Skip to content

Releases: tektoncd/pipeline

Tekton Pipeline release v0.61.1 "Ragdoll Data"

09 Jul 14:57
@tekton-robot tekton-robot
v0.61.1
969f5d3
Compare
Choose a tag to compare
Tekton Pipeline release v0.61.1 "Ragdoll Data"

-Docs @ v0.61.1
-Examples @ v0.61.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a7bf5b4e52e97f499e0dc71aed47d629395ba503bbc0cf8a16d8b49169d2db2f5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a7bf5b4e52e97f499e0dc71aed47d629395ba503bbc0cf8a16d8b49169d2db2f5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.1/release.yaml
REKOR_UUID=24296fb24b8ad77a7bf5b4e52e97f499e0dc71aed47d629395ba503bbc0cf8a16d8b49169d2db2f5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.61.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.61.x] Handle error conditions in CheckMissingResultReferences (#8105)

mproved error handling for some invalid result reference scenarios.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.61.1!

Extra shout-out for awesome release notes:

Contributors

tekton-robot
Loading

Tekton Pipeline release v0.59.2 "Scottish Fold Sox"

04 Jul 23:40
@tekton-robot tekton-robot
v0.59.2
84aa130
Compare
Choose a tag to compare
Tekton Pipeline release v0.59.2 "Scottish Fold Sox"

-Docs @ v0.59.2
-Examples @ v0.59.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.2/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ac678677fe186a9b6d21a42b5b48289d14aa198de26de9b29caae78240eb7431a

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ac678677fe186a9b6d21a42b5b48289d14aa198de26de9b29caae78240eb7431a
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.2/release.yaml
REKOR_UUID=24296fb24b8ad77ac678677fe186a9b6d21a42b5b48289d14aa198de26de9b29caae78240eb7431a

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.59.x] fix: resolve issue where results may not be obtained from sidecar logs (#8097)

ix: resolve issue where results may not be obtained from sidecar logs

  • πŸ› [release-v0.59.x] Handle error conditions in CheckMissingResultReferences (#8093)

mproved error handling for some invalid result reference scenarios.

  • πŸ› [release-v0.59.x] Cleanup resolved object before validating through dry-run (#8063)

leanup resolved object before attempting to validate it through api dry-run call

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.59.2!

Extra shout-out for awesome release notes:

Contributors

vdemeester and tekton-robot
Loading

Tekton Pipeline release v0.56.6 "Persian Terminator"

08 Jul 20:25
@tekton-robot tekton-robot
v0.56.6
c4d947b
Compare
Choose a tag to compare
Tekton Pipeline release v0.56.6 "Persian Terminator"

-Docs @ v0.56.6
-Examples @ v0.56.6

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.6/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a05add089496f3ed6732de3f6804ba228904190bbf37d1a8c2d4c43ad6262e01e

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a05add089496f3ed6732de3f6804ba228904190bbf37d1a8c2d4c43ad6262e01e
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.6/release.yaml
REKOR_UUID=24296fb24b8ad77a05add089496f3ed6732de3f6804ba228904190bbf37d1a8c2d4c43ad6262e01e

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.6@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.56.x] Handle error conditions in CheckMissingResultReferences (#8094)

mproved error handling for some invalid result reference scenarios.

  • πŸ› [release-v0.56.x] Cleanup resolved object before validating through dry-run (#8064)

leanup resolved object before attempting to validate it through api dry-run call

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.56.6!

Extra shout-out for awesome release notes:

Contributors

vdemeester and tekton-robot
Loading

Tekton Pipeline release v0.61.0 "Ragdoll Data"

25 Jun 22:43
@tekton-robot tekton-robot
v0.61.0
c2dc17a
Compare
Choose a tag to compare
Tekton Pipeline release v0.61.0 "Ragdoll Data"

-Docs @ v0.61.0
-Examples @ v0.61.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.0/release.yaml
REKOR_UUID=24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.61.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Promote Larger Results via Sidecar Logs to Beta (#8043)

Promote Larger Results via Sidecar Logs to Beta

  • ✨ Add a flag on controllers to configure resyncPeriod (#8023)

