Move remote resolution out of alpha

Closes tektoncd#4710 Based on discussions around promoting features last week, I'm opting to skip the need for a `beta` flag and take remote resolution straight to `stable`. I'm confident in the API stability, so I don't think there's a reason to wait since v1 hasn't happened yet. And for that matter, v1 is expecting remote resolution to be on by default anyway. Deprecation of the legacy `taskRef.bundle` and `pipelineRef.bundle` syntax will be handled in a separate PR (tektoncd#5514). Signed-off-by: Andrew Bayer <andrew.bayer@gmail.com>
abayer · Sep 29, 2022 · 6ccc161 · 6ccc161
1 parent 4b53ae5
commit 6ccc161
Show file tree

Hide file tree

Showing 81 changed files with 937 additions and 936 deletions.
diff --git a/cmd/webhook/main.go b/cmd/webhook/main.go
@@ -27,7 +27,9 @@ import (
 	v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
 	"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1"
 	"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
+	"github.com/tektoncd/pipeline/pkg/apis/resolution"
 	resolutionv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
+	resolutionv1beta1 "github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1"
 	resourcev1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"knative.dev/pkg/configmap"
@@ -66,6 +68,8 @@ var types = map[schema.GroupVersionKind]resourcesemantics.GenericCRD{
 	// resolution
 	// v1alpha1
 	resolutionv1alpha1.SchemeGroupVersion.WithKind("ResolutionRequest"): &resolutionv1alpha1.ResolutionRequest{},
+	// v1beta1
+	resolutionv1beta1.SchemeGroupVersion.WithKind("ResolutionRequest"): &resolutionv1beta1.ResolutionRequest{},
 }
 
 func newDefaultingAdmissionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
@@ -140,8 +144,10 @@ func newConfigValidationController(ctx context.Context, cmw configmap.Watcher) *
 func newConversionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
 	// nolint: revive
 	var (
-		v1beta1GroupVersion = v1beta1.SchemeGroupVersion.Version
-		v1GroupVersion      = v1.SchemeGroupVersion.Version
+		v1beta1GroupVersion            = v1beta1.SchemeGroupVersion.Version
+		v1GroupVersion                 = v1.SchemeGroupVersion.Version
+		resolutionv1alpha1GroupVersion = resolutionv1alpha1.SchemeGroupVersion.Version
+		resolutionv1beta1GroupVersion  = resolutionv1beta1.SchemeGroupVersion.Version
 	)
 	return conversion.NewConversionController(ctx,
 		// The path on which to serve the webhook
@@ -182,6 +188,14 @@ func newConversionController(ctx context.Context, cmw configmap.Watcher) *contro
 					v1GroupVersion:      &v1.PipelineRun{},
 				},
 			},
+			resolutionv1beta1.Kind("ResolutionRequest"): {
+				DefinitionName: resolution.ResolutionRequestResource.String(),
+				HubVersion:     resolutionv1beta1GroupVersion,
+				Zygotes: map[string]conversion.ConvertibleObject{
+					resolutionv1alpha1GroupVersion: &resolutionv1alpha1.ResolutionRequest{},
+					resolutionv1beta1GroupVersion:  &resolutionv1beta1.ResolutionRequest{},
+				},
+			},
 		},
 
 		// A function that infuses the context passed to ConvertTo/ConvertFrom/SetDefaults with custom metadata

diff --git a/config/300-resolutionrequest.yaml b/config/300-resolutionrequest.yaml
@@ -34,7 +34,8 @@ spec:
   versions:
     - name: v1alpha1
       served: true
-      storage: true
+      deprecated: true
+      storage: false
       subresources:
         status: {}
       schema:
@@ -56,8 +57,8 @@ spec:
           type: string
           jsonPath: ".status.conditions[?(@.type=='Succeeded')].reason"
     - name: v1beta1
-      served: false
-      storage: false
+      served: true
+      storage: true
       subresources:
         status: {}
       schema:

