v1alpha1

package
v0.0.0-...-4fc8c9b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2023 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the pipeline v1alpha1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/tektoncd/pipeline/pkg/apis/pipeline +k8s:defaulter-gen=TypeMeta +groupName=tekton.dev

Index

Constants

This section is empty.

Variables

View Source 
var (

	// AddToScheme adds Build types to the scheme.
	AddToScheme = schemeBuilder.AddToScheme
)
View Source 
var (
	// InvalidResourcePatternErr is returned when the pattern is not valid regex expression
	InvalidResourcePatternErr = "resourcePattern cannot be compiled by regex"
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: pipeline.GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

View Source 
var SupportedSignatureAlgorithms = map[HashAlgorithm]crypto.Hash{
	// contains filtered or unexported fields
}

SupportedSignatureAlgorithms sets a list of support signature algorithms that is similar to the list supported by cosign. empty HashAlgorithm is allowed and will be set to SHA256.

Functions

func GetOpenAPIDefinitions 

func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type Authority 

type Authority struct {
	// Name is the name for this authority.
	Name string `json:"name"`
	// Key contains the public key to validate the resource.
	Key *KeyRef `json:"key,omitempty"`
}

The Authority block defines the keys for validating signatures.

func (*Authority) DeepCopy 

func (in *Authority) DeepCopy() *Authority

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authority.

func (*Authority) DeepCopyInto 

func (in *Authority) DeepCopyInto(out *Authority)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EmbeddedRunSpec 

type EmbeddedRunSpec struct {
	runtime.TypeMeta `json:",inline"`

	// +optional
	Metadata v1beta1.PipelineTaskMetadata `json:"metadata,omitempty"`

	// Spec is a specification of a custom task
	// +optional
	Spec runtime.RawExtension `json:"spec,omitempty"`
}

EmbeddedRunSpec allows custom task definitions to be embedded

func (*EmbeddedRunSpec) DeepCopy 

func (in *EmbeddedRunSpec) DeepCopy() *EmbeddedRunSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EmbeddedRunSpec.

func (*EmbeddedRunSpec) DeepCopyInto 

func (in *EmbeddedRunSpec) DeepCopyInto(out *EmbeddedRunSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HashAlgorithm 

type HashAlgorithm string

HashAlgorithm defines the hash algorithm used for the public key

type KeyRef 

type KeyRef struct {
	// SecretRef sets a reference to a secret with the key.
	// +optional
	SecretRef *v1.SecretReference `json:"secretRef,omitempty"`
	// Data contains the inline public key.
	// +optional
	Data string `json:"data,omitempty"`
	// KMS contains the KMS url of the public key
	// Supported formats differ based on the KMS system used.
	// One example of a KMS url could be:
	// gcpkms://projects/[PROJECT]/locations/[LOCATION]>/keyRings/[KEYRING]/cryptoKeys/[KEY]/cryptoKeyVersions/[KEY_VERSION]
	// For more examples please refer https://docs.sigstore.dev/cosign/kms_support.
	// Note that the KMS is not supported yet.
	// +optional
	KMS string `json:"kms,omitempty"`
	// HashAlgorithm always defaults to sha256 if the algorithm hasn't been explicitly set
	// +optional
	HashAlgorithm HashAlgorithm `json:"hashAlgorithm,omitempty"`
}

KeyRef defines the reference to a public key

func (*KeyRef) DeepCopy 

func (in *KeyRef) DeepCopy() *KeyRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRef.

func (*KeyRef) DeepCopyInto 

func (in *KeyRef) DeepCopyInto(out *KeyRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeyRef) Validate 

func (key *KeyRef) Validate(ctx context.Context) (errs *apis.FieldError)

Validate KeyRef will check if one of KeyRef's Data or SecretRef exists, and the Supported HashAlgorithm is in supportedSignatureAlgorithms.

type ModeType 

type ModeType string

ModeType indicates the type of a mode for VerificationPolicy 

const (
	ModeWarn    ModeType = "warn"
	ModeEnforce ModeType = "enforce"
)