Binary file (standard input) matches

Fixes

  • πŸ› Cleanup resolved object before validating through dry-run (#8051)

Cleanup resolved object before attempting to validate it through api dry-run call

  • πŸ› fix: resolve issue where results may not be obtained from sidecar logs (#8029)

fix: resolve issue where results may not be obtained from sidecar logs

  • πŸ› Fix Validation Error Merging StepTemplates with StepRef (#7982)

Fix Validation Error Merging StepTemplates with Step's Ref

  • πŸ› Bundle resolver can use ServiceAccount for auth (#7969)

Fix bundle resolver so it could pull OCI image (bundle) manifest from AWS ECR private registry

  • πŸ› Fix: Example Test point to Catalog StepAction (#8044)

Misc

  • πŸ”¨ Remove taskref/pipelineref deprecated bundle field (#7789)

taskRef.bundle and pipelineRef.bundle are now removed from v1beta1 API version, as they were deprecated for about a year and half. Using them will result in a error when creating an object.

action required: make sure you migrate from taskRef.bundle and pipelineRef.bundle to the bundle resolver (see https://tekton.dev/docs/pipelines/migrating-v1beta1-to-v1/#replacing-taskrefbundle-and-pipelinerefbundle-with-bundle-resolver-a-idreplacing-taskrefbundle-and-pipelinerefbundle-with-bundle-resolver-a)

  • πŸ”¨ Bump to go 1.22 and fixes (#8035)

ektoncd/pipeline now requires go 1.22 to be built

  • πŸ”¨ Update knative/pkg to release-1.14 (#7989)

he minimum Kubernetes version supported by Tekton is now 1.28.

  • πŸ”¨ Bump k8s.io/code-generator from 0.29.2 to 0.29.6 (#8067)
  • πŸ”¨ Bump k8s.io/client-go from 0.29.2 to 0.29.6 (#8066)
  • πŸ”¨ Bump github/codeql-action from 3.25.8 to 3.25.10 (#8061)
  • πŸ”¨ Bump actions/checkout from 4.1.6 to 4.1.7 (#8060)
  • πŸ”¨ Bump github.com/spiffe/go-spiffe/v2 from 2.2.0 to 2.3.0 (#8059)
  • πŸ”¨ Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 (#8058)
  • πŸ”¨ Bump the all group in /tekton with 4 updates (#8057)
  • πŸ”¨ Bump k8s.io/client-go from 0.27.14 to 0.27.15 in /test/custom-task-ctrls/wait-task-beta (#8049)
  • πŸ”¨ Bump k8s.io/apimachinery from 0.27.14 to 0.27.15 in /test/custom-task-ctrls/wait-task-beta (#8048)
  • πŸ”¨ Remove bobcatfish and lbernick from OWNERS 😿 (#8047)
  • πŸ”¨ Bump google.golang.org/protobuf from 1.34.1 to 1.34.2 (#8046)
  • πŸ”¨ Tests before promoting LargerResults via Sidecarlogs to Beta (#8041)
  • πŸ”¨ Bump the all group across 1 directory with 4 updates (#8040)
  • πŸ”¨ Bump actions/dependency-review-action from 4.3.2 to 4.3.3 (#8039)
  • πŸ”¨ Bump github/codeql-action from 3.25.7 to 3.25.8 (#8038)
  • πŸ”¨ Bump step-security/harden-runner from 2.8.0 to 2.8.1 (#8037)
  • πŸ”¨ Bump github.com/golangci/golangci-lint from 1.59.0 to 1.59.1 in /tools (#8036)
  • πŸ”¨ README.md: fix Kubernetes min version (#8030)
  • πŸ”¨ Bump github.com/containerd/containerd from 1.7.17 to 1.7.18 (#8026)
  • πŸ”¨ Bump tj-actions/changed-files from 44.5.1 to 44.5.2 (#8014)
  • πŸ”¨ Bump actions/dependency-review-action from 2.5.1 to 4.3.2 (#8013)
  • πŸ”¨ Bump step-security/harden-runner from 2.7.0 to 2.8.0 (#8012)
  • πŸ”¨ Bump github/codeql-action from 3.25.6 to 3.25.7 (#8011)
  • πŸ”¨ Bump actions/checkout from 3.6.0 to 4.1.6 (#8010)
  • πŸ”¨ Bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.3 to 1.8.4 (#8007)
  • πŸ”¨ Bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.3 to 1.8.4 (#8001)
  • πŸ”¨ Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 (#8000)
  • πŸ”¨ Bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.3 to 1.8.4 (#7999)
  • πŸ”¨ Bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.3 to 1.8.4 (#7998)
  • πŸ”¨ Bump the all group across 1 directory with 4 updates (#7995)
  • πŸ”¨ Bump step-security/harden-runner from 2.7.1 to 2.8.0 (#7993)
  • πŸ”¨ Bump tj-actions/changed-files from 44.4.0 to 44.5.1 (#7992)
  • πŸ”¨ Bump github.com/golangci/golangci-lint from 1.58.2 to 1.59.0 in /tools (#7991)
  • πŸ”¨ Bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#7985)
  • πŸ”¨ Update releases.md for v0.60 (#7976)
  • πŸ”¨ TEP0152 - Complete V1 conformance test suite (#7913)
  • πŸ”¨ .github/workflows: add a dependency-review workflow (#7846)

