From bde910f6ccb3bfe5a5962f0d13b60ea004121e2d Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Tue, 5 Oct 2021 16:31:21 -0400 Subject: [PATCH] Split /tekton/run directories into separate volumes. This changes splits each `/tekton/run` volume into separate volumes so that steps can only mutate their own runtime information. This prevents steps from unexpectedly interfering with other step execution. To do this, we repurpose the `/tekton/run/#` path into a step-specific directory. Since this was previously used by the entrypoint for the post/wait files, we now use `/tekton/run/#/out` as the post/wait filepath instead. This does not change behavior of the directory, it enforces expected behavior of steps. `/tekton/run` is considered an internal implementation detail and is not covered by the API compatibility policy, so it is safe to make changes to the behavior of these files/paths. This does not stop user execution from writing the step's own `/tekton/run/#` folder. This needs more discussion/design - additional changes (if needed) will be made in another commit. This change is only focused on `/tekton/run` to reduce PR complexity. We will likely want to make a similar change to /tekton/steps in another commit. We may also look to consolidate all per-step volumes into a single source (i.e. creds-init does something similar as well). AFAICT, Ephemeral Volumes (i.e. EmptyDir) are exempt from Node Volume limits (https://kubernetes.io/docs/concepts/storage/storage-limits/) - spot checked this with a TaskRun with 100+ steps on both kind and GKE. --- cmd/entrypoint/README.md | 16 +- docs/developers/README.md | 1 + .../taskruns/readonly-internal-dir.yaml | 21 +++ pkg/pod/entrypoint.go | 17 +- pkg/pod/entrypoint_test.go | 51 +++--- pkg/pod/pod.go | 28 ++- pkg/pod/pod_test.go | 166 +++++++++--------- pkg/reconciler/taskrun/taskrun_test.go | 49 ++++-- 8 files changed, 199 insertions(+), 150 deletions(-) create mode 100644 examples/v1beta1/taskruns/readonly-internal-dir.yaml diff --git a/cmd/entrypoint/README.md b/cmd/entrypoint/README.md index 2b1fce2f2be..80b278ad35c 100644 --- a/cmd/entrypoint/README.md +++ b/cmd/entrypoint/README.md @@ -29,14 +29,14 @@ Any extra positional arguments are passed to the original entrypoint command. ## Example The following example of usage for `entrypoint` waits for -`/tekton/run/3` file to exist and executes the command `bash` with args -`echo` and `hello`, then writes the file `/tekton/run/4`, or -`/tekton/run/4.err` in case the command fails. +`/tekton/run/3/out` file to exist and executes the command `bash` with args +`echo` and `hello`, then writes the file `/tekton/run/4/out`, or +`/tekton/run/4/out.err` in case the command fails. ```shell entrypoint \ - -wait_file /tekton/run/3 \ - -post_file /tekton/run/4 \ + -wait_file /tekton/run/3/out \ + -post_file /tekton/run/4/out \ -entrypoint bash -- \ echo hello ``` @@ -64,14 +64,14 @@ to contain contents before proceeding. The following example of usage for `entrypoint` waits for `/tekton/downward/ready` file to exist and contain actual contents (`-wait_file_contents`), and executes the command `bash` with args -`echo` and `hello`, then writes the file `/tekton/run/1`, or -`/tekton/run/1.err` in case the command fails. +`echo` and `hello`, then writes the file `/tekton/run/1/out`, or +`/tekton/run/1/out.err` in case the command fails. ```shell entrypoint \ -wait_file /tekton/downward/ready \ -wait_file_contents \ - -post_file /tekton/run/1 \ + -post_file /tekton/run/1/out \ -entrypoint bash -- \ echo hello ``` diff --git a/docs/developers/README.md b/docs/developers/README.md index 5b5e3881a91..a44c7d52dbd 100644 --- a/docs/developers/README.md +++ b/docs/developers/README.md @@ -166,6 +166,7 @@ Here is an example of a directory layout for a simple Task with 2 script steps: |-- results |-- run `-- 0 + `-- out |-- scripts | |-- script-0-t4jd8 | `-- script-1-4pjwp diff --git a/examples/v1beta1/taskruns/readonly-internal-dir.yaml b/examples/v1beta1/taskruns/readonly-internal-dir.yaml new file mode 100644 index 00000000000..24bf1a75386 --- /dev/null +++ b/examples/v1beta1/taskruns/readonly-internal-dir.yaml @@ -0,0 +1,21 @@ +# This file is primarily used for test validation of internal Tekton +# directories. This