Valid ModeType:

type ResourcePattern 

type ResourcePattern struct {
	// Pattern defines a resource pattern. Regex is created to filter resources based on `Pattern`
	// Example patterns:
	// GitHub resource: https://github.com/tektoncd/catalog.git, https://github.com/tektoncd/*
	// Bundle resource: gcr.io/tekton-releases/catalog/upstream/git-clone, gcr.io/tekton-releases/catalog/upstream/*
	// Hub resource: https://artifacthub.io/*,
	Pattern string `json:"pattern"`
}

ResourcePattern defines the pattern of the resource source

func (*ResourcePattern) DeepCopy 

func (in *ResourcePattern) DeepCopy() *ResourcePattern

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourcePattern.

func (*ResourcePattern) DeepCopyInto 

func (in *ResourcePattern) DeepCopyInto(out *ResourcePattern)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ResourcePattern) Validate 

func (r *ResourcePattern) Validate(ctx context.Context) (errs *apis.FieldError)

Validate ResourcePattern and make sure the Pattern is valid regex expression

type Run 

type Run struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// +optional
	Spec RunSpec `json:"spec,omitempty"`
	// +optional
	Status RunStatus `json:"status,omitempty"`
}

Run represents a single execution of a Custom Task.

+k8s:openapi-gen=true

func (*Run) DeepCopy 

func (in *Run) DeepCopy() *Run

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Run.

func (*Run) DeepCopyInto 

func (in *Run) DeepCopyInto(out *Run)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Run) DeepCopyObject 

func (in *Run) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Run) GetConditionSet 

func (r *Run) GetConditionSet() apis.ConditionSet

GetConditionSet retrieves the condition set for this resource. Implements the KRShaped interface.

func (*Run) GetGroupVersionKind 

func (*Run) GetGroupVersionKind() schema.GroupVersionKind

GetGroupVersionKind implements kmeta.OwnerRefable.

func (*Run) GetRetryCount 

func (r *Run) GetRetryCount() int

GetRetryCount returns the number of times this Run has already been retried

func (*Run) GetRunKey 

func (r *Run) GetRunKey() string

GetRunKey return the run's key for timeout handler map

func (*Run) GetStatus 

func (r *Run) GetStatus() *duckv1.Status

GetStatus retrieves the status of the Parallel. Implements the KRShaped interface.

func (*Run) GetStatusCondition 

func (r *Run) GetStatusCondition() apis.ConditionAccessor

GetStatusCondition returns the task run status as a ConditionAccessor

func (*Run) GetTimeout 

func (r *Run) GetTimeout() time.Duration

GetTimeout returns the timeout for this run, or the default if not configured

func (*Run) HasPipelineRunOwnerReference 

func (r *Run) HasPipelineRunOwnerReference() bool

HasPipelineRunOwnerReference returns true of Run has owner reference of type PipelineRun

func (*Run) HasStarted 

func (r *Run) HasStarted() bool

HasStarted function check whether taskrun has valid start time set in its status

func (*Run) HasTimedOut 

func (r *Run) HasTimedOut(c clock.PassiveClock) bool

HasTimedOut returns true if the Run's running time is beyond the allowed timeout

func (*Run) IsCancelled 

func (r *Run) IsCancelled() bool

IsCancelled returns true if the Run's spec status is set to Cancelled state

func (*Run) IsDone 

func (r *Run) IsDone() bool

IsDone returns true if the Run's status indicates that it is done.

func (*Run) IsSuccessful 

func (r *Run) IsSuccessful() bool

IsSuccessful returns true if the Run's status indicates that it has succeeded.

func (*Run) SetDefaults 

func (r *Run) SetDefaults(ctx context.Context)

SetDefaults implements apis.Defaultable

func (*Run) SupportedVerbs 

func (r *Run) SupportedVerbs() []admissionregistrationv1.OperationType

SupportedVerbs returns the operations that validation should be called for

func (*Run) Validate 

func (r *Run) Validate(ctx context.Context) *apis.FieldError

Validate taskrun

type RunList 

type RunList struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Run `json:"items"`
}