Docs

  • πŸ“– Document that task results are not enforced (#8053)
  • πŸ“– Fix the document: Task Level Comp Res is beta (#8004)
  • πŸ“– Patch release v0.60.1 (#7997)

Thanks

Thanks to these contributors who contributed to v0.61.0!

Extra shout-out for awesome release notes:

Contributors

vdemeester, khrm, and 6 other contributors
Loading

Tekton Pipeline release v0.53.7 "Chartreux Rachael"

08 Jun 13:58
@tekton-robot tekton-robot
v0.53.7
40b1bbd
Compare
Choose a tag to compare
Tekton Pipeline release v0.53.7 "Chartreux Rachael"

-Docs @ v0.53.7
-Examples @ v0.53.7

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.7/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a5e6c5b801847e38adbef6f904f009e88e04197f4ea8b1c264d904ee4a80332b1

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a5e6c5b801847e38adbef6f904f009e88e04197f4ea8b1c264d904ee4a80332b1
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.7/release.yaml
REKOR_UUID=24296fb24b8ad77a5e6c5b801847e38adbef6f904f009e88e04197f4ea8b1c264d904ee4a80332b1

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.7@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.53.x] Fix: Identify workspace usage in a Task (#8020)

Fix: Identify workspace usage in a Task

  • πŸ› [release-v0.53.x] fix: when using remote resources, the related metrics tag name is wrong (#7957)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.53.7!

Extra shout-out for awesome release notes:

Contributors

chitrangpatel and tekton-robot
Loading

Tekton Pipeline release v0.60.2 "Chinchilla Tobor"

08 Jun 12:40
@tekton-robot tekton-robot
v0.60.2
ee3af64
Compare
Choose a tag to compare
Tekton Pipeline release v0.60.2 "Chinchilla Tobor"

-Docs @ v0.60.2
-Examples @ v0.60.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.2/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a1b1da05e47cee68581daf1cd5823facc5b59b76edaf9ce986efe5c68bd1a4cbe

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a1b1da05e47cee68581daf1cd5823facc5b59b76edaf9ce986efe5c68bd1a4cbe
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.2/release.yaml
REKOR_UUID=24296fb24b8ad77a1b1da05e47cee68581daf1cd5823facc5b59b76edaf9ce986efe5c68bd1a4cbe

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.60.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.60.x] Fix: Identify workspace usage in a Task (#8021)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.60.2!

