Documentation ¶
Overview ¶
Package pod provides methods for converting between a TaskRun and a Pod.
Index ¶
- Constants
- Variables
- func CancelPod(ctx context.Context, kubeClient kubernetes.Interface, ...) error
- func DidTaskRunFail(pod *corev1.Pod) bool
- func GetContainerName(name string) string
- func IsContainerSidecar(name string) bool
- func IsContainerStep(name string) bool
- func IsPodArchived(pod *corev1.Pod, trs *v1.TaskRunStatus) bool
- func IsPodExceedingNodeResources(pod *corev1.Pod) bool
- func IsSidecarStatusRunning(tr *v1.TaskRun) bool
- func MakeTaskRunStatus(ctx context.Context, logger *zap.SugaredLogger, tr v1.TaskRun, pod *corev1.Pod, ...) (v1.TaskRunStatus, error)
- func SidecarsReady(podStatus corev1.PodStatus) bool
- func StepName(name string, i int) string
- func StopSidecars(ctx context.Context, nopImage string, kubeclient kubernetes.Interface, ...) (*corev1.Pod, error)
- func TrimSidecarPrefix(name string) string
- func TrimStepPrefix(name string) string
- func UpdateReady(ctx context.Context, kubeclient kubernetes.Interface, pod corev1.Pod) error
- type Builder
- type EntrypointCache
- type Transformer
Constants ¶
const ( // TektonHermeticEnvVar is the env var we set in containers to indicate they should be run hermetically TektonHermeticEnvVar = "TEKTON_HERMETIC" // ExecutionModeAnnotation is an experimental optional annotation to set the execution mode on a TaskRun ExecutionModeAnnotation = "experimental.tekton.dev/execution-mode" // ExecutionModeHermetic indicates hermetic execution mode ExecutionModeHermetic = "hermetic" // SpiffeCsiDriver is the CSI storage plugin needed for injection of SPIFFE workload api. SpiffeCsiDriver = "csi.spiffe.io" // OsSelectorLabel is the label Kubernetes uses for OS-specific workloads (https://kubernetes.io/docs/reference/labels-annotations-taints/#kubernetes-io-os) OsSelectorLabel = "kubernetes.io/os" // TerminationReasonTimeoutExceeded indicates a step execution timed out. TerminationReasonTimeoutExceeded = "TimeoutExceeded" // TerminationReasonSkipped indicates a step execution was skipped due to previous step failed. TerminationReasonSkipped = "Skipped" // TerminationReasonContinued indicates a step errored but was ignored since onError was set to continue. TerminationReasonContinued = "Continued" // TerminationReasonCancelled indicates a step was cancelled. TerminationReasonCancelled = "Cancelled" StepArtifactPathPattern = "step.artifacts.path" // K8s version to determine if to use native k8s sidecar or Tekton sidecar SidecarK8sMinorVersionCheck = 29 )
const ( // ReasonExceededResourceQuota indicates that the TaskRun failed to create a pod due to // a ResourceQuota in the namespace ReasonExceededResourceQuota = "ExceededResourceQuota" // ReasonExceededNodeResources indicates that the TaskRun's pod has failed to start due // to resource constraints on the node ReasonExceededNodeResources = "ExceededNodeResources" // ReasonPullImageFailed indicates that the TaskRun's pod failed to pull image ReasonPullImageFailed = "PullImageFailed" // ReasonCreateContainerConfigError indicates that the TaskRun failed to create a pod due to // config error of container ReasonCreateContainerConfigError = "CreateContainerConfigError" // ReasonPodCreationFailed indicates that the reason for the current condition // is that the creation of the pod backing the TaskRun failed ReasonPodCreationFailed = "PodCreationFailed" // ReasonPodAdmissionFailed indicates that the TaskRun's pod failed to pass admission validation ReasonPodAdmissionFailed = "PodAdmissionFailed" // ReasonPending indicates that the pod is in corev1.Pending, and the reason is not // ReasonExceededNodeResources or isPodHitConfigError ReasonPodPending = "Pending" )
const ( // RunDir is the directory that contains runtime variable data for TaskRuns. // This includes files for handling container ordering, exit status codes, and more. // See [https://github.com/tektoncd/pipeline/blob/main/docs/developers/taskruns.md#tekton] // for more details. RunDir = "/tekton/run" )
Variables ¶
var ( ReleaseAnnotation = "pipeline.tekton.dev/release" // MaxActiveDeadlineSeconds is a maximum permitted value to be used for a task with no timeout MaxActiveDeadlineSeconds = int64(math.MaxInt32) // LinuxSecurityContext allow init containers to run in namespaces // with "restricted" pod security admission // See https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted LinuxSecurityContext = &corev1.SecurityContext{ AllowPrivilegeEscalation: &allowPrivilegeEscalation, Capabilities: &corev1.Capabilities{ Drop: []corev1.Capability{"ALL"}, }, RunAsNonRoot: &runAsNonRoot, SeccompProfile: &corev1.SeccompProfile{ Type: corev1.SeccompProfileTypeRuntimeDefault, }, } WindowsSecurityContext = &corev1.SecurityContext{ RunAsNonRoot: &runAsNonRoot, } )
These are effectively const, but Go doesn't have such an annotation.
