diff --git a/config/config-feature-flags.yaml b/config/config-feature-flags.yaml index 2baa580b8f9..3a66c6161cc 100644 --- a/config/config-feature-flags.yaml +++ b/config/config-feature-flags.yaml @@ -81,11 +81,10 @@ data: # If it is set to "warn", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and an error will be logged. # If it is set to "ignore", TaskRuns and PipelineRuns will run to completion if no matching policies are found, and no error will be logged. trusted-resources-verification-no-match-policy: "ignore" - # Setting this flag to "true" enables populating the "provenance" field in TaskRun - # and PipelineRun status. This field contains metadata about resources used - # in the TaskRun/PipelineRun such as the source from where a remote Task/Pipeline - # definition was fetched. - enable-provenance-in-status: "false" + # Setting this flag will determine the version for custom tasks created by PipelineRuns. + # Acceptable values are "v1beta1" and "v1alpha1". + # The default is "v1beta1". + custom-task-version: "v1beta1" # Setting this flag will determine how Tekton pipelines will handle non-falsifiable provenance. # If set to "spire", then SPIRE will be used to ensure non-falsifiable provenance. # If set to "none", then Tekton will not have non-falsifiable provenance. diff --git a/docs/additional-configs.md b/docs/additional-configs.md index f0f3021d3e7..221a5353933 100644 --- a/docs/additional-configs.md +++ b/docs/additional-configs.md @@ -245,10 +245,11 @@ Defaults to "ignore". - `results-from`: set this flag to "termination-message" to use the container's termination message to fetch results from. This is the default method of extracting results. Set it to "sidecar-logs" to enable use of a results sidecar logs to extract results instead of termination message. -- `enable-provenance-in-status`: set this flag to "true" to enable recording - the `provenance` field in `TaskRun` and `PipelineRun` status. The `provenance` - field contains metadata about resources used in the TaskRun/PipelineRun such as the - source from where a remote Task/Pipeline definition was fetched. +- `custom-task-version`: set this flag to "v1beta1" to have `PipelineRuns` create `CustomRuns` + from Custom Tasks. Set it to "v1alpha1" to have `PipelineRuns` create the legacy alpha + `Runs`. This may be needed if you are using legacy Custom Tasks that listen for `*v1alpha1.Run` + instead of `*v1beta1.CustomRun`. For more information, see [Runs](runs.md) and [CustomRuns](customruns.md). + Flag defaults to "v1beta1". For example: @@ -284,7 +285,6 @@ Features currently in "alpha" are: | [Task-level Resource Requirements](compute-resources.md#task-level-compute-resources-configuration) | [TEP-0104](https://github.com/tektoncd/community/blob/main/teps/0104-tasklevel-resource-requirements.md) | [v0.39.0](https://github.com/tektoncd/pipeline/releases/tag/v0.39.0) | | | [Object Params and Results](pipelineruns.md#specifying-parameters) | [TEP-0075](https://github.com/tektoncd/community/blob/main/teps/0075-object-param-and-result-types.md) | [v0.38.0](https://github.com/tektoncd/pipeline/releases/tag/v0.38.0) | | | | [Trusted Resources](./trusted-resources.md) | [TEP-0091](https://github.com/tektoncd/community/blob/main/teps/0091-trusted-resources.md) | N/A | `trusted-resources-verification-no-match-policy` | -| [`Provenance` field in Status](pipeline-api.md#provenance) | [issue#5550](https://github.com/tektoncd/pipeline/issues/5550) | N/A | `enable-provenance-in-status` | | [Larger Results via Sidecar Logs](#enabling-larger-results-using-sidecar-logs) | [TEP-0127](https://github.com/tektoncd/community/blob/main/teps/0127-larger-results-via-sidecar-logs.md) | [v0.43.0](https://github.com/tektoncd/pipeline/releases/tag/v0.43.0) | `results-from` | | [Configure Default Resolver](./resolution.md#configuring-built-in-resolvers) | [TEP-0133](https://github.com/tektoncd/community/blob/main/teps/0133-configure-default-resolver.md) | N/A | | diff --git a/pkg/apis/config/feature_flags.go b/pkg/apis/config/feature_flags.go index 699a65516e4..778b24e2cc9 100644 --- a/pkg/apis/config/feature_flags.go +++ b/pkg/apis/config/feature_flags.go @@ -70,8 +70,6 @@ const ( DefaultEnforceNonfalsifiability = EnforceNonfalsifiabilityNone // DefaultNoMatchPolicyConfig is the default value for "trusted-resources-verification-no-match-policy". DefaultNoMatchPolicyConfig = IgnoreNoMatchPolicy - // DefaultEnableProvenanceInStatus is the default value for "enable-provenance-status". - DefaultEnableProvenanceInStatus = false // DefaultResultExtractionMethod is the default value for ResultExtractionMethod DefaultResultExtractionMethod = ResultExtractionMethodTerminationMessage // DefaultMaxResultSize is the default value in bytes for the size of a result @@ -87,7 +85,6 @@ const ( sendCloudEventsForRuns = "send-cloudevents-for-runs" enforceNonfalsifiability = "enforce-nonfalsifiability" verificationNoMatchPolicy = "trusted-resources-verification-no-match-policy" - enableProvenanceInStatus = "enable-provenance-in-status" resultExtractionMethod = "results-from" maxResultSize = "max-result-size" ) @@ -113,7 +110,6 @@ type FeatureFlags struct { // warn: skip trusted resources verification when no matching verification policies found and log a warning // fail: fail the taskrun or pipelines run if no matching verification policies found VerificationNoMatchPolicy string - EnableProvenanceInStatus bool ResultExtractionMethod string MaxResultSize int } @@ -167,9 +163,6 @@ func NewFeatureFlagsFromMap(cfgMap map[string]string) (*FeatureFlags, error) { if err := setVerificationNoMatchPolicy(cfgMap, DefaultNoMatchPolicyConfig, &tc.VerificationNoMatchPolicy); err != nil { return nil, err } - if err := setFeature(enableProvenanceInStatus, DefaultEnableProvenanceInStatus, &tc.EnableProvenanceInStatus); err != nil { - return nil, err - } if err := setResultExtractionMethod(cfgMap, DefaultResultExtractionMethod, &tc.ResultExtractionMethod); err != nil { return nil, err } diff --git a/pkg/apis/config/feature_flags_test.go b/pkg/apis/config/feature_flags_test.go index b4d5ad5d31e..85f49dd8c0b 100644 --- a/pkg/apis/config/feature_flags_test.go +++ b/pkg/apis/config/feature_flags_test.go @@ -48,7 +48,6 @@ func TestNewFeatureFlagsFromConfigMap(t *testing.T) { EnableAPIFields: config.DefaultEnableAPIFields, SendCloudEventsForRuns: config.DefaultSendCloudEventsForRuns, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: config.DefaultEnableProvenanceInStatus, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, }, @@ -65,7 +64,6 @@ func TestNewFeatureFlagsFromConfigMap(t *testing.T) { SendCloudEventsForRuns: true, EnforceNonfalsifiability: "spire", VerificationNoMatchPolicy: config.FailNoMatchPolicy, - EnableProvenanceInStatus: true, ResultExtractionMethod: "termination-message", MaxResultSize: 4096, }, @@ -172,7 +170,6 @@ func TestNewFeatureFlagsFromEmptyConfigMap(t *testing.T) { SendCloudEventsForRuns: config.DefaultSendCloudEventsForRuns, EnforceNonfalsifiability: config.DefaultEnforceNonfalsifiability, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: config.DefaultEnableProvenanceInStatus, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, } diff --git a/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml b/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml index 07f5f33a9de..9214f3f6598 100644 --- a/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml +++ b/pkg/apis/config/testdata/feature-flags-all-flags-set.yaml @@ -28,4 +28,4 @@ data: send-cloudevents-for-runs: "true" enforce-nonfalsifiability: "spire" trusted-resources-verification-no-match-policy: "fail" - enable-provenance-in-status: "true" + custom-task-version: "v1beta1" diff --git a/pkg/reconciler/pipelinerun/pipelinerun.go b/pkg/reconciler/pipelinerun/pipelinerun.go index 39f89587e43..de58f5c45f1 100644 --- a/pkg/reconciler/pipelinerun/pipelinerun.go +++ b/pkg/reconciler/pipelinerun/pipelinerun.go @@ -1224,19 +1224,17 @@ func storePipelineSpecAndMergeMeta(ctx context.Context, pr *v1beta1.PipelineRun, // Propagate refSource from remote resolution to PipelineRun Status // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and source comes in next reconcile. cfg := config.FromContextOrDefaults(ctx) - if