-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Implement When Expressions (Conditions Beta)
Adding `WhenExpressions` used to efficiently specify guarded execution of `Tasks`, without spinning up new pods. We use `WhenExpressions` to avoid adding an opinionated and complex expression language to the Tekton API to ensure Tekton can be supported by as many systems as possible. Further details about the design are in [Conditions Beta TEP](https://github.com/tektoncd/community/blob/master/teps/0007-conditions-beta.md). The components of `WhenExpressions` are `Input`, `Operator` and `Values`: - `Input` is the input for the `Guard` checking which can be static inputs or variables, such as `Parameters` or `Results`. - `Operator` represents an `Input`'s relationship to a set of `Values`. `Operators` we will use in `WhenExpressions` are `In` and `NotIn`. - `Values` is an array of string values. The `Values` array must be non-empty. It can contain static values or variables (`Parameters` or `Results`). The declared `WhenExpressions` are evaluated before the `Task` is run. If all the `WhenExpressions` evaluate to `True`, the `Task` is run. If any of the `WhenExpressions` evaluate to `False`, the `Task` is skipped. Some key parts of this PR are: - `Expressions` package, which can be reused beyond `WhenExpressions` - `WhenExpressions` type in the `PipelineTask` - Variable substitution for `Results` and `Parameters` used in `WhenExpressions`, either in `Input` or in `Values` -- can be extended to use other variables. - Resource dependency mapping when resources (e.g. `Results`) are used from other `Tasks` - Validation of `WhenExpressions`, variable substitution, among others - Evaluation of `WhenExpressions` and updates to `Task` execution based on the evaluation results - `WhenExpressionsStatus` that exposes the evaluation inputs and results - A practical example of using `WhenExpression`, tests and documentation
- Loading branch information
Showing
22 changed files
with
2,473 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
239 changes: 239 additions & 0 deletions
239
examples/v1beta1/pipelineruns/pipelinerun-with-when-expressions.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,239 @@ | ||
# Copied from https://github.com/tektoncd/catalog/blob/v1beta1/git/git-clone.yaml :( | ||
# This can be deleted after we add support to refer to the remote Task in a registry (Issue #1839) or | ||
# add support for referencing task in git directly (issue #2298) | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Task | ||
metadata: | ||
name: git-clone-from-catalog | ||
spec: | ||
workspaces: | ||
- name: output | ||
description: The git repo will be cloned onto the volume backing this workspace | ||
params: | ||
- name: url | ||
description: git url to clone | ||
type: string | ||
- name: revision | ||
description: git revision to checkout (branch, tag, sha, ref…) | ||
type: string | ||
default: master | ||
- name: refspec | ||
description: (optional) git refspec to fetch before checking out revision | ||
default: "" | ||
- name: submodules | ||
description: defines if the resource should initialize and fetch the submodules | ||
type: string | ||
default: "true" | ||
- name: depth | ||
description: performs a shallow clone where only the most recent commit(s) will be fetched | ||
type: string | ||
default: "1" | ||
- name: sslVerify | ||
description: defines if http.sslVerify should be set to true or false in the global git config | ||
type: string | ||
default: "true" | ||
- name: subdirectory | ||
description: subdirectory inside the "output" workspace to clone the git repo into | ||
type: string | ||
default: "" | ||
- name: deleteExisting | ||
description: clean out the contents of the repo's destination directory (if it already exists) before trying to clone the repo there | ||
type: string | ||
default: "false" | ||
- name: httpProxy | ||
description: git HTTP proxy server for non-SSL requests | ||
type: string | ||
default: "" | ||
- name: httpsProxy | ||
description: git HTTPS proxy server for SSL requests | ||
type: string | ||
default: "" | ||
- name: noProxy | ||
description: git no proxy - opt out of proxying HTTP/HTTPS requests | ||
type: string | ||
default: "" | ||
results: | ||
- name: commit | ||
description: The precise commit SHA that was fetched by this Task | ||
steps: | ||
- name: clone | ||
image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:v0.12.1 | ||
script: | | ||
CHECKOUT_DIR="$(workspaces.output.path)/$(params.subdirectory)" | ||
cleandir() { | ||
