diff --git a/go.mod b/go.mod index cac2703c1..d72527a99 100644 --- a/go.mod +++ b/go.mod @@ -34,10 +34,10 @@ require ( ) require ( - github.com/openshift-pipelines/pipelines-as-code v0.20.0 + github.com/openshift-pipelines/pipelines-as-code v0.21.0 github.com/spf13/cobra v1.7.0 github.com/tektoncd/cli v0.32.0 - github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913032018-660f221c6156 + github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913052618-821234bc710b ) require ( diff --git a/go.sum b/go.sum index 18ce7b89e..5d5f30f59 100644 --- a/go.sum +++ b/go.sum @@ -2228,8 +2228,8 @@ github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqi github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= -github.com/openshift-pipelines/pipelines-as-code v0.20.0 h1:RKedodJ7h+LdoDLL2mD7tVdEhE4ME/hqnPCYFp5hJOk= -github.com/openshift-pipelines/pipelines-as-code v0.20.0/go.mod h1:tPoF6CjApxEk+bVRvUIUDopMz3b2gDAa26wpwpvc4jY= +github.com/openshift-pipelines/pipelines-as-code v0.21.0 h1:jTRJEJQ4DisvRqYS67m0FpYuREjsopEPO/q62hjfy7s= +github.com/openshift-pipelines/pipelines-as-code v0.21.0/go.mod h1:tPoF6CjApxEk+bVRvUIUDopMz3b2gDAa26wpwpvc4jY= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= @@ -2530,8 +2530,8 @@ github.com/tektoncd/pipeline v0.50.1 h1:Asdfn1MxUSTlfzmr0PV4BPIEH7K4QLGym33nLgQl github.com/tektoncd/pipeline v0.50.1/go.mod h1:OjhCfhPQbVvK6GUmIseL2ipjaQ8ILcUerMk4P4sCcHA= github.com/tektoncd/results v0.8.0 h1:C+3NmjFP1TB0OyRThPxsBFwhaNhcnL0ztq3eLfhHxO0= github.com/tektoncd/results v0.8.0/go.mod h1:fFoYhM82IazRmdFkjuP88128Rplj9hJBwB7NwkKTmaQ= -github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913032018-660f221c6156 h1:na/QCW4SFnKQvYVL35zil8K0jDm5eF2C5Lr5S4qvgPg= -github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913032018-660f221c6156/go.mod h1:Rb3T7iud6ZtPv3doq6dke0RYWLrq8gjaURe2jKCVMxM= +github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913052618-821234bc710b h1:rv9zpUaK+PlUNQKyCrypKeCb8wbYiCMgKTG/WzU0KUw= +github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913052618-821234bc710b/go.mod h1:Rb3T7iud6ZtPv3doq6dke0RYWLrq8gjaURe2jKCVMxM= github.com/tektoncd/triggers v0.25.0 h1:HaHZ0w8RpeIvB/7DoIZz+KhIOAVzPiFIPZOrDtvEPbM= github.com/tektoncd/triggers v0.25.0/go.mod h1:yIxJZ4rLqZmLidFgyhR882BEy3gaW3gQkSsofP1KlRM= github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg= diff --git a/pkg/version.json b/pkg/version.json index daa7548cf..a02eb24f7 100644 --- a/pkg/version.json +++ b/pkg/version.json @@ -1 +1 @@ -{"pac": "0.20.0", "tkn": "0.32.0", "opc": "devel"} +{"pac": "0.21.0", "tkn": "0.32.0", "opc": "devel"} diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/incoming/incoming.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/incoming/incoming.go new file mode 100644 index 000000000..9c4acc2f2 --- /dev/null +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/incoming/incoming.go @@ -0,0 +1,20 @@ +package incoming + +import "encoding/json" + +type ( + Params map[string]interface{} + Payload struct { + Params Params `json:"params"` + } +) + +// parsePayload parses the payload from the incoming webhook, in json format and has only one key params +func ParseIncomingPayload(payload []byte) (Payload, error) { + var incomingPayload Payload + err := json.Unmarshal(payload, &incomingPayload) + if err != nil { + return Payload{}, err + } + return incomingPayload, nil +} diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1/types.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1/types.go index d1703f468..c8871f24e 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1/types.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1/types.go @@ -65,6 +65,7 @@ type TaskInfos struct { Message string LogSnippet string Reason string + DisplayName string CompletionTime *metav1.Time } @@ -99,6 +100,7 @@ type Params struct { type Incoming struct { Type string `json:"type"` Secret Secret `json:"secret"` + Params []string `json:"params,omitempty"` Targets []string `json:"targets,omitempty"` } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cli/webhook/gitlab.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cli/webhook/gitlab.go index 6c0f056b4..5aa622a9f 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cli/webhook/gitlab.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cli/webhook/gitlab.go @@ -126,6 +126,7 @@ func (gl *gitLabConfig) create() error { MergeRequestsEvents: gitlab.Bool(true), NoteEvents: gitlab.Bool(true), PushEvents: gitlab.Bool(true), + TagPushEvents: gitlab.Bool(true), Token: gitlab.String(gl.webhookSecret), URL: gitlab.String(gl.controllerURL), } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/bootstrap/bootstrap.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/bootstrap/bootstrap.go index 7338f82f5..27650032a 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/bootstrap/bootstrap.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/bootstrap/bootstrap.go @@ -5,15 +5,16 @@ import ( "fmt" "strings" + "github.com/spf13/cobra" + corev1 "k8s.io/api/core/v1" + kapierror "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/keys" "github.com/openshift-pipelines/pipelines-as-code/pkg/cli" "github.com/openshift-pipelines/pipelines-as-code/pkg/cli/info" "github.com/openshift-pipelines/pipelines-as-code/pkg/params" "github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings" - "github.com/spf13/cobra" - corev1 "k8s.io/api/core/v1" - kapierror "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) const ( @@ -226,6 +227,12 @@ func GithubApp(run *params.Run, ioStreams *cli.IOStreams) *cobra.Command { fmt.Fprintf(opts.ioStreams.Out, "👕 Using Public Github on %s\n", keys.PublicGithubAPIURL) opts.GithubAPIURL = keys.PublicGithubAPIURL } else { + // check if it finishes with /api/v3 and strip it out if it does + opts.GithubAPIURL = strings.TrimSuffix(opts.GithubAPIURL, "/api/v3") + // if we have only a host then add https into it + if !strings.HasPrefix(opts.GithubAPIURL, "https://") { + opts.GithubAPIURL = fmt.Sprintf("https://%s", opts.GithubAPIURL) + } fmt.Fprintf(opts.ioStreams.Out, "👔 Using Github Enterprise URL: %s\n", opts.GithubAPIURL) opts.providerType = "github-enterprise-app" } @@ -301,7 +308,9 @@ func addGithubAppFlag(cmd *cobra.Command, opts *bootstrapOpts) { cmd.PersistentFlags().StringVar(&opts.GithubOrganizationName, "github-organization-name", "", "Whether you want to target an organization instead of the current user") cmd.PersistentFlags().StringVar(&opts.GithubApplicationName, "github-application-name", "", "GitHub Application Name") cmd.PersistentFlags().StringVar(&opts.GithubApplicationURL, "github-application-url", "", "GitHub Application URL") - cmd.PersistentFlags().StringVarP(&opts.GithubAPIURL, "github-api-url", "", "", "Github Enterprise API URL") + cmd.PersistentFlags().StringVarP(&opts.GithubAPIURL, "github-hostname", "", "", "Github Enterprise Hostname ") + cmd.PersistentFlags().StringVarP(&opts.GithubAPIURL, "github-api-url", "", "", "Github Enterprise API Host or URL") + _ = cmd.Flags().MarkDeprecated("github-api-url", "please use --github-hostname flag instead") cmd.PersistentFlags().StringVar(&opts.RouteName, "route-url", "", "The public URL for the pipelines-as-code controller") cmd.PersistentFlags().StringVar(&opts.forwarderURL, "web-forwarder-url", defaultWebForwarderURL, "the web forwarder url") cmd.PersistentFlags().StringVar(&opts.dashboardURL, "dashboard-url", "", "the full URL to the tekton dashboard ") diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/describe/templates/describe.tmpl b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/describe/templates/describe.tmpl index 8bc2a58a0..bd45b6b0b 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/describe/templates/describe.tmpl +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/describe/templates/describe.tmpl @@ -24,7 +24,7 @@ {{ $.ColorScheme.Underline "Failures:" }} {{ range $taskName, $task := $status.CollectedTaskInfos }} -{{ $.ColorScheme.Bold "•" }} {{ $taskName }}:{{if ne $task.Reason "Failed"}} {{$.ColorScheme.Dimmed $task.Reason}}{{end}} +{{ $.ColorScheme.Bold "•" }} {{if ne $task.DisplayName ""}}{{ $task.DisplayName }}{{ else }}{{ $taskName }}{{ end }}:{{if ne $task.Reason "Failed"}} {{$.ColorScheme.Dimmed $task.Reason}}{{end}} {{ if eq $task.LogSnippet ""}} {{ $task.Message }}{{ else }}{{ formatError $.ColorScheme $task.LogSnippet }}{{end}} {{ end }} {{- end }} diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/resolve/resolve.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/resolve/resolve.go index 653e348f6..95cbed307 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/resolve/resolve.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/cmd/tknpac/resolve/resolve.go @@ -155,10 +155,9 @@ func Command(run *params.Run, streams *cli.IOStreams) *cobra.Command { "Filename, directory, or URL to files to use to create the resource") cmd.Flags().StringSliceVarP(&skipInlining, "skip", "s", filenames, - "skip inlining") + "skip inlining this task and use them as is (must be present in namespace to be able to use them). multiple values are supported") - cmd.Flags().BoolVar(&noSecret, "no-secret", false, - "skip generating or asking for secrets") + cmd.Flags().BoolVar(&noSecret, "no-secret", false, "don't ask if you would like to generate a secret when git_auth_secret is found in the template") cmd.Flags().BoolVar(&noGenerateName, "no-generate-name", false, "don't automatically generate a GenerateName for pipelinerun uniqueness") @@ -169,11 +168,6 @@ func Command(run *params.Run, streams *cli.IOStreams) *cobra.Command { cmd.Flags().BoolVarP(&asv1beta1, "v1beta1", "B", false, "output as tekton v1beta1") cmd.Flags().StringVarP(&providerToken, "providerToken", "t", "", "use this token to generate the git-auth secret,\n you can set the environment PAC_PROVIDER_TOKEN to have this set automatically") - err := run.Info.Pac.AddFlags(cmd) - if err != nil { - log.Fatal(err) - } - return cmd } @@ -212,7 +206,11 @@ func resolveFilenames(ctx context.Context, cs *params.Run, filenames []string, p // We use github here but since we don't do remotetask we would not care providerintf := github.New() event := info.NewEvent() - prun, err := resolve.Resolve(ctx, cs, cs.Clients.Log, providerintf, event, allTheYamls, ropt) + types, err := resolve.ReadTektonTypes(ctx, cs.Clients.Log, allTheYamls) + if err != nil { + return "", err + } + prun, err := resolve.Resolve(ctx, cs, cs.Clients.Log, providerintf, types, event, ropt) if err != nil { return "", err } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/consoleui/custom.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/consoleui/custom.go index cac1018a9..b2e76b6d4 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/consoleui/custom.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/consoleui/custom.go @@ -6,12 +6,13 @@ import ( "net/url" "strings" + tektonv1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" + "k8s.io/client-go/dynamic" + "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/keys" "github.com/openshift-pipelines/pipelines-as-code/pkg/params/info" "github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings" "github.com/openshift-pipelines/pipelines-as-code/pkg/templates" - tektonv1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1" - "k8s.io/client-go/dynamic" ) type CustomConsole struct { diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/customparams.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/customparams.go index 52257e097..a6807aad3 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/customparams.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/customparams.go @@ -4,6 +4,7 @@ import ( "context" "fmt" + apincoming "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/incoming" "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1" "github.com/openshift-pipelines/pipelines-as-code/pkg/events" "github.com/openshift-pipelines/pipelines-as-code/pkg/kubeinteraction" @@ -31,6 +32,23 @@ func NewCustomParams(event *info.Event, repo *v1alpha1.Repository, run *params.R } } +// applyIncomingParams apply incoming params to an existing map (overwriting existing keys) +func (p *CustomParams) applyIncomingParams(ret map[string]string) map[string]string { + if p.event.Request == nil { + return ret + } + if incomingParams, err := apincoming.ParseIncomingPayload(p.event.Request.Payload); err == nil { + for k, v := range incomingParams.Params { + if vs, ok := v.