forked from tektoncd/chains
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix no repeated subjects for v2alpha4 pipelineruns (tektoncd#1130)
Change the pipelinerun v2alpha4 method that calculates the subjects to use `artifact.AppendSubjects` instead of `append` to avoid duplicated subjects. (cherry picked from commit badc734)
- Loading branch information
1 parent
0023878
commit 069573e
Showing
8 changed files
with
1,056 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
apiVersion: tekton.dev/v1 | ||
kind: PipelineRun | ||
metadata: | ||
name: pipeline-test-run | ||
spec: | ||
pipelineSpec: | ||
results: | ||
- name: output1-ARTIFACT_OUTPUTS | ||
value: $(tasks.t1.results.output1-ARTIFACT_OUTPUTS) | ||
- name: output2-ARTIFACT_OUTPUTS | ||
value: $(tasks.t1.results.output2) | ||
- name: output3-ARTIFACT_OUTPUTS | ||
value: $(tasks.t2.results.output3-ARTIFACT_OUTPUTS) | ||
tasks: | ||
- name: t1 | ||
taskSpec: | ||
results: | ||
- name: output1-ARTIFACT_OUTPUTS | ||
type: object | ||
properties: | ||
uri: {} | ||
digest: {} | ||
isBuildArtifact: {} | ||
|
||
- name: output2 | ||
type: object | ||
properties: | ||
uri: {} | ||
digest: {} | ||
|
||
steps: | ||
- name: step1 | ||
image: busybox:glibc | ||
script: | | ||
echo -n "Hello!" | ||
echo -n "{\"uri\":\"gcr.io/foo/img1\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\", \"isBuildArtifact\": \"true\" }" > $(results.output1-ARTIFACT_OUTPUTS.path) | ||
echo -n "{\"uri\":\"gcr.io/foo/img2\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\"}" > $(results.output2.path) | ||
- name: t2 | ||
taskSpec: | ||
results: | ||
- name: output3-ARTIFACT_OUTPUTS | ||
type: object | ||
properties: | ||
uri: {} | ||
digest: {} | ||
isBuildArtifact: {} | ||
steps: | ||
- name: step1 | ||
image: busybox:glibc | ||
script: | | ||
echo -n "Hello!" | ||
echo -n "{\"uri\":\"gcr.io/foo/img1\", \"digest\":\"sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee\", \"isBuildArtifact\": \"true\" }" > $(results.output3-ARTIFACT_OUTPUTS.path) | ||
- name: t3 | ||
taskSpec: | ||
results: | ||
- name: IMAGES | ||
type: string | ||
steps: | ||
- name: step1 | ||
image: busybox:glibc | ||
script: | | ||
echo -n "gcr.io/foo/img1@sha256:586789aa031fafc7d78a5393cdc772e0b55107ea54bb8bcf3f2cdac6c6da51ee" > $(results.IMAGES.path) |
328 changes: 328 additions & 0 deletions
328
pkg/chains/formats/slsa/testdata/slsa-v2alpha4/pipelinerun2.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,328 @@ | ||
{ | ||
"metadata": { | ||
"name": "pipelinerun-build", | ||
"uid": "abhhf-12354-asjsdbjs23-3435353n" | ||
}, | ||
"spec": { | ||
"params": [ | ||
{ | ||
"name": "IMAGE", | ||
"value": "test.io/test/image" | ||
} | ||
], | ||
"pipelineRef": { | ||
"name": "test-pipeline" | ||
}, | ||
"taskRunTemplate": { | ||
"serviceAccountName": "pipeline" | ||
} | ||
}, | ||
"status": { | ||
"startTime": "2021-03-29T09:50:00Z", | ||
"completionTime": "2021-03-29T09:50:15Z", | ||
"conditions": [ | ||
{ | ||
"lastTransitionTime": "2021-03-29T09:50:15Z", | ||
"message": "Tasks Completed: 2 (Failed: 0, Cancelled 0), Skipped: 0", | ||
"reason": "Succeeded", | ||
"status": "True", | ||