RunList contains a list of Run

func (*RunList) DeepCopy 

func (in *RunList) DeepCopy() *RunList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunList.

func (*RunList) DeepCopyInto 

func (in *RunList) DeepCopyInto(out *RunList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RunList) DeepCopyObject 

func (in *RunList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RunReason 

type RunReason string

RunReason is an enum used to store all Run reason for the Succeeded condition that are controlled by the Run itself. 

const (
	// RunReasonStarted is the reason set when the Run has just started.
	RunReasonStarted RunReason = "Started"
	// RunReasonRunning is the reason set when the Run is running.
	RunReasonRunning RunReason = "Running"
	// RunReasonSuccessful is the reason set when the Run completed successfully.
	RunReasonSuccessful RunReason = "Succeeded"
	// RunReasonFailed is the reason set when the Run completed with a failure.
	RunReasonFailed RunReason = "Failed"
	// RunReasonCancelled must be used in the Condition Reason to indicate that a Run was cancelled.
	RunReasonCancelled RunReason = "RunCancelled"
	// RunReasonTimedOut must be used in the Condition Reason to indicate that a Run was timed out.
	RunReasonTimedOut RunReason = "RunTimedOut"
	// RunReasonWorkspaceNotSupported can be used in the Condition Reason to indicate that the
	// Run contains a workspace which is not supported by this custom task.
	RunReasonWorkspaceNotSupported RunReason = "RunWorkspaceNotSupported"
	// RunReasonPodTemplateNotSupported can be used in the Condition Reason to indicate that the
	// Run contains a pod template which is not supported by this custom task.
	RunReasonPodTemplateNotSupported RunReason = "RunPodTemplateNotSupported"
)

func (RunReason) String 

func (t RunReason) String() string

type RunResult 

type RunResult = runv1alpha1.RunResult

RunResult used to describe the results of a task

type RunSpec 

type RunSpec struct {
	// +optional
	Ref *v1beta1.TaskRef `json:"ref,omitempty"`

	// Spec is a specification of a custom task
	// +optional
	Spec *EmbeddedRunSpec `json:"spec,omitempty"`

	// +optional
	Params v1beta1.Params `json:"params,omitempty"`

	// Used for cancelling a run (and maybe more later on)
	// +optional
	Status RunSpecStatus `json:"status,omitempty"`

	// Status message for cancellation.
	// +optional
	StatusMessage RunSpecStatusMessage `json:"statusMessage,omitempty"`

	// Used for propagating retries count to custom tasks
	// +optional
	Retries int `json:"retries,omitempty"`

	// +optional
	ServiceAccountName string `json:"serviceAccountName"`

	// PodTemplate holds pod specific configuration
	// +optional
	PodTemplate *pod.PodTemplate `json:"podTemplate,omitempty"`

	// Time after which the custom-task times out.
	// Refer Go's ParseDuration documentation for expected format: https://golang.org/pkg/time/#ParseDuration
	// +optional
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// Workspaces is a list of WorkspaceBindings from volumes to workspaces.
	// +optional
	Workspaces []v1beta1.WorkspaceBinding `json:"workspaces,omitempty"`
}

RunSpec defines the desired state of Run

func (*RunSpec) DeepCopy 

func (in *RunSpec) DeepCopy() *RunSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunSpec.

func (*RunSpec) DeepCopyInto 

func (in *RunSpec) DeepCopyInto(out *RunSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (RunSpec) GetParam 

func (rs RunSpec) GetParam(name string) *v1beta1.Param

GetParam gets the Param from the RunSpec with the given name TODO(jasonhall): Move this to a Params type so other code can use it?

func (*RunSpec) SetDefaults 

func (rs *RunSpec) SetDefaults(ctx context.Context)