Extra shout-out for awesome release notes:

Contributors

chitrangpatel and tekton-robot
Loading

Tekton Pipeline release v0.59.1 "Scottish Fold Sox"

08 Jun 12:07
@tekton-robot tekton-robot
v0.59.1
9220a12
Compare
Choose a tag to compare
Tekton Pipeline release v0.59.1 "Scottish Fold Sox"

-Docs @ v0.59.1
-Examples @ v0.59.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ae4f504cabd702466f22af01eb77b6e7d131fbccfa54291a0438b7301f13f5180

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae4f504cabd702466f22af01eb77b6e7d131fbccfa54291a0438b7301f13f5180
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.1/release.yaml
REKOR_UUID=24296fb24b8ad77ae4f504cabd702466f22af01eb77b6e7d131fbccfa54291a0438b7301f13f5180

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.59.x] fix: when using remote resources, the related metrics tag name is wrong (#7955)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.59.1!

Extra shout-out for awesome release notes:

Contributors

tekton-robot
Loading

Tekton Pipeline release v0.56.5 "Persian Terminator"

08 Jun 12:42
@tekton-robot tekton-robot
v0.56.5
8a7ccf4
Compare
Choose a tag to compare
Tekton Pipeline release v0.56.5 "Persian Terminator"

-Docs @ v0.56.5
-Examples @ v0.56.5

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.5/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a2f09bf689d71d460727a65204008bb91c9b764039990958e155058c4234aaecd

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a2f09bf689d71d460727a65204008bb91c9b764039990958e155058c4234aaecd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.5/release.yaml
REKOR_UUID=24296fb24b8ad77a2f09bf689d71d460727a65204008bb91c9b764039990958e155058c4234aaecd

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.5@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.56.x] fix: stepresult intepolations does not accept multiple matches (#7875)

  • fix: cannot use multiple step results at the same time for interpolation.

  • πŸ› [release-v0.56.x] fix: when using remote resources, the related metrics tag name is wrong (#7956)

  • [release-v0.56.x] Fix: Identify workspace usage in a Task (#8018)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.56.5!

Extra shout-out for awesome release notes:

Contributors

tekton-robot
Loading

Tekton Pipeline release v0.60.1 "Chinchilla Tobor"

28 May 18:09
@tekton-robot tekton-robot
v0.60.1
f2b1420
Compare
Choose a tag to compare
Tekton Pipeline release v0.60.1 "Chinchilla Tobor"

-Docs @ v0.60.1
-Examples @ v0.60.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.1/release.yaml
REKOR_UUID=24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.60.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • πŸ› [release-v0.60.x] Fix: Allow less strict validation of the Resolver Name during Webhook. (#7996)
  • πŸ› [release-v0.60.x] Fix: Update GetNameAndNamespace Parameters (#7994)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.60.1!

Extra shout-out for awesome release notes:
@Aleromerog

Contributors

Aleromerog and tekton-robot
Loading

Tekton Pipeline release v0.60.0 "Chinchilla Tobor"

22 May 20:17
@tekton-robot tekton-robot
v0.60.0
d649ded
Compare
Choose a tag to compare
Tekton Pipeline release v0.60.0 "Chinchilla Tobor"

πŸŽ‰ Artifacts through Sidecar Logs and Concise Resolver Syntax(Stage I)πŸŽ‰

-Docs @ v0.60.0
-Examples @ v0.60.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.0/release.yaml
REKOR_UUID=24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.60.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ feat: Surface artifacts through sidecar container logs. (#7883)

Surface artifacts through sidecar container logs.

  • ✨ add namespace label/tag to non-deprecated throttle metrics (#7879)

Add 'namespace' label/tag to the 'tekton_pipelines_controller_running_taskruns_throttled_by_quota' and 'tekton_pipelines_controller_running_taskruns_throttled_by_node' metrics, as kubernetes quota definitions are namespace scoped, hence certain namespaces may be more susceptible to quota throttling than others, and in a multi-node environment, not all namespaces are necessarily on the same node.

To enable this new label/tag, set 'metrics.taskrun.throttle.enable-namespace' to 'true' in the 'config-observability' ConfigMap

  • ✨ TEP-0154: Enable concise resolver syntax - stage 1 (#7845)

TEP-0154: Enable concise resolver syntax

  • ✨ Add reason tag to duration metrics (#7812)

The reason tag has been added to the duration metrics of taskrun and pipelinerun.

Fixes

  • πŸ› Propagate params in pipelines (#7930)

Enable propagating params in Pipelines.

