From 03c88232c222f3c3af663e2d4e2bfabfef2a3bea Mon Sep 17 00:00:00 2001
From: Piyush Garg <pgarg@redhat.com>
Date: Sun, 22 Sep 2024 17:01:19 +0530
Subject: [PATCH] Add support for priorityClassName in
 affinityAssistantPodTemplate

This will add the support for specifying priorityClassName
for affinity assistant pods. Also can specify default
value in defaultAffinityAssistant pod template

this will help to specify same priorityClassName for
affinity assistant pods and task run pods, so all get
scheduled with same priority

Part of #7779

/kind feature
---
 docs/additional-configs.md                    |  2 +-
 docs/podtemplates.md                          | 28 +++++++++----------
 .../pod/affinity_assitant_template.go         |  9 ++++++
 pkg/apis/pipeline/pod/template.go             | 12 +++++---
 .../pipelinerun/affinity_assistant.go         | 14 +++++++---
 .../pipelinerun/affinity_assistant_test.go    |  6 ++++
 6 files changed, 48 insertions(+), 23 deletions(-)

diff --git a/docs/additional-configs.md b/docs/additional-configs.md
index e71f09123e4..6b307bbd151 100644
--- a/docs/additional-configs.md
+++ b/docs/additional-configs.md
@@ -237,7 +237,7 @@ The example below customizes the following:
 - the default service account from `default` to `tekton`.
 - the default timeout from 60 minutes to 20 minutes.
 - the default `app.kubernetes.io/managed-by` label is applied to all Pods created to execute `TaskRuns`.
-- the default Pod template to include a node selector to select the node where the Pod will be scheduled by default. A list of supported fields is available [here](https://github.com/tektoncd/pipeline/blob/main/docs/podtemplates.md#supported-fields).
+- the default Pod template to include a node selector to select the node where the Pod will be scheduled by default. A list of supported fields is available [here](./podtemplates.md#supported-fields).
   For more information, see [`PodTemplate` in `TaskRuns`](./taskruns.md#specifying-a-pod-template) or [`PodTemplate` in `PipelineRuns`](./pipelineruns.md#specifying-a-pod-template).
 - the default `Workspace` configuration can be set for any `Workspaces` that a Task declares but that a TaskRun does not explicitly provide.
 - the default maximum combinations of `Parameters` in a `Matrix` that can be used to fan out a `PipelineTask`. For
diff --git a/docs/podtemplates.md b/docs/podtemplates.md
index 8f38abc9e12..53bb70ca6e3 100644
--- a/docs/podtemplates.md
+++ b/docs/podtemplates.md
@@ -23,20 +23,6 @@ See the following for examples of specifying a Pod template:
 - [Specifying a Pod template for a `TaskRun`](./taskruns.md#specifying-a-pod-template)
 - [Specifying a Pod template for a `PipelineRun`](./pipelineruns.md#specifying-a-pod-template)
 
-## Affinity Assistant Pod templates
-
-The Pod templates specified in the `TaskRuns` and `PipelineRuns `also apply to
-the [affinity assistant Pods](#./workspaces.md#specifying-workspace-order-in-a-pipeline-and-affinity-assistants)
-that are created when using Workspaces, but only on select fields.
-
-The supported fields are: `tolerations`, `nodeSelector`, `securityContext` and
-`imagePullSecrets` (see the table below for more details).
-
-Similarily to Pod templates, you have the option to define a global affinity
-assistant Pod template [in your Tekton config](./additional-configs.md#customizing-basic-execution-parameters)
-using the key `default-affinity-assistant-pod-template`. The merge strategy is
-the same as the one described above.
-
 ## Supported fields
 
