-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate dependencies between resolved resources in a PipelineRun #3711
Conversation
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
/hold There's quite a bit of test coverage I need to add before this goes in. |
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
/test pull-tekton-pipeline-integration-tests |
/hold cancel Improved coverage. |
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
The following is the coverage report on the affected files.
|
func ValidateOptionalWorkspaces(pipelineWorkspaces []v1beta1.PipelineWorkspaceDeclaration, state PipelineRunState) error { | ||
optionalWorkspaces := sets.NewString() | ||
for _, ws := range pipelineWorkspaces { | ||
if ws.Optional { | ||
optionalWorkspaces.Insert(ws.Name) | ||
} | ||
} | ||
|
||
for _, rprt := range state { | ||
for _, pws := range rprt.PipelineTask.Workspaces { | ||
if optionalWorkspaces.Has(pws.Workspace) { | ||
for _, tws := range rprt.ResolvedTaskResources.TaskSpec.Workspaces { | ||
if tws.Name == pws.Name { | ||
if !tws.Optional { | ||
return fmt.Errorf("pipeline workspace %q is marked optional but pipeline task %q requires it be provided", pws.Workspace, rprt.PipelineTask.Name) | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
return nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this makes me think that it may be clearer to have the reason above as ReasonRequiredWorkspaceMarkedOptional
instead of ReasonOptionalWorkspaceNotSupportedByTask
pipeline/pkg/reconciler/pipelinerun/pipelinerun.go
Lines 105 to 107 in 2cf44c9
// ReasonOptionalWorkspaceNotSupportedByTask indicates an optional workspace | |
// has been passed to a Task that is expecting a non-optional workspace | |
ReasonOptionalWorkspaceNotSupportedByTask = "OptionalWorkspaceNotSupportedByTask" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for reviewing, I've made this change.
The following is the coverage report on the affected files.
|
When a PipelineRun is started there are several error conditions that can be hit due to invalid Pipeline configuration. These errors have previously only surfaced halfway through execution of the PipelineRun because validating them requires a number of different resources to be resolved. This commit performs more extensive runtime validation of a PipelineRun before it is allowed to start: - All result variables used in the Pipeline are checked to be pointing at valid Tasks and TaskResults. - Workspaces marked optional by the Pipeline are confirmed to also be Optional in the Tasks they're passed to. This validation required searching for result variables in a PipelineTask in a very similar way we do in several other places in our codebase. I've refactored all of these to use a common func `PipelineTaskResultRefs()`.
The following is the coverage report on the affected files.
|
/test pull-tekton-pipeline-integration-tests |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @sbwsg for the added validation and making using result references cleaner!
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jerop The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test check-pr-has-kind-label |
Thanks @sbwsg, this PR has a lot of simplifications around results and I appreciate these changes 👍 /lgtm |
Changes
Fixes #3499
When a PipelineRun is started there are several error conditions that can be
hit due to invalid Pipeline configuration. These errors have previously
only surfaced halfway through execution of the PipelineRun because validating
them requires a number of different resources to be resolved.
This commit performs validation on resolved dependencies of a PipelineRun before
it is allowed to start:
Tasks and TaskResults. This requires looking at resolved TaskSpecs.
in the Tasks they're passed to. This also requires looking at resolved TaskSpecs.
This validation required searching for result variables in a PipelineTask in a very
similar way we do in several other places in our codebase. I've refactored all of these
to use a common func called
PipelineTaskResultRefs()
.Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
Release Notes