diff --git a/config/resolvers/config-feature-flags.yaml b/config/resolvers/config-feature-flags.yaml
@@ -23,18 +23,10 @@ metadata:
     app.kubernetes.io/part-of: tekton-pipelines
 data:
   # Setting this flag to "true" enables remote resolution of Tekton OCI bundles.
-  # This is an experimental feature and thus should still be considered
-  # an alpha feature.
-  enable-bundles-resolver: "false"
+  enable-bundles-resolver: "true"
   # Setting this flag to "true" enables remote resolution of tasks and pipelines via the Tekton Hub.
-  # This is an experimental feature and thus should still be considered
-  # an alpha feature.
-  enable-hub-resolver: "false"
+  enable-hub-resolver: "true"
   # Setting this flag to "true" enables remote resolution of tasks and pipelines from Git repositories.
-  # This is an experimental feature and thus should still be considered
-  # an alpha feature.
-  enable-git-resolver: "false"
+  enable-git-resolver: "true"
   # Setting this flag to "true" enables remote resolution of tasks and pipelines from other namespaces within the cluster.
-  # This is an experimental feature and thus should still be considered
-  # an alpha feature.
-  enable-cluster-resolver: "false"
+  enable-cluster-resolver: "true"
diff --git a/docs/bundle-resolver.md b/docs/bundle-resolver.md
@@ -15,7 +15,7 @@ This Resolver responds to type `bundles`.
 
 ## Requirements
 
-- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
+- A cluster running Tekton Pipeline v0.41.0 or later.
 - The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
 - The `enable-bundles-resolver` feature flag in the `resolvers-feature-flags` ConfigMap 
   in the `tekton-pipelines-resolvers` namespace set to `true`.

diff --git a/docs/cluster-resolver.md b/docs/cluster-resolver.md
@@ -14,7 +14,7 @@ This Resolver responds to type `cluster`.
 
 ## Requirements
 
-- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
+- A cluster running Tekton Pipeline v0.41.0 or later.
 - The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
 - The `enable-cluster-resolver` feature flag in the `resolvers-feature-flags` ConfigMap
   in the `tekton-pipelines-resolvers` namespace set to `true`.

diff --git a/docs/git-resolver.md b/docs/git-resolver.md
@@ -16,7 +16,7 @@ This Resolver responds to type `git`.
 
 ## Requirements
 
-- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
+- A cluster running Tekton Pipeline v0.41.0 or later.
 - The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
 - The `enable-git-resolver` feature flag in the `resolvers-feature-flags` ConfigMap in the
   `tekton-pipelines-resolvers` namespace set to `true`.