SetDefaults implements apis.Defaultable

func (*RunSpec) Validate 

func (rs *RunSpec) Validate(ctx context.Context) *apis.FieldError

Validate Run spec

type RunSpecStatus 

type RunSpecStatus string

RunSpecStatus defines the taskrun spec status the user can provide 

const (
	// RunSpecStatusCancelled indicates that the user wants to cancel the run,
	// if not already cancelled or terminated
	RunSpecStatusCancelled RunSpecStatus = "RunCancelled"
)

type RunSpecStatusMessage 

type RunSpecStatusMessage string

RunSpecStatusMessage defines human readable status messages for the TaskRun. 

const (
	// RunCancelledByPipelineMsg indicates that the PipelineRun of which part this Run was
	// has been cancelled.
	RunCancelledByPipelineMsg RunSpecStatusMessage = "Run cancelled as the PipelineRun it belongs to has been cancelled."
	// RunCancelledByPipelineTimeoutMsg indicates that the Run was cancelled because the PipelineRun running it timed out.
	RunCancelledByPipelineTimeoutMsg RunSpecStatusMessage = "Run cancelled as the PipelineRun it belongs to has timed out."
)

type RunStatus 

type RunStatus = runv1alpha1.RunStatus

RunStatus defines the observed state of Run.

type RunStatusFields 

type RunStatusFields = runv1alpha1.RunStatusFields

RunStatusFields holds the fields of Run's status. This is defined separately and inlined so that other types can readily consume these fields via duck typing.

type StepAction 

type StepAction struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ObjectMeta `json:"metadata"`

	// Spec holds the desired state of the Step from the client
	// +optional
	Spec StepActionSpec `json:"spec"`
}

StepAction represents the actionable components of Step. The Step can only reference it from the cluster or using remote resolution.

+k8s:openapi-gen=true

func (*StepAction) ConvertFrom 

func (s *StepAction) ConvertFrom(ctx context.Context, from apis.Convertible) error

ConvertFrom implements apis.Convertible

func (*StepAction) ConvertTo 

func (s *StepAction) ConvertTo(ctx context.Context, to apis.Convertible) error

ConvertTo implements apis.Convertible

func (*StepAction) Copy 

func (s *StepAction) Copy() StepActionObject

Copy returns a deep copy of the stepaction

func (*StepAction) DeepCopy 

func (in *StepAction) DeepCopy() *StepAction

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StepAction.

func (*StepAction) DeepCopyInto 

func (in *StepAction) DeepCopyInto(out *StepAction)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*StepAction) DeepCopyObject 

func (in *StepAction) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*StepAction) GetGroupVersionKind 

func (*StepAction) GetGroupVersionKind() schema.GroupVersionKind

GetGroupVersionKind implements kmeta.OwnerRefable.

func (*StepAction) SetDefaults 

func (s *StepAction) SetDefaults(ctx context.Context)

SetDefaults implements apis.Defaultable

func (*StepAction) StepActionMetadata 

func (s *StepAction) StepActionMetadata() metav1.ObjectMeta

StepActionMetadata returns the step action's ObjectMeta

func (*StepAction) StepActionSpec 

func (s *StepAction) StepActionSpec() StepActionSpec

StepAction returns the step action's spec

func (*StepAction) SupportedVerbs 

func (s *StepAction) SupportedVerbs() []admissionregistrationv1.OperationType

SupportedVerbs returns the operations that validation should be called for

func (*StepAction) Validate 

func (s *StepAction) Validate(ctx context.Context) (errs *apis.FieldError)

Validate implements apis.Validatable

type StepActionList 

type StepActionList struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []StepAction `json:"items"`
}

StepActionList contains a list of StepActions +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*StepActionList) DeepCopy 

func (in *StepActionList) DeepCopy() *StepActionList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StepActionList.

func (*StepActionList) DeepCopyInto 

func (in *StepActionList) DeepCopyInto(out *StepActionList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*StepActionList) DeepCopyObject 

func (in *StepActionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type StepActionObject 

type StepActionObject interface {
	apis.Defaultable
	StepActionMetadata() metav1.ObjectMeta
	StepActionSpec() StepActionSpec
	Copy() StepActionObject
}

