Skip to content

Commit

Permalink
Fix StepAction support in Cluster resolver
Browse files Browse the repository at this point in the history
Signed-off-by: Marcus Noble <github@marcusnoble.co.uk>
  • Loading branch information
AverageMarcus committed Nov 11, 2024
1 parent 7056a41 commit 83274ef
Show file tree
Hide file tree
Showing 3 changed files with 75 additions and 7 deletions.
33 changes: 27 additions & 6 deletions docs/cluster-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,11 @@ This Resolver responds to type `cluster`.

## Parameters

| Param Name | Description | Example Value |
|-------------|-------------------------------------------------------|------------------------------|
| `kind` | The kind of resource to fetch. | `task`, `pipeline` |
| `name` | The name of the resource to fetch. | `some-pipeline`, `some-task` |
| `namespace` | The namespace in the cluster containing the resource. | `default`, `other-namespace` |
| Param Name | Description | Example Value |
|-------------|-------------------------------------------------------|----------------------------------|
| `kind` | The kind of resource to fetch. | `task`, `pipeline`, `stepaction` |
| `name` | The name of the resource to fetch. | `some-pipeline`, `some-task` |
| `namespace` | The namespace in the cluster containing the resource. | `default`, `other-namespace` |

## Requirements

Expand All @@ -37,7 +37,7 @@ for the name, namespace and defaults that the resolver ships with.

| Option Name | Description | Example Values |
|----------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------|
| `default-kind` | The default resource kind to fetch if not specified in parameters. | `task`, `pipeline` |
| `default-kind` | The default resource kind to fetch if not specified in parameters. | `task`, `pipeline`, `stepaction` |
| `default-namespace` | The default namespace to fetch resources from if not specified in parameters. | `default`, `some-namespace` |
| `allowed-namespaces` | An optional comma-separated list of namespaces which the resolver is allowed to access. Defaults to empty, meaning all namespaces are allowed. | `default,some-namespace`, (empty) |
| `blocked-namespaces` | An optional comma-separated list of namespaces which the resolver is blocked from accessing. If the value is a `*` all namespaces will be disallowed and allowed namespace will need to be explicitely listed in `allowed-namespaces`. Defaults to empty, meaning all namespaces are allowed. | `default,other-namespace`, `*`, (empty) |
Expand All @@ -63,6 +63,27 @@ spec:
value: namespace-containing-task
```
### StepAction Resolution
```yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: remote-stepaction-reference
spec:
steps:
- name: step-action-example
ref
resolver: cluster
params:
- name: kind
value: stepaction
- name: name
value: some-stepaction
- name: namespace
value: namespace-containing-stepaction
```
### Pipeline resolution
```yaml
Expand Down
9 changes: 8 additions & 1 deletion pkg/resolution/resolver/cluster/resolver.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (
"encoding/hex"
"errors"
"fmt"
"slices"
"strings"

resolverconfig "github.com/tektoncd/pipeline/pkg/apis/config/resolver"
Expand Down Expand Up @@ -51,6 +52,8 @@ const (

var _ framework.Resolver = &Resolver{}

var supportedKinds = []string{"task", "pipeline", "stepaction"}

// Resolver implements a framework.Resolver that can fetch resources from other namespaces.
//
// Deprecated: Use [github.com/tektoncd/pipeline/pkg/remoteresolution/resolver/cluster.Resolver] instead.
Expand Down Expand Up @@ -229,7 +232,7 @@ func populateParamsWithDefaults(ctx context.Context, origParams []pipelinev1.Par
} else {
params[KindParam] = pKind.StringVal
}
if kindVal, ok := params[KindParam]; ok && kindVal != "task" && kindVal != "pipeline" {
if kindVal, ok := params[KindParam]; ok && !isSupportedKind(kindVal) {
return nil, fmt.Errorf("unknown or unsupported resource kind '%s'", kindVal)
}

Expand Down Expand Up @@ -364,3 +367,7 @@ func fetchPipeline(ctx context.Context, groupVersion string, pipeline *pipelinev
}
return uid, data, sha256Checksum, spec, nil
}

func isSupportedKind(kindValue string) bool {
return slices.Contains[[]string, string](supportedKinds, kindValue)
}
40 changes: 40 additions & 0 deletions pkg/resolution/resolver/cluster/resolver_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,28 @@ func TestResolve(t *testing.T) {
t.Fatalf("couldn't marshal pipeline: %v", err)
}

exampleStepAction := &pipelinev1beta1.StepAction{
ObjectMeta: metav1.ObjectMeta{
Name: "example-stepaction",
Namespace: "stepaction-ns",
ResourceVersion: "00003",
UID: "c123",
},
TypeMeta: metav1.TypeMeta{
Kind: "StepAction",
APIVersion: "tekton.dev/v1beta1",
},
Spec: pipelinev1beta1.StepActionSpec{},
}
stepActionChecksum, err := exampleStepAction.Checksum()
if err != nil {
t.Fatalf("couldn't checksum stepaction: %v", err)
}
stepActionAsYAML, err := yaml.Marshal(exampleStepAction)
if err != nil {
t.Fatalf("couldn't marshal stepaction: %v", err)
}

testCases := []struct {
name string
kind string
Expand Down Expand Up @@ -323,6 +345,23 @@ func TestResolve(t *testing.T) {
},
},
},
}, {
name: "successful stepaction",
kind: "stepaction",
resourceName: exampleStepAction.Name,
namespace: exampleStepAction.Namespace,
expectedStatus: &v1beta1.ResolutionRequestStatus{
Status: duckv1.Status{},
ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
Data: base64.StdEncoding.Strict().EncodeToString(stepActionAsYAML),
RefSource: &pipelinev1.RefSource{
URI: "/apis/tekton.dev/v1/namespaces/stepaction-ns/stepaction/example-stepaction@c123",
Digest: map[string]string{
"sha256": hex.EncodeToString(stepActionChecksum),
},
},
},
},
}, {
name: "default namespace",
kind: "pipeline",
Expand Down Expand Up @@ -427,6 +466,7 @@ func TestResolve(t *testing.T) {
Pipelines: []*pipelinev1.Pipeline{examplePipeline},
ResolutionRequests: []*v1beta1.ResolutionRequest{request},
Tasks: []*pipelinev1.Task{exampleTask},
StepActions: []*pipelinev1beta1.StepAction{exampleStepAction},
}

resolver := &cluster.Resolver{}
Expand Down

0 comments on commit 83274ef

Please sign in to comment.