(string); ok { + ret[k] = vs + } else { + p.eventEmitter.EmitMessage(p.repo, zap.WarnLevel, "IncomingParamsNotString", fmt.Sprintf("cannot convert incoming param key: %s value: %v as string", k, v)) + } + } + } + return ret +} + // GetParams will process the parameters as set in the repo.Spec CR. // value can come from a string or from a secretKeyRef or from a string value // if both is set we pick the value and issue a warning in the user namespace @@ -40,7 +58,7 @@ func NewCustomParams(event *info.Event, repo *v1alpha1.Repository, run *params.R func (p *CustomParams) GetParams(ctx context.Context) (map[string]string, error) { stdParams := p.makeStandardParamsFromEvent() if p.repo.Spec.Params == nil { - return stdParams, nil + return p.applyIncomingParams(stdParams), nil } ret := map[string]string{} mapFilters := map[string]string{} @@ -104,5 +122,5 @@ func (p *CustomParams) GetParams(ctx context.Context) (map[string]string, error) } } - return ret, nil + return p.applyIncomingParams(ret), nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/standard.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/standard.go index 7df222ca3..c4480b9c0 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/standard.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/customparams/standard.go @@ -22,6 +22,7 @@ func (p *CustomParams) makeStandardParamsFromEvent() map[string]string { "repo_name": strings.ToLower(p.event.Repository), "target_branch": formatting.SanitizeBranch(p.event.BaseBranch), "source_branch": formatting.SanitizeBranch(p.event.HeadBranch), + "source_url": p.event.HeadURL, "sender": strings.ToLower(p.event.Sender), "target_namespace": p.repo.GetNamespace(), "event_type": p.event.EventType, diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/kubeinteraction/status/task_status.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/kubeinteraction/status/task_status.go index 87bfa2896..de2fad999 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/kubeinteraction/status/task_status.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/kubeinteraction/status/task_status.go @@ -48,6 +48,18 @@ func GetStatusFromTaskStatusOrFromAsking(ctx context.Context, pr *tektonv1.Pipel run.Clients.Log.Warnf("cannot get taskrun status pr %s ns: %s err: %w", pr.GetName(), pr.GetNamespace(), err) continue } + if ts == nil { + run.Clients.Log.Warnf("cannot get taskrun status pr %s ns: %s, ts come back nil?", pr.GetName(), pr.GetNamespace(), err) + continue + } + // search in taskSpecs if there is a displayName for that status + if pr.Spec.PipelineSpec != nil && pr.Spec.PipelineSpec.Tasks != nil { + for _, taskSpec := range pr.Spec.PipelineSpec.Tasks { + if ts.TaskSpec != nil && taskSpec.Name == cr.PipelineTaskName { + ts.TaskSpec.DisplayName = taskSpec.DisplayName + } + } + } trStatus[cr.Name] = &tektonv1.PipelineRunTaskRunStatus{ PipelineTaskName: cr.PipelineTaskName, Status: ts, @@ -77,6 +89,7 @@ func CollectFailedTasksLogSnippet(ctx context.Context, cs *params.Run, kinteract Message: reasonMessageReplacementRegexp.ReplaceAllString(task.Status.Conditions[0].Message, ""), CompletionTime: task.Status.CompletionTime, Reason: task.Status.Conditions[0].Reason, + DisplayName: task.Status.TaskSpec.DisplayName, } if ti.Reason == "TaskRunValidationFailed" || ti.Reason == tektonv1.TaskRunReasonCancelled.String() || ti.Reason == tektonv1.TaskRunReasonTimedOut.String() || ti.Reason == tektonv1.TaskRunReasonImagePullFailed.String() { failureReasons[task.PipelineTaskName] = ti diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/matcher/annotation_matcher.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/matcher/annotation_matcher.go index f0cce2053..62949eac4 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/matcher/annotation_matcher.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/matcher/annotation_matcher.go @@ -24,6 +24,7 @@ const ( reValidateTag = `^\[(.*)\]$|^[^[\]\s]*$` ) +// prunBranch is value from annotations and baseBranch is event.Base value from event func branchMatch(prunBranch, baseBranch string) bool { // Helper function to match glob pattern matchGlob := func(pattern, branch string) bool { @@ -31,25 +32,30 @@ func branchMatch(prunBranch, baseBranch string) bool { return g.Match(branch) } + // Case: target is refs/heads/.. if strings.HasPrefix(prunBranch, "refs/heads/") { - // Case: target is refs/heads/.. ref := baseBranch - if !strings.HasPrefix(baseBranch, "refs/heads/") { - // If base is without refs/heads/ prefix, add it + if !strings.HasPrefix(baseBranch, "refs/heads/") && !strings.HasPrefix(baseBranch, "refs/tags/") { + // If base is without refs/heads/.. and not refs/tags/.. prefix, add it ref = "refs/heads/" + baseBranch } - // Match the prunBranch pattern with the modified baseBranch return matchGlob(prunBranch, ref) } - // Case: base is refs/heads/.. - prunRef := prunBranch - if !strings.HasPrefix(prunBranch, "refs/heads/") { - // If prunBranch is without refs/heads/ prefix, add it - prunRef = "refs/heads/" + prunBranch + // Case: target is not refs/heads/.. and not refs/tags/.. + if !strings.HasPrefix(prunBranch, "refs/heads/") && !strings.HasPrefix(prunBranch, "refs/tags/") { + prunRef := "refs/heads/" + prunBranch + ref := baseBranch + if !strings.HasPrefix(baseBranch, "refs/heads/") && !strings.HasPrefix(baseBranch, "refs/tags/") { + // If base is without refs/heads/.. and not refs/tags/.. prefix, add it + ref = "refs/heads/" + baseBranch + } + return matchGlob(prunRef, ref) } + // Match the prunRef pattern with the baseBranch - return matchGlob(prunRef, baseBranch) + // this will cover the scenarios of match globs like refs/tags/0.* and any other if any + return matchGlob(prunBranch, baseBranch) } // TODO: move to another file since it's common to all annotations_* files @@ -226,3 +232,22 @@ func matchOnAnnotation(annotations string, eventType []string, branchMatching bo } return true, nil } + +func MatchRunningPipelineRunForIncomingWebhook(eventType, incomingPipelineRun string, prs []*tektonv1.PipelineRun) []*tektonv1.PipelineRun { + // return all pipelineruns if EventType is not incoming or TargetPipelineRun is "" + if eventType != "incoming" || incomingPipelineRun == "" { + return prs + } + + for _, pr := range prs { + // check incomingPipelineRun with pr name + if incomingPipelineRun == pr.GetName() { + return []*tektonv1.PipelineRun{pr} + } + // check incomingPipelineRun with pr generateName + if incomingPipelineRun == strings.TrimSuffix(pr.GetGenerateName(), "-") { + return []*tektonv1.PipelineRun{pr} + } + } + return nil +} diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/config.