feat: Validate individual tasks in GA CI

.github/workflows/run-task-tests.yaml

@@ -0,0 +1,89 @@
+name: Run Task Tests
+
+"on":
+  pull_request
+
+jobs:
+  run-task-tests:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Get all changed files in the PR from task or test directories
+        id: changed-files
+        uses: tj-actions/changed-files@v45
+        with:
+          # Avoid using single or double quotes for multiline patterns
+          files: |
+            task/**
+            test/**
+
+      - name: Free Disk Space
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: jlumbroso/free-disk-space@main
+        with:
+          tool-cache: false
+          docker-images: false
+
+      - name: Checkout build-defintions Repository
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: actions/checkout@v3
+        with:
+          ref: "${{ github.event.pull_request.head.sha }}"
+          path: build-definitions
+
+      - name: Checkout konflux-ci/konflux-ci Repository
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: actions/checkout@v3
+        with:
+          repository: 'konflux-ci/konflux-ci'
+          path: konflux-ci
+          ref: f6d9d0fe8f34199eb118febcbf7f7944ae7772a9
+
+      - name: Create k8s Kind Cluster
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: helm/kind-action@v1
+        with:
+          config: konflux-ci/kind-config.yaml
+
+      - name: Show version information
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          kubectl version
+          kind version
+
+      - name: Deploying Dependencies
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          cd $GITHUB_WORKSPACE/konflux-ci
+          ./deploy-deps.sh
+
+      - name: Wait for the dependencies to be ready
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          cd $GITHUB_WORKSPACE/konflux-ci
+          ./wait-for-all.sh
+
+      - name: Deploying Konflux
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          cd $GITHUB_WORKSPACE/konflux-ci
+          ./deploy-konflux.sh
+
+      - name: List namespaces
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          kubectl get namespace
+
+      - name: Deploy test resources
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          cd $GITHUB_WORKSPACE/konflux-ci
+          ./deploy-test-resources.sh
+
+      - name: Run the task tests
+        if: steps.changed-files.outputs.any_changed == 'true'
+        env:
+          CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
+        run: |
+          echo "Files changed in PR: ${CHANGED_FILES}"
+          cd $GITHUB_WORKSPACE/build-definitions
+          ./test/test-tasks.sh

.github/workflows/task-lint.yaml

@@ -0,0 +1,53 @@
+---
+name: tasklint
+"on":
+  pull_request:
+    branches: [main]
+jobs:
+  tasklint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get all changed files in the PR from task directories
+        id: changed-files
+        uses: tj-actions/changed-files@v45
+        with:
+          # Avoid using single or double quotes for multiline patterns
+          files: |
+            task/**
+
+      - name: Setup Go
+        if: steps.changed-files.outputs.any_changed == 'true'
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'
+
+      - name: Install tektor
+        if: steps.changed-files.outputs.any_changed == 'true'
+        run: |
+          go install github.com/lcarva/tektor@4e9385885cc638fe337bcb9cc5f3d64cc8c262c5
+
+      - name: Run tektor linter
+        if: steps.changed-files.outputs.any_changed == 'true'
+        env:
+          CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
+        run: |
+          #!/bin/bash
+          echo "Files changed in PR: ${CHANGED_FILES}"
+          function print_changed_tasks_to_console() {
+            echo ${CHANGED_FILES} | grep -o 'task/[^\/]*/[^\/]*/*[^/]*.yaml' || true
+          }
+          function validate_task_yaml_using_tektor() {
+              all_tasks="$*"
+              for task in ${all_tasks}; do
+                  # Skip if it is kustomize related yaml files
+                  if [[ ${task} == *"kustomization.yaml" || ${task} == *"patch.yaml" || ${task} == *"recipe.yaml" ]]; then
+                          continue
+                  fi
+                  tektor validate ${task}
+              done
+          }
+          # Validate task yamls using tektor linter
+          tasks_changed=$(print_changed_tasks_to_console)
+          [[ ! -z ${tasks_changed} ]] && {
+            validate_task_yaml_using_tektor "${tasks_changed}"
+          }

README.md

@@ -132,6 +132,33 @@ Specify the Quay repository using the `QUAY_NAMESPACE` environment variable in t
   ./hack/test-shellspec.sh`
   ```
 
+## Testing Tasks
+
+Tasks can be validated in the GithubActions CI setup with this repository.
+
+If you have a directory called `tests/` inside the task directory, CI will create a random `Namespace`, apply the task first in the namespace and then all the test yaml files (containing TaskRun or PipelineRun) inside the `tests` directory.
+
+We can use the functionality of running scripts before applying the tested task or the other yaml files. There are two different scripts that are automatically applied if present. These are applied using the `source` bash script:
+
+- `pre-apply-task-hook.sh`: Script to run before applying the task, it can include `kubectl` commands to apply any kubernetes resources in the cluster
+- `pre-apply-taskrun-hook.sh`: Script to run before applying the task run or pipeline run yaml files, it can also include `kubectl` commands to apply any kubernetes resources in the cluster
+
+For example refer: Git Clone task [tests](./task/git-clone/0.1/tests/run.yaml)
+
+CI also validates the task yamls using [tektor](https://github.com/lcarva/tektor)
+
+### Running Task tests locally
+
+Prerequisites: Deploy [upstream konflux](https://github.com/konflux-ci/konflux-ci?tab=readme-ov-file#bootstrapping-the-cluster) locally.
+
+A helper script called `run-test.sh` is present inside `test` directory to help the developer run the test. Just specify resource type as first argument, resource name as second argument and the version as third argument i.e:
+
+```
+./test/run-test.sh task git-clone 0.1
+```
+
+and it will use your current kubernetes context to run the test and show you the outputs similar to the CI.
+
 ### Compliance
 
 Task definitions must comply with the [Enterprise Contract](https://enterprisecontract.dev/) policies.

task/git-clone/0.1/tests/pre-apply-task-hook.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo "example of pre-apply-task-hook, this script can be used to run kubernetes commands"
+${KUBECTL_CMD} get ns

task/git-clone/0.1/tests/pre-apply-taskrun-hook.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo "an example of pre-apply-taskrun-hook script"

task/git-clone/0.1/tests/run.yaml

@@ -0,0 +1,30 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: TaskRun
+metadata:
+  name: git-clone-run-noargs
+spec:
+  workspaces:
+    - name: output
+      emptyDir: {}
+  taskRef:
+    name: git-clone
+  params:
+    - name: url
+      value: https://github.com/kelseyhightower/nocode
+---
+apiVersion: tekton.dev/v1beta1
+kind: TaskRun
+metadata:
+  name: git-clone-run-tag
+spec:
+  workspaces:
+    - name: output
+      emptyDir: {}
+  taskRef:
+    name: git-clone
+  params:
+    - name: url
+      value: https://github.com/kelseyhightower/nocode
+    - name: revision
+      value: 1.0.0