Skip to content

Commit

Permalink
Set ConfigSource in clusterresolver
Browse files Browse the repository at this point in the history 
Related to tektoncd#5522

Prior, a field named Source was introduced to ResolutionRequest status
to record the source where the remote resource came from. And the
individual resolvers need to implement the Source function to set the
correct source value. But the method in clusterresolver returns a nil value.

Now, we return correct source value with the 3 subfields: url, digest and entrypoint
- url: in-cluster CRD resource URI in the format of the [namespace-scoped resources](https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-uris).
Example: /apis/GROUP/VERSION/namespaces/NAMESPACE/RESOURCETYPE/NAME@UID.
- digest: sha256 checksum of the in-cluster resource
- entrypoint: ***empty** because the path is already available in url field.

Signed-off-by: Chuang Wang <chuangw@google.com>
  • Loading branch information
@chuangw6
chuangw6 committed Oct 25, 2022
1 parent 867fe2d commit 0f68240
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 8 deletions.
39 changes: 31 additions & 8 deletions pkg/resolution/resolver/cluster/resolver.go
View file
Expand Up @@ -18,11 +18,14 @@ package cluster

import (
"context"
"crypto/sha256"
"encoding/hex"
"errors"
"fmt"
"strings"

resolverconfig "github.com/tektoncd/pipeline/pkg/apis/config/resolver"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
pipelinev1beta1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
clientset "github.com/tektoncd/pipeline/pkg/client/clientset/versioned"
pipelineclient "github.com/tektoncd/pipeline/pkg/client/injection/client"
Expand Down Expand Up @@ -101,6 +104,8 @@ func (r *Resolver) Resolve(ctx context.Context, origParams []pipelinev1beta1.Par
}

var data []byte
var uid string
groupVersion := "tekton.dev/v1beta1"

switch params[KindParam] {
case "task":
Expand All @@ -109,8 +114,9 @@ func (r *Resolver) Resolve(ctx context.Context, origParams []pipelinev1beta1.Par
logger.Infof("failed to load task %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
return nil, err
}
uid = string(task.UID)
task.Kind = "Task"
task.APIVersion = "tekton.dev/v1beta1"
task.APIVersion = groupVersion
data, err = yaml.Marshal(task)
if err != nil {
logger.Infof("failed to marshal task %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
Expand All @@ -122,8 +128,9 @@ func (r *Resolver) Resolve(ctx context.Context, origParams []pipelinev1beta1.Par
logger.Infof("failed to load pipeline %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
return nil, err
}
uid = string(pipeline.UID)
pipeline.Kind = "Pipeline"
pipeline.APIVersion = "tekton.dev/v1beta1"
pipeline.APIVersion = groupVersion
data, err = yaml.Marshal(pipeline)
if err != nil {
logger.Infof("failed to marshal pipeline %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
Expand All @@ -135,9 +142,10 @@ func (r *Resolver) Resolve(ctx context.Context, origParams []pipelinev1beta1.Par
}

return &ResolvedClusterResource{
Content: data,
Name: params[NameParam],
Namespace: params[NamespaceParam],
Content: data,
Name: params[NameParam],
Namespace: params[NamespaceParam],
ResourceURI: fmt.Sprintf("/apis/%s/namespaces/%s/%s/%s@%s", groupVersion, params[NamespaceParam], params[KindParam], params[NameParam], uid),
}, nil
}

Expand All @@ -160,9 +168,15 @@ func (r *Resolver) isDisabled(ctx context.Context) bool {
// ResolvedClusterResource implements framework.ResolvedResource and returns
// the resolved file []byte data and an annotation map for any metadata.
type ResolvedClusterResource struct {
Content []byte
Name string
// Content is the actual resolved resource data.
Content []byte
// Name is the resolved resource name in the cluster
Name string
// Namespace is the namespace in the cluster under which the resolved resource was created.
Namespace string
// ResourceURI is in the format of namespace-scoped resources API.
// https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-uris
ResourceURI string
}

var _ framework.ResolvedResource = &ResolvedClusterResource{}
Expand All @@ -183,7 +197,16 @@ func (r *ResolvedClusterResource) Annotations() map[string]string {
// Source is the source reference of the remote data that records where the remote
// file came from including the url, digest and the entrypoint.
func (r ResolvedClusterResource) Source() *pipelinev1beta1.ConfigSource {
return nil
h := sha256.New()
h.Write(r.Content)
sha256CheckSum := hex.EncodeToString(h.Sum(nil))

