Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move remote resolution out of alpha #5515

Merged
merged 1 commit into from
Oct 5, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 16 additions & 2 deletions cmd/webhook/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@ import (
v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
"github.com/tektoncd/pipeline/pkg/apis/resolution"
resolutionv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
resolutionv1beta1 "github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1"
resourcev1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1"
"k8s.io/apimachinery/pkg/runtime/schema"
"knative.dev/pkg/configmap"
Expand Down Expand Up @@ -66,6 +68,8 @@ var types = map[schema.GroupVersionKind]resourcesemantics.GenericCRD{
// resolution
// v1alpha1
resolutionv1alpha1.SchemeGroupVersion.WithKind("ResolutionRequest"): &resolutionv1alpha1.ResolutionRequest{},
// v1beta1
resolutionv1beta1.SchemeGroupVersion.WithKind("ResolutionRequest"): &resolutionv1beta1.ResolutionRequest{},
}

func newDefaultingAdmissionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
Expand Down Expand Up @@ -140,8 +144,10 @@ func newConfigValidationController(ctx context.Context, cmw configmap.Watcher) *
func newConversionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
// nolint: revive
var (
v1beta1GroupVersion = v1beta1.SchemeGroupVersion.Version
v1GroupVersion = v1.SchemeGroupVersion.Version
v1beta1GroupVersion = v1beta1.SchemeGroupVersion.Version
v1GroupVersion = v1.SchemeGroupVersion.Version
resolutionv1alpha1GroupVersion = resolutionv1alpha1.SchemeGroupVersion.Version
resolutionv1beta1GroupVersion = resolutionv1beta1.SchemeGroupVersion.Version
)
return conversion.NewConversionController(ctx,
// The path on which to serve the webhook
Expand Down Expand Up @@ -182,6 +188,14 @@ func newConversionController(ctx context.Context, cmw configmap.Watcher) *contro
v1GroupVersion: &v1.PipelineRun{},
},
},
resolutionv1beta1.Kind("ResolutionRequest"): {
DefinitionName: resolution.ResolutionRequestResource.String(),
HubVersion: resolutionv1beta1GroupVersion,
Zygotes: map[string]conversion.ConvertibleObject{
resolutionv1alpha1GroupVersion: &resolutionv1alpha1.ResolutionRequest{},
resolutionv1beta1GroupVersion: &resolutionv1beta1.ResolutionRequest{},
},
},
},

// A function that infuses the context passed to ConvertTo/ConvertFrom/SetDefaults with custom metadata
Expand Down
7 changes: 4 additions & 3 deletions config/300-resolutionrequest.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@ spec:
versions:
- name: v1alpha1
served: true
storage: true
deprecated: true
storage: false
subresources:
status: {}
schema:
Expand All @@ -56,8 +57,8 @@ spec:
type: string
jsonPath: ".status.conditions[?(@.type=='Succeeded')].reason"
- name: v1beta1
served: false
storage: false
served: true
storage: true
subresources:
status: {}
schema:
Expand Down
16 changes: 4 additions & 12 deletions config/resolvers/config-feature-flags.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,18 +23,10 @@ metadata:
app.kubernetes.io/part-of: tekton-pipelines
data:
# Setting this flag to "true" enables remote resolution of Tekton OCI bundles.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess the comment sounds a bit strange now that the default is "true".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Waiting on acting on this until it's confirmed that the switch to the built-in resolvers being on by default should be moved out of this PR.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's keep the one PR

# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-bundles-resolver: "false"
enable-bundles-resolver: "true"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why are we changing this as part of making this feature v1beta1?
I'm not entirely sure why they were disabled by default in alpha, but if we want to change that it feels like it should go in a different PR