  • πŸ› Fix version mismatch of aws-sdk-go-v2 (#7921)

Fixing "401 Not Authorized" using Image from private AWS ECR without specifying "command" or "script" in Task.

  • πŸ› allow for retry on typically transient k8s errors in both core controller and resolver for remote resolution (#7894)

This fix address the lack of retry on transient kubernetes errors during remote resolution for tasks, etc.

  • πŸ› Fix: Faulty Remote Resource Accepted by Remote Resolution (#7952)
  • πŸ› minor followup to PR 7894 (#7950)
  • πŸ› fix: prevent repeated setting of pipeline name label (#7732)
  • πŸ› fix: when using remote resources, the related metrics tag name is wrong (#7731)

Misc

  • πŸ”¨ Deprecate current resolution framework (#7945)

Mark current resolver framework as deprecated. Note: we are not removing the interface to be compatible with our Go policy.

  • πŸ”¨ misc: promote stepAction to beta (#7920)

promote StepActions to beta

  • πŸ”¨ fix: artifactsFlag (#7914)

fix defaultEnableArtifacts flag uses wrong name

  • πŸ”¨ Upgraded Remote Resolution Framework (#7910)

Upgraded remote resolution framework.

  • πŸ”¨ Bump go.opentelemetry.io/otel from 1.26.0 to 1.27.0 (#7975)
  • πŸ”¨ Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.26.0 to 1.27.0 (#7972)
  • πŸ”¨ chore(deps): bump github/codeql-action from 3.25.5 to 3.25.6 (#7968)
  • πŸ”¨ chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#7967)
  • πŸ”¨ chore(deps): bump github.com/golangci/golangci-lint from 1.58.1 to 1.58.2 in /tools (#7966)
  • πŸ”¨ chore(deps): bump github.com/containerd/containerd from 1.7.15 to 1.7.17 (#7961)
  • πŸ”¨ chore(deps): bump k8s.io/client-go from 0.27.13 to 0.27.14 in /test/custom-task-ctrls/wait-task-beta (#7949)
  • πŸ”¨ chore(deps): bump k8s.io/api from 0.27.13 to 0.27.14 in /test/custom-task-ctrls/wait-task-beta (#7948)
  • πŸ”¨ chore(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 (#7947)
  • πŸ”¨ chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.4 to 1.9.6 (#7946)
  • πŸ”¨ chore(deps): bump the all group in /tekton with 3 updates (#7944)
  • πŸ”¨ chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#7943)
  • πŸ”¨ chore(deps): bump github/codeql-action from 3.25.3 to 3.25.5 (#7942)
  • πŸ”¨ chore(deps): bump tj-actions/changed-files from 44.3.0 to 44.4.0 (#7941)
  • πŸ”¨ Add image replacement for amd64 specific image for entrypoint-resolution test and update docker-in-docker test image for Power. (#7937)
  • πŸ”¨ chore(deps): bump github.com/golangci/golangci-lint from 1.58.0 to 1.58.1 in /tools (#7936)
  • πŸ”¨ chore(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 (#7934)
  • πŸ”¨ chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#7933)
  • πŸ”¨ chore(deps): bump the all group in /tekton with 4 updates (#7932)
  • πŸ”¨ chore(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 (#7931)
  • πŸ”¨ chore(deps): bump github.com/jenkins-x/go-scm from 1.14.30 to 1.14.34 (#7928)
  • πŸ”¨ chore(deps): bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.0 in /tools (#7927)
  • πŸ”¨ chore(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#7926)
  • πŸ”¨ chore(deps): bump the all group in /tekton with 2 updates (#7925)
  • πŸ”¨ chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 (#7924)
  • πŸ”¨ chore(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#7923)

Docs

  • πŸ“– Update releases.md for v0.59 (#7917)
  • πŸ“– v1beta1 fields updated to v1 in docs and examples (#7873)

Thanks

Thanks to these contributors who contributed to v0.60.0!

Extra shout-out for awesome release notes:

Contributors

ppitonak, khrm, and 8 other contributors
Loading