var ( // ReasonFailedResolution indicated that the reason for failure status is // that references within the TaskRun could not be resolved ReasonFailedResolution = v1.TaskRunReasonFailedResolution.String() // ReasonFailedValidation indicated that the reason for failure status is // that taskrun failed runtime validation ReasonFailedValidation = v1.TaskRunReasonFailedValidation.String() // ReasonTaskFailedValidation indicated that the reason for failure status is // that task failed runtime validation ReasonTaskFailedValidation = v1.TaskRunReasonTaskFailedValidation.String() // ReasonResourceVerificationFailed indicates that the task fails the trusted resource verification, // it could be the content has changed, signature is invalid or public key is invalid ReasonResourceVerificationFailed = v1.TaskRunReasonResourceVerificationFailed.String() )
Aliased for backwards compatibility; do not add additional TaskRun reasons here
var ( // DownwardMountCancelFile is cancellation file mount to step, entrypoint will check this file to cancel the step. DownwardMountCancelFile = filepath.Join(downwardMountPoint, downwardMountCancelFile) )
Functions ¶
func CancelPod ¶ added in v0.53.0
func CancelPod(ctx context.Context, kubeClient kubernetes.Interface, namespace, podName string) error
CancelPod cancels the pod
func DidTaskRunFail ¶ added in v0.11.0
DidTaskRunFail check the status of pod to decide if related taskrun is failed
func GetContainerName ¶ added in v0.56.0
GetContainerName prefixes the input name with "step-"
func IsContainerSidecar ¶ added in v0.56.1
IsContainerSidecar returns true if the container name indicates that it represents a sidecar.
func IsContainerStep ¶ added in v0.11.0
IsContainerStep returns true if the container name indicates that it represents a step.
func IsPodArchived ¶ added in v0.43.0
func IsPodArchived(pod *corev1.Pod, trs *v1.TaskRunStatus) bool
IsPodArchived indicates if a pod is archived in the retriesStatus.
func IsPodExceedingNodeResources ¶
IsPodExceedingNodeResources returns true if the Pod's status indicates there are insufficient resources to schedule the Pod.
func IsSidecarStatusRunning ¶ added in v0.11.0
IsSidecarStatusRunning determines if any SidecarStatus on a TaskRun is still running.
func MakeTaskRunStatus ¶
func MakeTaskRunStatus(ctx context.Context, logger *zap.SugaredLogger, tr v1.TaskRun, pod *corev1.Pod, kubeclient kubernetes.Interface, ts *v1.TaskSpec) (v1.TaskRunStatus, error)
MakeTaskRunStatus returns a TaskRunStatus based on the Pod's status.
func SidecarsReady ¶
SidecarsReady returns true if all of the Pod's sidecars are Ready or Terminated.
func StepName ¶ added in v0.27.0
StepName returns the step name after adding "step-" prefix to the actual step name or returns "step-unnamed-<step-index>" if not specified
func StopSidecars ¶
func StopSidecars(ctx context.Context, nopImage string, kubeclient kubernetes.Interface, namespace, name string) (*corev1.Pod, error)
StopSidecars updates sidecar containers in the Pod to a nop image, which exits successfully immediately.
func TrimSidecarPrefix ¶ added in v0.11.0
TrimSidecarPrefix returns the container name, stripped of its sidecar prefix.
func TrimStepPrefix ¶ added in v0.62.0
TrimStepPrefix returns the container name, stripped of its step prefix.
func UpdateReady ¶
UpdateReady updates the Pod's annotations to signal the first step to start by projecting the ready annotation via the Downward API.
Types ¶
type Builder ¶ added in v0.15.0
type Builder struct { Images pipeline.Images KubeClient kubernetes.Interface EntrypointCache EntrypointCache }
Builder exposes options to configure Pod construction from TaskSpecs/Runs.
func (*Builder) Build ¶ added in v0.15.0
func (b *Builder) Build(ctx context.Context, taskRun *v1.TaskRun, taskSpec v1.TaskSpec, transformers ...Transformer) (*corev1.Pod, error)
Build creates a Pod using the configuration options set on b and the TaskRun and TaskSpec provided in its arguments. An error is returned if there are any problems during the conversion.
type EntrypointCache ¶
type EntrypointCache interface {
// contains filtered or unexported methods
}
EntrypointCache looks up an image's entrypoint (command) in a container image registry, possibly using the given service account's credentials.
func NewEntrypointCache ¶
func NewEntrypointCache(kubeclient kubernetes.Interface) (EntrypointCache, error)
NewEntrypointCache returns a new entrypoint cache implementation that uses K8s credentials to pull image metadata from a container image registry.