StepActionObject is implemented by StepAction

type StepActionResult 

type StepActionResult struct {
	// Name the given name
	Name string `json:"name"`

	// Type is the user-specified type of the result. The possible type
	// is currently "string" and will support "array" in following work.
	// +optional
	Type v1.ResultsType `json:"type,omitempty"`

	// Properties is the JSON Schema properties to support key-value pairs results.
	// +optional
	Properties map[string]v1.PropertySpec `json:"properties,omitempty"`

	// Description is a human-readable description of the result
	// +optional
	Description string `json:"description,omitempty"`
}

StepActionResult used to describe the results of a task

func (*StepActionResult) DeepCopy 

func (in *StepActionResult) DeepCopy() *StepActionResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StepActionResult.

func (*StepActionResult) DeepCopyInto 

func (in *StepActionResult) DeepCopyInto(out *StepActionResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*StepActionResult) SetDefaults 

func (sar *StepActionResult) SetDefaults(context.Context)

SetDefaults set the default type for StepActionResult

type StepActionSpec 

type StepActionSpec struct {
	// Image reference name to run for this StepAction.
	// More info: https://kubernetes.io/docs/concepts/containers/images
	// +optional
	Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"`
	// Entrypoint array. Not executed within a shell.
	// The image's ENTRYPOINT is used if this is not provided.
	// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
	// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
	// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
	// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
	// of whether the variable exists or not. Cannot be updated.
	// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
	// +optional
	// +listType=atomic
	Command []string `json:"command,omitempty" protobuf:"bytes,3,rep,name=command"`
	// Arguments to the entrypoint.
	// The image's CMD is used if this is not provided.
	// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
	// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
	// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
	// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
	// of whether the variable exists or not. Cannot be updated.
	// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
	// +optional
	// +listType=atomic
	Args []string `json:"args,omitempty" protobuf:"bytes,4,rep,name=args"`
	// List of environment variables to set in the container.
	// Cannot be updated.
	// +optional
	// +patchMergeKey=name
	// +patchStrategy=merge
	// +listType=atomic
	Env []corev1.EnvVar `json:"env,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,7,rep,name=env"`
	// Script is the contents of an executable file to execute.
	//
	// If Script is not empty, the Step cannot have an Command and the Args will be passed to the Script.
	// +optional
	Script string `json:"script,omitempty"`
	// Params is a list of input parameters required to run the stepAction.
	// Params must be supplied as inputs in Steps unless they declare a defaultvalue.
	// +optional
	// +listType=atomic
	Params v1.ParamSpecs `json:"params,omitempty"`
	// Results are values that this StepAction can output
	// +optional
	// +listType=atomic
	Results []StepActionResult `json:"results,omitempty"`
	// SecurityContext defines the security options the Step should be run with.
	// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
	// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
	// The value set in StepAction will take precedence over the value from Task.
	// +optional
	SecurityContext *corev1.SecurityContext `json:"securityContext,omitempty" protobuf:"bytes,15,opt,name=securityContext"`
	// Volumes to mount into the Step's filesystem.
	// Cannot be updated.
	// +optional
	// +patchMergeKey=mountPath
	// +patchStrategy=merge
	// +listType=atomic
	VolumeMounts []corev1.VolumeMount `json:"volumeMounts,omitempty" patchStrategy:"merge" patchMergeKey:"mountPath" protobuf:"bytes,9,rep,name=volumeMounts"`
}

StepActionSpec contains the actionable components of a step.

func (*StepActionSpec) ConvertFrom 

func (ss *StepActionSpec) ConvertFrom(ctx context.Context, source *StepActionSpec) error

ConvertFrom implements apis.Convertible

func (*StepActionSpec) ConvertTo 

func (ss *StepActionSpec) ConvertTo(ctx context.Context, sink *StepActionSpec) error

