tektoncd
Allow supplying MONGO_SERVER_URL via chains-config
Changes
Currently, when using the Mongo docstore for docdb storage backend, the
only way to supply MONGO_SERVER_URL environment variable (which contains
the credentials to connect to MongoDB) is by adding an environment
variable to the Chains controller pod. It's a farily common practice to
update the MONGO_SERVER_URL at regular intervals when the credentials
are rotated.
To facilitate this, this commit adds 2 fields to Chains' configuration:
1. storage.docdb.mongo-server-url
2. storage.docdb.mongo-server-url-dir
`storage.docdb.mongo-server-url` simply allows supplying the value of
MONGO_SERVER_URL as a field. When this field is updated, the chains
controller pod does not restart, unlike when the MONGO_SERVER_URL
environment variable is updated.
`storage.docdb.mongo-server-url-dir` allows reading MONGO_SERVER_URL
from a file in the specified directory. This allows mounting the value
of MONGO_SERVER_URL from a secret or other mechanisms. When the value of
MONGO_SERVER_URL is updated in the path, the new value is automatically
picked up and applied.
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
- [x] Has Docs included if any changes are user facing
- [x] Has Tests included if any functionality added or changed
- [x] Follows the commit message standard
- [x] Meets the Tekton contributor standards (including functionality, content, code)
- [x] Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
- [x] Release notes contains the string "action required" if the change requires additional action from users switching to the new release
Release Notes
Allow supplying MONGO_SERVER_URL via chains-config to facilitate rotation
Fix #1089
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 69.8% | -4.5 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 20.0% | -44.7 |
| pkg/chains/storage/storage.go | 56.7% | 41.1% | -15.6 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 69.8% | -4.5 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 20.0% | -44.7 |
| pkg/chains/storage/storage.go | 56.7% | 41.1% | -15.6 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 69.8% | -4.5 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 19.5% | -45.2 |
| pkg/chains/storage/storage.go | 56.7% | 39.7% | -17.0 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 69.8% | -4.5 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 19.5% | -45.2 |
| pkg/chains/storage/storage.go | 56.7% | 39.7% | -17.0 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 72.3% | -2.0 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 20.0% | -44.7 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 72.3% | -2.0 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 40.9% | -23.8 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 72.3% | -2.0 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 44.1% | -20.6 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 72.3% | -2.0 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 44.1% | -20.6 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
@concaf: GitHub didn't allow me to assign the following users: PuneetPunamiya.
Note that only tektoncd members, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time. For more information please see the contributor guide
In response to this:
/assign @wlynch @lcarva @PuneetPunamiya
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 72.3% | -2.0 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 80.7% | 16.0 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 71.8% | -2.5 |
| pkg/chains/storage/storage.go | 56.7% | 36.4% | -20.3 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 71.8% | -2.5 |
| pkg/chains/storage/storage.go | 56.7% | 33.9% | -22.8 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 71.8% | -2.5 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 79.8% | 15.1 |
| pkg/chains/storage/storage.go | 56.7% | 33.9% | -22.8 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 74.3% | 71.8% | -2.5 |
| pkg/chains/storage/storage.go | 56.7% | 33.9% | -22.8 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 75.7% | 73.3% | -2.4 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 76.9% | 12.2 |
| pkg/chains/storage/storage.go | 56.7% | 33.9% | -22.8 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report
| File | Old Coverage | New Coverage | Delta |
|---|---|---|---|
| pkg/chains/signing.go | 75.7% | 73.3% | -2.4 |
| pkg/chains/storage/docdb/docdb.go | 64.7% | 76.0% | 11.3 |
| pkg/chains/storage/storage.go | 56.7% | 33.9% | -22.8 |
| pkg/reconciler/pipelinerun/controller.go | 86.4% | 82.1% | -4.2 |
| pkg/reconciler/taskrun/controller.go | 88.9% | 83.3% | -5.6 |
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: chitrangpatel, lcarva
The full list of commands accepted by this bot can be found here.
The pull request process is described here
- ~~OWNERS~~ [chitrangpatel,lcarva]
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
