Add ConfigMap which can contain pipelines info and RBAC to access this ConfigMap

[vinamra28]

Changes

As of now we fetch version of pipelines through labels present on the
deployments which is read by tools such as tkn cli and display the
version. This version may not be displayed to users if they don't have
permission to view the deployment.

In this commit we are adding

1. A ConfigMap which contains version information.
2. RBAC which will give appropriate permissions to view the ConfigMap
   irrespective of whether user is has permission to view other objects in
   that namespace or not.

This is covered as part of TEP-0041

Signed-off-by: vinamra28 vinjain@redhat.com

/kind feature

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

• Docs included if any changes are user facing
• Tests included if any functionality added or changed
• Follows the commit message standard
• Meets the Tekton contributor standards (including
  functionality, content, code)
• Release notes block below has been filled in or deleted (only if no user facing changes)

Release Notes

Add ConfigMap which will contains Pipelines info such as version and some RBAC rules which will give access to this ConfigMap to all the system:authenticated users.

[ghost]

It would be great to include some comments in the ConfigMap and the role / rolebinding giving a short explanation of the purpose. "allow tools to query for the current installed pipelines version without elevated permissions" or something similar, wdyt?

[vinamra28]

/retest

[vinamra28]

/test check-pr-has-kind-label

[nikhil-thomas]

looks like check-pr-has-kind-label pipelinerun is passing, but the result is not updated here.
i noticed the same behavior yesterday as well.

cc @afrittoli

[ghost]

/kind feature

[ghost]

How will the ConfigMap be updated with the release version? Is the idea that the operator will take care of this or we'll bake it into the release.yaml somehow during the pipelines release process?

[vinamra28]

How will the ConfigMap be updated with the release version? Is the idea that the operator will take care of this or we'll bake it into the release.yaml somehow during the pipelines release process?

@sbwsg yeah during the release process the value will get updated with the help of following sed command and this ConfigMap will become the part of release.yaml

pipeline/tekton/publish.yaml

Line 132 in f911d73

sed -i -e 's/\(pipeline.tekton.dev\/release\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(app.kubernetes.io\/version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\(version\): "devel"/\1: "$(params.versionTag)"/g' -e 's/\("-version"\), "devel"/\1, "$(params.versionTag)"/g' ${PROJECT_ROOT}/config/*.yaml

[ghost]

/approve

[tekton-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sbwsg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sbwsg]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[nikhil-thomas]

looks good 👍

[vinamra28]

/cc @afrittoli @imjasonh

[vinamra28]

/cc @vdemeester

[vdemeester]

/lgtm

[vinamra28]

/retest

[vinamra28]

/retest

[vinamra28]

Build tests ran successfully but prow didn't reported it 🤔
integration-alpha-tests didn't ran completely 😅
/retest