diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1d1e1669c..531ca1dab 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -122,7 +122,7 @@ jobs: - name: Create and push the tekton bundle (quay.io/enterprise-contract/ec-task-bundle) env: TASK_REPO: quay.io/enterprise-contract/ec-task-bundle - TASKS: "tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml tasks/verify-definition/0.1/verify-definition.yaml" + TASKS: "tasks/verify-enterprise-contract/0.1/verify-enterprise-contract.yaml" run: make task-bundle-snapshot TASK_REPO=$TASK_REPO TASK_TAG=$TAG ADD_TASK_TAG="$TAG_TIMESTAMP" TASKS=<( yq e ".spec.steps[].image? = \"$IMAGE_REPO:$TAG\"" $TASKS | yq 'select(. != null)') - name: Download statistics diff --git a/Makefile b/Makefile index b8a7a0bd1..e8882c775 100644 --- a/Makefile +++ b/Makefile @@ -272,14 +272,14 @@ dev: IMAGE_REPO=localhost:$(REGISTRY_PORT)/ec dev: PODMAN_OPTS=--tls-verify=false dev: TASK_REPO=localhost:$(REGISTRY_PORT)/ec-task-bundle dev: SKOPEO_ARGS=--src-tls-verify=false --dest-tls-verify=false -dev: TASKS:=$(shell T=$$(mktemp) && yq e ".spec.steps[].image? = \"localhost:$(REGISTRY_PORT)/ec\"" tasks/verify-enterprise-contract/*/verify-enterprise-contract.yaml tasks/verify-definition/*/verify-definition.yaml | yq 'select(. != null)' > "$${T}" && echo "$${T}") +dev: TASKS:=$(shell T=$$(mktemp) && yq e ".spec.steps[].image? = \"localhost:$(REGISTRY_PORT)/ec\"" tasks/verify-enterprise-contract/*/verify-enterprise-contract.yaml | yq 'select(. != null)' > "$${T}" && echo "$${T}") dev: push-image task-bundle ## Push the ec-cli and v-e-c Task Bundle to the kind cluster setup via hack/setup-dev-environment.sh @rm "$(TASKS)" TASK_TAG ?= latest TASK_REPO ?= quay.io/enterprise-contract/ec-task-bundle TASK_VERSION ?= 0.1 -TASKS ?= tasks/verify-enterprise-contract/$(TASK_VERSION)/verify-enterprise-contract.yaml tasks/verify-definition/$(TASK_VERSION)/verify-definition.yaml +TASKS ?= tasks/verify-enterprise-contract/$(TASK_VERSION)/verify-enterprise-contract.yaml ifneq (,$(findstring localhost:,$(TASK_REPO))) SKOPEO_ARGS=--src-tls-verify=false --dest-tls-verify=false endif diff --git a/acceptance/kubernetes/kind/image.go b/acceptance/kubernetes/kind/image.go index f0a33ec13..373267fd1 100644 --- a/acceptance/kubernetes/kind/image.go +++ b/acceptance/kubernetes/kind/image.go @@ -76,7 +76,7 @@ func (k *kindCluster) buildTaskBundleImage(ctx context.Context) error { } for _, versionPath := range versions { pathSplit := strings.Split(versionPath, "/") - // there should only be versions under the task path i.e. tasks/verify-definition/0.1 + // there should only be versions under the task path i.e. tasks/verify-enterprise-contract/0.1 version := pathSplit[len(pathSplit)-1] // assume the task definition file is named the same as the task directory fileName := filepath.Join(versionPath, fmt.Sprintf("%s.yaml", taskName)) diff --git a/docs/modules/ROOT/pages/verify-definition.adoc b/docs/modules/ROOT/pages/verify-definition.adoc deleted file mode 100644 index ad3e9dd3f..000000000 --- a/docs/modules/ROOT/pages/verify-definition.adoc +++ /dev/null @@ -1,25 +0,0 @@ -= verify-definition - -Version: 0.1 - -== Synopsis - -Verify a json or yaml definition(s) - -== Params -[horizontal] - -*DEFINITION* (`string`):: The definition(s) to validate. This can be a yaml or json file, the files' contents -or a directory containing the definition files. - -*POLICY_SOURCE* (`string`):: The source containing the policy files. -*NAMESPACE* (`string`):: An optional policy package namespace. -*POLICY_LIB* (`string`):: The source containing the policy files libraries. -+ -*Default*: `git::https://github.com/enterprise-contract/ec-policies//policy/lib` -*POLICY_DATA* (`string`):: The source containing the policy files. -+ -*Default*: `git::https://github.com/enterprise-contract/ec-policies//example/data` -*HOMEDIR* (`string`):: Value for the HOME environment variable. -+ -*Default*: `/tekton/home` diff --git a/docs/modules/ROOT/partials/tasks_nav.adoc b/docs/modules/ROOT/partials/tasks_nav.adoc index 7cf3c430f..841150dfc 100644 --- a/docs/modules/ROOT/partials/tasks_nav.adoc +++ b/docs/modules/ROOT/partials/tasks_nav.adoc @@ -1,3 +1,2 @@ * xref:tasks.adoc[Tekton Tasks] -** xref:verify-definition.adoc[verify-definition] ** xref:verify-enterprise-contract.adoc[verify-enterprise-contract] diff --git a/features/__snapshots__/task_validate_definition.snap b/features/__snapshots__/task_validate_definition.snap deleted file mode 100755 index 9a4bfb1fc..000000000 --- a/features/__snapshots__/task_validate_definition.snap +++ /dev/null @@ -1,9 +0,0 @@ - -[Verifying a simple task definition:validate - 1] -Command "definition" is deprecated, please use "ec validate input" instead. -{"definitions":[{"filename":"${TEMP}/definition-file-${RANDOM}","violations":[],"warnings":[],"successes":[]}],"success":true,"ec-version":"${EC_VERSION}"} ---- - -[Verifying