-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
resolver.go
118 lines (100 loc) · 3.74 KB
/
resolver.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/*
Copyright 2022 The Tekton Authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package bundle
import (
"context"
"errors"
"time"
"github.com/google/go-containerregistry/pkg/authn/k8schain"
kauth "github.com/google/go-containerregistry/pkg/authn/kubernetes"
resolverconfig "github.com/tektoncd/pipeline/pkg/apis/config/resolver"
pipelinev1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
"github.com/tektoncd/pipeline/pkg/resolution/common"
"github.com/tektoncd/pipeline/pkg/resolution/resolver/framework"
"k8s.io/client-go/kubernetes"
"knative.dev/pkg/client/injection/kube/client"
)
const (
disabledError = "cannot handle resolution request, enable-bundles-resolver feature flag not true"
// LabelValueBundleResolverType is the value to use for the
// resolution.tekton.dev/type label on resource requests
LabelValueBundleResolverType string = "bundles"
// TODO(sbwsg): This should be exposed as a configurable option for
// admins (e.g. via ConfigMap)
timeoutDuration = time.Minute
// BundleResolverName is the name that the bundle resolver should be associated with.
BundleResolverName = "bundleresolver"
)
// Resolver implements a framework.Resolver that can fetch files from OCI bundles.
type Resolver struct {
kubeClientSet kubernetes.Interface
}
// Initialize sets up any dependencies needed by the Resolver. None atm.
func (r *Resolver) Initialize(ctx context.Context) error {
r.kubeClientSet = client.Get(ctx)
return nil
}
// GetName returns a string name to refer to this Resolver by.
func (r *Resolver) GetName(context.Context) string {
return BundleResolverName
}
// GetConfigName returns the name of the bundle resolver's configmap.
func (r *Resolver) GetConfigName(context.Context) string {
return ConfigMapName
}
// GetSelector returns a map of labels to match requests to this Resolver.
func (r *Resolver) GetSelector(context.Context) map[string]string {
return map[string]string{
common.LabelKeyResolverType: LabelValueBundleResolverType,
}
}
// ValidateParams ensures parameters from a request are as expected.
func (r *Resolver) ValidateParams(ctx context.Context, params []pipelinev1.Param) error {
if r.isDisabled(ctx) {
return errors.New(disabledError)
}
if _, err := OptionsFromParams(ctx, params); err != nil {
return err
}
return nil
}
// Resolve uses the given params to resolve the requested file or resource.
func (r *Resolver) Resolve(ctx context.Context, params []pipelinev1.Param) (framework.ResolvedResource, error) {
if r.isDisabled(ctx) {
return nil, errors.New(disabledError)
}
opts, err := OptionsFromParams(ctx, params)
if err != nil {
return nil, err
}
var imagePullSecrets []string
if opts.ImagePullSecret != "" {
imagePullSecrets = append(imagePullSecrets, opts.ImagePullSecret)
}
namespace := common.RequestNamespace(ctx)
kc, err := k8schain.New(ctx, r.kubeClientSet, k8schain.Options{
Namespace: namespace,
ImagePullSecrets: imagePullSecrets,
ServiceAccountName: kauth.NoServiceAccount,
})
if err != nil {
return nil, err
}
ctx, cancelFn := context.WithTimeout(ctx, timeoutDuration)
defer cancelFn()
return GetEntry(ctx, kc, opts)
}
func (r *Resolver) isDisabled(ctx context.Context) bool {
cfg := resolverconfig.FromContextOrDefaults(ctx)
return !cfg.FeatureFlags.EnableBundleResolver
}