Skip to content

Releases: tektoncd/pipeline

Tekton Pipeline release v0.50.5 "Russian Blue Daneel Olivaw"

16 Nov 15:03
@tekton-robot tekton-robot
v0.50.5
bfc787b
Compare
Choose a tag to compare
Tekton Pipeline release v0.50.5 "Russian Blue Daneel Olivaw"

-Docs @ v0.50.5
-Examples @ v0.50.5

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.5/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a6931938578b4916b2944efdb45cd531e1913f85b8bc9c0a4e73512edcfbb86b5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a6931938578b4916b2944efdb45cd531e1913f85b8bc9c0a4e73512edcfbb86b5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.5/release.yaml
REKOR_UUID=24296fb24b8ad77a6931938578b4916b2944efdb45cd531e1913f85b8bc9c0a4e73512edcfbb86b5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.5@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Misc

  • πŸ”¨ [release-v0.50.x] Fix the controller and webhook images to use stable alpine (#7370)

The Tekton controller images are now based on a distroless base image which is built on top of Alpine 3.18

Thanks

Thanks to these contributors who contributed to v0.50.5!

Extra shout-out for awesome release notes:

Contributors

afrittoli
Assets 4
Loading

Tekton Pipeline release v0.53.1 "Munchkin Maschinenmensch"

15 Nov 11:16
@tekton-robot tekton-robot
v0.53.1
d96aa65
Compare
Choose a tag to compare
Tekton Pipeline release v0.53.1 "Munchkin Maschinenmensch"

-Docs @ v0.53.1
-Examples @ v0.53.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a2b1a1e305c730d970cef50e8aa4e9da65cb4da59fd03d253eb3de693252ffad6

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a2b1a1e305c730d970cef50e8aa4e9da65cb4da59fd03d253eb3de693252ffad6
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.1/release.yaml
REKOR_UUID=24296fb24b8ad77a2b1a1e305c730d970cef50e8aa4e9da65cb4da59fd03d253eb3de693252ffad6

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Misc

  • πŸ”¨ [release-v0.53.x] Pin the distroless base image to a stable alpine (#7361)

The Tekton images are now based on a distroless base image which is built on top of Alpine 3.18

Thanks

Thanks to these contributors who contributed to v0.53.1!

Extra shout-out for awesome release notes:

Contributors

afrittoli
Assets 4
Loading

Tekton Pipeline release v0.50.4 "Russian Blue Daneel Olivaw"

15 Nov 11:36
@tekton-robot tekton-robot
v0.50.4
fb00930
Compare
Choose a tag to compare
Tekton Pipeline release v0.50.4 "Russian Blue Daneel Olivaw"

-Docs @ v0.50.4
-Examples @ v0.50.4

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.4/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a71dafca6c5f27aec2842996255eeda41ddd2b1cec5ca920da82d7239d7007e7a

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a71dafca6c5f27aec2842996255eeda41ddd2b1cec5ca920da82d7239d7007e7a
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.4/release.yaml
REKOR_UUID=24296fb24b8ad77a71dafca6c5f27aec2842996255eeda41ddd2b1cec5ca920da82d7239d7007e7a

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.4@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Misc

  • πŸ”¨ [release-v0.50.x] Pin the distroless base image to a stable alpine (#7362)

The Tekton images are now based on a distroless base image which is built on top of Alpine 3.18

Thanks

Thanks to these contributors who contributed to v0.50.4!

Extra shout-out for awesome release notes:

Contributors

afrittoli
Assets 4
Loading

Tekton Pipeline release v0.53.0 "Munchkin Maschinenmensch" LTS

27 Oct 00:08
@tekton-robot tekton-robot
v0.53.0
a22f812
Compare
Choose a tag to compare
Tekton Pipeline release v0.53.0 "Munchkin Maschinenmensch" LTS

πŸŽ‰ CEL-based when expressions, Results from Matrices, beta promotions and more πŸŽ‰

-Docs @ v0.53.0
-Examples @ v0.53.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ae1d898a8665e246adf87237e426dcb51e61a4f34dfda16ed10148ce5c80c57df

