { + if err := storeTaskSpecAndMergeMeta(context.Background(), tr, tc.reconcile2Args.taskSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(tr, tc.wantTaskRun); d != "" { diff --git a/test/custom_task_test.go b/test/custom_task_test.go index 44aba46a3d5..ddee75590da 100644 --- a/test/custom_task_test.go +++ b/test/custom_task_test.go @@ -30,6 +30,7 @@ import ( "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" + "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1" "github.com/tektoncd/pipeline/test/diff" @@ -635,6 +636,16 @@ func TestWaitCustomTask_V1Beta1_PipelineRun(t *testing.T) { }, }, }, + Provenance: &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableAPIFields: config.BetaAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + }, }, }, } diff --git a/test/e2e-tests.sh b/test/e2e-tests.sh index 66d39911000..6e99b50d16c 100755 --- a/test/e2e-tests.sh +++ b/test/e2e-tests.sh @@ -57,7 +57,7 @@ function set_feature_gate() { kubectl patch configmap feature-flags -n tekton-pipelines -p "$jsonpatch" if [ "$gate" == "alpha" ]; then printf "enabling resolvers\n" - jsonpatch=$(printf "{\"data\": {\"enable-git-resolver\": \"true\", \"enable-hub-resolver\": \"true\", \"enable-bundles-resolver\": \"true\", \"enable-cluster-resolver\": \"true\", \"enable-provenance-in-status\": \"true\"}}") + jsonpatch=$(printf "{\"data\": {\"enable-git-resolver\": \"true\", \"enable-hub-resolver\": \"true\", \"enable-bundles-resolver\": \"true\", \"enable-cluster-resolver\": \"true\"}}") echo "resolvers-feature-flags ConfigMap patch: ${jsonpatch}" kubectl patch configmap resolvers-feature-flags -n tekton-pipelines-resolvers -p "$jsonpatch" fi diff --git a/test/status_test.go b/test/status_test.go index 72b790d456e..d37c6b31291 100644 --- a/test/status_test.go +++ b/test/status_test.go @@ -33,16 +33,12 @@ import ( "github.com/tektoncd/pipeline/test/diff" "github.com/tektoncd/pipeline/test/parse" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "knative.dev/pkg/system" knativetest "knative.dev/pkg/test" "knative.dev/pkg/test/helpers" "sigs.k8s.io/yaml" ) var ( - provenanceFeatureFlags = requireAllGates(map[string]string{ - "enable-provenance-in-status": "true", - }) ignoreFeatureFlags = cmpopts.IgnoreFields(v1beta1.Provenance{}, "FeatureFlags") ) @@ -126,9 +122,9 @@ spec: // about the remote task i.e. refSource info . func TestProvenanceFieldInPipelineRunTaskRunStatus(t *testing.T) { ctx := context.Background() - c, namespace := setupProvenance(ctx, t, clusterFeatureFlags, provenanceFeatureFlags) - knativetest.CleanupOnInterrupt(func() { unsetProvenanceFlags(ctx, t, c) }, t.Logf) - defer unsetProvenanceFlags(ctx, t, c) + ctx, cancel := context.WithCancel(ctx) + defer cancel() + c, namespace := setup(ctx, t) knativetest.CleanupOnInterrupt(func() { tearDown(ctx, t, c, namespace) }, t.Logf) defer tearDown(ctx, t, c, namespace) @@ -152,9 +148,6 @@ func TestProvenanceFieldInPipelineRunTaskRunStatus(t *testing.T) { URI: fmt.Sprintf("/apis/%s/namespaces/%s/%s/%s@%s", v1beta1.SchemeGroupVersion.String(), namespace, "task", exampleTask.Name, exampleTask.UID), Digest: map[string]string{"sha256": sha256CheckSum(taskSpec)}, }, - FeatureFlags: &config.FeatureFlags{ - EnableProvenanceInStatus: true, - }, } // example pipeline @@ -304,27 +297,3 @@ func sha256CheckSum(input []byte) string { h.Write(input) return hex.EncodeToString(h.Sum(nil)) } - -func setupProvenance(ctx context.Context, t *testing.T, fn ...func(context.Context, *testing.T, *clients, string)) (*clients, string) { - t.Helper() - c, ns := setup(ctx, t) - configMapData := map[string]string{ - "enable-provenance-in-status": "true", - } - - if err := updateConfigMap(ctx, c.KubeClient, system.Namespace(), config.GetFeatureFlagsConfigName(), configMapData); err != nil { - t.Fatal(err) - } - return c, ns -} - -func unsetProvenanceFlags(ctx context.Context, t *testing.T, c *clients) { - t.Helper() - configMapData := map[string]string{ - "enable-provenance-in-status": "false", - } - - if err := updateConfigMap(ctx, c.KubeClient, system.Namespace(), config.GetFeatureFlagsConfigName(), configMapData); err != nil { - t.Fatal(err) - } -}