Fix no repeated subjects for v2alpha4 pipelineruns (tektoncd#1130)

Change the pipelinerun v2alpha4 method that calculates the subjects to use `artifact.AppendSubjects` instead of `append` to avoid duplicated subjects.

(cherry picked from commit badc734)

examples/v2alpha4/pipeline-with-repeated-results.yaml

@@ -0,0 +1,64 @@
+apiVersion: tekton.dev/v1
+kind: PipelineRun
+metadata:
+ name: pipeline-test-run
+spec:
+ pipelineSpec:
+ results:
+ - name: output1-ARTIFACT_OUTPUTS
+ value: $(tasks.t1.results.output1-ARTIFACT_OUTPUTS)
+ - name: output2-ARTIFACT_OUTPUTS
+ value: $(tasks.t1.results.output2)
+ - name: output3-ARTIFACT_OUTPUTS
+ value: $(tasks.t2.results.output3-ARTIFACT_OUTPUTS)
+ tasks:
+ - name: t1
+ taskSpec:
+ results:
+ - name: output1-ARTIFACT_OUTPUTS
+ type: object
+ properties:
+ uri: {}
+ digest: {}
+ isBuildArtifact: {}
+
+ - name: output2
+ type: object
+ properties:
+ uri: {}
+ digest: {}
+
+ steps:
+ - name: step1
+ image: busybox:glibc
+ script: |
+ echo -n "Hello!"
+ echo -n "{\"uri\":\"gcr.io/foo/img1\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\", \"isBuildArtifact\": \"true\" }" > $(results.output1-ARTIFACT_OUTPUTS.path)
+ echo -n "{\"uri\":\"gcr.io/foo/img2\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\"}" > $(results.output2.path)
+
+ - name: t2
+ taskSpec:
+ results:
+ - name: output3-ARTIFACT_OUTPUTS
+ type: object
+ properties:
+ uri: {}
+ digest: {}
+ isBuildArtifact: {}
+ steps:
+ - name: step1
+ image: busybox:glibc
+ script: |
+ echo -n "Hello!"
+ echo -n "{\"uri\":\"gcr.io/foo/img1\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\", \"isBuildArtifact\": \"true\" }" > $(results.output3-ARTIFACT_OUTPUTS.path)
+
+ - name: t3
+ taskSpec:
+ results:
+ - name: IMAGES
+ type: string
+ steps:
+ - name: step1
+ image: busybox:glibc
+ script: |
+ echo -n "gcr.io/foo/img1@sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee" > $(results.IMAGES.path)

