Expected Behavior

When validation errors occur in the webhook, log messages should include the resource name and namespace to help operators quickly identify which resource is causing the validation failure.

For example, when a Pipeline validation fails, the log should show:

{"severity":"info","logger":"tekton-pipelines-webhook","message":"Failed the resource specific validation","name":"my-pipeline","namespace":"my-namespace","error":"missing field(s): spec.tasks"}

Actual Behavior

The webhook logs validation failures without including the resource name or namespace. Currently, the log atknative.dev/pkg/webhook/resourcesemantics/validation/validation_admit.go:184 shows:

logger.Infow("Failed the resource specific validation",zap.Error(result))

Which produces logs like:

{"severity":"info","logger":"tekton-pipelines-webhook","message":"Failed the resource specific validation","error":"missing field(s): spec.tasks[0].taskRef.name"}

The resource name and namespace areavailable in theAdmissionRequest (req.Name andreq.Namespace) and are passed to thevalidate() function, but they are not included in the log output.

Use Case / Motivation

In clusters with many Pipelines and Tasks, when validation errors occur, operators see error messages in the webhook logs but cannot easily determine which resource triggered the error without:

1. Correlating timestamps with kubectl apply commands
2. Searching through multiple resources to find the one with the invalid configuration

A real-world scenario: A user creates a Pipeline with an invalid result reference like$(tasks.build.results.digest) when the task is actually namedbuild-image. The validation fails, but the webhook log doesn't indicate which Pipeline caused the failure.

Including resource names would:

1. Reduce mean time to resolution (MTTR) for validation errors
2. Help operators quickly identify misconfigured resources in multi-tenant clusters
3. Improve observability and debugging experience
4. Bring consistency with controller/reconciler logs which already include resource names

Proposed Solution

Enhance the log message in the Knative webhook'svalidate() function to include resource metadata:

logger.Infow("Failed the resource specific validation",zap.String("name",req.Name),zap.String("namespace",req.Namespace),zap.String("kind",req.Kind.Kind),zap.Error(result))

Since this code is inknative.dev/pkg/webhook, this improvement would need to be contributed upstream to Knative.

Additional Context

• TheAdmissionRequest struct already containsName andNamespace fields (seek8s.io/api/admission/v1/types.go)
• Thevalidate() function receivesreq *admissionv1.AdmissionRequest as a parameter, so the data is readily available
• The reconciler code already includes resource names in logs (e.g.,logger.Infof("taskrun done : %s", tr.Name)), so this would bring consistency