return &v1beta1.ConfigSource{
URI: r.ResourceURI,
Digest: map[string]string{
"sha256": sha256CheckSum,
},
}
}

func populateParamsWithDefaults(ctx context.Context, origParams []pipelinev1beta1.Param) (map[string]string, error) {
Expand Down
37 changes: 37 additions & 0 deletions pkg/resolution/resolver/cluster/resolver_test.go
View file
Expand Up @@ -19,7 +19,9 @@ package cluster

import (
"context"
"crypto/sha256"
"encoding/base64"
"encoding/hex"
"errors"
"testing"
"time"
Expand Down Expand Up @@ -190,6 +192,7 @@ func TestResolve(t *testing.T) {
Name: "example-task",
Namespace: "task-ns",
ResourceVersion: "00002",
UID: "a123",
},
TypeMeta: metav1.TypeMeta{
Kind: string(pipelinev1beta1.NamespacedTaskKind),
Expand All @@ -207,12 +210,14 @@ func TestResolve(t *testing.T) {
if err != nil {
t.Fatalf("couldn't marshal task: %v", err)
}
taskCheckSum := sha256CheckSum(taskAsYAML)

examplePipeline := &pipelinev1beta1.Pipeline{
ObjectMeta: metav1.ObjectMeta{
Name: "example-pipeline",
Namespace: defaultNS,
ResourceVersion: "00001",
UID: "b123",
},
TypeMeta: metav1.TypeMeta{
Kind: "Pipeline",
Expand All @@ -233,6 +238,8 @@ func TestResolve(t *testing.T) {
t.Fatalf("couldn't marshal pipeline: %v", err)
}

pipelineCheckSum := sha256CheckSum(pipelineAsYAML)

testCases := []struct {
name string
kind string
Expand All @@ -252,6 +259,12 @@ func TestResolve(t *testing.T) {
Status: duckv1.Status{},
ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
Data: base64.StdEncoding.Strict().EncodeToString(taskAsYAML),
Source: &pipelinev1beta1.ConfigSource{
URI: "/apis/tekton.dev/v1beta1/namespaces/task-ns/task/example-task@a123",
Digest: map[string]string{
"sha256": taskCheckSum,
},
},
},
},
}, {
Expand All @@ -263,6 +276,12 @@ func TestResolve(t *testing.T) {
Status: duckv1.Status{},
ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
Data: base64.StdEncoding.Strict().EncodeToString(pipelineAsYAML),
Source: &pipelinev1beta1.ConfigSource{
URI: "/apis/tekton.dev/v1beta1/namespaces/pipeline-ns/pipeline/example-pipeline@b123",
Digest: map[string]string{
"sha256": pipelineCheckSum,
},
},
},
},
}, {
Expand All @@ -273,6 +292,12 @@ func TestResolve(t *testing.T) {
Status: duckv1.Status{},
ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
Data: base64.StdEncoding.Strict().EncodeToString(pipelineAsYAML),
Source: &pipelinev1beta1.ConfigSource{
URI: "/apis/tekton.dev/v1beta1/namespaces/pipeline-ns/pipeline/example-pipeline@b123",
Digest: map[string]string{
"sha256": pipelineCheckSum,
},
},
},
},
}, {
Expand All @@ -283,6 +308,12 @@ func TestResolve(t *testing.T) {
Status: duckv1.Status{},
ResolutionRequestStatusFields: v1beta1.ResolutionRequestStatusFields{
Data: base64.StdEncoding.Strict().EncodeToString(taskAsYAML),
Source: &pipelinev1beta1.ConfigSource{
URI: "/apis/tekton.dev/v1beta1/namespaces/task-ns/task/example-task@a123",
Digest: map[string]string{
"sha256": taskCheckSum,
},
},
},
},
}, {
Expand Down Expand Up @@ -453,3 +484,9 @@ func createRequest(kind, name, namespace string) *v1beta1.ResolutionRequest {
func resolverContext() context.Context {
return frtesting.ContextWithClusterResolverEnabled(context.Background())
}

func sha256CheckSum(input []byte) string {
h := sha256.New()
h.Write(input)
return hex.EncodeToString(h.Sum(nil))
}

0 comments on commit 0f68240

Please sign in to comment.