Enable TriggerBindings to validate requests #89
Conversation
tekton-robot
added
the
do-not-merge/work-in-progress
tekton-robot
added
the
size/L
khrm
force-pushed
the
issue45
branch
6 times, most recently
from
bbc8ead to
32f130f
Compare
|
This is not a part of the assumptions but I believe that it is an useful capability. Would you add functions that set params into the event listener and pass them to the validation task? Otherwise the param values must be hard coded into the task and task is not reusable. Use case: I specify the secret name (that has the secret key of the github) when I create the eventlistener and the secret name is passed to the validation task as one of the params so that the task can mount the secret. |
|
Good idea, will add that. |
khrm
changed the title
tekton-robot
added
size/XXL
khrm
force-pushed
the
issue45
branch
4 times, most recently
from
6188fcc to
c27bc5b
Compare
Fixes tektoncd#89 so the EventListener sink Deployment and Service have the proper permissions to set the EventListener as their owner.
There was a problem hiding this comment.
I really like the approach especially the fact that we are reusing tasks and taskruns!! Added some comments on the polling approach for checking if the taskrun is complete. In addition, I'd like to see some basic docs around the TriggerValidate type as well as an example showing it in action. But overall, looking good 😃
khrm
force-pushed
the
issue45
branch
2 times, most recently
from
55e5d47 to
1949fc3
Compare
tekton-robot
added
approved
|
@dibyom I feel second option as better. I want to avoid resources. I am changing it to that. |
|
@khrm cool, I like @vtereso 's idea as well:
I do agree at the moment, resources are probably not we want but later when we are done with all the cool resource extensibility stuff, it is something we could consider using |
Yes, let's wait for resource extensibility. For now, I have done json encoding. Will update the docs with that instruction. |
khrm
force-pushed
the
issue45
branch
3 times, most recently
from
a34077d to
f6fa068
Compare
This PR resolves the issue tektoncd#45. It assumes that a task has been defined which can validate requests. That task will receive header and payload as params. Before the creation of resources, task will be called alongwith serviceaccount which has github-secret used to create webhook. Assumption: 1. Task is defined in such a way that it can use headers and payload received as params. 2. Apart from params, serviceaccount, payload and headers, task doesn't need anything else. 3. Task gives us non zero exit if validation failed. A sample task and main.go is provided. PS: This is still a work in progress. Need to test out further. Will do on Tuesday as Monday is holiday.
tekton-robot
added
do-not-merge/hold
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dibyom, khrm, vtereso The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/hold cancel |
tekton-robot
removed
the
do-not-merge/hold
This PR resolves the issue #45.
It assumes that a task has been defined which can validate requests.
That task will receive header and payload as params.
Before the creation of resources, task will be called alongwith serviceaccount
which has github-secret used to create webhook.
Assumption:
PS: This is still a work in progress. Need to test out further. Will do on Tuesday as Monday is holiday.
Changes
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
See the contribution guide for more details.
Release Notes