From 970edbafeccbd79fa608faa3e3fe081002c37e8d Mon Sep 17 00:00:00 2001
From: Vincent Demeester <vdemeest@redhat.com>
Date: Fri, 9 Aug 2024 12:21:20 +0200
Subject: [PATCH] cluster-reslover: add support for StepAction

This adds support for `StepAction` in the cluster resolver.

Signed-off-by: Vincent Demeester <vdemeest@redhat.com>
---
 pkg/apis/pipeline/v1beta1/stepaction_types.go | 23 ++++++++++++
 pkg/resolution/resolver/cluster/resolver.go   | 36 +++++++++++++++++++
 2 files changed, 59 insertions(+)

diff --git a/pkg/apis/pipeline/v1beta1/stepaction_types.go b/pkg/apis/pipeline/v1beta1/stepaction_types.go
index 495c9ee010d..ab000a6db01 100644
--- a/pkg/apis/pipeline/v1beta1/stepaction_types.go
+++ b/pkg/apis/pipeline/v1beta1/stepaction_types.go
@@ -14,6 +14,7 @@ limitations under the License.
 package v1beta1
 
 import (
+	"github.com/tektoncd/pipeline/pkg/apis/pipeline/internal/checksum"
 	v1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -63,6 +64,28 @@ func (*StepAction) GetGroupVersionKind() schema.GroupVersionKind {
 	return SchemeGroupVersion.WithKind("StepAction")
 }
 
+// Checksum computes the sha256 checksum of the stepaction object.
+// Prior to computing the checksum, it performs some preprocessing on the
+// metadata of the object where it removes system provided annotations.
+// Only the name, namespace, generateName, user-provided labels and annotations
+// and the taskSpec are included for the checksum computation.
+func (s *StepAction) Checksum() ([]byte, error) {
+	objectMeta := checksum.PrepareObjectMeta(s)
+	preprocessedStepaction := StepAction{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "tekton.dev/v1beta1",
+			Kind:       "StepAction",
+		},
+		ObjectMeta: objectMeta,
+		Spec:       s.Spec,
+	}
+	sha256Checksum, err := checksum.ComputeSha256Checksum(preprocessedStepaction)
+	if err != nil {
+		return nil, err
+	}
+	return sha256Checksum, nil
+}
+
 // StepActionList contains a list of StepActions
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 type StepActionList struct {
diff --git a/pkg/resolution/resolver/cluster/resolver.go b/pkg/resolution/resolver/cluster/resolver.go
index 108babb7e31..bc53d51ab8d 100644
--- a/pkg/resolution/resolver/cluster/resolver.go
+++ b/pkg/resolution/resolver/cluster/resolver.go
@@ -25,6 +25,7 @@ import (
 
 	resolverconfig "github.com/tektoncd/pipeline/pkg/apis/config/resolver"
 	pipelinev1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1"
+	pipelinev1beta1 "github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
 	clientset "github.com/tektoncd/pipeline/pkg/client/clientset/versioned"
 	pipelineclient "github.com/tektoncd/pipeline/pkg/client/injection/client"
 	common "github.com/tektoncd/pipeline/pkg/resolution/common"
@@ -109,6 +110,16 @@ func ResolveFromParams(ctx context.Context, origParams []pipelinev1.Param, pipel
 	groupVersion := pipelinev1.SchemeGroupVersion.String()
 
 	switch params[KindParam] {
+	case "stepaction":
+		stepaction, err := pipelineClientSet.TektonV1beta1().StepActions(params[NamespaceParam]).Get(ctx, params[NameParam], metav1.GetOptions{})
+		if err != nil {
+			logger.Infof("failed to load stepaction %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
+			return nil, err
+		}
+		uid, data, sha256Checksum, spec, err = fetchStepaction(ctx, pipelinev1beta1.SchemeGroupVersion.String(), stepaction, params)
+		if err != nil {
+			return nil, err
+		}
 	case "task":
 		task, err := pipelineClientSet.TektonV1().Tasks(params[NamespaceParam]).Get(ctx, params[NameParam], metav1.GetOptions{})
 		if err != nil {
@@ -269,6 +280,7 @@ func isInCommaSeparatedList(checkVal string, commaList string) bool {
 	}
 	return false
 }
+
 func isDisabled(ctx context.Context) bool {
 	cfg := resolverconfig.FromContextOrDefaults(ctx)
 	return !cfg.FeatureFlags.EnableClusterResolver
@@ -283,6 +295,29 @@ func ValidateParams(ctx context.Context, params []pipelinev1.Param) error {
 	return err
 }
 
+func fetchStepaction(ctx context.Context, groupVersion string, stepaction *pipelinev1beta1.StepAction, params map[string]string) (string, []byte, []byte, []byte, error) {
+	logger := logging.FromContext(ctx)
+	uid := string(stepaction.UID)
+	stepaction.Kind = "StepAction"
+	stepaction.APIVersion = groupVersion
+	data, err := yaml.Marshal(stepaction)
+	if err != nil {
+		logger.Infof("failed to marshal stepaction %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
+		return "", nil, nil, nil, err
+	}
+	sha256Checksum, err := stepaction.Checksum()
+	if err != nil {
+		return "", nil, nil, nil, err
+	}
+
+	spec, err := yaml.Marshal(stepaction.Spec)
+	if err != nil {
+		logger.Infof("failed to marshal the spec of the task %s from namespace %s: %v", params[NameParam], params[NamespaceParam], err)
+		return "", nil, nil, nil, err
+	}
+	return uid, data, sha256Checksum, spec, nil
+}
+
 func fetchTask(ctx context.Context, groupVersion string, task *pipelinev1.Task, params map[string]string) (string, []byte, []byte, []byte, error) {
 	logger := logging.FromContext(ctx)
 	uid := string(task.UID)
@@ -305,6 +340,7 @@ func fetchTask(ctx context.Context, groupVersion string, task *pipelinev1.Task,
 	}
 	return uid, data, sha256Checksum, spec, nil
 }
+
 func fetchPipeline(ctx context.Context, groupVersion string, pipeline *pipelinev1.Pipeline, params map[string]string) (string, []byte, []byte, []byte, error) {
 	logger := logging.FromContext(ctx)
 	uid := string(pipeline.UID)