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I can do that in a separate PR, if so desired. I wasn't a big fan of having them off by default in the first place, but the more I thought about it, the more I decided that it was a mistake to have them off. I just thought the alpha->beta transition was a good time to do that, particularly since we're also including the resolvers deployment in release.yaml in this PR. I'd need to make some changes to e2e test setup if I yank this out of the PR - let me know if you think I should.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's OK to make this swap in the same PR, but I'll defer to @afrittoli here. Just FYI that for v1 we're hoping to have resolution in beta and these resolvers (at least the cluster and bundle ones) enabled by default, as replacements for the OCI bundles syntax and ClusterTask. (ClusterTask might be less necessary since it's a separate CRD, but either way, I think we're waiting on #5579 until this is merged.)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand the reasoning for switching those flags by default, and since this PR is already baked (and rebased enough times) I think it's fine to keep them together - but generally I would prefer if we avoided grouping changes in one PR. I think a more natural flow would have been switching the flag default first and moving to beta then.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Will do in the future.

# Setting this flag to "true" enables remote resolution of tasks and pipelines via the Tekton Hub.
# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-hub-resolver: "false"
enable-hub-resolver: "true"
# Setting this flag to "true" enables remote resolution of tasks and pipelines from Git repositories.
# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-git-resolver: "false"
enable-git-resolver: "true"
# Setting this flag to "true" enables remote resolution of tasks and pipelines from other namespaces within the cluster.
# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-cluster-resolver: "false"
enable-cluster-resolver: "true"
2 changes: 1 addition & 1 deletion docs/bundle-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ This Resolver responds to type `bundles`.

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- A cluster running Tekton Pipeline v0.41.0 or later.
afrittoli marked this conversation as resolved.
Show resolved Hide resolved
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-bundles-resolver` feature flag in the `resolvers-feature-flags` ConfigMap
in the `tekton-pipelines-resolvers` namespace set to `true`.
Expand Down
2 changes: 1 addition & 1 deletion docs/cluster-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ This Resolver responds to type `cluster`.

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- A cluster running Tekton Pipeline v0.41.0 or later.
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-cluster-resolver` feature flag in the `resolvers-feature-flags` ConfigMap
in the `tekton-pipelines-resolvers` namespace set to `true`.
Expand Down
2 changes: 1 addition & 1 deletion docs/git-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ This Resolver responds to type `git`.

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- A cluster running Tekton Pipeline v0.41.0 or later.
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-git-resolver` feature flag in the `resolvers-feature-flags` ConfigMap in the
`tekton-pipelines-resolvers` namespace set to `true`.
Expand Down
15 changes: 7 additions & 8 deletions docs/how-to-write-a-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -185,13 +185,12 @@ We'll also need to add another import for this package at the top:
```go
import (
"context"

// Add this one; it defines LabelKeyResolverType we use in GetSelector

"github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1"
// Add this one; it defines LabelKeyResolverType we use in GetSelector
"github.com/tektoncd/pipeline/pkg/resolution/common"

"github.com/tektoncd/pipeline/pkg/resolution/resolver/framework"
"knative.dev/pkg/injection/sharedmain"
"github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
)
```

Expand Down Expand Up @@ -263,7 +262,7 @@ func (*myResolvedResource) Annotations() map[string]string {

// Source is the source reference of the remote data that records where the remote
// file came from including the url, digest and the entrypoint. None atm.
func (*myResolvedResource) Source() *v1alpha1.ConfigSource {
func (*myResolvedResource) Source() *v1beta1.ConfigSource {
return nil
}
```
Expand All @@ -276,8 +275,8 @@ following example.
```go
// Source is the source reference of the remote data that records where the remote
// file came from including the url, digest and the entrypoint.
func (*myResolvedResource) Source() *v1alpha1.ConfigSource {
return &v1alpha1.ConfigSource{
func (*myResolvedResource) Source() *v1beta1.ConfigSource {
return &v1beta1.ConfigSource{
URI: "https://github.com/user/example",
Digest: map[string]string{
"sha1": "example",
Expand Down Expand Up @@ -394,7 +393,7 @@ pipeline. Create a file called `test-request.yaml` with the following
content:

```yaml
apiVersion: resolution.tekton.dev/v1alpha1
apiVersion: resolution.tekton.dev/v1beta1
kind: ResolutionRequest
metadata:
name: test-request
Expand Down
2 changes: 1 addition & 1 deletion docs/hub-resolver.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ Use resolver type `hub`.

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- A cluster running Tekton Pipeline v0.41.0 or later.
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-hub-resolver` feature flag in the `resolvers-feature-flags` ConfigMap in the
`tekton-pipelines-resolvers` namespace set to `true`.
Expand Down
15 changes: 11 additions & 4 deletions docs/install.md
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,10 @@ To install Tekton Pipelines on a Kubernetes cluster:
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml
```