pkg/chains/formats/slsa/testdata/slsa-v2alpha4/pipelinerun2.json

@@ -0,0 +1,328 @@
+{
+ "metadata": {
+ "name": "pipelinerun-build",
+ "uid": "abhhf-12354-asjsdbjs23-3435353n"
+ },
+ "spec": {
+ "params": [
+ {
+ "name": "IMAGE",
+ "value": "test.io/test/image"
+ }
+ ],
+ "pipelineRef": {
+ "name": "test-pipeline"
+ },
+ "taskRunTemplate": {
+ "serviceAccountName": "pipeline"
+ }
+ },
+ "status": {
+ "startTime": "2021-03-29T09:50:00Z",
+ "completionTime": "2021-03-29T09:50:15Z",
+ "conditions": [
+ {
+ "lastTransitionTime": "2021-03-29T09:50:15Z",
+ "message": "Tasks Completed: 2 (Failed: 0, Cancelled 0), Skipped: 0",
+ "reason": "Succeeded",
+ "status": "True",
+ "type": "Succeeded"
+ }
+ ],
+ "results": [
+ {
+ "name": "CHAINS-GIT_COMMIT",
+ "value": "abcd"
+ },
+ {
+ "name": "CHAINS-GIT_URL",
+ "value": "https://git.test.com"
+ },
+ {
+ "name": "IMAGE_URL",
+ "value": "test.io/test/image"
+ },
+ {
+ "name": "IMAGE_DIGEST",
+ "value": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7"
+ },
+ {
+ "name": "build-artifact-ARTIFACT_OUTPUTS",
+ "value": {
+ "uri": "abc",
+ "digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7",
+ "isBuildArtifact": "true"
+ }
+ },
+ {
+ "name": "img-ARTIFACT_INPUTS",
+ "value": {
+ "uri": "abc","digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7"
+ }
+ },
+ {
+ "name": "img2-ARTIFACT_OUTPUTS",
+ "value": {
+ "uri": "def","digest": "sha256:","isBuildArtifact": "true"
+ }
+ },
+ {
+ "name": "img_no_uri-ARTIFACT_OUTPUTS",
+ "value": {
+ "digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7"
+ }
+ },
+ {
+ "name": "common-ARTIFACT_OUTPUTS",
+ "value": {
+ "uri": "gcr.io/common/image",
+ "digest": "sha256:33e7e52645f4859622e282167d9200da9861b3d0a6e9c93b85e9cae5526ffc0a",
+ "isBuildArtifact": "true"
+ }
+ }
+ ],
+ "pipelineSpec": {
+ "params": [
+ {
+ "description": "Image path on registry",
+ "name": "IMAGE",
+ "type": "string"
+ }
+ ],
+ "results": [
+ {
+ "description": "",
+ "name": "CHAINS-GIT_COMMIT",
+ "value": "$(tasks.git-clone.results.commit)"
+ },
+ {
+ "description": "",
+ "name": "CHAINS-GIT_URL",
+ "value": "$(tasks.git-clone.results.url)"
+ },
+ {
+ "description": "",
+ "name": "IMAGE_URL",
+ "value": "$(tasks.build.results.IMAGE_URL)"
+ },
+ {
+ "description": "",
+ "name": "IMAGE_DIGEST",
+ "value": "$(tasks.build.results.IMAGE_DIGEST)"
+ }
+ ],
+ "tasks": [
+ {
+ "name": "git-clone",
+ "params": [
+ {
+ "name": "url",
+ "value": "https://git.test.com"
+ },
+ {
+ "name": "revision",
+ "value": ""
+ }
+ ],
+ "taskRef": {
+ "kind": "ClusterTask",
+ "name": "git-clone"
+ }
+ },
+ {
+ "name": "build",
+ "params": [
+ {
+ "name": "CHAINS-GIT_COMMIT",
+ "value": "$(tasks.git-clone.results.commit)"
+ },
+ {
+ "name": "CHAINS-GIT_URL",
+ "value": "$(tasks.git-clone.results.url)"
+ }
+ ],
+ "taskRef": {
+ "kind": "ClusterTask",
+ "name": "build"
+ }
+ }
+ ]
+ },
+ "taskRuns": {
+ "git-clone": {
+ "pipelineTaskName": "git-clone",
+ "status": {
+ "completionTime": "2021-03-29T09:50:15Z",
+ "conditions": [
+ {
+ "lastTransitionTime": "2021-03-29T09:50:15Z",
+ "message": "All Steps have completed executing",
+ "reason": "Succeeded",
+ "status": "True",
+ "type": "Succeeded"
+ }
+ ],
+ "podName": "git-clone-pod",
+ "startTime": "2021-03-29T09:50:00Z",
+ "steps": [
+ {
+ "container": "step-clone",
+ "imageID": "test.io/test/clone-image",
+ "name": "clone",
+ "terminated": {
+ "exitCode": 0,
+ "finishedAt": "2021-03-29T09:50:15Z",
+ "reason": "Completed",
+ "startedAt": "2022-05-31T19:13:27Z"
+ }
+ }
+ ],
+ "results": [
+ {
+ "name": "commit",
+ "value": "abcd"
+ },
+ {
+ "name": "url",
+ "value": "https://git.test.com"
+ }
+ ],
+ "taskSpec": {
+ "params": [
+ {
+ "description": "Repository URL to clone from.",
+ "name": "url",
+ "type": "string"
+ },
+ {
+ "default": "",
+ "description": "Revision to checkout. (branch, tag, sha, ref, etc...)",
+ "name": "revision",
+ "type": "string"
+ }
+ ],
+ "results": [
+ {
+ "description": "The precise commit SHA that was fetched by this Task.",
+ "name": "commit"
+ },
+ {
+ "description": "The precise URL that was fetched by this Task.",
+ "name": "url"
+ }
+ ],
+ "steps": [
+ {
+ "env": [
+ {
+ "name": "HOME",
+ "value": "$(params.userHome)"
+ },
+ {
+ "name": "PARAM_URL",
+ "value": "$(params.url)"
+ }
+ ],
+ "image": "$(params.gitInitImage)",
+ "name": "clone",
+ "resources": {},
+ "script": "git clone"
+ }
+ ]
+ }
+ }
+ },
+ "taskrun-build": {
+ "pipelineTaskName": "build",
+ "status": {
+ "completionTime": "2021-03-29T09:50:15Z",
+ "conditions": [
+ {
+ "lastTransitionTime": "2021-03-29T09:50:15Z",
+ "message": "All Steps have completed executing",
+ "reason": "Succeeded",
+ "status": "True",
+ "type": "Succeeded"
+ }
+ ],
+ "podName": "build-pod",
+ "startTime": "2021-03-29T09:50:00Z",
+ "steps": [
+ {
+ "container": "step-build",
+ "imageID": "test.io/test/build-image",
+ "name": "build",
+ "terminated": {
+ "exitCode": 0,
+ "finishedAt": "2022-05-31T19:17:30Z",
+ "reason": "Completed",
+ "startedAt": "2021-03-29T09:50:00Z"
+ }
+ }
+ ],
+ "results": [
+ {
+ "name": "IMAGE_DIGEST",
+ "value": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7"
+ },
+ {
+ "name": "IMAGE_URL",
+ "value": "test.io/test/image\n"
+ }
+ ],
+ "taskSpec": {
+ "params": [
+ {
+ "description": "Git CHAINS URL",
+ "name": "CHAINS-GIT_URL",
+ "type": "string"
+ },
+ {
+ "description": "Git CHAINS Commit",
+ "name": "CHAINS-GIT_COMMIT",
+ "type": "string"
+ }
+ ],
+ "results": [
+ {
+ "description": "Digest of the image just built.",
+ "name": "IMAGE_DIGEST"
+ },
+ {
+ "description": "URL of the image just built.",
+ "name": "IMAGE_URL"
+ }
+ ],
+ "steps": [
+ {
+ "command": [
+ "buildah",
+ "build"
+ ],
+ "image": "test.io/test/build-image",
+ "name": "generate"
+ },
+ {
+ "command": [
+ "buildah",
+ "push"
+ ],
+ "image": "test.io/test/build-image",
+ "name": "push"
+ }
+ ]
+ }
+ }
+ }
+ },
+ "provenance": {
+ "refSource": {
+ "uri": "git+https:/test",
+ "digest": {
+ "sha1": "28b123"
+ },
+ "entryPoint": "pipeline.yaml"
+ }
+ }
+ }
+}