diff --git a/docs/how-to-write-a-resolver.md b/docs/how-to-write-a-resolver.md
@@ -368,7 +368,7 @@ pipeline. Create a file called `test-request.yaml` with the following
 content:
 
 ```yaml
-apiVersion: resolution.tekton.dev/v1alpha1
+apiVersion: resolution.tekton.dev/v1beta1
 kind: ResolutionRequest
 metadata:
   name: test-request

diff --git a/docs/hub-resolver.md b/docs/hub-resolver.md
@@ -13,7 +13,7 @@ Use resolver type `hub`.
 
 ## Requirements
 
-- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
+- A cluster running Tekton Pipeline v0.41.0 or later.
 - The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
 - The `enable-hub-resolver` feature flag in the `resolvers-feature-flags` ConfigMap in the
   `tekton-pipelines-resolvers` namespace set to `true`.

diff --git a/docs/install.md b/docs/install.md
@@ -86,6 +86,10 @@ To install Tekton Pipelines on a Kubernetes cluster:
    kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml
    ```
 
+1. **Note**: To install Tekton Pipelines without including [the built-in remote resolvers](#installing-and-configuring-remote-task-and-pipeline-resolution)
+   follow the directions above, but replace `release.yaml` or `release.notags.yaml` with `minimal-release.yaml` or
+   `minimal-release.notags.yaml` as appropriate. 
+
 1. **Note**: Some cloud providers (such as [GKE](https://github.com/tektoncd/pipeline/issues/3317#issuecomment-708066087))
    may also require you to allow port 8443 in your firewall rules so that the Tekton Pipelines webhook is reachable.
 
@@ -270,10 +274,14 @@ data:
 
 ## Installing and configuring remote Task and Pipeline resolution
 
-**NOTE**: Remote resolution is currently [an `alpha` feature](#alpha-features).
+By default, when Tekton Pipelines is installed using `release.yaml` or `release.notags.yaml`, the
+[built-in resolvers](#built-in-resolvers) are installed into the `tekton-pipelines-resolvers` namespace.
+
+### Installing built-in remote resolvers with a minimal Tekton Pipelines installation
 
-To install the latest release of the [built-in remote resolvers](#built-in-resolvers),
-run the following command:
+If you have installed Tekton Pipelines using `minimal-release.yaml` or `minimal-release.notags.yaml` and
+wish to add the [built-in remote resolvers](#built-in-resolvers) later, you can install them separately 
+by running the following command:
 
    ```bash
    kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/resolvers.yaml
@@ -464,7 +472,6 @@ Features currently in "alpha" are:
 | [Propagated `Parameters`](./taskruns.md#propagated-parameters)                                        | [TEP-0107](https://github.com/tektoncd/community/blob/main/teps/0107-propagating-parameters.md)                            | [v0.36.0](https://github.com/tektoncd/pipeline/releases/tag/v0.36.0) |                             |
 | [Propagated `Workspaces`](./pipelineruns.md#propagated-workspaces)                                    | [TEP-0111](https://github.com/tektoncd/community/blob/main/teps/0111-propagating-workspaces.md)                      |            v0.40.0                                                          |                             |
 | [Windows Scripts](./tasks.md#windows-scripts)                                                         | [TEP-0057](https://github.com/tektoncd/community/blob/main/teps/0057-windows-support.md)                                   | [v0.28.0](https://github.com/tektoncd/pipeline/releases/tag/v0.28.0) |                             |
-| [Remote Tasks](./taskruns.md#remote-tasks) and [Remote Pipelines](./pipelineruns.md#remote-pipelines) | [TEP-0060](https://github.com/tektoncd/community/blob/main/teps/0060-remote-resolution.md)                                 | [v0.35.0](https://github.com/tektoncd/pipeline/releases/tag/v0.35.0) |                             |
 | [Debug](./debug.md)                                                                                   | [TEP-0042](https://github.com/tektoncd/community/blob/main/teps/0042-taskrun-breakpoint-on-failure.md)                     | [v0.26.0](https://github.com/tektoncd/pipeline/releases/tag/v0.26.0) |                             |
 | [Step and Sidecar Overrides](./taskruns.md#overriding-task-steps-and-sidecars)                        | [TEP-0094](https://github.com/tektoncd/community/blob/main/teps/0094-specifying-resource-requirements-at-runtime.md)       |   [v0.34.0](https://github.com/tektoncd/pipeline/releases/tag/v0.34.0)                                                                   |                             |
 | [Matrix](./matrix.md)                                                                                 | [TEP-0090](https://github.com/tektoncd/community/blob/main/teps/0090-matrix.md)                                            | [v0.38.0](https://github.com/tektoncd/pipeline/releases/tag/v0.38.0) |                             |

diff --git a/docs/pipeline-api.md b/docs/pipeline-api.md
@@ -2880,8 +2880,8 @@ requested.</p>
 </p>
 <div>
 <p>ResolverRef can be used to refer to a Pipeline or Task in a remote
-location like a git repo. This feature is in alpha and these fields
-are only available when the alpha feature gate is enabled.</p>
+location like a git repo. This feature is in beta and these fields
+are only available when the beta feature gate is enabled.</p>
 </div>
 <table>
 <thead>
@@ -10273,8 +10273,7 @@ requested.</p>
 </p>
 <div>
 <p>ResolverRef can be used to refer to a Pipeline or Task in a remote
-location like a git repo. This feature is in alpha and these fields
-are only available when the alpha feature gate is enabled.</p>
+location like a git repo.</p>
 </div>
 <table>
 <thead>

diff --git a/docs/resolution-getting-started.md b/docs/resolution-getting-started.md
@@ -24,16 +24,11 @@ with a Pipeline stored in a git repo.
 See [the installation instructions for Tekton Pipeline](./install.md#installing-tekton-pipelines-on-kubernetes), and
 [the installation instructions for the built-in resolvers](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
 
-## Step 2: Configure Pipelines to enable alpha features and resolvers
+## Step 2: Configure Pipelines to enable resolvers
 
-Tekton Pipelines currently has its integration with remote resolution behind
-the alpha feature gate, and enabling specific resolvers is controlled by feature 
-flags as well:
+Remote resolvers for Tekton Pipelines are enabled by feature flags:
 
 ```sh
-# update the feature-flags configmap in the tekton-pipelines namespace
-kubectl patch -n tekton-pipelines configmap feature-flags -p '{"data":{"enable-api-fields":"alpha","enable-git-resolver":"true"}}'
-
 # update the resolvers-feature-flags configmap in the tekton-pipelines-resolvers namespace
 kubectl patch -n tekton-pipelines-resolvers configmap resolvers-feature-flags -p '{"data":{"enable-git-resolver":"true"}}'
 ```

diff --git a/docs/resolver-template/README.md b/docs/resolver-template/README.md
@@ -58,7 +58,7 @@ Try creating a `ResolutionRequest` targeting `"demo"` with no parameters:
 