1. **Note**: To install Tekton Pipelines without including [the built-in remote resolvers](#installing-and-configuring-remote-task-and-pipeline-resolution)
follow the directions above, but replace `release.yaml` or `release.notags.yaml` with `minimal-release.yaml` or
`minimal-release.notags.yaml` as appropriate.

1. **Note**: Some cloud providers (such as [GKE](https://github.com/tektoncd/pipeline/issues/3317#issuecomment-708066087))
may also require you to allow port 8443 in your firewall rules so that the Tekton Pipelines webhook is reachable.

Expand Down Expand Up @@ -270,10 +274,14 @@ data:

## Installing and configuring remote Task and Pipeline resolution

**NOTE**: Remote resolution is currently [an `alpha` feature](#alpha-features).
By default, when Tekton Pipelines is installed using `release.yaml` or `release.notags.yaml`, the
[built-in resolvers](#built-in-resolvers) are installed into the `tekton-pipelines-resolvers` namespace.

### Installing built-in remote resolvers with a minimal Tekton Pipelines installation

To install the latest release of the [built-in remote resolvers](#built-in-resolvers),
run the following command:
If you have installed Tekton Pipelines using `minimal-release.yaml` or `minimal-release.notags.yaml` and
wish to add the [built-in remote resolvers](#built-in-resolvers) later, you can install them separately
by running the following command:

```bash
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/resolvers.yaml
Expand Down Expand Up @@ -464,7 +472,6 @@ Features currently in "alpha" are:
| [Propagated `Parameters`](./taskruns.md#propagated-parameters) | [TEP-0107](https://github.com/tektoncd/community/blob/main/teps/0107-propagating-parameters.md) | [v0.36.0](https://github.com/tektoncd/pipeline/releases/tag/v0.36.0) | |
| [Propagated `Workspaces`](./pipelineruns.md#propagated-workspaces) | [TEP-0111](https://github.com/tektoncd/community/blob/main/teps/0111-propagating-workspaces.md) | v0.40.0 | |
| [Windows Scripts](./tasks.md#windows-scripts) | [TEP-0057](https://github.com/tektoncd/community/blob/main/teps/0057-windows-support.md) | [v0.28.0](https://github.com/tektoncd/pipeline/releases/tag/v0.28.0) | |
| [Remote Tasks](./taskruns.md#remote-tasks) and [Remote Pipelines](./pipelineruns.md#remote-pipelines) | [TEP-0060](https://github.com/tektoncd/community/blob/main/teps/0060-remote-resolution.md) | [v0.35.0](https://github.com/tektoncd/pipeline/releases/tag/v0.35.0) | |
| [Debug](./debug.md) | [TEP-0042](https://github.com/tektoncd/community/blob/main/teps/0042-taskrun-breakpoint-on-failure.md) | [v0.26.0](https://github.com/tektoncd/pipeline/releases/tag/v0.26.0) | |
| [Step and Sidecar Overrides](./taskruns.md#overriding-task-steps-and-sidecars) | [TEP-0094](https://github.com/tektoncd/community/blob/main/teps/0094-specifying-resource-requirements-at-runtime.md) | [v0.34.0](https://github.com/tektoncd/pipeline/releases/tag/v0.34.0) | |
| [Matrix](./matrix.md) | [TEP-0090](https://github.com/tektoncd/community/blob/main/teps/0090-matrix.md) | [v0.38.0](https://github.com/tektoncd/pipeline/releases/tag/v0.38.0) | |
Expand Down
Loading