"type": "Succeeded" | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"name": "CHAINS-GIT_COMMIT", | ||
"value": "abcd" | ||
}, | ||
{ | ||
"name": "CHAINS-GIT_URL", | ||
"value": "https://git.test.com" | ||
}, | ||
{ | ||
"name": "IMAGE_URL", | ||
"value": "test.io/test/image" | ||
}, | ||
{ | ||
"name": "IMAGE_DIGEST", | ||
"value": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7" | ||
}, | ||
{ | ||
"name": "build-artifact-ARTIFACT_OUTPUTS", | ||
"value": { | ||
"uri": "abc", | ||
"digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7", | ||
"isBuildArtifact": "true" | ||
} | ||
}, | ||
{ | ||
"name": "img-ARTIFACT_INPUTS", | ||
"value": { | ||
"uri": "abc","digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7" | ||
} | ||
}, | ||
{ | ||
"name": "img2-ARTIFACT_OUTPUTS", | ||
"value": { | ||
"uri": "def","digest": "sha256:","isBuildArtifact": "true" | ||
} | ||
}, | ||
{ | ||
"name": "img_no_uri-ARTIFACT_OUTPUTS", | ||
"value": { | ||
"digest": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7" | ||
} | ||
}, | ||
{ | ||
"name": "common-ARTIFACT_OUTPUTS", | ||
"value": { | ||
"uri": "gcr.io/common/image", | ||
"digest": "sha256:33e7e52645f4859622e282167d9200da9861b3d0a6e9c93b85e9cae5526ffc0a", | ||
"isBuildArtifact": "true" | ||
} | ||
} | ||
], | ||
"pipelineSpec": { | ||
"params": [ | ||
{ | ||
"description": "Image path on registry", | ||
"name": "IMAGE", | ||
"type": "string" | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"description": "", | ||
"name": "CHAINS-GIT_COMMIT", | ||
"value": "$(tasks.git-clone.results.commit)" | ||
}, | ||
{ | ||
"description": "", | ||
"name": "CHAINS-GIT_URL", | ||
"value": "$(tasks.git-clone.results.url)" | ||
}, | ||
{ | ||
"description": "", | ||
"name": "IMAGE_URL", | ||
"value": "$(tasks.build.results.IMAGE_URL)" | ||
}, | ||
{ | ||
"description": "", | ||
"name": "IMAGE_DIGEST", | ||
"value": "$(tasks.build.results.IMAGE_DIGEST)" | ||
} | ||
], | ||
"tasks": [ | ||
{ | ||
"name": "git-clone", | ||
"params": [ | ||
{ | ||
"name": "url", | ||
"value": "https://git.test.com" | ||
}, | ||
{ | ||
"name": "revision", | ||
"value": "" | ||
} | ||
], | ||
"taskRef": { | ||
"kind": "ClusterTask", | ||
"name": "git-clone" | ||
} | ||
}, | ||
{ | ||
"name": "build", | ||
"params": [ | ||
{ | ||
"name": "CHAINS-GIT_COMMIT", | ||
"value": "$(tasks.git-clone.results.commit)" | ||
}, | ||
{ | ||
"name": "CHAINS-GIT_URL", | ||
"value": "$(tasks.git-clone.results.url)" | ||
} | ||
], | ||
"taskRef": { | ||
"kind": "ClusterTask", | ||
"name": "build" | ||
} | ||
} | ||
] | ||
}, | ||
"taskRuns": { | ||
"git-clone": { | ||
"pipelineTaskName": "git-clone", | ||
"status": { | ||
"completionTime": "2021-03-29T09:50:15Z", | ||
"conditions": [ | ||
{ | ||
"lastTransitionTime": "2021-03-29T09:50:15Z", | ||
"message": "All Steps have completed executing", | ||
"reason": "Succeeded", | ||
"status": "True", | ||
"type": "Succeeded" | ||
} | ||
], | ||
"podName": "git-clone-pod", | ||
"startTime": "2021-03-29T09:50:00Z", | ||
"steps": [ | ||
{ | ||
"container": "step-clone", | ||
"imageID": "test.io/test/clone-image", | ||
"name": "clone", | ||
"terminated": { | ||
