(feat): Add Pipelines-as-Code on Kubernetes; resolve openshift-pipelines/pipelines-as-code to tektoncd repo

[mbpavan]

Changes

Enable Pipelines-as-Code (PAC) on vanilla Kubernetes in the Tekton Operator, aligned with the tektoncd/pipelines-as-code GitHub repo while keeping the canonical Go module path github.com/openshift-pipelines/pipelines-as-code.

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

• [ x] Run make test lint before submitting a PR
• [ x] Includes tests (if functionality changed/added)
• [ x] Includes docs (if user facing)
• [ x] Commit messages follow commit message best practices

See the contribution guide for more details.

Release Notes

The Tekton Operator can now install and reconcile Pipelines-as-Code (PAC) on vanilla Kubernetes,PAC payloads are sourced from tektoncd/pipelines-as-code, while the Go module path remains github.com/openshift-pipelines/pipelines-as-code and is wired to that repo with a go.mod replace. 

[tekton-as-code]

Caution

There are some errors in your PipelineRun template.

PipelineRun	Error
release-pipeline	CEL expression evaluation error: expression "has(body.created) && body.created == true && pac.target_branch.startsWith(\"refs/heads/release-v\")\n" check failed: ERROR: <input>:1:46: undeclared reference to 'pac' (in container '') | has(body.created) && body.created == true && pac.target_branch.startsWith("refs/heads/release-v") | .............................................^

[mbpavan]

/kind feature

[jkhelil]

@mbpavan Overall looks good

• Please fix the helm charts too add, the pac crd to kubernetes crds yaml and probably update deployment
• Is this PR works for initial install for openshift and kubernetes ?
• Is this PR works with upgrade on openshift ?
• Can you have a PR for old releases, for patch releases where we cherr-pick only required things related to migration: fetch releases, go module rewriting, lookup for release on tektoninstallerset, anything but not the kubernetes addon feature

[mbpavan]

@mbpavan Overall looks good

• Please fix the helm charts too add, the pac crd to kubernetes crds yaml and probably update deployment
• Is this PR works for initial install for openshift and kubernetes ?
• Is this PR works with upgrade on openshift ?
• Can you have a PR for old releases, for patch releases where we cherr-pick only required things related to migration: fetch releases, go module rewriting, lookup for release on tektoninstallerset, anything but not the kubernetes addon feature

Thanks @jkhelil
Q: Does this PR work for initial installation on both OpenShift and Kubernetes?
A: Yes, it works. I have also verified this by enabling and disabling PAC.
Q: Does this PR work during upgrades on OpenShift?
A: Yes, it works for upgrades on both Kubernetes and OpenShift.
Q: Can you create a separate PR for older/patch releases that cherry-picks only the migration-related changes (fetch releases, Go module rewriting, TektonInstallerSet release lookup, etc.), excluding the Kubernetes addon feature?
A: Will create that once this PR is merged. I want to incorporate any review feedback from this PR before preparing the patch-release PR.

for helm chart, I will do, good catch

[anithapriyanatarajan]

Please consider revisiting this section. The content is reduntant. Please check teh doc here - https://tekton.dev/docs/operator/tektonaddon/ addon right now is intentionally opnshift only.. with this PR we are making that as well kuberenetes, which will increase the scope of work downstream and upstream.

[mbpavan]

Regarding tektonaddon, as you correctly pointed out that its for OCP addons, I have removed PAC to be part of tektonaddon and with the docs look good with that change

[anithapriyanatarajan]

IMHO PAC should not be a sub-directory of tekton-addon please consider fixing this

[mbpavan]

done

[anithapriyanatarajan]

Do we need PAC for Basic profile & Lite profile?

[mbpavan]

I checked and currently for OCP we do not add it as a part of any profile as well and let us keep it that way as of now.

[anithapriyanatarajan]

What is the user attempts to do spec.openshift.PipelinesAsCode as well as spec.kubernetes.PipelinesasCode? Do we have validation to allow only either of them? Also if we set as kuberenetes, it should work on both OPenshift and kubernetes? Is there any logic that will work only if it is set to Openshift?

[mbpavan]

Added webhook validation now

[anithapriyanatarajan]

@mbpavan - This PR also enables support of tekton addons upstream. Please update PR description and commit accordingly, if that is intended.

Also, please include tests to https://github.com/mbpavan/operator/blob/main/pkg/reconciler/common/releases_test.go since we are making changes to releases.go.

[mbpavan]

@mbpavan Overall looks good

• Please fix the helm charts too add, the pac crd to kubernetes crds yaml and probably update deployment
• Is this PR works for initial install for openshift and kubernetes ?
• Is this PR works with upgrade on openshift ?
• Can you have a PR for old releases, for patch releases where we cherr-pick only required things related to migration: fetch releases, go module rewriting, lookup for release on tektoninstallerset, anything but not the kubernetes addon feature

Thanks @jkhelil Q: Does this PR work for initial installation on both OpenShift and Kubernetes? A: Yes, it works. I have also verified this by enabling and disabling PAC. Q: Does this PR work during upgrades on OpenShift? A: Yes, it works for upgrades on both Kubernetes and OpenShift. Q: Can you create a separate PR for older/patch releases that cherry-picks only the migration-related changes (fetch releases, Go module rewriting, TektonInstallerSet release lookup, etc.), excluding the Kubernetes addon feature? A: Will create that once this PR is merged. I want to incorporate any review feedback from this PR before preparing the patch-release PR.

for helm chart, I will do, good catch

I have added helm chart changes now

[mbpavan]

@mbpavan - This PR also enables support of tekton addons upstream. Please update PR description and commit accordingly, if that is intended.

Also, please include tests to https://github.com/mbpavan/operator/blob/main/pkg/reconciler/common/releases_test.go since we are making changes to releases.go.

you are right, now tektonadd is not enalbed upstream with the new commit

[jkhelil]

/approve

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jkhelil

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jkhelil]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[anithapriyanatarajan]

@mbpavan - Thank you for the PR and the updates. Please consider addressing the following comments in a follow up PR.

1. add tests to https://github.com/mbpavan/operator/blob/main/pkg/reconciler/common/releases_test.go
2. Consider incorporating the preUgrade logic for kuberenetes platform as well - https://github.com/mbpavan/operator/blob/6326d80615728153677df0d1feff3545f4dc53f9/pkg/reconciler/shared/tektonconfig/upgrade/pre_upgrade.go#L162-L166
3. NIT: While deploying in a Openshift cluster observed that the platform section includes empty kubernetes: {} section. Though it is not breaking anything, consider fixing this as well

[anithapriyanatarajan]

/lgtm

[aThorp96]

Please make sure to call out in the release notes that this is a breaking change: Pipelines as Code installations using spec.platforms.openshift will uninstall unless the user migrates to spec.platforms.kubernetes

It would be nice for the pre-upgrade to migrate the configuration

Sorry, this change was a red herring to an error I was seeing. This is not a breaking change after all