Added functionality to set image secret

In K8s, Pods can specify a imagePullSecrets which identifies K8s secrets that the container runtime should use to authorize container image pulls when starting a Pod. To achive this imageSecrets is added to PodTemplate.

Signed-off-by: NikeNano <[email protected]>
Co-authored-by: JohanWork <[email protected]>
Co-authored-by: JohanWork <[email protected]>

docs/podtemplates.md

@@ -57,8 +57,12 @@ The current fields supported are:
   to use when dispatching the Pod. This can be used when workloads of specific types need specific schedulers,
   e.g.: If you are using volcano.sh for Machine Learning Workloads, you can pass the schedulerName and have Tasks be 
   dispatched by the volcano.sh scheduler.
+<<<<<<< HEAD
+- `imagePullSecret` the name of the [`secret`](https://kubernetes.io/docs/concepts/configuration/secret/) used when [pulling the image if specified](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). 
+=======
 - `hostNetwork`: set this to `true` if the host network namespace should be used.
   Defaults to `false`.
+>>>>>>> origin/master
 
 
 A `Pod` template can be specified for `TaskRun` or `PipelineRun` resources.

pkg/apis/pipeline/pod/template.go

@@ -93,6 +93,10 @@ type Template struct {
 	// SchedulerName specifies the scheduler to be used to dispatch the Pod
 	// +optional
 	SchedulerName string `json:"schedulerName"`
+
+	// ImagePullSecrets gives the name of the secret used by the pod to pull the image if specified
+	ImagePullSecrets []corev1.LocalObjectReference
+
 	// HostNetwork specifies whether the pod may use the node network namespace
 	// +optional
 	HostNetwork bool `json:"hostNetwork"`

pkg/pod/pod.go

@@ -273,6 +273,7 @@ func MakePod(images pipeline.Images, taskRun *v1beta1.TaskRun, taskSpec v1beta1.
 			DNSConfig:                    podTemplate.DNSConfig,
 			EnableServiceLinks:           podTemplate.EnableServiceLinks,
 			PriorityClassName:            priorityClassName,
+			ImagePullSecrets:             podTemplate.ImagePullSecrets,
 		},
 	}, nil
 }

pkg/pod/pod_test.go

@@ -25,6 +25,7 @@ import (
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/tektoncd/pipeline/pkg/apis/pipeline"
+	"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1alpha1"
 	"github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1"
 	"github.com/tektoncd/pipeline/pkg/system"
 	"github.com/tektoncd/pipeline/test/diff"
@@ -730,6 +731,51 @@ script-heredoc-randomly-generated-78c5n
 			}},
 		},
 	}, {
+		desc: "setting image pull secret",
+		ts: v1beta1.TaskSpec{
+			Steps: []v1alpha1.Step{
+				{
+					Container: corev1.Container{
+						Name:    "image-pull",
+						Image:   "image",
+						Command: []string{"cmd"}, // avoid entrypoint lookup.
+					},
+				},
+			},
+		},
+		trs: v1beta1.TaskRunSpec{
+			PodTemplate: &v1alpha1.PodTemplate{
+				ImagePullSecrets: []corev1.LocalObjectReference{{Name: "imageSecret"}},
+			},
+		},
+		want: &corev1.PodSpec{
+			RestartPolicy:  corev1.RestartPolicyNever,
+			InitContainers: []corev1.Container{placeToolsInit},
+			Volumes:        append(implicitVolumes, toolsVolume, downwardVolume),
+			Containers: []corev1.Container{{
+				Name:    "step-image-pull",
+				Image:   "image",
+				Command: []string{"/tekton/tools/entrypoint"},
+				Args: []string{
+					"-wait_file",
+					"/tekton/downward/ready",
+					"-wait_file_content",
+					"-post_file",
+					"/tekton/tools/0",
+					"-termination_path",
+					"/tekton/termination",
+					"-entrypoint",
+					"cmd",
+					"--",
+				},
+				Env:                    implicitEnvVars,
+				VolumeMounts:           append([]corev1.VolumeMount{toolsMount, downwardMount}, implicitVolumeMounts...),
+				WorkingDir:             pipeline.WorkspaceDir,
+				Resources:              corev1.ResourceRequirements{Requests: allZeroQty()},
+				TerminationMessagePath: "/tekton/termination",
+			}},
+			ImagePullSecrets: []corev1.LocalObjectReference{corev1.LocalObjectReference{Name: "imageSecret"}},
+		}}, {
 		desc: "using hostNetwork",
 		ts: v1beta1.TaskSpec{
 			Steps: []v1beta1.Step{