ConvertTo implements apis.Convertible

func (*StepActionSpec) DeepCopy 

func (in *StepActionSpec) DeepCopy() *StepActionSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StepActionSpec.

func (*StepActionSpec) DeepCopyInto 

func (in *StepActionSpec) DeepCopyInto(out *StepActionSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*StepActionSpec) SetDefaults 

func (ss *StepActionSpec) SetDefaults(ctx context.Context)

SetDefaults set any defaults for the StepAction spec

func (*StepActionSpec) Validate 

func (ss *StepActionSpec) Validate(ctx context.Context) (errs *apis.FieldError)

Validate implements apis.Validatable

type VerificationPolicy 

type VerificationPolicy struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ObjectMeta `json:"metadata"`

	// Spec holds the desired state of the VerificationPolicy.
	Spec VerificationPolicySpec `json:"spec"`
}

VerificationPolicy defines the rules to verify Tekton resources. VerificationPolicy can config the mapping from resources to a list of public keys, so when verifying the resources we can use the corresponding public keys. +k8s:openapi-gen=true

func (*VerificationPolicy) DeepCopy 

func (in *VerificationPolicy) DeepCopy() *VerificationPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicy.

func (*VerificationPolicy) DeepCopyInto 

func (in *VerificationPolicy) DeepCopyInto(out *VerificationPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VerificationPolicy) DeepCopyObject 

func (in *VerificationPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*VerificationPolicy) GetGroupVersionKind 

func (*VerificationPolicy) GetGroupVersionKind() schema.GroupVersionKind

GetGroupVersionKind implements kmeta.OwnerRefable.

func (*VerificationPolicy) SetDefaults 

func (v *VerificationPolicy) SetDefaults(ctx context.Context)

SetDefaults implements apis.Defaultable

func (*VerificationPolicy) Validate 

func (v *VerificationPolicy) Validate(ctx context.Context) (errs *apis.FieldError)

Validate VerificationPolicy

type VerificationPolicyList 

type VerificationPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	// +optional
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []VerificationPolicy `json:"items"`
}

VerificationPolicyList contains a list of VerificationPolicy +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*VerificationPolicyList) DeepCopy 

func (in *VerificationPolicyList) DeepCopy() *VerificationPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicyList.

func (*VerificationPolicyList) DeepCopyInto 

func (in *VerificationPolicyList) DeepCopyInto(out *VerificationPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VerificationPolicyList) DeepCopyObject 

func (in *VerificationPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VerificationPolicySpec 

type VerificationPolicySpec struct {
	// Resources defines the patterns of resources sources that should be subject to this policy.
	// For example, we may want to apply this Policy from a certain GitHub repo.
	// Then the ResourcesPattern should be valid regex. E.g. If using gitresolver, and we want to config keys from a certain git repo.
	// `ResourcesPattern` can be `https://github.com/tektoncd/catalog.git`, we will use regex to filter out those resources.
	Resources []ResourcePattern `json:"resources"`
	// Authorities defines the rules for validating signatures.
	Authorities []Authority `json:"authorities"`
	// Mode controls whether a failing policy will fail the taskrun/pipelinerun, or only log the warnings
	// enforce - fail the taskrun/pipelinerun if verification fails (default)
	// warn - don't fail the taskrun/pipelinerun if verification fails but log warnings
	// +optional
	Mode ModeType `json:"mode,omitempty"`
}

VerificationPolicySpec defines the patterns and authorities.

func (*VerificationPolicySpec) DeepCopy 

func (in *VerificationPolicySpec) DeepCopy() *VerificationPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VerificationPolicySpec.

func (*VerificationPolicySpec) DeepCopyInto 

func (in *VerificationPolicySpec) DeepCopyInto(out *VerificationPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VerificationPolicySpec) Validate 

func (vs *VerificationPolicySpec) Validate(ctx context.Context) (errs *apis.FieldError)

Validate VerificationPolicySpec, the validation requires Resources is not empty, for each resource it must be able to be regex expression and can be compiled with no error. The Authorities shouldn't be empty and each Authority should be valid.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.