Shipwright Triggers API

[otaviof]

Changes

Adding the API for Shipwright Triggers (EP) with validation and initial documentation.

Submitter Checklist

• Includes tests if functionality changed/was added
• Includes docs if changes are user-facing
• Set a kind label on this PR
• Release notes block has been filled in, or marked NONE

Release Notes

Adding the API for Shipwright Triggers, a event driven approach to instantiate new builds

[lookis]

Hi @otaviof , thanks for your works, any update on this PR?

[otaviof]

/retitle Shipwright Triggers API

[otaviof]

/assign @SaschaSchwarze0 @adambkaplan

/cc @coreydaley

[coreydaley]

@otaviof I don't see the use of the trigger.when, why not just have triggers? Do you expect to add additional adverbs in the future? I would like some clarification on that before commenting on the specifics of the pull request since a lot of my thoughts pertain to that.

[otaviof]

Hi @otaviof , thanks for your works, any update on this PR?

Hello! Sorry for the delay, we are moving forward with this feature again 👍 And thanks for the heads up too.

[otaviof]

@otaviof I don't see the use of the trigger.when, why not just have triggers? Do you expect to add additional adverbs in the future? I would like some clarification on that before commenting on the specifics of the pull request since a lot of my thoughts pertain to that.

I'm implementing the changes we've discussed during the EP review without changes, so that's why we have the nested attribute approach.

Personally, the trigger.when sounds straightforward to explain the concept behind the API, thus a contender to .spec.triggers could be .spec.triggerWhen.

[SaschaSchwarze0]

I suggest to add validation to https://github.com/shipwright-io/build/blob/v0.10.0/pkg/validate/validate.go#L83-L119. Basically a BuildRun with an inline spec must not have triggers set.

[SaschaSchwarze0]

I suggest to have a full defined list of all possible combinations to leave no room for speculation:

• If the source contains a revision that is a branch name, and the trigger branches are empty, then BuildRuns get submitted for this single branch only.
• If the source contains no revision and the trigger branches are empty, then ... TBD (how do we behave here, is that valid at all ?)
• If the source contains a revision, and the trigger branches are not empty, then BuildRuns get submitted for the branches defined in the trigger.
• If the source contains no revision, and the trigger branches are not empty, then BuildRuns get submitted for the branches defined in the trigger.

[otaviof]

Let me start with an example, please. Let's imagine a pull-request is open at the repository X against the main branch, it will dispatch a GitHub Event which contains detailed

Okay, so let me start with a use-case example, please. Let's imagine the user is receiving WebHook events from GitHub, a event comes along with the type PullRequest listing the target branch as main and as well the repository URL. Based on those, it must then trigger a single BuildRun per Build object that matches both repository URL and revision, so in other words, there's a direct relationship between one GitHub event and one (or more) Build instance.

Given a single GitHub Event must trigger a single BuildRun per Build instance responsible for that repository, the business rule is basically a fallback approach: probe if the event branch name is listed on .spec.trigger.when[].github.branches slice, or, uses the .spec.source.revision (by default is assumed "main" when empty).

[SaschaSchwarze0]

Should not here be the name of the Image resource that must be in the same namespace ? Especially if the image is not at all in an external registry, it would be complicated to provide such an image name.

[otaviof]

Here we are looking for a fully qualified image name and to later on rely on the image controller to handle this business logic. However, the image name is a free form string initially.

[otaviof]

/cc @ricardomaraschini

[SaschaSchwarze0]

I may need to check the ship again, why do we filter on the status here? Should not it be always on successful completion?

[otaviof]

In order to have a flexible workflow we should allow any state to be filled in, and it's expected that "Succeeded" is the most common.

[SaschaSchwarze0]

Flexibility is fine, but out of interest, what would be the use case to trigger a BuildRun on a Pipeline status change other than to Succeeded?

[otaviof]

The "status" is reported as a string, and the .objectRef can match more than one type of Kubernetes CRD.

[qu1queee]

Just for my understanding, does Pipeline CRD has a state, or is more about PipelineRun states?

[otaviof]

Sorry, I haven't been clear before. The object that carries the state is the PipelineRun.

[SaschaSchwarze0]

What about the BuildRun trigger? In my own subjective opinion, that is more important than pipelines.

[otaviof]

The triggers is a mechanism to instantiate BuildRun objects based on a Build, so BuildRun would not be able to trigger itself.

[SaschaSchwarze0]

Yep, I meant Build trigger. But I just notice it is not part of the SHIP, then it is fine for now. It is being discussed here: shipwright-io/community#75 (comment).

[SaschaSchwarze0]

For consistency, I suggest to remove the Spec prefix everywhere. Those error codes are also documented on https://github.com/shipwright-io/build/blob/main/docs/build.md#build-validations. And I just notice that we forgot to add the Volume-related reasons.

[otaviof]

Sure!

[SaschaSchwarze0]

If this is required, should we remove omitempty ?

[otaviof]

Thanks, indeed the omitempty must not be there.

[lookis]

I have a question, If we watch github event, how to apply carried information to Build result?
for example, I have tag a commit in github repo, and trigger the Build. how to apply the tag to the output Image

[SaschaSchwarze0]

I have a question, If we watch github event, how to apply carried information to Build result? for example, I have tag a commit in github repo, and trigger the Build. how to apply the tag to the output Image

Hi @lookis, qq, are you:

• pushing a tag to your GitHub repository and expect a build to start for this tag ? This is not covered of the Triggers SHIP, but would be an interesting scenario @otaviof.
• interested in getting the tag name or commit sha that is built somewhere into the image (as a label or annotation), or as its image tag ? Or as annotation of an image signature ? That's all future.

[lookis]

@SaschaSchwarze0 Thanks, looking forward to it.

[openshift-ci]

@otaviof: GitHub didn't allow me to request PR reviews from the following users: ricardomaraschini.

Note that only shipwright-io members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

/cc @ricardomaraschini

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[otaviof]

I suggest to add validation to https://github.com/shipwright-io/build/blob/v0.10.0/pkg/validate/validate.go#L83-L119. Basically a BuildRun with an inline spec must not have triggers set.

Thanks for the review, please consider the latest changes.

[otaviof]

I have a question, If we watch github event, how to apply carried information to Build result? for example, I have tag a commit in github repo, and trigger the Build. how to apply the tag to the output Image

Hi @lookis, qq, are you:

* pushing a tag to your GitHub repository and expect a build to start for this tag ? This is not covered of the [Triggers SHIP](https://github.com/shipwright-io/community/blob/main/ships/0031-shipwright-trigger.md), but would be an interesting scenario @otaviof.

* interested in getting the tag name or commit sha that is built somewhere into the image (as a label or annotation), or as its image tag ? Or as annotation of an image signature ? That's all future.

Most definitely an interesting use-case, @lookis! I think we've spoken about having automation to tag the image accordingly with the context, like in this case the repository metadata. I think we should keep this in the radar.

Lets bring this on the next community meeting?

[SaschaSchwarze0]

/approve

[qu1queee]

@otaviof thank you, neat neat work!

Some minor comments, pls take a look

[qu1queee]

Just for my understanding, does Pipeline CRD has a state, or is more about PipelineRun states?

[qu1queee]

@otaviof ty, approving.

/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qu1queee, SaschaSchwarze0

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [SaschaSchwarze0,qu1queee]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[qu1queee]

/lgtm