a simple task definition:results - 1] -{} ---- diff --git a/features/task_validate_definition.feature b/features/task_validate_definition.feature deleted file mode 100644 index fa1b22a74..000000000 --- a/features/task_validate_definition.feature +++ /dev/null @@ -1,16 +0,0 @@ -Feature: Verify Enterprise Contract Tekton Tasks - The Verify Enterprise Contract Tekton task verification against a set of golden images - - Background: - Given a cluster running - - Scenario: Verifying a simple task definition - Given a working namespace - - When version 0.1 of the task named "verify-definition" with workspace "output" is run with parameters: - | DEFINITION | {"kind": "Task"} | - | POLICY_SOURCE | git::github.com/enterprise-contract/ec-policies//policy/task | - | NAMESPACE | policy.task.kind | - Then the task should succeed - And the task logs for step "validate" should match the snapshot - And the task results should match the snapshot diff --git a/tasks/verify-definition/0.1/README.md b/tasks/verify-definition/0.1/README.md deleted file mode 100644 index 0a9a81ffb..000000000 --- a/tasks/verify-definition/0.1/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# Verify Definition Task - -This task is used to verify any valid YAML or JSON - -## Install the task -kubectl apply -f https://raw.githubusercontent.com/enterprise-contract/ec-cli/main/tasks/verify-definition/0.1/verify-definition.yaml - -## Parameters -### Required -* **DEFINITION**: The definition(s) to validate. This can be a yaml or json file, the files' contents - or a directory containing the definition files. -* **POLICY_SOURCE**: The source containing the policy files. -### Optional -* **NAMESPACE**: An optional policy package namespace. -* **POLICY_LIB**: The source containing the policy files libraries. -* **POLICY_DATA**: The source containing the policy files configuration data. -* **HOMEDIR**: Value for the HOME environment variable. - -## Usage -This TaskRun runs the Task to verify the JSON string '{"kind": "Task"}'. - -```yaml ---- -apiVersion: tekton.dev/v1 -kind: TaskRun -metadata: - generateName: verify-definition-run- -spec: - params: - - name: HOMEDIR - value: /tekton/home - - name: DEFINITION - value: '{"kind": "Task"}' - - name: NAMESPACE - value: policy.task.kind - - name: POLICY_SOURCE - value: git::github.com/enterprise-contract/ec-policies//policy/task - resources: {} - serviceAccountName: default - taskRef: - resolver: bundles - params: - - name: bundle - value: ${TASK_BUNDLE_REF} - - name: name - value: verify-definition - - name: kind - value: task - timeout: 10m -``` diff --git a/tasks/verify-definition/0.1/verify-definition.yaml b/tasks/verify-definition/0.1/verify-definition.yaml deleted file mode 100644 index c4c981396..000000000 --- a/tasks/verify-definition/0.1/verify-definition.yaml +++ /dev/null @@ -1,83 +0,0 @@ ---- -# Copyright The Enterprise Contract Contributors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 - -apiVersion: tekton.dev/v1 -kind: Task -metadata: - name: verify-definition - annotations: - tekton.dev/displayName: Verify definition - tekton.dev/pipelines.minVersion: "0.19" - tekton.dev/tags: ec, chains, signature, conftest - labels: - app.kubernetes.io/version: "0.1" -spec: - description: Verify a json or yaml definition(s) - params: - - name: DEFINITION - type: string - description: | - The definition(s) to validate. This can be a yaml or json file, the files' contents - or a directory containing the definition files. - - name: POLICY_SOURCE - type: string - description: The source containing the policy files. - - name: NAMESPACE - type: string - description: An optional policy package namespace. - default: "" - - name: POLICY_LIB - type: string - description: The source containing the policy files libraries. - default: git::https://github.com/enterprise-contract/ec-policies//policy/lib - - name: POLICY_DATA - type: string - description: The source containing the policy files. - default: git::https://github.com/enterprise-contract/ec-policies//example/data - - name: HOMEDIR - type: string - description: Value for the HOME environment variable. - default: /tekton/home - workspaces: - - name: output - stepTemplate: - env: - - name: HOME - value: "$(params.HOMEDIR)" - steps: - - name: version - image: quay.io/enterprise-contract/ec-cli:snapshot - command: [ec] - args: - - version - - name: validate - workingDir: "$(workspaces.output.path)" - image: quay.io/enterprise-contract/ec-cli:snapshot - command: [ec] - args: - - validate - - definition - - "--file" - - "$(params.DEFINITION)" - - "--namespace" - - "$(params.NAMESPACE)" - - "--policy" - - "$(params.POLICY_SOURCE)" - - "--policy" - - "$(params.POLICY_LIB)" - - "--data" - - "$(params.POLICY_DATA)"