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/config.go index eec3451f7..10ad76be5 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/config.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/config.go @@ -54,6 +54,9 @@ const ( ErrorDetectionSimpleRegexpKey = "error-detection-simple-regexp" errorDetectionSimpleRegexpValue = `^(?P[^:]*):(?P[0-9]+):(?P[0-9]+):([ ]*)?(?P.*)` + + RememberOKToTestKey = "remember-ok-to-test" + rememberOKToTestValue = "true" ) var ( @@ -94,12 +97,14 @@ type Settings struct { CustomConsoleURL string CustomConsolePRdetail string CustomConsolePRTaskLog string + + RememberOKToTest bool } func ConfigToSettings(logger *zap.SugaredLogger, setting *Settings, config map[string]string) error { // pass through defaulting SetDefaults(config) - setting.HubCatalogs = getHubCatalogs(logger, config) + setting.HubCatalogs = getHubCatalogs(logger, setting.HubCatalogs, config) // validate fields if err := Validate(config); err != nil { @@ -226,6 +231,12 @@ func ConfigToSettings(logger *zap.SugaredLogger, setting *Settings, config map[s setting.CustomConsolePRTaskLog = config[CustomConsolePRTaskLogKey] } + rememberOKToTest := StringToBool(config[RememberOKToTestKey]) + if setting.RememberOKToTest != rememberOKToTest { + logger.Infof("CONFIG: setting remember ok-to-test to %v", rememberOKToTest) + setting.RememberOKToTest = rememberOKToTest + } + return nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/default.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/default.go index cda28d683..f8981d2af 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/default.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/default.go @@ -9,8 +9,10 @@ import ( "go.uber.org/zap" ) -func getHubCatalogs(logger *zap.SugaredLogger, config map[string]string) *sync.Map { - catalogs := sync.Map{} +func getHubCatalogs(logger *zap.SugaredLogger, catalogs *sync.Map, config map[string]string) *sync.Map { + if catalogs == nil { + catalogs = &sync.Map{} + } if hubURL, ok := config[HubURLKey]; !ok || hubURL == "" { config[HubURLKey] = HubURLDefaultValue logger.Infof("CONFIG: using default hub url %s", HubURLDefaultValue) @@ -56,16 +58,24 @@ func getHubCatalogs(logger *zap.SugaredLogger, config map[string]string) *sync.M logger.Warnf("CONFIG: custom hub %s, catalog url %s is not valid, skipping catalog configuration", catalogID, catalogURL) break } + catalogName := config[fmt.Sprintf("%s-name", cPrefix)] + value, ok := catalogs.Load(catalogID) + if ok { + catalogValues, ok := value.(HubCatalog) + if ok && (catalogValues.Name == catalogName) && (catalogValues.URL == catalogURL) { + break + } + } logger.Infof("CONFIG: setting custom hub %s, catalog %s", catalogID, catalogURL) catalogs.Store(catalogID, HubCatalog{ ID: catalogID, - Name: config[fmt.Sprintf("%s-name", cPrefix)], + Name: catalogName, URL: catalogURL, }) } } } - return &catalogs + return catalogs } func SetDefaults(config map[string]string) { @@ -121,4 +131,8 @@ func SetDefaults(config map[string]string) { if v, ok := config[CustomConsolePRTaskLogKey]; !ok || v == "" { config[CustomConsolePRTaskLogKey] = v } + + if rememberOKToTest, ok := config[RememberOKToTestKey]; !ok || rememberOKToTest == "" { + config[RememberOKToTestKey] = rememberOKToTestValue + } } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/validation.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/validation.go index b55c069dd..304218657 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/validation.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/params/settings/validation.go @@ -83,6 +83,13 @@ func Validate(config map[string]string) error { return fmt.Errorf("invalid value for key %v, must start with http:// or https://", CustomConsolePRTaskLogKey) } } + + if check, ok := config[RememberOKToTestKey]; ok && check != "" { + if !isValidBool(check) { + return fmt.Errorf("invalid value for key %v, acceptable values: true or false", RememberOKToTestKey) + } + } + return nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/pipelineascode/match.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/pipelineascode/match.go index 0ff713a40..0fb22907f 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/pipelineascode/match.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/pipelineascode/match.go @@ -116,7 +116,7 @@ is that what you want? make sure you use -n when generating the secret, eg: echo // Check if the submitter is allowed to run this. if p.event.TriggerTarget != "push" { - allowed, err := p.vcx.IsAllowed(ctx, p.event) + allowed, err := p.vcx.IsAllowed(ctx, p.event, p.run.Info.Pac) if err != nil { return repo, err } @@ -173,20 +173,34 @@ func (p *PacRun) getPipelineRunsFromRepo(ctx context.Context, repo *v1alpha1.Rep // Replace those {{var}} placeholders user has in her template to the run.Info variable allTemplates := p.makeTemplate(ctx, repo, rawTemplates) - pipelineRuns, err := resolve.Resolve(ctx, p.run, p.logger, p.vcx, p.event, allTemplates, &resolve.Opts{ - GenerateName: true, - RemoteTasks: p.run.Info.Pac.RemoteTasks, - }) + + types, err := resolve.ReadTektonTypes(ctx, p.logger, allTemplates) if err != nil { - p.eventEmitter.EmitMessage(repo, zap.ErrorLevel, "RepositoryFailedToMatch", fmt.Sprintf("failed to match pipelineRuns: %s", err.Error())) return nil, err } - if pipelineRuns == nil { + pipelineRuns := types.PipelineRuns + if len(pipelineRuns) == 0 { msg := fmt.Sprintf("cannot locate templates in %s/ directory for this repository in %s", tektonDir, p.event.HeadBranch) p.eventEmitter.EmitMessage(nil, zap.InfoLevel, "RepositoryCannotLocatePipelineRun", msg) return nil, nil } + // Match the PipelineRun with annotation + matchedPRs, err := matcher.MatchPipelinerunByAnnotation(ctx, p.logger, pipelineRuns, p.run, p.event, p.vcx) + if err != nil { + // Don't fail when you don't have a match between pipeline and annotations + p.eventEmitter.EmitMessage(nil, zap.WarnLevel, "RepositoryNoMatch", err.Error()) + return nil, nil + } + + // if event type is incoming then filter out the pipelineruns related to incoming event + pipelineRuns = matcher.MatchRunningPipelineRunForIncomingWebhook(p.event.EventType, p.event.TargetPipelineRun, pipelineRuns) + if pipelineRuns == nil { + msg := fmt.Sprintf("cannot find pipelinerun %s for matching an incoming event in this repository", p.event.TargetPipelineRun) + p.eventEmitter.EmitMessage(repo, zap.InfoLevel, "RepositoryCannotLocatePipelineRunForIncomingEvent", msg) + return nil, nil + } + // if /test command is used then filter out the pipelinerun pipelineRuns = filterRunningPipelineRunOnTargetTest(p.event.TargetTestPipelineRun, pipelineRuns) if pipelineRuns == nil { @@ -195,13 +209,32 @@ func (p *PacRun) getPipelineRunsFromRepo(ctx context.Context, repo *v1alpha1.Rep return nil, nil } + // finally resolve with fetching the remote tasks (if enabled) + if p.run.Info.Pac.RemoteTasks { + // only resolve on the matched pipelineruns + types.PipelineRuns = nil + for _, match := range matchedPRs { + for pr := range pipelineRuns { + if match.PipelineRun.Name == pipelineRuns[pr].Name { + types.PipelineRuns = append(types.PipelineRuns, pipelineRuns[pr]) + } + } + } + pipelineRuns, err = resolve.Resolve(ctx, p.run, p.logger, p.vcx, types, p.event, &resolve.Opts{ + GenerateName: true, + RemoteTasks: true, + }) + if err != nil { + p.eventEmitter.EmitMessage(repo, zap.ErrorLevel, "RepositoryFailedToMatch", fmt.Sprintf("failed to match pipelineRuns: %s", err.Error())) + return nil, err + } + } + err = changeSecret(pipelineRuns) if err != nil { return nil, err } - - // Match the PipelineRun with annotation - matchedPRs, err := matcher.MatchPipelinerunByAnnotation(ctx, p.logger, pipelineRuns, p.run, p.event, p.vcx) + matchedPRs, err = matcher.MatchPipelinerunByAnnotation(ctx, p.logger, pipelineRuns, p.run, p.event, p.vcx) if err != nil { // Don't fail when you don't have a match between pipeline and annotations p.eventEmitter.EmitMessage(nil, zap.WarnLevel, "RepositoryNoMatch", err.Error()) diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/acl.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/acl.go index c2010fa83..33e74524a 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/acl.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/acl.go @@ -18,28 +18,35 @@ import ( func (v *Provider) CheckPolicyAllowing(ctx context.Context, event *info.Event, allowedTeams []string) (bool, string) { for _, team := range allowedTeams { // TODO: caching - members, resp, err := v.Client.Teams.ListTeamMembersBySlug(ctx, event.Organization, team, &github.TeamListTeamMembersOptions{}) - if resp.StatusCode == http.StatusNotFound { - // we explicitly disallow the policy when the team is not found - // maybe we should ignore it instead? i'd rather keep this explicit - // and conservative since being security related. - return false, fmt.Sprintf("team: %s is not found on the organization: %s", team, event.Organization) - } - if err != nil { - // probably a 500 or another api error, no need to try again and again with other teams - return false, fmt.Sprintf("error while getting team membership for user: %s in team: %s, error: %s", event.Sender, team, err.Error()) - } - for _, member := range members { - if member.GetLogin() == event.Sender { - return true, fmt.Sprintf("allowing user: %s as a member of the team: %s", event.Sender, team) + opt := github.ListOptions{PerPage: v.paginedNumber} + for { + members, resp, err := v.Client.Teams.ListTeamMembersBySlug(ctx, event.Organization, team, &github.TeamListTeamMembersOptions{ListOptions: opt}) + if resp.StatusCode == http.StatusNotFound { + // we explicitly disallow the policy when the team is not found + // maybe we should ignore it instead? i'd rather keep this explicit + // and conservative since being security related. + return false, fmt.Sprintf("team: %s is not found on the organization: %s", team, event.Organization) + } + if err != nil { + // probably a 500 or another api error, no need to try again and again with other teams + return false, fmt.Sprintf("error while getting team membership for user: %s in team: %s, error: %s", event.Sender, team, err.Error()) + } + for _, member := range members { + if member.GetLogin() == event.Sender { + return true, fmt.Sprintf("allowing user: %s as a member of the team: %s", event.Sender, team) + } + } + if resp.NextPage == 0 { + break } + opt.Page = resp.NextPage } } return false, fmt.Sprintf("user: %s is not a member of any of the allowed teams: %v", event.Sender, allowedTeams) } -func (v *Provider) IsAllowed(ctx context.Context, event *info.Event) (bool, error) { +func (v *Provider) IsAllowed(ctx context.Context, event *info.Event, pac *info.PacOpts) (bool, error) { aclPolicy := policy.Policy{ Settings: v.repoSettings, Event: event, @@ -69,15 +76,15 @@ func (v *Provider) IsAllowed(ctx context.Context, event *info.Event) (bool, erro return true, nil } - // Finally try to parse all comments - return v.aclAllowedOkToTestFromAnOwner(ctx, event) + // Finally try to parse comments + return v.aclAllowedOkToTestFromAnOwner(ctx, event, pac) } -// allowedOkToTestFromAnOwner Go over every comments in a pull request and check +// allowedOkToTestFromAnOwner Go over comments in a pull request and check // if there is a /ok-to-test in there running an aclCheck again on the comment // Sender if she is an OWNER and then allow it to run CI. // TODO: pull out the github logic from there in an agnostic way. -func (v *Provider) aclAllowedOkToTestFromAnOwner(ctx context.Context, event *info.Event) (bool, error) { +func (v *Provider) aclAllowedOkToTestFromAnOwner(ctx context.Context, event *info.Event, pac *info.PacOpts) (bool, error) { revent := info.NewEvent() event.DeepCopyInto(revent) revent.EventType = "" @@ -88,8 +95,18 @@ func (v *Provider) aclAllowedOkToTestFromAnOwner(ctx context.Context, event *inf switch event := revent.Event.