Skip to content

Commit

Permalink
Add ResolutionRequest to binaries, add resolution docs
Browse files Browse the repository at this point in the history 
Part of tektoncd#4710

Signed-off-by: Andrew Bayer <[email protected]>
  • Loading branch information
@abayer @tekton-robot
abayer authored and tekton-robot committed Aug 26, 2022
1 parent 8145445 commit 31644db
Show file tree
Hide file tree
Showing 17 changed files with 1,325 additions and 4 deletions.
2 changes: 2 additions & 0 deletions cmd/controller/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import (
"github.com/tektoncd/pipeline/pkg/apis/pipeline"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
"github.com/tektoncd/pipeline/pkg/reconciler/pipelinerun"
"github.com/tektoncd/pipeline/pkg/reconciler/resolutionrequest"
"github.com/tektoncd/pipeline/pkg/reconciler/run"
"github.com/tektoncd/pipeline/pkg/reconciler/taskrun"
corev1 "k8s.io/api/core/v1"
Expand Down Expand Up @@ -106,6 +107,7 @@ func main() {
taskrun.NewController(opts, clock.RealClock{}),
pipelinerun.NewController(opts, clock.RealClock{}),
run.NewController(),
resolutionrequest.NewController(clock.RealClock{}),
)
}

Expand Down
5 changes: 5 additions & 0 deletions cmd/webhook/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (
v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1"
"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
resolutionv1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resolution/v1alpha1"
resourcev1alpha1 "github.com/tektoncd/pipeline/pkg/apis/resource/v1alpha1"
"k8s.io/apimachinery/pkg/runtime/schema"
"knative.dev/pkg/configmap"
Expand Down Expand Up @@ -59,6 +60,10 @@ var types = map[schema.GroupVersionKind]resourcesemantics.GenericCRD{
// v1
v1.SchemeGroupVersion.WithKind("Task"): &v1.Task{},
v1.SchemeGroupVersion.WithKind("Pipeline"): &v1.Pipeline{},

// resolution
// v1alpha1
resolutionv1alpha1.SchemeGroupVersion.WithKind("ResolutionRequest"): &resolutionv1alpha1.ResolutionRequest{},
}

func newDefaultingAdmissionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
Expand Down
9 changes: 5 additions & 4 deletions config/200-clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,10 @@ rules:
- apiGroups: ["tekton.dev"]
resources: ["tasks/status", "clustertasks/status", "taskruns/status", "pipelines/status", "pipelineruns/status", "pipelineresources/status", "runs/status"]
verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
# resolution.tekton.dev
- apiGroups: ["resolution.tekton.dev"]
resources: ["resolutionrequests", "resolutionrequests/status"]
verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -63,10 +67,6 @@ rules:
- apiGroups: ["apps"]
resources: ["statefulsets"]
verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
# Read-write access to ResolutionRequest for remote resolution.
- apiGroups: ["resolution.tekton.dev"]
resources: ["resolutionrequests"]
verbs: ["get", "list", "watch", "create", "delete"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
Expand All @@ -91,6 +91,7 @@ rules:
- taskruns.tekton.dev
- pipelineresources.tekton.dev
- conditions.tekton.dev
- resolutionrequests.resolution.tekton.dev
# knative.dev/pkg needs list/watch permissions to set up informers for the webhook.
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
Expand Down
1 change: 1 addition & 0 deletions docs/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ See the following topics to learn how to use Tekton Pipelines in your project:
- [Pipelines metrics](metrics.md)
- [Variable Substitutions](tasks.md#using-variable-substitution)
- [Running a Custom Task (alpha)](runs.md)
- [Remote resolution of Pipelines and Tasks](resolution.md)

## Contributing to Tekton Pipelines

Expand Down
88 changes: 88 additions & 0 deletions docs/bundle-resolver.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
# Bundles Resolver

## Resolver Type

This Resolver responds to type `bundle`.

## Parameters

| Param Name | Description | Example Value |
|------------------|-------------------------------------------------------------------------------|------------------------------------------------------------|
| `serviceAccount` | The name of the service account to use when constructing registry credentials | `default` |
| `bundle` | The bundle url pointing at the image to fetch | `gcr.io/tekton-releases/catalog/upstream/golang-build:0.1` |
| `name` | The name of the resource to pull out of the bundle | `golang-build` |
| `kind` | The resource kind to pull out of the bundle | `task` |

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-tekton-oci-bundles` feature flag set to `true`.