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae1d898a8665e246adf87237e426dcb51e61a4f34dfda16ed10148ce5c80c57df
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.0/release.yaml
REKOR_UUID=24296fb24b8ad77ae1d898a8665e246adf87237e426dcb51e61a4f34dfda16ed10148ce5c80c57df

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Upgrade Notices

  • [TEP-0104] Task-level Resource Requirements in now beta
  • Matrix is now beta
  • Starting with this release, all new API driven features will be controlled by individual feature flags, and the enable-api-fields flag will be eventually phased out, once all API features currently in alpha/beta reach stability (or are removed)

Changes

Features

  • ✨ parameterize pipelineTask (#7273)

displayName can now accept params, task result references, or context variables.

  • ✨ Hub resolver: add version constraints (#7257)

hub resolver can now specify a version constraint to choose a version (example: version: ">=0.2.0,< 1.0.0")

  • ✨ Set public Tekton Hub API as default catalog (#7256)

tekton resolver now uses hub.tekton.dev by default.

  • ✨ [TEP-0145] Add CEL field to WhenExpression

    • ✨ [TEP-0145] Add CEL field to WhenExpression, and feature flag to guard the field (#7247)
    • ✨ [TEP-0145] Add sanity check for CEL expression (#7251)
    • ✨ [TEP-0145] Add CEL evaluation (#7255)
      Support CEL expression in WhenExpression to guard the execution of Tasks

  • ✨ Add a setting disallowing access to all namespaces (#7237)

Add special value * to the blocked-namespace setting for the cluster-resolver to disallow by default all namespaces and only allow the namespaces explicitly listed in allowed-namespace setting.

  • ✨ [TEP-0104] Task-level Resource Requirements to beta (#7225)

The task-level resource requirements feature allows the user to set computeResources at runtime i.e. on TaskRun. This is now enabled as part of the beta API.

  • ✨ TEP-140: Produce Results in Matrix (#7167)

Pipeline authors can now produce results from a Matrixed PipelineTask as an aggregated array and consume them in an array params. Two context variables are introduced as part of this feature, $(tasks..matrix.length) to get the length of a matrix combinations and $(tasks..matrix..length) to get a length of aggregated result.

  • ✨ Promoting Matrix to Beta πŸŽ‰ πŸŽ“ (#7164)

Matrix feature is promoted to beta and possible to utilize with enable-api-fields set to beta.

  • ✨ TEP-0107: propagate results to embedded task spec (#7100)

Results are propagated in embedded specifications without mutations.

  • ✨ [TEP0138] Add Per-feature Flag Struct for New Features (#7090)

Please use per feature flags for new API-driven feature gating.

  • ✨ feat: add ability to include reason in count metrics (#7060)

Add ability to include reason along with status in TaskRun and PipelineRun count metrics

Backwards incompatible changes

In the current release:

  • 🚨 The behaviour of the enable-api-field flag has been fixed, resulting in a slight behaviour change: when using the v1beta1 API, API features in beta are only available when the enable-api-field is set to beta or alpha. Beta features used to be enabled on the v1beta1 API regardless of the value of enable-api-field.
    Note that:

    • The default value for enable-api-field is beta
    • Users that have the flag set to alpha or beta will continue to have access to beta features on v1beta1 and v1 APIs
    • Users that have the flag set to stable will continue to not have access to beta features on the v1 API

    So in practice, there is no breaking change for users. Users of the v1beta1 API may now disable beta features, should they wish to do so, which was not possible before.

Work-in-progress

  • 🚧 TEP-0142: Introduce feature flag (#7277)

[WIP] Introduces a new feature flag "enable-step-actions: true/false" to gate the use of step actions.

  • 🚧 TEP-0142: Introducing the StepAction CRD (#7260)

Introduced the StepAction CRD as designed in https://github.com/tektoncd/community/blob/main/teps/0142-enable-step-reusability.md. The implementation is still ongoing; feature is not yet functional.