(type) { case *github.IssueCommentEvent: + // if we don't need to check old comments, then on issue comment we + // need to check if comment have /ok-to-test and is from allowed user + if !pac.RememberOKToTest { + return v.aclAllowedOkToTestCurrentComment(ctx, revent, event.Comment.GetID()) + } revent.URL = event.Issue.GetPullRequestLinks().GetHTMLURL() case *github.PullRequestEvent: + // if we don't need to check old comments, then on push event we don't need + // to check anything for the non-allowed user + if !pac.RememberOKToTest { + return false, nil + } revent.URL = event.GetPullRequest().GetHTMLURL() default: return false, nil @@ -113,8 +130,29 @@ func (v *Provider) aclAllowedOkToTestFromAnOwner(ctx context.Context, event *inf return false, nil } +// aclAllowedOkToTestCurrentEvent only check if this is issue comment event +// have /ok-to-test regex and sender is allowed. +func (v *Provider) aclAllowedOkToTestCurrentComment(ctx context.Context, revent *info.Event, id int64) (bool, error) { + comment, _, err := v.Client.Issues.GetComment(ctx, revent.Organization, revent.Repository, id) + if err != nil { + return false, err + } + if acl.MatchRegexp(acl.OKToTestCommentRegexp, comment.GetBody()) { + revent.Sender = comment.User.GetLogin() + allowed, err := v.aclCheckAll(ctx, revent) + if err != nil { + return false, err + } + if allowed { + return true, nil + } + } + return false, nil +} + // aclCheck check if we are allowed to run the pipeline on that PR func (v *Provider) aclCheckAll(ctx context.Context, rev *info.Event) (bool, error) { + // if the sender own the repo, then allow it to run if rev.Organization == rev.Sender { return true, nil } @@ -188,22 +226,30 @@ func (v *Provider) checkPullRequestForSameURL(ctx context.Context, runevent *inf // checkSenderOrgMembership Get sender user's organization. We can // only get the one that the user sets as public 🤷 func (v *Provider) checkSenderOrgMembership(ctx context.Context, runevent *info.Event) (bool, error) { - users, resp, err := v.Client.Organizations.ListMembers(ctx, runevent.Organization, - &github.ListMembersOptions{}) - // If we are 404 it means we are checking a repo owner and not a org so let's bail out with grace - if resp != nil && resp.StatusCode == http.StatusNotFound { - return false, nil + opt := &github.ListMembersOptions{ + ListOptions: github.ListOptions{PerPage: v.paginedNumber}, } - if err != nil { - return false, err - } - for _, v := range users { - if v.GetLogin() == runevent.Sender { - return true, nil + for { + users, resp, err := v.Client.Organizations.ListMembers(ctx, runevent.Organization, opt) + // If we are 404 it means we are checking a repo owner and not a org so let's bail out with grace + if resp != nil && resp.StatusCode == http.StatusNotFound { + return false, nil } - } + if err != nil { + return false, err + } + for _, v := range users { + if v.GetLogin() == runevent.Sender { + return true, nil + } + } + if resp.NextPage == 0 { + break + } + opt.Page = resp.NextPage + } return false, nil } @@ -236,15 +282,24 @@ func (v *Provider) GetStringPullRequestComment(ctx context.Context, runevent *in return nil, err } - comments, _, err := v.Client.Issues.ListComments(ctx, runevent.Organization, runevent.Repository, - prNumber, &github.IssueListCommentsOptions{}) - if err != nil { - return nil, err + opt := &github.IssueListCommentsOptions{ + ListOptions: github.ListOptions{PerPage: v.paginedNumber}, } - for _, v := range comments { - if acl.MatchRegexp(reg, v.GetBody()) { - ret = append(ret, v) + for { + comments, resp, err := v.Client.Issues.ListComments(ctx, runevent.Organization, runevent.Repository, + prNumber, opt) + if err != nil { + return nil, err + } + for _, v := range comments { + if acl.MatchRegexp(reg, v.GetBody()) { + ret = append(ret, v) + } + } + if resp.NextPage == 0 { + break } + opt.Page = resp.NextPage } return ret, nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/app/token.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/app/token.go index 6df01ee9c..cf3416eb4 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/app/token.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/app/token.go @@ -27,7 +27,7 @@ func GetAndUpdateInstallationID(ctx context.Context, req *http.Request, run *par return "", "", 0, err } - installationURL := keys.PublicGithubAPIURL + keys.InstallationURL + installationURL := *gh.APIURL + keys.InstallationURL enterpriseURL = req.Header.Get("X-GitHub-Enterprise-Host") if enterpriseURL != "" { installationURL = enterpriseURL + keys.InstallationURL @@ -38,6 +38,10 @@ func GetAndUpdateInstallationID(ctx context.Context, req *http.Request, run *par return "", "", 0, err } + if res.StatusCode >= 300 { + return "", "", 0, fmt.Errorf("Non-OK HTTP status: %d", res.StatusCode) + } + defer res.Body.Close() data, err := io.ReadAll(res.Body) if err != nil { @@ -68,6 +72,7 @@ func GetAndUpdateInstallationID(ctx context.Context, req *http.Request, run *par } if exist { installationID = *installationData[i].ID + break } } return enterpriseURL, token, installationID, nil diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/github.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/github.go index 488084713..d4638ae1c 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/github.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/github.go @@ -13,6 +13,7 @@ import ( "github.com/google/go-github/v53/github" "github.com/jonboulle/clockwork" + "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/keys" "github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1" "github.com/openshift-pipelines/pipelines-as-code/pkg/params" "github.com/openshift-pipelines/pipelines-as-code/pkg/params/info" @@ -30,6 +31,8 @@ const ( // we can perhaps do some autodetection with event.Provider.GHEURL and adding // a raw into it publicRawURLHost = "raw.githubusercontent.com" + + defaultPaginedNumber = 100 ) var _ provider.Interface = (*Provider)(nil) @@ -44,7 +47,7 @@ type Provider struct { Run *params.Run RepositoryIDs []int64 repoSettings *v1alpha1.Settings - + paginedNumber int skippedRun } @@ -55,6 +58,8 @@ type skippedRun struct { func New() *Provider { return &Provider{ + APIURL: github.String(keys.PublicGithubAPIURL), + paginedNumber: defaultPaginedNumber, skippedRun: skippedRun{ mutex: &sync.Mutex{}, }, @@ -74,7 +79,14 @@ func detectGHERawURL(event *info.Event, taskHost string) bool { // splitGithubURL Take a Github url and split it with org/repo path ref, supports rawURL func splitGithubURL(event *info.Event, uri string) (string, string, string, string, error) { pURL, err := url.Parse(uri) - splitted := strings.Split(pURL.Path, "/") + if err != nil { + return "", "", "", "", fmt.Errorf("URL %s does not seem to be a proper provider url: %w", uri, err) + } + path := pURL.Path + if pURL.RawPath != "" { + path = pURL.RawPath + } + splitted := strings.Split(path, "/") if len(splitted) <= 3 { return "", "", "", "", fmt.Errorf("URL %s does not seem to be a proper provider url: %w", uri, err) } @@ -93,6 +105,19 @@ func splitGithubURL(event *info.Event, uri string) (string, string, string, stri default: return "", "", "", "", fmt.Errorf("cannot recognize task as a Github URL to fetch: %s", uri) } + // url decode the org, repo, ref and path + if spRef, err = url.QueryUnescape(spRef); err != nil { + return "", "", "", "", fmt.Errorf("cannot decode ref: %w", err) + } + if spPath, err = url.QueryUnescape(spPath); err != nil { + return "", "", "", "", fmt.Errorf("cannot decode path: %w", err) + } + if spOrg, err = url.QueryUnescape(spOrg); err != nil { + return "", "", "", "", fmt.Errorf("cannot decode org: %w", err) + } + if spRepo, err = url.QueryUnescape(spRepo); err != nil { + return "", "", "", "", fmt.Errorf("cannot decode repo: %w", err) + } return spOrg, spRepo, spPath, spRef, nil } @@ -414,13 +439,20 @@ func (v *Provider) getPullRequest(ctx context.Context, runevent *info.Event) (*i // GetFiles get a files from pull request func (v *Provider) GetFiles(ctx context.Context, runevent *info.Event) ([]string, error) { if runevent.TriggerTarget == "pull_request" { - repoCommit, _, err := v.Client.PullRequests.ListFiles(ctx, runevent.Organization, runevent.Repository, runevent.PullRequestNumber, &github.ListOptions{}) - if err != nil { - return []string{}, err - } + opt := &github.ListOptions{PerPage: v.paginedNumber} result := []string{} - for j := range repoCommit { - result = append(result, *repoCommit[j].Filename) + for { + repoCommit, resp, err := v.Client.PullRequests.ListFiles(ctx, runevent.Organization, runevent.Repository, runevent.PullRequestNumber, opt) + if err != nil { + return []string{}, err + } + for j := range repoCommit { + result = append(result, *repoCommit[j].Filename) + } + if resp.NextPage == 0 { + break + } + opt.Page = resp.NextPage } return result, nil } @@ -460,13 +492,20 @@ func ListRepos(ctx context.Context, v *Provider) ([]string, error) { "exiting... (hint: did you forget setting a secret on your repo?)") } + opt := &github.ListOptions{PerPage: v.paginedNumber} repoURLs := []string{} - repoList, _, err := v.Client.Apps.ListRepos(ctx, &github.ListOptions{}) - if err != nil { - return []string{}, err - } - for i := range repoList.Repositories { - repoURLs = append(repoURLs, *repoList.Repositories[i].HTMLURL) + for { + repoList, resp, err := v.Client.Apps.ListRepos(ctx, opt) + if err != nil { + return []string{}, err + } + for i := range repoList.Repositories { + repoURLs = append(repoURLs, *repoList.Repositories[i].HTMLURL) + } + if resp.NextPage == 0 { + break + } + opt.Page = resp.NextPage } return repoURLs, nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/parse_payload.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/parse_payload.go index 1b070ad3c..8bd2b8ab1 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/parse_payload.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/parse_payload.go @@ -57,6 +57,15 @@ func (v *Provider) GetAppToken(ctx context.Context, kube kubernetes.Interface, g RepositoryIDs: v.RepositoryIDs, } + // This is a hack when we have auth and api disassociated like in our + // unittests since we are using a custom http server with httptest + reqTokenURL := os.Getenv("PAC_GIT_PROVIDER_TOKEN_APIURL") + if reqTokenURL != "" { + itr.BaseURL = reqTokenURL + v.APIURL = &reqTokenURL + gheURL = strings.TrimSuffix(reqTokenURL, "/api/v3") + } + if gheURL != "" { if !strings.HasPrefix(gheURL, "https://") && !strings.HasPrefix(gheURL, "http://") { gheURL = "https://" + gheURL @@ -67,12 +76,6 @@ func (v *Provider) GetAppToken(ctx context.Context, kube kubernetes.Interface, g v.Client = github.NewClient(&http.Client{Transport: itr}) } - // This is a hack when we have auth and api disassociated - reqTokenURL := os.Getenv("PAC_GIT_PROVIDER_TOKEN_APIURL") - if reqTokenURL != "" { - itr.BaseURL = reqTokenURL - } - // Get a token ASAP because we need it for setting private repos token, err := itr.Token(ctx) if err != nil { @@ -246,7 +249,6 @@ func (v *Provider) processEvent(ctx context.Context, event *info.Event, eventInt processedEvent.BaseURL = gitEvent.GetRepo().GetHTMLURL() processedEvent.HeadURL = processedEvent.BaseURL // in push events Head URL is the same as BaseURL case *github.PullRequestEvent: - processedEvent = info.NewEvent() processedEvent.Repository = gitEvent.GetRepo().GetName() processedEvent.Organization = gitEvent.GetRepo().Owner.GetLogin() processedEvent.DefaultBranch = gitEvent.GetRepo().GetDefaultBranch() diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/status.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/status.go index 248c47211..690720094 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/status.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/github/status.go @@ -45,27 +45,32 @@ func getCheckName(status provider.StatusOpts, pacopts *info.PacOpts) string { } func (v *Provider) getExistingCheckRunID(ctx context.Context, runevent *info.Event, status provider.StatusOpts) (*int64, error) { - res, _, err := v.Client.Checks.ListCheckRunsForRef(ctx, runevent.Organization, runevent.Repository, - runevent.SHA, &github.ListCheckRunsOptions{ - AppID: v.ApplicationID, - }) - if err != nil { - return nil, err - } - if *res.Total == 0 { - return nil, nil - } + opt := github.ListOptions{PerPage: v.paginedNumber} + for { + res, resp, err := v.Client.Checks.ListCheckRunsForRef(ctx, runevent.Organization, runevent.Repository, + runevent.SHA, &github.ListCheckRunsOptions{ + AppID: v.ApplicationID, + ListOptions: opt, + }) + if err != nil { + return nil, err + } - for _, checkrun := range res.CheckRuns { - // if it is a Pending approval checkrun then overwrite it - if isPendingApprovalCheckrun(checkrun) { - if v.canIUseCheckrunID(checkrun.ID) { + for _, checkrun := range res.CheckRuns { + // if it is a Pending approval checkrun then overwrite it + if isPendingApprovalCheckrun(checkrun) { + if v.canIUseCheckrunID(checkrun.ID) { + return checkrun.ID, nil + } + } + if *checkrun.ExternalID == status.PipelineRunName { return checkrun.ID, nil } } - if *checkrun.ExternalID == status.PipelineRunName { - return checkrun.ID, nil + if resp.NextPage == 0 { + break } + opt.Page = resp.NextPage } return nil, nil diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/interface.