cfg.FeatureFlags.EnableProvenanceInStatus { - if pr.Status.Provenance == nil { - pr.Status.Provenance = &v1beta1.Provenance{} - } - // Store FeatureFlags in the Provenance. - pr.Status.Provenance.FeatureFlags = cfg.FeatureFlags + if pr.Status.Provenance == nil { + pr.Status.Provenance = &v1beta1.Provenance{} + } + // Store FeatureFlags in the Provenance. + pr.Status.Provenance.FeatureFlags = cfg.FeatureFlags - if meta != nil && meta.RefSource != nil && pr.Status.Provenance.RefSource == nil { - pr.Status.Provenance.RefSource = meta.RefSource - } - if meta != nil && meta.RefSource != nil && pr.Status.Provenance.ConfigSource == nil { - pr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) - } + if meta != nil && meta.RefSource != nil && pr.Status.Provenance.RefSource == nil { + pr.Status.Provenance.RefSource = meta.RefSource + } + if meta != nil && meta.RefSource != nil && pr.Status.Provenance.ConfigSource == nil { + pr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) } return nil diff --git a/pkg/reconciler/pipelinerun/pipelinerun_test.go b/pkg/reconciler/pipelinerun/pipelinerun_test.go index b2ac6502d8c..79f866b394e 100644 --- a/pkg/reconciler/pipelinerun/pipelinerun_test.go +++ b/pkg/reconciler/pipelinerun/pipelinerun_test.go @@ -4591,6 +4591,16 @@ status: `) expectedPr := expectedPrStatus + expectedPr.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableAPIFields: config.DefaultEnableAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(expectedPr, reconciledRun, ignoreResourceVersion, ignoreLastTransitionTime, ignoreCompletionTime, ignoreStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected to see pipeline run results created. Diff %s", diff.PrintWantGot(d)) @@ -4739,6 +4749,16 @@ status: `) expectedPr := expectedPrStatus + expectedPr.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableAPIFields: config.DefaultEnableAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(expectedPr, reconciledRun, ignoreResourceVersion, ignoreLastTransitionTime, ignoreCompletionTime, ignoreStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected to see pipeline run results created. Diff %s", diff.PrintWantGot(d)) @@ -4903,7 +4923,6 @@ metadata: EnableAPIFields: config.DefaultEnableAPIFields, AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: true, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, }, @@ -4957,9 +4976,8 @@ metadata: } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - ctx := ttesting.EnableFeatureFlagField(context.Background(), t, "enable-provenance-in-status") // mock first reconcile - if err := storePipelineSpecAndMergeMeta(ctx, pr, tc.reconcile1Args.pipelineSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { + if err := storePipelineSpecAndMergeMeta(context.Background(), pr, tc.reconcile1Args.pipelineSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(pr, tc.wantPipelineRun); d != "" { @@ -4967,7 +4985,7 @@ metadata: } // mock second reconcile - if err := storePipelineSpecAndMergeMeta(ctx, pr, tc.reconcile2Args.pipelineSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { + if err := storePipelineSpecAndMergeMeta(context.Background(), pr, tc.reconcile2Args.pipelineSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(pr, tc.wantPipelineRun); d != "" { @@ -8085,6 +8103,17 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -8332,6 +8361,18 @@ labels: t.Errorf("expected to see TaskRun %v created. Diff %s", expectedTaskRuns[i].Name, diff.PrintWantGot(d)) } } + + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: config.AlphaAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("found PipelineRun does not match expected PipelineRun. Diff %s", diff.PrintWantGot(d)) } @@ -8870,6 +8911,17 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: config.AlphaAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -9092,6 +9144,17 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -9685,6 +9748,17 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10033,6 +10107,18 @@ spec: } } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: config.AlphaAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10477,6 +10563,17 @@ status: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, cmpopts.SortSlices(lessChildReferences), cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } @@ -10997,6 +11094,17 @@ spec: if err != nil { t.Fatalf("Got an error getting reconciled run out of fake client: %s", err) } + tt.expectedPipelineRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } if d := cmp.Diff(tt.expectedPipelineRun, pipelineRun, ignoreResourceVersion, ignoreTypeMeta, ignoreLastTransitionTime, ignoreStartTime, ignoreFinallyStartTime, cmpopts.EquateEmpty()); d != "" { t.Errorf("expected PipelineRun was not created. Diff %s", diff.PrintWantGot(d)) } diff --git a/pkg/reconciler/taskrun/taskrun.go b/pkg/reconciler/taskrun/taskrun.go index bbcf5436553..00afe656dee 100644 --- a/pkg/reconciler/taskrun/taskrun.go +++ b/pkg/reconciler/taskrun/taskrun.go @@ -881,20 +881,18 @@ func storeTaskSpecAndMergeMeta(ctx context.Context, tr *v1beta1.TaskRun, ts *v1b } cfg := config.FromContextOrDefaults(ctx) - if cfg.FeatureFlags.EnableProvenanceInStatus { - if tr.Status.Provenance == nil { - tr.Status.Provenance = &v1beta1.Provenance{} - } - // Store FeatureFlags in the Provenance. - tr.Status.Provenance.FeatureFlags = cfg.FeatureFlags - // Propagate RefSource from remote resolution to TaskRun Status - // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and refSource comes in next reconcile. - if meta != nil && meta.RefSource != nil && tr.Status.Provenance.RefSource == nil { - tr.Status.Provenance.RefSource = meta.RefSource - } - if meta != nil && meta.RefSource != nil && tr.Status.Provenance.ConfigSource == nil { - tr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) - } + if tr.Status.Provenance == nil { + tr.Status.Provenance = &v1beta1.Provenance{} + } + // Store FeatureFlags in the Provenance. + tr.Status.Provenance.FeatureFlags = cfg.FeatureFlags + // Propagate RefSource from remote resolution to TaskRun Status + // This lives outside of the status.spec check to avoid the case where only the spec is available in the first reconcile and refSource comes in next reconcile. + if meta != nil && meta.RefSource != nil && tr.Status.Provenance.RefSource == nil { + tr.Status.Provenance.RefSource = meta.RefSource + } + if meta != nil && meta.RefSource != nil && tr.Status.Provenance.ConfigSource == nil { + tr.Status.Provenance.ConfigSource = (*v1beta1.ConfigSource)(meta.RefSource) } return nil diff --git a/pkg/reconciler/taskrun/taskrun_test.go b/pkg/reconciler/taskrun/taskrun_test.go index 65bb2e93bd7..1dfef1ad677 100644 --- a/pkg/reconciler/taskrun/taskrun_test.go +++ b/pkg/reconciler/taskrun/taskrun_test.go @@ -1697,6 +1697,32 @@ status: type: Succeeded `) ) + defaultFeatureFlags := &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableTektonOCIBundles: true, + EnableAPIFields: "alpha", + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + } + + failedOnReconcileFailureTaskRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: defaultFeatureFlags, + } + failedOnReconcileFailureTaskRun.Status.RetriesStatus[0].Provenance = &v1beta1.Provenance{ + FeatureFlags: defaultFeatureFlags, + } + retriedTaskRun.Status.Provenance = &v1beta1.Provenance{ + FeatureFlags: &config.FeatureFlags{ + RunningInEnvWithInjectedSidecars: config.DefaultRunningInEnvWithInjectedSidecars, + EnableAPIFields: config.DefaultEnableAPIFields, + AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, + VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, + ResultExtractionMethod: config.DefaultResultExtractionMethod, + MaxResultSize: config.DefaultMaxResultSize, + }, + } for _, tc := range []struct { name string @@ -3773,7 +3799,6 @@ spec: EnableAPIFields: config.DefaultEnableAPIFields, AwaitSidecarReadiness: config.DefaultAwaitSidecarReadiness, VerificationNoMatchPolicy: config.DefaultNoMatchPolicyConfig, - EnableProvenanceInStatus: true, ResultExtractionMethod: config.DefaultResultExtractionMethod, MaxResultSize: config.DefaultMaxResultSize, }, @@ -3828,9 +3853,8 @@ spec: for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { - ctx := ttesting.EnableFeatureFlagField(context.Background(), t, "enable-provenance-in-status") // mock