Capture Remote StepAction Location in TaskRun Status

Prior to this, we captured remote Task and pipeline origin
information (uri and digest) in the TaskRun/PipelineRun Status.
This allowed Chains to pull this information and insert it into
the intoto provenance. A similar capability was missing for the
newly implemented StepActions. This PR fixes that gap.

Fixes #8091

Author: chitrangpatel

docs/pipeline-api.md

@@ -3437,7 +3437,7 @@ ParamType
 <h3 id="tekton.dev/v1.Provenance">Provenance
 </h3>
 <p>
-(<em>Appears on:</em><a href="#tekton.dev/v1.PipelineRunStatusFields">PipelineRunStatusFields</a>, <a href="#tekton.dev/v1.TaskRunStatusFields">TaskRunStatusFields</a>)
+(<em>Appears on:</em><a href="#tekton.dev/v1.PipelineRunStatusFields">PipelineRunStatusFields</a>, <a href="#tekton.dev/v1.StepState">StepState</a>, <a href="#tekton.dev/v1.TaskRunStatusFields">TaskRunStatusFields</a>)
 </p>
 <div>
 <p>Provenance contains metadata about resources used in the TaskRun/PipelineRun
@@ -4858,6 +4858,18 @@ string
 </tr>
 <tr>
 <td>
+<code>provenance</code><br/>
+<em>
+<a href="#tekton.dev/v1.Provenance">
+Provenance
+</a>
+</em>
+</td>
+<td>
+</td>
+</tr>
+<tr>
+<td>
 <code>terminationReason</code><br/>
 <em>
 string
@@ -12776,7 +12788,7 @@ ParamType
 <h3 id="tekton.dev/v1beta1.Provenance">Provenance
 </h3>
 <p>
-(<em>Appears on:</em><a href="#tekton.dev/v1beta1.PipelineRunStatusFields">PipelineRunStatusFields</a>, <a href="#tekton.dev/v1beta1.TaskRunStatusFields">TaskRunStatusFields</a>)
+(<em>Appears on:</em><a href="#tekton.dev/v1beta1.PipelineRunStatusFields">PipelineRunStatusFields</a>, <a href="#tekton.dev/v1beta1.StepState">StepState</a>, <a href="#tekton.dev/v1beta1.TaskRunStatusFields">TaskRunStatusFields</a>)
 </p>
 <div>
 <p>Provenance contains metadata about resources used in the TaskRun/PipelineRun
@@ -14444,6 +14456,18 @@ string
 </tr>
 <tr>
 <td>
+<code>provenance</code><br/>
+<em>
+<a href="#tekton.dev/v1beta1.Provenance">
+Provenance
+</a>
+</em>
+</td>
+<td>
+</td>
+</tr>
+<tr>
+<td>
 <code>inputs</code><br/>
 <em>
 <a href="#tekton.dev/v1beta1.Artifact">

pkg/apis/pipeline/v1/openapi_generated.go

@@ -1675,6 +1675,9 @@
             "$ref": "#/definitions/v1.Artifact"
           }
         },
+        "provenance": {
+          "$ref": "#/definitions/v1.Provenance"
+        },
         "results": {
           "type": "array",
           "items": {

pkg/apis/pipeline/v1/swagger.json

@@ -364,6 +364,7 @@ type StepState struct {
 	Container             string                `json:"container,omitempty"`
 	ImageID               string                `json:"imageID,omitempty"`
 	Results               []TaskRunStepResult   `json:"results,omitempty"`
+	Provenance            *Provenance           `json:"provenance,omitempty"`
 	TerminationReason     string                `json:"terminationReason,omitempty"`
 	Inputs                []TaskRunStepArtifact `json:"inputs,omitempty"`
 	Outputs               []TaskRunStepArtifact `json:"outputs,omitempty"`

pkg/apis/pipeline/v1/taskrun_types.go

@@ -2437,6 +2437,9 @@
             "$ref": "#/definitions/v1beta1.Artifact"
           }
         },
+        "provenance": {
+          "$ref": "#/definitions/v1beta1.Provenance"
+        },
         "results": {
           "type": "array",
           "items": {

pkg/apis/pipeline/v1/zz_generated.deepcopy.go

@@ -345,6 +345,12 @@ func (ss StepState) convertTo(ctx context.Context, sink *v1.StepState) {
 	sink.ImageID = ss.ImageID
 	sink.Results = nil
 
+	if ss.Provenance != nil {
+		new := v1.Provenance{}
+		ss.Provenance.convertTo(ctx, &new)
+		sink.Provenance = &new
+	}
+
 	if ss.ContainerState.Terminated != nil {
 		sink.TerminationReason = ss.ContainerState.Terminated.Reason
 	}
@@ -379,6 +385,11 @@ func (ss *StepState) convertFrom(ctx context.Context, source v1.StepState) {
 		new.convertFrom(ctx, r)
 		ss.Results = append(ss.Results, new)
 	}
+	if source.Provenance != nil {
+		new := Provenance{}
+		new.convertFrom(ctx, *source.Provenance)
+		ss.Provenance = &new
+	}
 	for _, o := range source.Outputs {
 		new := TaskRunStepArtifact{}
 		new.convertFrom(ctx, o)

pkg/apis/pipeline/v1beta1/openapi_generated.go

@@ -126,6 +126,27 @@ func TestTaskRunConversion(t *testing.T) {
 					},
 				},
 			},
+		}, {
+			name: "taskrun with provenance in step state",
+			in: &v1beta1.TaskRun{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "foo",
+					Namespace: "bar",
+				},
+				Spec: v1beta1.TaskRunSpec{},
+				Status: v1beta1.TaskRunStatus{
+					TaskRunStatusFields: v1beta1.TaskRunStatusFields{
+						Steps: []v1beta1.StepState{{
+							Provenance: &v1beta1.Provenance{
+								RefSource: &v1beta1.RefSource{
+									URI:    "test-uri",
+									Digest: map[string]string{"sha256": "digest"},
+								},
+							},
+						}},
+					},
+				},
+			},
 		}, {
 			name: "taskrun conversion all non deprecated fields",
 			in: &v1beta1.TaskRun{

pkg/apis/pipeline/v1beta1/swagger.json

@@ -372,6 +372,7 @@ type StepState struct {
 	ContainerName         string                `json:"container,omitempty"`
 	ImageID               string                `json:"imageID,omitempty"`
 	Results               []TaskRunStepResult   `json:"results,omitempty"`
+	Provenance            *Provenance           `json:"provenance,omitempty"`
 	Inputs                []TaskRunStepArtifact `json:"inputs,omitempty"`
 	Outputs               []TaskRunStepArtifact `json:"outputs,omitempty"`
 }