  • 🚧 [TEP-0050] Add OnError field (#7162)

Fixes

  • πŸ› Regression: fix results with out of order tasks (#7169)

Fix regression where a different order of task definition may cause result resolution to break

  • πŸ› Fix race condition in PVC deletion (#7149)

Bug fix: delete PVCs created by VolumeClaimTemplates when the owning PipelineRun is completed

  • πŸ› Recover Conversion Functions from Pipeline Resources for backwards compatibility (#7109)

Recover Conversion Functions from Pipeline Resources for backwards compatibility

  • πŸ› Different configmap for Leader Election per deployment (#7014)

Change configmap for LeaderElection of webhook to config-leader-election-webhook, event controller to config-leader-election-event and resolvers to config-leader-election-resolvers

  • πŸ› fix wait entrypoint cancellation error log output. (#7272)
  • πŸ› Flake Test fix: Sort TaskRunResults (#7254)
  • πŸ› fix waiter test is flaky (#7227)
  • πŸ› πŸ”’ Update knative/pkg 1.11 to address CVE-2023-44487 (#7210)

Misc

  • πŸ”¨ Refactor version.ValidateEnabledAPIFields to config pkg (#7206)

refactor: version.ValidateEnabledAPIFields has been moved to the config package

  • πŸ”¨ [TEP0138] Decouple v1beta1 beta feature validation (#6941)

v1beta1 CRDs with beta features now requires beta enable-api-fields. More specifically, users who have been accidentally using beta features resolvers, object array params and results with enable-api-fields set to stable now needs to change to enable-api-fields=beta

  • πŸ”¨ #7027 Cleanup cmp.Diff(want, got) for all diff.PrintWantGot() (#7209)
  • πŸ”¨ Avoid unnecessary scans for codeql on non code (#7286)
  • πŸ”¨ Bump k8s.io/client-go from 0.27.6 to 0.27.7 in /test/custom-task-ctrls/wait-task-beta (#7261)
  • πŸ”¨ Bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 (#7246)
  • πŸ”¨ [TEP-0145] Pull in cel-go to vendor (#7245)
  • πŸ”¨ Bump github.com/tektoncd/pipeline from 0.52.0 to 0.52.1 in /test/custom-task-ctrls/wait-task-beta (#7219)
  • πŸ”¨ Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.7.3 to 1.7.4 (#7213)
  • πŸ”¨ Bump github.com/spiffe/spire-api-sdk from 1.8.0 to 1.8.1 (#7204)
  • πŸ”¨ Bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#7203)
  • πŸ”¨ #6614 Add inclusive source scanning (#7199)
  • πŸ”¨ Rename test cases for beta feature validations (#7198)
  • πŸ”¨ Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#7197)
  • πŸ”¨ Bump github.com/containerd/containerd from 1.7.6 to 1.7.7 (#7196)
  • πŸ”¨ Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 in /test/custom-task-ctrls/wait-task-beta (#7195)
  • πŸ”¨ Add reviewers section to OWNERS file. (#7193)
  • πŸ”¨ Add @chitrangpatel as an pipelines maintainer (#7181)
  • πŸ”¨ Bump golang.org/x/sync from 0.3.0 to 0.4.0 (#7178)
  • πŸ”¨ update perl docker image with multi-arch tag (#7171)
  • πŸ”¨ Add @Yongxuanzhang as a pipelines maintainer (#7168)
  • πŸ”¨ Bump go.opentelemetry.io/otel/sdk from 1.16.0 to 1.19.0 (#7163)
  • πŸ”¨ Bump github.com/opencontainers/image-spec from 1.1.0-rc4 to 1.1.0-rc5 (#7161)
  • πŸ”¨ Increase the publish timeout (#7160)
  • πŸ”¨ Bump google.golang.org/grpc from 1.58.1 to 1.58.2 (#7158)
  • πŸ”¨ Increase the publish task timeout (#7156)
  • πŸ”¨ Bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 (#7154)
  • πŸ”¨ Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#7151)
  • πŸ”¨ Fix latest folder in releases (#7146)
  • πŸ”¨ updating an example - results using sidecar logs (#7145)
  • πŸ”¨ Bump github.com/tektoncd/pipeline from 0.51.0 to 0.52.0 in /test/custom-task-ctrls/wait-task-beta (#7142)
  • πŸ”¨ Bump go.uber.org/zap from 1.25.0 to 1.26.0 (#7141)
  • πŸ”¨ Bump github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0 (#7140)
  • πŸ”¨ documenting 0.51 and 0.52 releases (#7139)
  • πŸ”¨ Bump gomodules.xyz/jsonpatch/v2 from 2.2.0 to 2.4.0 (#7137)
  • πŸ”¨ Bump github.com/spiffe/spire-api-sdk from 1.7.2 to 1.8.0 (#7136)
  • πŸ”¨ Bump code.gitea.io/sdk/gitea from 0.15.1 to 0.16.0 (#7135)
  • πŸ”¨ Bump go.opentelemetry.io/otel/exporters/jaeger from 1.16.0 to 1.17.0 (#7134)
  • πŸ”¨ Bump go.opentelemetry.io/otel/trace from 1.16.0 ...
Read more