 ```bash
 $ cat <<EOF > rrtest.yaml
-apiVersion: resolution.tekton.dev/v1alpha1
+apiVersion: resolution.tekton.dev/v1beta1
 kind: ResolutionRequest
 metadata:
   name: test-resolver-template

diff --git a/docs/resolver-template/cmd/demoresolver/main.go b/docs/resolver-template/cmd/demoresolver/main.go
@@ -17,15 +17,16 @@ import (
 	"context"
 	"errors"
 
-	"github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
+	pipelinev1beta1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
+	"github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1"
 	"github.com/tektoncd/pipeline/pkg/resolution/common"
 	"github.com/tektoncd/pipeline/pkg/resolution/resolver/framework"
 	filteredinformerfactory "knative.dev/pkg/client/injection/kube/informers/factory/filtered"
 	"knative.dev/pkg/injection/sharedmain"
 )
 
 func main() {
-	ctx := filteredinformerfactory.WithSelectors(context.Background(), v1alpha1.ManagedByLabelKey)
+	ctx := filteredinformerfactory.WithSelectors(context.Background(), v1beta1.ManagedByLabelKey)
 	sharedmain.MainWithContext(ctx, "controller",
 		framework.NewController(ctx, &resolver{}),
 	)
@@ -51,15 +52,15 @@ func (r *resolver) GetSelector(context.Context) map[string]string {
 }
 
 // ValidateParams ensures parameters from a request are as expected.
-func (r *resolver) ValidateParams(ctx context.Context, params map[string]string) error {
+func (r *resolver) ValidateParams(ctx context.Context, params []pipelinev1beta1.Param) error {
 	if len(params) > 0 {
 		return errors.New("no params allowed")
 	}
 	return nil
 }
 
 // Resolve uses the given params to resolve the requested file or resource.
-func (r *resolver) Resolve(ctx context.Context, params map[string]string) (framework.ResolvedResource, error) {
+func (r *resolver) Resolve(ctx context.Context, params []pipelinev1beta1.Param) (framework.ResolvedResource, error) {
 	return &myResolvedResource{}, nil
 }
 

diff --git a/docs/resolver-template/cmd/demoresolver/main_test.go b/docs/resolver-template/cmd/demoresolver/main_test.go
@@ -21,7 +21,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
+	"github.com/tektoncd/pipeline/pkg/apis/resolution/v1beta1"
 	ttesting "github.com/tektoncd/pipeline/pkg/reconciler/testing"
 	resolutioncommon "github.com/tektoncd/pipeline/pkg/resolution/common"
 	frtesting "github.com/tektoncd/pipeline/pkg/resolution/resolver/framework/testing"
@@ -35,9 +35,9 @@ func TestResolver(t *testing.T) {
 
 	r := &resolver{}
 
-	request := &v1alpha1.ResolutionRequest{
+	request := &v1beta1.ResolutionRequest{
 		TypeMeta: metav1.TypeMeta{
-			APIVersion: "resolution.tekton.dev/v1alpha1",
+			APIVersion: "resolution.tekton.dev/v1beta1",
 			Kind:       "ResolutionRequest",
 		},
 		ObjectMeta: metav1.ObjectMeta{
@@ -48,14 +48,14 @@ func TestResolver(t *testing.T) {
 				resolutioncommon.LabelKeyResolverType: "demo",
 			},
 		},
-		Spec: v1alpha1.ResolutionRequestSpec{},
+		Spec: v1beta1.ResolutionRequestSpec{},
 	}
 	d := test.Data{
-		ResolutionRequests: []*v1alpha1.ResolutionRequest{request},
+		ResolutionRequests: []*v1beta1.ResolutionRequest{request},
 	}
 
-	expectedStatus := &v1alpha1.ResolutionRequestStatus{
-		ResolutionRequestStatusFields: v1alpha1.ResolutionRequestStatusFields{
+	expectedStatus := &v1beta1.ResolutionRequestStatus{
+		ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
 			Data: base64.StdEncoding.Strict().EncodeToString([]byte(pipeline)),
 		},
 	}