## Configuration

This resolver uses a `ConfigMap` for its settings. See
[`../config/resolvers/bundleresolver-config.yaml`](../config/resolvers/bundleresolver-config.yaml)
for the name, namespace and defaults that the resolver ships with.

### Options

| Option Name | Description | Example Values |
|---------------------------|--------------------------------------------------------------|-----------------------|
| `default-service-account` | The default service account name to use for bundle requests. | `default`, `someuser` |
| `default-kind` | The default layer kind in the bundle image. | `task`, `pipeline` |

## Usage

### Task Resolution

```yaml
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: remote-task-reference
spec:
taskRef:
resolver: bundles
params:
- name: bundle
value: docker.io/ptasci67/example-oci@sha256:053a6cb9f3711d4527dd0d37ac610e8727ec0288a898d5dfbd79b25bcaa29828
- name: name
value: hello-world
- name: kind
value: pipeline
```
### Pipeline Resolution
Unfortunately the Tekton Catalog does not publish pipelines at the
moment. Here's an example PipelineRun that talks to a private registry
but won't work unless you tweak the `bundle` field to point to a
registry with a pipeline in it:

```yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: bundle-demo
spec:
pipelineRef:
resolver: bundles
params:
- name: bundle
value: 10.96.190.208:5000/simple/pipeline:latest
- name: name
value: hello-pipeline
- name: kind
value: pipeline
params:
- name: username
value: "tekton pipelines"
```

---

Except as otherwise noted, the content of this page is licensed under the
[Creative Commons Attribution 4.0 License](https://creativecommons.org/licenses/by/4.0/),
and code samples are licensed under the
[Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0).
87 changes: 87 additions & 0 deletions docs/git-resolver.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
# Simple Git Resolver

## Resolver Type

This Resolver responds to type `git`.

## Parameters

| Param Name | Description | Example Value |
|------------|------------------------------------------------------------------------------|-------------------------------------------------------------|
| `url` | URL of the repo to fetch. | `https://github.com/tektoncd/catalog.git` |
| `revision` | Git revision to checkout a file from. This can be commit SHA, branch or tag. | `aeb957601cf41c012be462827053a21a420befca` `main` `v0.38.2` |
| `pathInRepo` | Where to find the file in the repo. | `/task/golang-build/0.3/golang-build.yaml` |

## Requirements

- A cluster running Tekton Pipeline v0.40.0 or later, with the `alpha` feature gate enabled.
- The [built-in remote resolvers installed](./install.md#installing-and-configuring-remote-task-and-pipeline-resolution).
- The `enable-git-resolver` feature flag set to `true`.

## Configuration

This resolver uses a `ConfigMap` for its settings. See
[`../config/resolvers/git-resolver-config.yaml`](../config/resolvers/git-resolver-config.yaml)
for the name, namespace and defaults that the resolver ships with.

### Options

| Option Name | Description | Example Values |
|------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|
| `fetch-timeout` | The maximum time any single git resolution may take. **Note**: a global maximum timeout of 1 minute is currently enforced on _all_ resolution requests. | `1m`, `2s`, `700ms` |
| `default-url` | The default git repository URL to use if none is specified | `https://github.com/tektoncd/catalog.git` |
| `default-branch` | The default git branch to use if none is specified | `main` |

## Usage

### Task Resolution

```yaml
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: remote-task-reference
spec:
taskRef:
resolver: git
params:
- name: url
value: https://github.com/tektoncd/catalog.git
- name: revision
value: main
- name: pathInRepo
value: task/git-clone/0.6/git-clone.yaml
```
### Pipeline resolution
```yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: git-demo
spec:
pipelineRef:
resolver: git
params:
- name: url
value: https://github.com/tektoncd/catalog.git
- name: revision
value: main
- name: pathInRepo
value: pipeline/simple/0.1/simple.yaml
params:
- name: name
value: Ranni
```
## What's Supported?
- At the moment the git resolver can only access public repositories.
---
Except as otherwise noted, the content of this page is licensed under the
[Creative Commons Attribution 4.0 License](https://creativecommons.org/licenses/by/4.0/),
and code samples are licensed under the
[Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0).
Loading

0 comments on commit 31644db

Please sign in to comment.