tektoncd
feat(K8s native sidecar): Add support for Kubernetes native Sidecars
This PR is for #7617
Changes
Kubernetes 1.29 introduced native sidecar support
- Add kubernetes version check as part of the Pod builder
- Using that check, implemented native sidecar support for versions 1.29 and greater
To implement the native sidecar support, we added an optional RestartPolicy to the sidecar struct. The RestartPolicy will get set if we are using native Kubernetes sidecars and the sidecar container will be added to the initcontainer list instead of the container list.
Need to document that a startupProbe on the sidecar needs to be used for the containers to wait for the sidecar to be ready
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
- [ ] Has Docs if any changes are user facing, including updates to minimum requirements e.g. Kubernetes version bumps
- [ ] Has Tests included if any functionality added or changed
- [ ] pre-commit Passed
- [ ] Follows the commit message standard
- [ ] Meets the Tekton contributor standards (including functionality, content, code)
- [ ] Has a kind label. You can add one by adding a comment on this PR that contains
/kind <type>. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tep - [ ] Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings). See some examples of good release notes.
- [ ] Release notes contains the string "action required" if the change requires additional action from users switching to the new release
Release Notes
NONE
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 34.9% | -59.0 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 34.9% | -59.0 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 34.9% | -59.0 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 34.9% | -59.0 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 92.8% | -1.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/pod/pod.go | 93.9% | 92.8% | -1.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 92.8% | -1.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 92.8% | -1.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.5% | -2.4 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.4% | -4.9 |
Thanks @kgcarr for working on this.
@tektoncd/core-maintainers, this PR is changing the way sidecars are implemented. With this PR, the sidecar containers are added as initcontainers with necessary specifications to align with k8s native sidecars. K8S introduced native sidecars in 1.29. Tekton CI is running on K8S 1.28. What is the best way to test these changes? Should we add an example or e2e test to run on k8s 1.29 for the changes introduced in this PR? or Should be rely on validations of necessary settings of RestartPolicy for now?
Thanks @kgcarr for working on this.
@tektoncd/core-maintainers, this PR is changing the way sidecars are implemented. With this PR, the sidecar containers are added as initcontainers with necessary specifications to align with k8s native sidecars. K8S introduced native sidecars in 1.29. Tekton CI is running on K8S 1.28. What is the best way to test these changes? Should we add an example or e2e test to run on k8s 1.29 for the changes introduced in this PR? or Should be rely on validations of necessary settings of RestartPolicy for now?
Should we upgrade the dogfooding cluster to 1.29 so that we can have e2e tests for this?
Thanks for the PR @kgcarr
With this change, does it mean that we won't have to deal with nop images and infinitely running sidecars until the Taskrun times out?
@chitrangpatel That's correct, we no longer will need the nop substitution for the sidecars. The k8s native sidecar is in the initContainer list so it does not stop the pod from shutting down after the last pod in the Container list finishes.
Thanks @kgcarr for working on this. @tektoncd/core-maintainers, this PR is changing the way sidecars are implemented. With this PR, the sidecar containers are added as initcontainers with necessary specifications to align with k8s native sidecars. K8S introduced native sidecars in 1.29. Tekton CI is running on K8S 1.28. What is the best way to test these changes? Should we add an example or e2e test to run on k8s 1.29 for the changes introduced in this PR? or Should be rely on validations of necessary settings of RestartPolicy for now?
Should we upgrade the dogfooding cluster to 1.29 so that we can have e2e tests for this?
@chitrangpatel Rather than relying on the version of the dogfooding cluster, since we run kind based tests we can control the k8s version. We have integration, integration-alpha and integration-beta so perhaps we could switch one of the three jobs to 1.29 and test this feature there?
@chitrangpatel Rather than relying on the version of the dogfooding cluster, since we run
kindbased tests we can control the k8s version. We haveintegration,integration-alphaandintegration-betaso perhaps we could switch one of the three jobs to 1.29 and test this feature there?
Yes, you're right ofcourse! We have a setup-kind thing that does this.
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.0% | -5.3 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 82.0% | -5.3 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 61.5% | -1.0 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 62.6% | 0.1 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 62.6% | 0.1 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 91.8% | -2.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 62.6% | 0.1 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 93.9% | -0.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage-df to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 62.6% | 0.1 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 93.9% | -0.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |
The following is the coverage report on the affected files.
Say /test pull-tekton-pipeline-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/apis/pipeline/v1/container_types.go | 62.5% | 62.6% | 0.1 |
| pkg/apis/pipeline/v1beta1/container_types.go | 36.2% | 36.1% | -0.1 |
| pkg/pod/pod.go | 93.9% | 93.9% | -0.1 |
| pkg/reconciler/taskrun/taskrun.go | 87.3% | 87.1% | -0.2 |