is not a useful example of typical user config. +apiVersion: tekton.dev/v1beta1 +kind: TaskRun +metadata: + generateName: readonly-internal-dir- +spec: + taskSpec: + steps: + - image: ubuntu + script: exit 0 + - image: ubuntu + script: | + set +e # dont fail the script on error + + # Steps should not be able to write to other step's run directories. + echo "hello world" > /tekton/run/0/out + if [ $? -eq 0 ] ; then + echo "able to write to run directory of non-current step" + exit 1 + fi diff --git a/pkg/pod/entrypoint.go b/pkg/pod/entrypoint.go index 836670c73a4..ca0e48b3768 100644 --- a/pkg/pod/entrypoint.go +++ b/pkg/pod/entrypoint.go @@ -23,6 +23,7 @@ import ( "fmt" "log" "path/filepath" + "strconv" "strings" "github.com/tektoncd/pipeline/pkg/apis/pipeline" @@ -72,15 +73,6 @@ var ( VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}, } - runMount = corev1.VolumeMount{ - Name: runVolumeName, - MountPath: runDir, - } - runVolume = corev1.Volume{ - Name: runVolumeName, - VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}, - } - // TODO(#1605): Signal sidecar readiness by injecting entrypoint, // remove dependency on Downward API. downwardVolume = corev1.Volume{ @@ -127,7 +119,7 @@ func orderContainers(commonExtraEntrypointArgs []string, steps []corev1.Containe "-wait_file", filepath.Join(downwardMountPoint, downwardMountReadyFile), "-wait_file_content", // Wait for file contents, not just an empty file. // Start next step. - "-post_file", filepath.Join(runDir, fmt.Sprintf("%d", i)), + "-post_file", filepath.Join(runDir, strconv.Itoa(i), "out"), "-termination_path", terminationPath, "-step_metadata_dir", filepath.Join(pipeline.StepsDir, name), "-step_metadata_dir_link", filepath.Join(pipeline.StepsDir, fmt.Sprintf("%d", i)), @@ -135,8 +127,8 @@ func orderContainers(commonExtraEntrypointArgs []string, steps []corev1.Containe default: // All other steps wait for previous file, write next file. argsForEntrypoint = []string{ - "-wait_file", filepath.Join(runDir, fmt.Sprintf("%d", i-1)), - "-post_file", filepath.Join(runDir, fmt.Sprintf("%d", i)), + "-wait_file", filepath.Join(runDir, strconv.Itoa(i-1), "out"), + "-post_file", filepath.Join(runDir, strconv.Itoa(i), "out"), "-termination_path", terminationPath, "-step_metadata_dir", filepath.Join(pipeline.StepsDir, name), "-step_metadata_dir_link", filepath.Join(pipeline.StepsDir, fmt.Sprintf("%d", i)), @@ -179,7 +171,6 @@ func orderContainers(commonExtraEntrypointArgs []string, steps []corev1.Containe steps[i].Command = []string{entrypointBinary} steps[i].Args = argsForEntrypoint - steps[i].VolumeMounts = append(steps[i].VolumeMounts, binROMount, runMount) steps[i].TerminationMessagePath = terminationPath } // Mount the Downward volume into the first step container. diff --git a/pkg/pod/entrypoint_test.go b/pkg/pod/entrypoint_test.go index cd912edfe21..f41544261ed 100644 --- a/pkg/pod/entrypoint_test.go +++ b/pkg/pod/entrypoint_test.go @@ -56,21 +56,21 @@ func TestOrderContainers(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-0", "-step_metadata_dir_link", "/tekton/steps/0", "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }, { Image: "step-2", Command: []string{entrypointBinary}, Args: []string{ - "-wait_file", "/tekton/run/0", - "-post_file", "/tekton/run/1", + "-wait_file", "/tekton/run/0/out", + "-post_file", "/tekton/run/1/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-1", "-step_metadata_dir_link", "/tekton/steps/1", @@ -78,21 +78,20 @@ func TestOrderContainers(t *testing.T) { "cmd2", "cmd3", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{volumeMount, binROMount, runMount}, + VolumeMounts: []corev1.VolumeMount{volumeMount}, TerminationMessagePath: "/tekton/termination", }, { Image: "step-3", Command: []string{entrypointBinary}, Args: []string{ - "-wait_file", "/tekton/run/1", - "-post_file", "/tekton/run/2", + "-wait_file", "/tekton/run/1/out", + "-post_file", "/tekton/run/2/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-2", "-step_metadata_dir_link", "/tekton/steps/2", "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount}, TerminationMessagePath: "/tekton/termination", }} got, err := orderContainers([]string{}, steps, nil, nil) @@ -116,7 +115,7 @@ func