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/interface.go index f63d02e8e..f49e4aa77 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/interface.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/provider/interface.go @@ -29,7 +29,7 @@ type Interface interface { Validate(ctx context.Context, params *params.Run, event *info.Event) error Detect(*http.Request, string, *zap.SugaredLogger) (bool, bool, *zap.SugaredLogger, string, error) ParsePayload(context.Context, *params.Run, *http.Request, string) (*info.Event, error) - IsAllowed(context.Context, *info.Event) (bool, error) + IsAllowed(context.Context, *info.Event, *info.PacOpts) (bool, error) CreateStatus(context.Context, versioned.Interface, *info.Event, *info.PacOpts, StatusOpts) error GetTektonDir(context.Context, *info.Event, string, string) (string, error) // ctx, event, path, provenance GetFileInsideRepo(context.Context, *info.Event, string, string) (string, error) // ctx, event, path, branch diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/resolve/resolve.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/resolve/resolve.go index ceed3eb18..cfd3a5e62 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/resolve/resolve.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/resolve/resolve.go @@ -18,7 +18,7 @@ import ( k8scheme "k8s.io/client-go/kubernetes/scheme" ) -type Types struct { +type TektonTypes struct { PipelineRuns []*tektonv1.PipelineRun Pipelines []*tektonv1.Pipeline TaskRuns []*tektonv1.TaskRun @@ -27,8 +27,8 @@ type Types struct { var yamlDocSeparatorRe = regexp.MustCompile(`(?m)^---\s*$`) -func readTypes(ctx context.Context, log *zap.SugaredLogger, data string) (Types, error) { - types := Types{} +func ReadTektonTypes(ctx context.Context, log *zap.SugaredLogger, data string) (TektonTypes, error) { + types := TektonTypes{} decoder := k8scheme.Codecs.UniversalDeserializer() for _, doc := range yamlDocSeparatorRe.Split(data, -1) { @@ -109,7 +109,7 @@ func isTektonAPIVersion(apiVersion string) bool { return strings.HasPrefix(apiVersion, "tekton.dev/") || apiVersion == "" } -func inlineTasks(tasks []tektonv1.PipelineTask, ropt *Opts, types Types) ([]tektonv1.PipelineTask, error) { +func inlineTasks(tasks []tektonv1.PipelineTask, ropt *Opts, types TektonTypes) ([]tektonv1.PipelineTask, error) { pipelineTasks := []tektonv1.PipelineTask{} for _, task := range tasks { if task.TaskRef != nil && @@ -140,11 +140,7 @@ type Opts struct { // Pipeline/PipelineRuns/Tasks and resolve them inline as a single PipelineRun // generateName can be set as True to set the name as a generateName + "-" for // unique pipelinerun -func Resolve(ctx context.Context, cs *params.Run, logger *zap.SugaredLogger, providerintf provider.Interface, event *info.Event, data string, ropt *Opts) ([]*tektonv1.PipelineRun, error) { - types, err := readTypes(ctx, logger, data) - if err != nil { - return []*tektonv1.PipelineRun{}, err - } +func Resolve(ctx context.Context, cs *params.Run, logger *zap.SugaredLogger, providerintf provider.Interface, types TektonTypes, event *info.Event, ropt *Opts) ([]*tektonv1.PipelineRun, error) { if len(types.PipelineRuns) == 0 { return []*tektonv1.PipelineRun{}, fmt.Errorf("could not find any PipelineRun in your .tekton/ directory") } @@ -254,11 +250,22 @@ func Resolve(ctx context.Context, cs *params.Run, logger *zap.SugaredLogger, pro func pipelineRunsWithSameName(prs []*tektonv1.PipelineRun) error { prNames := map[string]bool{} for _, pr := range prs { - _, exist := prNames[pr.GetName()] - if exist { - return fmt.Errorf("found multiple pipelinerun in .tekton with same name: %v, please update", pr.GetName()) + name := pr.GetName() + generateName := pr.GetGenerateName() + + if name != "" { + if _, exist := prNames[name]; exist { + return fmt.Errorf("found multiple pipelinerun in .tekton with the same name: %v, please update", name) + } + prNames[name] = true + } + + if generateName != "" { + if _, exist := prNames[generateName]; exist { + return fmt.Errorf("found multiple pipelinerun in .tekton with the same generateName: %v, please update", generateName) + } + prNames[generateName] = true } - prNames[pr.GetName()] = true } return nil } diff --git a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/sort/task_status.go b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/sort/task_status.go index 92cc95735..b8cf4fd51 100644 --- a/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/sort/task_status.go +++ b/vendor/github.com/openshift-pipelines/pipelines-as-code/pkg/sort/task_status.go @@ -18,7 +18,11 @@ type tkr struct { } func (t tkr) ConsoleLogURL() string { - return fmt.Sprintf("[%s](%s)", t.PipelineTaskName, t.taskLogURL) + name := t.PipelineTaskName + if t.Status != nil && t.Status.TaskSpec != nil && t.Status.TaskSpec.DisplayName != "" { + name = t.Status.TaskSpec.DisplayName + } + return fmt.Sprintf("[%s](%s)", name, t.taskLogURL) } type taskrunList []tkr diff --git a/vendor/modules.txt b/vendor/modules.txt index 8a88a227f..0b2e77632 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1069,10 +1069,11 @@ github.com/opencontainers/go-digest ## explicit; go 1.18 github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go/v1 -# github.com/openshift-pipelines/pipelines-as-code v0.20.0 +# github.com/openshift-pipelines/pipelines-as-code v0.21.0 ## explicit; go 1.19 github.com/openshift-pipelines/pipelines-as-code/pkg/acl github.com/openshift-pipelines/pipelines-as-code/pkg/action +github.com/openshift-pipelines/pipelines-as-code/pkg/apis/incoming github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/keys github.com/openshift-pipelines/pipelines-as-code/pkg/apis/pipelinesascode/v1alpha1 @@ -1498,7 +1499,7 @@ github.com/tektoncd/pipeline/pkg/substitution ## explicit; go 1.19 github.com/tektoncd/results/proto/pipeline/v1beta1/pipeline_go_proto github.com/tektoncd/results/proto/v1alpha2/results_go_proto -# github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913032018-660f221c6156 +# github.com/tektoncd/results/tools/tkn-results v0.0.0-20230913052618-821234bc710b ## explicit; go 1.19 github.com/tektoncd/results/tools/tkn-results/cmd github.com/tektoncd/results/tools/tkn-results/cmd/logs