Contributors

chmouel, pritidesai, and 21 other contributors
Assets 4
Loading
0 Join discussion

Tekton Pipeline release v0.50.3 "Rusian Blue Daneel Olivaw"

19 Oct 16:27
@tekton-robot tekton-robot
v0.50.3
a2f17f6
Compare
Choose a tag to compare
Tekton Pipeline release v0.50.3 "Rusian Blue Daneel Olivaw"

-Docs @ v0.50.3
-Examples @ v0.50.3

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.3/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a8e347216bc80c82074f1721dbcfb1e10e487a0a2e5925d27cf46898c53bf6f5a

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a8e347216bc80c82074f1721dbcfb1e10e487a0a2e5925d27cf46898c53bf6f5a
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.3/release.yaml
REKOR_UUID=24296fb24b8ad77a8e347216bc80c82074f1721dbcfb1e10e487a0a2e5925d27cf46898c53bf6f5a

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.3@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • [v0.50.x] Bump GRPC Go to 1.56.3 to fix CVE (#7234)

This addresses GHSA-qppj-fm5r-hxr3 by not allowing more server handlers to be run than the HTTP/2 MAX_CONCURRENT_STREAMS setting.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.50.3!

Extra shout-out for awesome release notes:

Contributors

khrm
Assets 4
Loading

Tekton Pipeline release v0.47.5 "Chartreux Rachael"

19 Oct 18:58
@tekton-robot tekton-robot
v0.47.5
934087c
Compare
Choose a tag to compare
Tekton Pipeline release v0.47.5 "Chartreux Rachael"

-Docs @ v0.47.5
-Examples @ v0.47.5

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.5/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a8e347216bc80c82074f1721dbcfb1e10e487a0a2e5925d27cf46898c53bf6f5a

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae82bf9a7805e018a65de380f89976e1ff158f0872060bc761452ec52d26dcc90
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.5/release.yaml
REKOR_UUID=24296fb24b8ad77ae82bf9a7805e018a65de380f89976e1ff158f0872060bc761452ec52d26dcc90

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.5@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • [0.47.x] Bump GRPC to v1.56.3 (#7240)
  • [v0.47.x] Bump golang.org/x/net from 0.11.0 to 0.17.0 (#7221)

These addresse GHSA-qppj-fm5r-hxr3 by not allowing more server handlers to be run than the HTTP/2 MAX_CONCURRENT_STREAMS setting.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.47.5!