# Delete any existing contents of the repo directory if it exists. | ||
# | ||
# We don't just "rm -rf $CHECKOUT_DIR" because $CHECKOUT_DIR might be "/" | ||
# or the root of a mounted volume. | ||
if [[ -d "$CHECKOUT_DIR" ]] ; then | ||
# Delete non-hidden files and directories | ||
rm -rf "$CHECKOUT_DIR"/* | ||
# Delete files and directories starting with . but excluding .. | ||
rm -rf "$CHECKOUT_DIR"/.[!.]* | ||
# Delete files and directories starting with .. plus any other character | ||
rm -rf "$CHECKOUT_DIR"/..?* | ||
fi | ||
} | ||
if [[ "$(params.deleteExisting)" == "true" ]] ; then | ||
cleandir | ||
fi | ||
test -z "$(params.httpProxy)" || export HTTP_PROXY=$(params.httpProxy) | ||
test -z "$(params.httpsProxy)" || export HTTPS_PROXY=$(params.httpsProxy) | ||
test -z "$(params.noProxy)" || export NO_PROXY=$(params.noProxy) | ||
/ko-app/git-init \ | ||
-url "$(params.url)" \ | ||
-revision "$(params.revision)" \ | ||
-refspec "$(params.refspec)" \ | ||
-path "$CHECKOUT_DIR" \ | ||
-sslVerify="$(params.sslVerify)" \ | ||
-submodules="$(params.submodules)" \ | ||
-depth "$(params.depth)" | ||
cd "$CHECKOUT_DIR" | ||
RESULT_SHA="$(git rev-parse HEAD | tr -d '\n')" | ||
EXIT_CODE="$?" | ||
if [ "$EXIT_CODE" != 0 ] | ||
then | ||
exit $EXIT_CODE | ||
fi | ||
# Make sure we don't add a trailing newline to the result! | ||
echo -n "$RESULT_SHA" > $(results.commit.path) | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Task | ||
metadata: | ||
name: check-file | ||
spec: | ||
params: | ||
- name: path | ||
workspaces: | ||
- name: source | ||
description: The workspace to check for the file. | ||
results: | ||
- name: status | ||
description: indicating whether the file exists | ||
steps: | ||
- name: check-file | ||
image: alpine | ||
script: | | ||
if test -f $(workspaces.source.path)/$(params.path); then | ||
printf exists | tee /tekton/results/status | ||
else | ||
printf missing | tee /tekton/results/status | ||
fi | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: Pipeline | ||
metadata: | ||
name: guarded-pipeline | ||
spec: | ||
params: | ||
- name: path | ||
type: string | ||
description: The path of the file to be created. | ||
default: "README.md" | ||
- name: repo-url | ||
type: string | ||
description: The git repository URL to clone from. | ||
- name: branch-name | ||
type: string | ||
description: The git branch to clone. | ||
workspaces: | ||
- name: source-repo | ||
description: | | ||
This workspace will receive the cloned git repo and be passed | ||
to the next Task to create a file. | ||
tasks: | ||
- name: fetch-repo | ||
taskRef: | ||
name: git-clone-from-catalog | ||
params: | ||
- name: url | ||
value: $(params.repo-url) | ||
- name: revision | ||
value: $(params.branch-name) | ||
workspaces: | ||
- name: output | ||
workspace: source-repo | ||
- name: create-file | ||
when: | ||
- input: "$(params.path)" | ||
operator: in | ||
values: ["README.md"] | ||
workspaces: | ||
- name: source | ||
workspace: source-repo | ||
runAfter: | ||
- fetch-repo | ||
taskSpec: | ||
workspaces: | ||
- name: source | ||
description: The workspace to create the readme file in. | ||
steps: | ||
- name: write-new-stuff | ||
image: ubuntu | ||
script: 'touch $(workspaces.source.path)/README.md' | ||
- name: check-file | ||
when: | ||
- input: "foo" | ||
operator: in | ||
values: ["foo", "bar"] | ||
params: | ||
- name: path | ||
value: "$(params.path)" | ||
workspaces: | ||
- name: source | ||
workspace: source-repo | ||
taskRef: | ||
name: check-file | ||
runAfter: | ||
- create-file | ||
- name: echo-file-exists | ||
when: | ||
- input: "$(tasks.check-file.results.status)" | ||
operator: in | ||
values: ["exists"] | ||
taskSpec: | ||
steps: | ||
- name: echo | ||
image: ubuntu | ||
script: 'echo file exists' | ||
- name: task-should-be-skipped | ||
when: | ||
- input: "foo" | ||
operator: notin | ||
values: ["foo"] | ||
- input: "foo" | ||
operator: in | ||
values: ["bar"] | ||
taskSpec: | ||
steps: | ||
- name: echo | ||
image: ubuntu | ||
script: exit 1 | ||
--- | ||
apiVersion: tekton.dev/v1beta1 | ||
kind: PipelineRun | ||
metadata: | ||
name: guarded-pr | ||
spec: | ||
serviceAccountName: 'default' | ||
pipelineRef: | ||
name: guarded-pipeline | ||
params: | ||
- name: repo-url | ||
value: https://github.com/tektoncd/pipeline.git | ||
- name: branch-name | ||
value: master | ||
workspaces: | ||
- name: source-repo | ||
volumeClaimTemplate: | ||
spec: | ||
accessModes: | ||
- ReadWriteOnce | ||
resources: | ||
requests: | ||
storage: 1Gi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.