 Pod templates support fields listed in the table below.
@@ -156,6 +142,20 @@ roleRef:
   apiGroup: rbac.authorization.k8s.io
 ```
 
+# Affinity Assistant Pod templates
+
+The Pod templates specified in the `TaskRuns` and `PipelineRuns `also apply to
+the [affinity assistant Pods](#./workspaces.md#specifying-workspace-order-in-a-pipeline-and-affinity-assistants)
+that are created when using Workspaces, but only on selected fields.
+
+The supported fields for affinity assistant pods are: `tolerations`, `nodeSelector`, `securityContext`, 
+`priorityClassName` and `imagePullSecrets` (see the table above for more details about the fields).
+
+Similarly to global Pod Template, you have the option to define a global affinity
+assistant Pod template [in your Tekton config](./additional-configs.md#customizing-basic-execution-parameters)
+using the key `default-affinity-assistant-pod-template`. The merge strategy is
+the same as the one described above for the supported fields.
+
 ---
 
 Except as otherwise noted, the content of this page is licensed under the
diff --git a/pkg/apis/pipeline/pod/affinity_assitant_template.go b/pkg/apis/pipeline/pod/affinity_assitant_template.go
index aba3f97b3a3..214ec6a8700 100644
--- a/pkg/apis/pipeline/pod/affinity_assitant_template.go
+++ b/pkg/apis/pipeline/pod/affinity_assitant_template.go
@@ -46,6 +46,15 @@ type AffinityAssistantTemplate struct {
 	// SecurityContext sets the security context for the pod
 	// +optional
 	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
+
+	// If specified, indicates the pod's priority. "system-node-critical" and
+	// "system-cluster-critical" are two special keywords which indicate the
+	// highest priorities with the former being the highest priority. Any other
+	// name must be defined by creating a PriorityClass object with that name.
+	// If not specified, the pod priority will be default or zero if there is no
+	// default.
+	// +optional
+	PriorityClassName *string `json:"priorityClassName,omitempty"`
 }
 
 // Equals checks if this Template is identical to the given Template.
diff --git a/pkg/apis/pipeline/pod/template.go b/pkg/apis/pipeline/pod/template.go
index 68d7e61af33..6bc37fecd7f 100644
--- a/pkg/apis/pipeline/pod/template.go
+++ b/pkg/apis/pipeline/pod/template.go
@@ -148,10 +148,11 @@ func (tpl *Template) ToAffinityAssistantTemplate() *AffinityAssistantTemplate {
 	}
 
 	return &AffinityAssistantTemplate{
-		NodeSelector:     tpl.NodeSelector,
-		Tolerations:      tpl.Tolerations,
-		ImagePullSecrets: tpl.ImagePullSecrets,
-		SecurityContext:  tpl.SecurityContext,
+		NodeSelector:      tpl.NodeSelector,
+		Tolerations:       tpl.Tolerations,
+		ImagePullSecrets:  tpl.ImagePullSecrets,
+		SecurityContext:   tpl.SecurityContext,
+		PriorityClassName: tpl.PriorityClassName,
 	}
 }
 
@@ -251,6 +252,9 @@ func MergeAAPodTemplateWithDefault(tpl, defaultTpl *AAPodTemplate) *AAPodTemplat
 		if tpl.SecurityContext == nil {
 			tpl.SecurityContext = defaultTpl.SecurityContext
 		}
+		if tpl.PriorityClassName == nil {
+			tpl.PriorityClassName = defaultTpl.PriorityClassName
+		}
 
 		return tpl
 	}
diff --git a/pkg/reconciler/pipelinerun/affinity_assistant.go b/pkg/reconciler/pipelinerun/affinity_assistant.go
index 27b9874effd..94aab0951ab 100644
--- a/pkg/reconciler/pipelinerun/affinity_assistant.go
+++ b/pkg/reconciler/pipelinerun/affinity_assistant.go
@@ -311,6 +311,11 @@ func affinityAssistantStatefulSet(aaBehavior aa.AffinityAssistantBehavior, name
 		}
 	}
 
+	var priorityClassName string
+	if tpl.PriorityClassName != nil {
+		priorityClassName = *tpl.PriorityClassName
+	}
+
 	containers := []corev1.Container{{
 		Name:  "affinity-assistant",
 		Image: containerConfig.Image,
@@ -375,10 +380,11 @@ func affinityAssistantStatefulSet(aaBehavior aa.AffinityAssistantBehavior, name
 				Spec: corev1.PodSpec{
 					Containers: containers,
 
-					Tolerations:      tpl.Tolerations,
-					NodeSelector:     tpl.NodeSelector,
-					ImagePullSecrets: tpl.ImagePullSecrets,
-					SecurityContext:  tpl.SecurityContext,
+					Tolerations:       tpl.Tolerations,
+					NodeSelector:      tpl.NodeSelector,
+					ImagePullSecrets:  tpl.ImagePullSecrets,
+					SecurityContext:   tpl.SecurityContext,
+					PriorityClassName: priorityClassName,
 
 					Affinity: getAssistantAffinityMergedWithPodTemplateAffinity(pr, aaBehavior),
 					Volumes:  volumes,
diff --git a/pkg/reconciler/pipelinerun/affinity_assistant_test.go b/pkg/reconciler/pipelinerun/affinity_assistant_test.go
index 30c5c273578..35c22df73de 100644
--- a/pkg/reconciler/pipelinerun/affinity_assistant_test.go
+++ b/pkg/reconciler/pipelinerun/affinity_assistant_test.go
@@ -778,6 +778,7 @@ func TestDefaultPodTemplatesArePropagatedToAffinityAssistant(t *testing.T) {
 			},
 		},
 	}
+	priorityClassName := "test-priority"
 
 	defaultTpl := &pod.AffinityAssistantTemplate{
 		Tolerations: []corev1.Toleration{{
@@ -796,6 +797,7 @@ func TestDefaultPodTemplatesArePropagatedToAffinityAssistant(t *testing.T) {
 			RunAsNonRoot:   ptr.Bool(true),
 			SeccompProfile: &corev1.SeccompProfile{Type: corev1.SeccompProfileTypeRuntimeDefault},
 		},
+		PriorityClassName: &priorityClassName,
 	}
 
 	stsWithOverridenTemplateFields := affinityAssistantStatefulSet(aa.AffinityAssistantPerWorkspace, "test-assistant", prWithCustomPodTemplate, []corev1.PersistentVolumeClaim{}, []string{}, containerConfigWithoutSecurityContext, defaultTpl)
@@ -815,6 +817,10 @@ func TestDefaultPodTemplatesArePropagatedToAffinityAssistant(t *testing.T) {
 	if stsWithOverridenTemplateFields.Spec.Template.Spec.SecurityContext == nil {
 		t.Errorf("expected SecurityContext in the StatefulSet")
 	}
+
+	if stsWithOverridenTemplateFields.Spec.Template.Spec.PriorityClassName == "" {
+		t.Errorf("expected PriorityClassName in the StatefulSet")
+	}
 }
 
 func TestMergedPodTemplatesArePropagatedToAffinityAssistant(t *testing.T) {