Extra shout-out for awesome release notes:

Contributors

khrm
Assets 4
Loading

Tekton Pipeline release v0.44.5 "Nebelung Nomad"

19 Oct 21:09
@tekton-robot tekton-robot
v0.44.5
6d93eb5
Compare
Choose a tag to compare
Tekton Pipeline release v0.44.5 "Nebelung Nomad"

-Docs @ v0.44.5
-Examples @ v0.44.5

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.44.5/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ae6d4a97d973af478bc9cefd6f575761773249d2706bf3d35bc7b81a7cc481fcf

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae6d4a97d973af478bc9cefd6f575761773249d2706bf3d35bc7b81a7cc481fcf
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.44.5/release.yaml
REKOR_UUID=24296fb24b8ad77ae6d4a97d973af478bc9cefd6f575761773249d2706bf3d35bc7b81a7cc481fcf

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.44.5@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [cherry-pick-v0.44.x] Fix PipelineRun reconciler panic for computed timeouts (#6999)

bug fix: Avoid controller panics for computed timeouts

  • [v0.44.x] Bump golang.org/x/net to 0.17.0 (#7222)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.44.5!

Extra shout-out for awesome release notes:

Contributors

khrm and lbernick
Assets 4
Loading

Tekton Pipeline release v0.50.2 "Russian Blue Daneel Olivaw"

16 Oct 11:20
@tekton-robot tekton-robot
v0.50.2
0689032
Compare
Choose a tag to compare
Tekton Pipeline release v0.50.2 "Russian Blue Daneel Olivaw"

-Docs @ v0.50.2
-Examples @ v0.50.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.2/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a6726958468f17410d57decea33a20cc1c61cae727201991da57f788c4095926b

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a6726958468f17410d57decea33a20cc1c61cae727201991da57f788c4095926b
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.2/release.yaml
REKOR_UUID=24296fb24b8ad77a6726958468f17410d57decea33a20cc1c61cae727201991da57f788c4095926b

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

  • πŸ› [release-v0.50.x] Regression: fix results with out of order tasks (#7173)

Fix regression where a different order of task definition may cause result resolution to break

  • πŸ› [release-v0.50.x] Validate beta features for inline pipelines and tasks (#7080)

Bug fix: validate beta features in inline tasks/pipelines in the same way as referenced tasks/pipelines

  • πŸ› [release-v0.50.x] Fix release pipeline (publish-to-bucket) (#7045)

Fixed the release pipeline invalid spec.

  • πŸ› [release-v0.50.x] Remove results annotations filtering (#7131)

  • πŸ› [v0.50.x] Update knative/pkg 1.10 to address CVE-2023-44487 (#7211)

Misc

  • πŸ”¨ Increase the publish timeout (#7215)

Docs

  • πŸ“– [release-v0.50.x] docs: Update references to examples from v1beta1 to v1 (#7202)

Thanks

Thanks to these contributors who contributed to v0.50.2!

Extra shout-out for awesome release notes:

Contributors

khrm, afrittoli, and tekton-robot
Assets 4
Loading
0 Join discussion

Tekton Pipeline release v0.52.1 "California Spangled Optimus"

13 Oct 22:08
@tekton-robot tekton-robot
v0.52.1
e7b5e58
Compare
Choose a tag to compare
Tekton Pipeline release v0.52.1 "California Spangled Optimus"

-Docs @ v0.52.1
-Examples @ v0.52.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml
REKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.52.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

  • πŸ› [release-v0.52.x] Regression: fix results with out of order tasks (#7174)

Fix regression where a different order of task definition may cause result resolution to break

Thanks

Thanks to these contributors who contributed to v0.52.1!

Extra shout-out for awesome release notes:

Contributors

afrittoli and tekton-robot
Assets 4
Loading
0 Join discussion

Tekton Pipeline release v0.52.0 "California Spangled Optimus"

20 Sep 21:48
@tekton-robot tekton-robot
v0.52.0
feb943c
Compare
Choose a tag to compare
Tekton Pipeline release v0.52.0 "California Spangled Optimus"

πŸŽ‰ Task and Pipeline Resolver Metrics, API Specifications for pipelines-in-pipelines πŸŽ‰

-Docs @ v0.52.0
-Examples @ v0.52.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77aede6ff3c84da87cdeda75e9dcf779abc736bf5423b8a4151bad8193f0c76dd15

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77aede6ff3c84da87cdeda75e9dcf779abc736bf5423b8a4151bad8193f0c76dd15
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.0/release.yaml
REKOR_UUID=24296fb24b8ad77aede6ff3c84da87cdeda75e9dcf779abc736bf5423b8a4151bad8193f0c76dd15

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.52.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Add taskrun/pipelinerun gauge metrics around resolving respective tasks/pipelines (#7094)

New gauge metrics are introduced that count the number of TaskRuns waiting for resolution of any Tasks they reference, as well as count the number of PipelineRuns waiting on Pipeline resolution, and lastly count the number of PipelineRuns waiting on Task resolution for their underlying TaskRuns.