TestOrderContainersWithDebugOnFailure(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-0", "-step_metadata_dir_link", "/tekton/steps/0", @@ -124,7 +123,7 @@ func TestOrderContainersWithDebugOnFailure(t *testing.T) { "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }} taskRunDebugConfig := &v1beta1.TaskRunDebug{ @@ -170,7 +169,7 @@ func TestEntryPointResults(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-0", "-step_metadata_dir_link", "/tekton/steps/0", @@ -178,14 +177,14 @@ func TestEntryPointResults(t *testing.T) { "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }, { Image: "step-2", Command: []string{entrypointBinary}, Args: []string{ - "-wait_file", "/tekton/run/0", - "-post_file", "/tekton/run/1", + "-wait_file", "/tekton/run/0/out", + "-post_file", "/tekton/run/1/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-1", "-step_metadata_dir_link", "/tekton/steps/1", @@ -194,14 +193,14 @@ func TestEntryPointResults(t *testing.T) { "cmd2", "cmd3", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{volumeMount, binROMount, runMount}, + VolumeMounts: []corev1.VolumeMount{volumeMount}, TerminationMessagePath: "/tekton/termination", }, { Image: "step-3", Command: []string{entrypointBinary}, Args: []string{ - "-wait_file", "/tekton/run/1", - "-post_file", "/tekton/run/2", + "-wait_file", "/tekton/run/1/out", + "-post_file", "/tekton/run/2/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-2", "-step_metadata_dir_link", "/tekton/steps/2", @@ -209,7 +208,6 @@ func TestEntryPointResults(t *testing.T) { "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount}, TerminationMessagePath: "/tekton/termination", }} got, err := orderContainers([]string{}, steps, &taskSpec, nil) @@ -243,7 +241,7 @@ func TestEntryPointResultsSingleStep(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-0", "-step_metadata_dir_link", "/tekton/steps/0", @@ -251,7 +249,7 @@ func TestEntryPointResultsSingleStep(t *testing.T) { "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }} got, err := orderContainers([]string{}, steps, &taskSpec, nil) @@ -281,7 +279,7 @@ func TestEntryPointSingleResultsSingleStep(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-unnamed-0", "-step_metadata_dir_link", "/tekton/steps/0", @@ -289,7 +287,7 @@ func TestEntryPointSingleResultsSingleStep(t *testing.T) { "-entrypoint", "cmd", "--", "arg1", "arg2", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }} got, err := orderContainers([]string{}, steps, &taskSpec, nil) @@ -327,29 +325,28 @@ func TestEntryPointOnError(t *testing.T) { Args: []string{ "-wait_file", "/tekton/downward/ready", "-wait_file_content", - "-post_file", "/tekton/run/0", + "-post_file", "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-failing-step", "-step_metadata_dir_link", "/tekton/steps/0", "-on_error", "continue", "-entrypoint", "cmd", "--", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount, downwardMount}, + VolumeMounts: []corev1.VolumeMount{downwardMount}, TerminationMessagePath: "/tekton/termination", }, { Name: "passing-step", Image: "step-2", Command: []string{entrypointBinary}, Args: []string{ - "-wait_file", "/tekton/run/0", - "-post_file", "/tekton/run/1", + "-wait_file", "/tekton/run/0/out", + "-post_file", "/tekton/run/1/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", "/tekton/steps/step-passing-step", "-step_metadata_dir_link", "/tekton/steps/1", "-on_error", "stopAndFail", "-entrypoint", "cmd", "--", }, - VolumeMounts: []corev1.VolumeMount{binROMount, runMount}, TerminationMessagePath: "/tekton/termination", }} got, err := orderContainers([]string{}, steps, &taskSpec, nil) diff --git a/pkg/pod/pod.go b/pkg/pod/pod.go index a7f621d675b..86abf51f541 100644 --- a/pkg/pod/pod.go +++ b/pkg/pod/pod.go @@ -20,6 +20,7 @@ import ( "context" "fmt" "path/filepath" + "strconv" "github.com/tektoncd/pipeline/pkg/apis/config" "github.com/tektoncd/pipeline/pkg/apis/pipeline" @@ -105,8 +106,8 @@ func (b *Builder) Build(ctx context.Context, taskRun *v1beta1.TaskRun, taskSpec scriptsInit *corev1.Container initContainers, stepContainers, sidecarContainers []corev1.Container volumes []corev1.Volume - volumeMounts []corev1.VolumeMount ) + volumeMounts := []corev1.VolumeMount{binROMount} implicitEnvVars := []corev1.EnvVar{} alphaAPIEnabled := config.FromContextOrDefaults(ctx).FeatureFlags.EnableAPIFields == config.AlphaAPIFields @@ -185,7 +186,7 @@ func (b *Builder) Build(ctx context.Context, taskRun *v1beta1.TaskRun, taskSpec // place the entrypoint first in case other init containers rely on its // features (e.g. decode-script). initContainers = append([]corev1.Container{entrypointInit}, initContainers...) - volumes = append(volumes, binVolume, runVolume, downwardVolume) + volumes = append(volumes, binVolume, downwardVolume) // Add implicit env vars. // They're prepended to the list, so that if the user specified any @@ -220,6 +221,14 @@ func (b *Builder) Build(ctx context.Context, taskRun *v1beta1.TaskRun, taskSpec s.VolumeMounts = append(s.VolumeMounts, *vm) } + // Add /tekton/run state volumes. + // Each step should only mount their own volume as RW, + // all other steps should be mounted RO. + volumes = append(volumes, runVolume(i)) + for j := 0; j < len(stepContainers); j++ { + s.VolumeMounts = append(s.VolumeMounts, runMount(j, i != j)) + } + requestedVolumeMounts := map[string]bool{} for _, vm := range s.VolumeMounts { requestedVolumeMounts[filepath.Clean(vm.MountPath)] = true @@ -369,3 +378,18 @@ func shouldAddReadyAnnotationOnPodCreate(ctx context.Context, sidecars []v1beta1 cfg := config.FromContextOrDefaults(ctx) return !cfg.FeatureFlags.RunningInEnvWithInjectedSidecars } + +func runMount(i int, ro bool) corev1.VolumeMount { + return corev1.VolumeMount{ + Name: fmt.Sprintf("%s-%d", runVolumeName, i), + MountPath: filepath.Join(runDir, strconv.Itoa(i)), + ReadOnly: ro, + } +} + +func runVolume(i int) corev1.Volume { + return corev1.Volume{ + Name: fmt.Sprintf("%s-%d", runVolumeName, i), + VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}, + } +} diff --git a/pkg/pod/pod_test.go b/pkg/pod/pod_test.go index 917953072db..c51068ca060 100644 --- a/pkg/pod/pod_test.go +++ b/pkg/pod/pod_test.go @@ -63,6 +63,8 @@ var ( resourceQuantityCmp = cmp.Comparer(func(x, y resource.Quantity) bool { return x.Cmp(y) == 0 }) + volumeSort = cmpopts.SortSlices(func(i, j corev1.Volume) bool { return i.Name < j.Name }) + volumeMountSort = cmpopts.SortSlices(func(i, j corev1.VolumeMount) bool { return i.Name < j.Name }) ) func init() { @@ -122,7 +124,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -133,16 +135,16 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", - }}, implicitVolumeMounts...), + }, runMount(0, false), binROMount}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, - }), + }, runVolume(0)), ActiveDeadlineSeconds: &defaultActiveDeadlineSeconds, }, }, { @@ -171,7 +173,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -182,13 +184,13 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -218,7 +220,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -229,13 +231,13 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -269,7 +271,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -284,7 +286,7 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, append(append([]corev1.VolumeMount{}, implicitVolumeMounts...), corev1.VolumeMount{ @@ -293,7 +295,7 @@ func TestPodBuild(t *testing.T) { })...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, secretsVolume, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, secretsVolume, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -338,7 +340,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -350,13 +352,13 @@ func TestPodBuild(t *testing.T) { "--", }, VolumeMounts: append([]corev1.VolumeMount{ - binROMount, runMount, + binROMount, runMount(0, false), downwardMount, {Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds"}, }, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -397,7 +399,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -408,13 +410,13 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -441,7 +443,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -452,13 +454,13 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -496,7 +498,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -507,14 +509,14 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), WorkingDir: filepath.Join(pipeline.WorkspaceDir, "test"), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -548,7 +550,7 @@ func TestPodBuild(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -559,7 +561,7 @@ func TestPodBuild(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -571,7 +573,7 @@ func TestPodBuild(t *testing.T) { Requests: nil, }, }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -621,7 +623,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -632,7 +634,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -643,7 +645,7 @@ _EOF_ Command: []string{"/tekton/scripts/sidecar-script-0-9l9zj"}, VolumeMounts: []corev1.VolumeMount{scriptsVolumeMount}, }}, - Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -680,7 +682,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -691,7 +693,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -700,7 +702,7 @@ _EOF_ Name: "sidecar-sc-name", Image: "sidecar-image", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -741,7 +743,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -752,7 +754,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), runMount(1, true), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -769,9 +771,9 @@ _EOF_ Command: []string{"/tekton/bin/entrypoint"}, Args: []string{ "-wait_file", - "/tekton/run/0", + "/tekton/run/0/out", "-post_file", - "/tekton/run/1", + "/tekton/run/1/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -782,7 +784,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, true), runMount(1, false), { Name: "tekton-creds-init-home-1", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -794,7 +796,7 @@ _EOF_ }, TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), runVolume(1), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }, corev1.Volume{ @@ -865,7 +867,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -879,7 +881,7 @@ _EOF_ "args", }, Env: []corev1.EnvVar{{Name: "FOO", Value: "bar"}}, - VolumeMounts: append([]corev1.VolumeMount{scriptsVolumeMount, binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{scriptsVolumeMount, binROMount, runMount(0, false), runMount(1, true), runMount(2, true), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -890,9 +892,9 @@ _EOF_ Command: []string{"/tekton/bin/entrypoint"}, Args: []string{ "-wait_file", - "/tekton/run/0", + "/tekton/run/0/out", "-post_file", - "/tekton/run/1", + "/tekton/run/1/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -906,7 +908,7 @@ _EOF_ "args", }, Env: []corev1.EnvVar{{Name: "FOO", Value: "bar"}}, - VolumeMounts: append([]corev1.VolumeMount{{Name: "i-have-a-volume-mount"}, scriptsVolumeMount, binROMount, runMount, { + VolumeMounts: append([]corev1.VolumeMount{{Name: "i-have-a-volume-mount"}, scriptsVolumeMount, binROMount, runMount(0, true), runMount(1, false), runMount(2, true), { Name: "tekton-creds-init-home-1", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -917,9 +919,9 @@ _EOF_ Command: []string{"/tekton/bin/entrypoint"}, Args: []string{ "-wait_file", - "/tekton/run/1", + "/tekton/run/1/out", "-post_file", - "/tekton/run/2", + "/tekton/run/2/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -934,13 +936,13 @@ _EOF_ "args", }, Env: []corev1.EnvVar{{Name: "FOO", Value: "bar"}}, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, true), runMount(1, true), runMount(2, false), { Name: "tekton-creds-init-home-2", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume(0), runVolume(1), runVolume(2), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }, corev1.Volume{ @@ -987,7 +989,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -998,13 +1000,13 @@ _EOF_ "/tekton/scripts/script-0-9l9zj", "--", }, - VolumeMounts: append([]corev1.VolumeMount{scriptsVolumeMount, binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{scriptsVolumeMount, binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, scriptsVolume, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1032,7 +1034,7 @@ _EOF_ RestartPolicy: corev1.RestartPolicyNever, InitContainers: []corev1.Container{placeToolsInit}, SchedulerName: "there-scheduler", - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1045,7 +1047,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1056,7 +1058,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1086,7 +1088,7 @@ _EOF_ want: &corev1.PodSpec{ RestartPolicy: corev1.RestartPolicyNever, InitContainers: []corev1.Container{placeToolsInit}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1099,7 +1101,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1110,7 +1112,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1141,7 +1143,7 @@ _EOF_ want: &corev1.PodSpec{ RestartPolicy: corev1.RestartPolicyNever, InitContainers: []corev1.Container{placeToolsInit}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1154,7 +1156,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1165,7 +1167,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1195,7 +1197,7 @@ _EOF_ RestartPolicy: corev1.RestartPolicyNever, InitContainers: []corev1.Container{placeToolsInit}, HostNetwork: true, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1208,7 +1210,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1219,7 +1221,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1250,7 +1252,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1263,13 +1265,13 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1299,7 +1301,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1310,10 +1312,10 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount}, implicitVolumeMounts...), + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume), + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume), ActiveDeadlineSeconds: &defaultActiveDeadlineSeconds, }, }, { @@ -1341,7 +1343,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1352,7 +1354,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1361,7 +1363,7 @@ _EOF_ {Name: "TEKTON_HERMETIC", Value: "1"}, }, }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1393,7 +1395,7 @@ _EOF_ "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1404,7 +1406,7 @@ _EOF_ "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), @@ -1415,7 +1417,7 @@ _EOF_ {Name: "TEKTON_HERMETIC", Value: "1"}, }, }}, - Volumes: append(implicitVolumes, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1490,7 +1492,7 @@ _EOF_ t.Errorf("Pod name %q should have prefix 'taskrun-name-pod-'", got.Name) } - if d := cmp.Diff(c.want, &got.Spec, resourceQuantityCmp); d != "" { + if d := cmp.Diff(c.want, &got.Spec, resourceQuantityCmp, volumeSort, volumeMountSort); d != "" { t.Errorf("Diff %s", diff.PrintWantGot(d)) } @@ -1546,7 +1548,7 @@ func TestPodBuildwithAlphaAPIEnabled(t *testing.T) { "/tekton/downward/ready", "-wait_file_content", "-post_file", - "/tekton/run/0", + "/tekton/run/0/out", "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -1558,13 +1560,13 @@ func TestPodBuildwithAlphaAPIEnabled(t *testing.T) { "cmd", "--", }, - VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount, downwardMount, { + VolumeMounts: append([]corev1.VolumeMount{binROMount, runMount(0, false), downwardMount, { Name: "tekton-creds-init-home-0", MountPath: "/tekton/creds", }}, implicitVolumeMounts...), TerminationMessagePath: "/tekton/termination", }}, - Volumes: append(implicitVolumes, debugScriptsVolume, debugInfoVolume, binVolume, runVolume, downwardVolume, corev1.Volume{ + Volumes: append(implicitVolumes, debugScriptsVolume, debugInfoVolume, binVolume, runVolume(0), downwardVolume, corev1.Volume{ Name: "tekton-creds-init-home-0", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }), @@ -1642,7 +1644,7 @@ func TestPodBuildwithAlphaAPIEnabled(t *testing.T) { t.Errorf("Pod name %q should have prefix 'taskrun-name-pod-'", got.Name) } - if d := cmp.Diff(c.want, &got.Spec, resourceQuantityCmp); d != "" { + if d := cmp.Diff(c.want, &got.Spec, resourceQuantityCmp, volumeSort, volumeMountSort); d != "" { t.Errorf("Diff %s", diff.PrintWantGot(d)) } diff --git a/pkg/reconciler/taskrun/taskrun_test.go b/pkg/reconciler/taskrun/taskrun_test.go index d419c4db962..b9f4baed34b 100644 --- a/pkg/reconciler/taskrun/taskrun_test.go +++ b/pkg/reconciler/taskrun/taskrun_test.go @@ -23,7 +23,9 @@ import ( "net/http/httptest" "net/url" "os" + "path/filepath" "regexp" + "strconv" "strings" "testing" "time" @@ -99,7 +101,10 @@ var ( resourceQuantityCmp = cmp.Comparer(func(x, y resource.Quantity) bool { return x.Cmp(y) == 0 }) + ignoreEnvVarOrdering = cmpopts.SortSlices(func(x, y corev1.EnvVar) bool { return x.Name < y.Name }) + volumeSort = cmpopts.SortSlices(func(i, j corev1.Volume) bool { return i.Name < j.Name }) + volumeMountSort = cmpopts.SortSlices(func(i, j corev1.VolumeMount) bool { return i.Name < j.Name }) cloudEventTarget1 = "https://foo" cloudEventTarget2 = "https://bar" @@ -412,12 +417,7 @@ var ( EmptyDir: &corev1.EmptyDirVolumeSource{}, }, } - runVolume = corev1.Volume{ - Name: "tekton-internal-run", - VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{}, - }, - } + workspaceVolume = corev1.Volume{ Name: "tekton-internal-workspace", VolumeSource: corev1.VolumeSource{ @@ -469,6 +469,15 @@ var ( fakeVersion string ) +func runVolume(i int) corev1.Volume { + return corev1.Volume{ + Name: fmt.Sprintf("tekton-internal-run-%d", i), + VolumeSource: corev1.VolumeSource{ + EmptyDir: &corev1.EmptyDirVolumeSource{}, + }, + } +} + func init() { os.Setenv("KO_DATA_PATH", "./testdata/") commit, err := changeset.Get() @@ -766,7 +775,7 @@ func TestReconcile_ExplicitDefaultSA(t *testing.T) { t.Errorf("Pod metadata doesn't match %s", diff.PrintWantGot(d)) } - if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, ignoreEnvVarOrdering); d != "" { + if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, volumeSort, volumeMountSort, ignoreEnvVarOrdering); d != "" { t.Errorf("Pod spec doesn't match, %s", diff.PrintWantGot(d)) } if len(clients.Kube.Actions()) == 0 { @@ -901,7 +910,7 @@ func TestReconcile_FeatureFlags(t *testing.T) { t.Errorf("Pod metadata doesn't match %s", diff.PrintWantGot(d)) } - if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, ignoreEnvVarOrdering); d != "" { + if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, volumeSort, volumeMountSort, ignoreEnvVarOrdering); d != "" { t.Errorf("Pod spec doesn't match, %s", diff.PrintWantGot(d)) } if len(clients.Kube.Actions()) == 0 { @@ -1541,7 +1550,7 @@ func TestReconcile(t *testing.T) { } pod.Name = tc.wantPod.Name // Ignore pod name differences, the pod name is generated and tested in pod_test.go - if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, ignoreEnvVarOrdering); d != "" { + if d := cmp.Diff(tc.wantPod.Spec, pod.Spec, resourceQuantityCmp, volumeSort, volumeMountSort, ignoreEnvVarOrdering); d != "" { t.Errorf("Pod spec doesn't match %s", diff.PrintWantGot(d)) } if len(clients.Kube.Actions()) == 0 { @@ -4477,17 +4486,20 @@ func TestDisableResolutionFlag_ProceedsWithStatusTaskSpec(t *testing.T) { } } -func podVolumeMounts(idx int) []corev1.VolumeMount { +func podVolumeMounts(idx, totalSteps int) []corev1.VolumeMount { var mnts []corev1.VolumeMount mnts = append(mnts, corev1.VolumeMount{ Name: "tekton-internal-bin", MountPath: "/tekton/bin", ReadOnly: true, }) - mnts = append(mnts, corev1.VolumeMount{ - Name: "tekton-internal-run", - MountPath: "/tekton/run", - }) + for i := 0; i < totalSteps; i++ { + mnts = append(mnts, corev1.VolumeMount{ + Name: fmt.Sprintf("tekton-internal-run-%d", i), + MountPath: filepath.Join("/tekton/run", strconv.Itoa(i)), + ReadOnly: i != idx, + }) + } if idx == 0 { mnts = append(mnts, corev1.VolumeMount{ Name: "tekton-internal-downward", @@ -4526,11 +4538,11 @@ func podArgs(stepName string, cmd string, additionalArgs []string, idx int) []st if idx == 0 { args = append(args, "/tekton/downward/ready", "-wait_file_content") } else { - args = append(args, fmt.Sprintf("/tekton/run/%d", idx-1)) + args = append(args, fmt.Sprintf("/tekton/run/%d/out", idx-1)) } args = append(args, "-post_file", - fmt.Sprintf("/tekton/run/%d", idx), + fmt.Sprintf("/tekton/run/%d/out", idx), "-termination_path", "/tekton/termination", "-step_metadata_dir", @@ -4599,7 +4611,6 @@ func expectedPod(podName, taskName, taskRunName, ns, saName string, isClusterTas resultsVolume, stepsVolume, binVolume, - runVolume, downwardVolume, }, InitContainers: []corev1.Container{placeToolsInitContainer}, @@ -4614,11 +4625,13 @@ func expectedPod(podName, taskName, taskRunName, ns, saName string, isClusterTas Name: fmt.Sprintf("tekton-creds-init-home-%d", idx), VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory}}, }) + p.Spec.Volumes = append(p.Spec.Volumes, runVolume(idx)) + stepContainer := corev1.Container{ Image: s.image, Name: fmt.Sprintf("step-%s", s.name), Command: []string{entrypointLocation}, - VolumeMounts: podVolumeMounts(idx), + VolumeMounts: podVolumeMounts(idx, len(steps)), TerminationMessagePath: "/tekton/termination", } stepContainer.Args = podArgs(s.name, s.cmd, s.args, idx)