diff --git a/...eta1/taskruns/alpha/bundles-resolver.yaml → ...es/v1beta1/taskruns/bundles-resolver.yaml b/...eta1/taskruns/alpha/bundles-resolver.yaml → ...es/v1beta1/taskruns/bundles-resolver.yaml
diff --git a/.../v1beta1/taskruns/alpha/git-resolver.yaml → examples/v1beta1/taskruns/git-resolver.yaml b/.../v1beta1/taskruns/alpha/git-resolver.yaml → examples/v1beta1/taskruns/git-resolver.yaml
diff --git a/.../v1beta1/taskruns/alpha/hub-resolver.yaml → examples/v1beta1/taskruns/hub-resolver.yaml b/.../v1beta1/taskruns/alpha/hub-resolver.yaml → examples/v1beta1/taskruns/hub-resolver.yaml
diff --git a/hack/update-openapigen.sh b/hack/update-openapigen.sh
@@ -39,7 +39,7 @@ do
   input_dirs=./pkg/apis/pipeline/${APIVERSION},./pkg/apis/pipeline/pod,knative.dev/pkg/apis,knative.dev/pkg/apis/duck/v1beta1
   if [ ${APIVERSION} = "v1beta1" ]
   then
-    input_dirs=${input_dirs},./pkg/apis/resource/v1alpha1,./pkg/apis/resolution/v1alpha1
+    input_dirs=${input_dirs},./pkg/apis/resource/v1alpha1,./pkg/apis/resolution/v1beta1
   fi
 
   echo "Generating OpenAPI specification for ${APIVERSION} ..."

diff --git a/pkg/apis/pipeline/v1/openapi_generated.go b/pkg/apis/pipeline/v1/openapi_generated.go
diff --git a/pkg/apis/pipeline/v1/pipeline_types.go b/pkg/apis/pipeline/v1/pipeline_types.go
@@ -260,7 +260,7 @@ func (pt PipelineTask) validateTask(ctx context.Context) (errs *apis.FieldError)
 		} else if pt.TaskRef.Resolver == "" {
 			errs = errs.Also(apis.ErrInvalidValue("taskRef must specify name", "taskRef.name"))
 		}
-		if cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields {
+		if cfg.FeatureFlags.EnableAPIFields != config.BetaAPIFields && cfg.FeatureFlags.EnableAPIFields != config.AlphaAPIFields {
 			// fail if resolver or resource are present when enable-api-fields is false.
 			if pt.TaskRef.Resolver != "" {
 				errs = errs.Also(apis.ErrDisallowedFields("taskref.resolver"))

diff --git a/pkg/apis/pipeline/v1/pipeline_types_test.go b/pkg/apis/pipeline/v1/pipeline_types_test.go
@@ -186,9 +186,10 @@ func TestPipelineTask_ValidateCustomTask(t *testing.T) {
 
 func TestPipelineTask_ValidateRegularTask_Success(t *testing.T) {
 	tests := []struct {
-		name            string
-		tasks           PipelineTask
-		enableAPIFields bool
+		name                 string
+		tasks                PipelineTask
+		enableAlphaAPIFields bool
+		enableBetaAPIFields  bool
 	}{{
 		name: "pipeline task - valid taskRef name",
 		tasks: PipelineTask{
@@ -206,22 +207,30 @@ func TestPipelineTask_ValidateRegularTask_Success(t *testing.T) {
 		tasks: PipelineTask{
 			TaskRef: &TaskRef{Name: "boo", ResolverRef: ResolverRef{Resolver: "bar"}},
 		},
-		enableAPIFields: true,
+		enableBetaAPIFields: true,
+	}, {
+		name: "pipeline task - use of resolver with the feature flag set to alpha",
+		tasks: PipelineTask{
+			TaskRef: &TaskRef{Name: "boo", ResolverRef: ResolverRef{Resolver: "bar"}},
+		},
+		enableAlphaAPIFields: true,
 	}, {
 		name: "pipeline task - use of resolver params with the feature flag set",
 		tasks: PipelineTask{
 			TaskRef: &TaskRef{Name: "boo", ResolverRef: ResolverRef{Params: []Param{{}}}},
 		},
-		enableAPIFields: true,
+		enableBetaAPIFields: true,
 	}}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ctx := context.Background()
 			cfg := &config.Config{
 				FeatureFlags: &config.FeatureFlags{},
 			}
-			if tt.enableAPIFields {
+			if tt.enableAlphaAPIFields {
 				cfg.FeatureFlags.EnableAPIFields = config.AlphaAPIFields
+			} else if tt.enableBetaAPIFields {
+				cfg.FeatureFlags.EnableAPIFields = config.BetaAPIFields
 			}
 			ctx = config.ToContext(ctx, cfg)
 			ctx = config.SkipValidationDueToPropagatedParametersAndWorkspaces(ctx, false)