"exitCode": 0, | ||
"finishedAt": "2021-03-29T09:50:15Z", | ||
"reason": "Completed", | ||
"startedAt": "2022-05-31T19:13:27Z" | ||
} | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"name": "commit", | ||
"value": "abcd" | ||
}, | ||
{ | ||
"name": "url", | ||
"value": "https://git.test.com" | ||
} | ||
], | ||
"taskSpec": { | ||
"params": [ | ||
{ | ||
"description": "Repository URL to clone from.", | ||
"name": "url", | ||
"type": "string" | ||
}, | ||
{ | ||
"default": "", | ||
"description": "Revision to checkout. (branch, tag, sha, ref, etc...)", | ||
"name": "revision", | ||
"type": "string" | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"description": "The precise commit SHA that was fetched by this Task.", | ||
"name": "commit" | ||
}, | ||
{ | ||
"description": "The precise URL that was fetched by this Task.", | ||
"name": "url" | ||
} | ||
], | ||
"steps": [ | ||
{ | ||
"env": [ | ||
{ | ||
"name": "HOME", | ||
"value": "$(params.userHome)" | ||
}, | ||
{ | ||
"name": "PARAM_URL", | ||
"value": "$(params.url)" | ||
} | ||
], | ||
"image": "$(params.gitInitImage)", | ||
"name": "clone", | ||
"resources": {}, | ||
"script": "git clone" | ||
} | ||
] | ||
} | ||
} | ||
}, | ||
"taskrun-build": { | ||
"pipelineTaskName": "build", | ||
"status": { | ||
"completionTime": "2021-03-29T09:50:15Z", | ||
"conditions": [ | ||
{ | ||
"lastTransitionTime": "2021-03-29T09:50:15Z", | ||
"message": "All Steps have completed executing", | ||
"reason": "Succeeded", | ||
"status": "True", | ||
"type": "Succeeded" | ||
} | ||
], | ||
"podName": "build-pod", | ||
"startTime": "2021-03-29T09:50:00Z", | ||
"steps": [ | ||
{ | ||
"container": "step-build", | ||
"imageID": "test.io/test/build-image", | ||
"name": "build", | ||
"terminated": { | ||
"exitCode": 0, | ||
"finishedAt": "2022-05-31T19:17:30Z", | ||
"reason": "Completed", | ||
"startedAt": "2021-03-29T09:50:00Z" | ||
} | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"name": "IMAGE_DIGEST", | ||
"value": "sha256:827521c857fdcd4374f4da5442fbae2edb01e7fbae285c3ec15673d4c1daecb7" | ||
}, | ||
{ | ||
"name": "IMAGE_URL", | ||
"value": "test.io/test/image\n" | ||
} | ||
], | ||
"taskSpec": { | ||
"params": [ | ||
{ | ||
"description": "Git CHAINS URL", | ||
"name": "CHAINS-GIT_URL", | ||
"type": "string" | ||
}, | ||
{ | ||
"description": "Git CHAINS Commit", | ||
"name": "CHAINS-GIT_COMMIT", | ||
"type": "string" | ||
} | ||
], | ||
"results": [ | ||
{ | ||
"description": "Digest of the image just built.", | ||
"name": "IMAGE_DIGEST" | ||
}, | ||
{ | ||
"description": "URL of the image just built.", | ||
"name": "IMAGE_URL" | ||
} | ||
], | ||
"steps": [ | ||
{ | ||
"command": [ | ||
"buildah", | ||
"build" | ||
], | ||
"image": "test.io/test/build-image", | ||
"name": "generate" | ||
}, | ||
{ | ||
"command": [ | ||
"buildah", | ||
"push" | ||
], | ||
"image": "test.io/test/build-image", | ||
"name": "push" | ||
} | ||
] | ||
} | ||
} | ||
} | ||
}, | ||
"provenance": { | ||
"refSource": { | ||
"uri": "git+https:/test", | ||
"digest": { | ||
"sha1": "28b123" | ||
}, | ||
"entryPoint": "pipeline.yaml" | ||
} | ||
} | ||
} | ||
} |
Oops, something went wrong.