  • ✨ [TEP-0056]: Initial set of API refactors pertinent to Pipelines in Pipelines (#7055)

Added PipelineRef and PipelineSpec fields to PipelineTask, in lieu of TEP-0056

Fixes

  • πŸ› fix: clean results when taskrun retries (#7126)

The taskrun will clean up the last task results before retrying.

  • πŸ› Validate beta features for inline pipelines and tasks (#7079)

Bug fix: validate beta features in inline tasks/pipelines in the same way as referenced tasks/pipelines

  • πŸ› Remove results annotations filtering (#7108)
  • πŸ› fix an issue with InvalidMatrixParameterTypes along with updating the matrix example with additional validations (#7064)

Misc

  • πŸ”¨ Add configmap for tracing config (#6897)

Tracing endpoint configuration is now moved from environment variable to the configmap config-tracing. Tracing can be now configured dynamically without needing to restart the controller. Refer the example configuration provided as part of the ConfigMap for the configuration options and format.

  • πŸ”¨ Clean up getting substitution expressions (#7121)
  • πŸ”¨ DEVELOPMENT: missing newline escape on shell example (#7107)
  • πŸ”¨ Cleanup: Move PipelineRun Reasons to pkg/apis (#7102)
  • πŸ”¨ cleaning up provenance from pipelineRun (#7091)
  • πŸ”¨ eventForObjectWithCondition -> EventForObjectWithCondition (#7052)
  • πŸ”¨ remove GetUnsignedPipeline helper function and use var in each file (#6800)
  • πŸ”¨ Bump github.com/containerd/containerd from 1.7.3 to 1.7.6 (#7130)
  • πŸ”¨ Bump github.com/spiffe/spire-api-sdk from 1.7.1 to 1.7.2 (#7129)
  • πŸ”¨ Bump k8s.io/apimachinery from 0.27.1 to 0.27.6 in /test/custom-task-ctrls/wait-task-beta (#7119)
  • πŸ”¨ Bump k8s.io/client-go from 0.27.1 to 0.27.6 in /test/custom-task-ctrls/wait-task-beta (#7118)
  • πŸ”¨ Bump k8s.io/api from 0.27.1 to 0.27.6 in /test/custom-task-ctrls/wait-task-beta (#7117)
  • πŸ”¨ Bump k8s.io/api from 0.26.7 to 0.26.9 in /test/custom-task-ctrls/wait-task-beta (#7114)
  • πŸ”¨ Bump k8s.io/client-go from 0.25.11 to 0.25.14 in /test/custom-task-ctrls/wait-task-beta (#7112)
  • πŸ”¨ Bump google.golang.org/grpc from 1.56.2 to 1.58.1 (#7111)
  • πŸ”¨ Bump github.com/jenkins-x/go-scm from 1.13.13 to 1.14.14 (#7089)
  • πŸ”¨ Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.3 (#7087)
  • πŸ”¨ Bump github.com/tektoncd/pipeline from 0.49.0 to 0.51.0 in /test/custom-task-ctrls/wait-task-beta (#7061)
  • πŸ”¨ Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 (#6913)

Docs

  • πŸ“– add docs for emitting object results (#7120)
  • πŸ“– fix docs and add max-result-size optional feature flag (#7110)
  • πŸ“– Fix the link to alpha-features in docs (#7075)

Thanks

Thanks to these contributors who contributed to v0.52.0!

Extra shout-out for awesome release notes:

Contributors

vbatts, pritidesai, and 11 other contributors
Assets 4
Loading