first reconcile - if err := storeTaskSpecAndMergeMeta(ctx, tr, tc.reconcile1Args.taskSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { + if err := storeTaskSpecAndMergeMeta(context.Background(), tr, tc.reconcile1Args.taskSpec, tc.reconcile1Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(tr, tc.wantTaskRun); d != "" { @@ -3838,7 +3862,7 @@ spec: } // mock second reconcile - if err := storeTaskSpecAndMergeMeta(ctx, tr, tc.reconcile2Args.taskSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { + if err := storeTaskSpecAndMergeMeta(context.Background(), tr, tc.reconcile2Args.taskSpec, tc.reconcile2Args.resolvedObjectMeta); err != nil { t.Errorf("storePipelineSpec() error = %v", err) } if d := cmp.Diff(tr, tc.wantTaskRun); d != "" { diff --git a/test/e2e-tests.sh b/test/e2e-tests.sh index 66d39911000..6e99b50d16c 100755 --- a/test/e2e-tests.sh +++ b/test/e2e-tests.sh @@ -57,7 +57,7 @@ function set_feature_gate() { kubectl patch configmap feature-flags -n tekton-pipelines -p "$jsonpatch" if [ "$gate" == "alpha" ]; then printf "enabling resolvers\n" - jsonpatch=$(printf "{\"data\": {\"enable-git-resolver\": \"true\", \"enable-hub-resolver\": \"true\", \"enable-bundles-resolver\": \"true\", \"enable-cluster-resolver\": \"true\", \"enable-provenance-in-status\": \"true\"}}") + jsonpatch=$(printf "{\"data\": {\"enable-git-resolver\": \"true\", \"enable-hub-resolver\": \"true\", \"enable-bundles-resolver\": \"true\", \"enable-cluster-resolver\": \"true\"}}") echo "resolvers-feature-flags ConfigMap patch: ${jsonpatch}" kubectl patch configmap resolvers-feature-flags -n tekton-pipelines-resolvers -p "$jsonpatch" fi diff --git a/test/status_test.go b/test/status_test.go index 72b790d456e..d37c6b31291 100644 --- a/test/status_test.go +++ b/test/status_test.go @@ -33,16 +33,12 @@ import ( "github.com/tektoncd/pipeline/test/diff" "github.com/tektoncd/pipeline/test/parse" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "knative.dev/pkg/system" knativetest "knative.dev/pkg/test" "knative.dev/pkg/test/helpers" "sigs.k8s.io/yaml" ) var ( - provenanceFeatureFlags = requireAllGates(map[string]string{ - "enable-provenance-in-status": "true", - }) ignoreFeatureFlags = cmpopts.IgnoreFields(v1beta1.Provenance{}, "FeatureFlags") ) @@ -126,9 +122,9 @@ spec: // about the remote task i.e. refSource info . func TestProvenanceFieldInPipelineRunTaskRunStatus(t *testing.T) { ctx := context.Background() - c, namespace := setupProvenance(ctx, t, clusterFeatureFlags, provenanceFeatureFlags) - knativetest.CleanupOnInterrupt(func() { unsetProvenanceFlags(ctx, t, c) }, t.Logf) - defer unsetProvenanceFlags(ctx, t, c) + ctx, cancel := context.WithCancel(ctx) + defer cancel() + c, namespace := setup(ctx, t) knativetest.CleanupOnInterrupt(func() { tearDown(ctx, t, c, namespace) }, t.Logf) defer tearDown(ctx, t, c, namespace) @@ -152,9 +148,6 @@ func TestProvenanceFieldInPipelineRunTaskRunStatus(t *testing.T) { URI: fmt.Sprintf("/apis/%s/namespaces/%s/%s/%s@%s", v1beta1.SchemeGroupVersion.String(), namespace, "task", exampleTask.Name, exampleTask.UID), Digest: map[string]string{"sha256": sha256CheckSum(taskSpec)}, }, - FeatureFlags: &config.FeatureFlags{ - EnableProvenanceInStatus: true, - }, } // example pipeline @@ -304,27 +297,3 @@ func sha256CheckSum(input []byte) string { h.Write(input) return hex.EncodeToString(h.Sum(nil)) } - -func setupProvenance(ctx context.Context, t *testing.T, fn ...func(context.Context, *testing.T, *clients, string)) (*clients, string) { - t.Helper() - c, ns := setup(ctx, t) - configMapData := map[string]string{ - "enable-provenance-in-status": "true", - } - - if err := updateConfigMap(ctx, c.KubeClient, system.Namespace(), config.GetFeatureFlagsConfigName(), configMapData); err != nil { - t.Fatal(err) - } - return c, ns -} - -func unsetProvenanceFlags(ctx context.Context, t *testing.T, c *clients) { - t.Helper() - configMapData := map[string]string{ - "enable-provenance-in-status": "false", - } - - if err := updateConfigMap(ctx, c.KubeClient, system.Namespace(), config.GetFeatureFlagsConfigName(), configMapData); err != nil { - t.Fatal(err) - } -}