A cloud-native Pipeline resource.
-Docs @ v0.50.6 -Examples @ v0.50.6
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.6/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.6/release.yaml
REKOR_UUID=24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.6@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.
ix: ensure ClusterTask
annotations and labels are synced to TaskRun
idecars are now validated at admission webhook
Thanks to these contributors who contributed to v0.50.6!
Extra shout-out for awesome release notes:
-Docs @ v0.47.9 -Examples @ v0.47.9
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.9/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.9/release.yaml
REKOR_UUID=24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.9@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.47.9!
Extra shout-out for awesome release notes:
-Docs @ v0.56.4 -Examples @ v0.56.4
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml
REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.4@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.56.4!
Extra shout-out for awesome release notes:
-Docs @ v0.53.6 -Examples @ v0.53.6
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.6/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.6/release.yaml
REKOR_UUID=24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.6@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.53.6!
Extra shout-out for awesome release notes:
-Docs @ v0.47.8 -Examples @ v0.47.8
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.8/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.8/release.yaml
REKOR_UUID=24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.8@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.47.8!
Extra shout-out for awesome release notes:
-Docs @ v0.56.3 -Examples @ v0.56.3
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml
REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.3@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
ix: Merge StepTemplate with Step containing Results and Params
emoved StepAction from the conversion webhook to reduce the log spam that it isn't configured for it.
emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.
Thanks to these contributors who contributed to v0.56.3!
Extra shout-out for awesome release notes:
-Docs @ v0.47.7 -Examples @ v0.47.7
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.7/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.7/release.yaml
REKOR_UUID=24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.7@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.
Thanks to these contributors who contributed to v0.47.7!
Extra shout-out for awesome release notes:
-Docs @ v0.53.5 -Examples @ v0.53.5
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.5/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.5/release.yaml
REKOR_UUID=24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.5@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
ClusterTask
(#7797)Remove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.
Thanks to these contributors who contributed to v0.53.5!
Extra shout-out for awesome release notes:
displayName
in childReferences
and dynamic specifications of secrets
and configmaps
in workspaces
🎉-Docs @ v0.58.0 -Examples @ v0.58.0
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml
REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.58.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Introduces a feature flag enable-artifacts.
introduce inputs/outputs to stepState for future artifacts work
A fully resolved displayName is now available in childReferences along with the pipelineTaskName. This is mainly beneficial to parameterize and easily distinguish matrix instances of the task.
feat: support for variable interpolation in workspace.* (in PipelineRun and TaskRun)
fix: avoid panic when used pipelineRef or pipelineSpec in pipeline task
Document simple installation instructions for a Tekton multi-tenancy setup.
Thanks to these contributors who contributed to v0.58.0!
Extra shout-out for awesome release notes:
-Docs @ v0.56.2 -Examples @ v0.56.2
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.2/release.yaml
The Rekor UUID for this release is 24296fb24b8ad77a945b36a68c366cf57e421e1d269cb1cdd9b7efcfce4a1fcc9c4dfa0833912646
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a945b36a68c366cf57e421e1d269cb1cdd9b7efcfce4a1fcc9c4dfa0833912646
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.2/release.yaml
REKOR_UUID=24296fb24b8ad77a945b36a68c366cf57e421e1d269cb1cdd9b7efcfce4a1fcc9c4dfa0833912646
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.2@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
onfigure default-imagepullbackoff-timeout to allow imagePullBackOff to retry and wait for the specified duration before failing the pipeline.
ix: avoid panic when used pipelineRef or pipelineSpec in pipeline task
Thanks to these contributors who contributed to v0.56.2!
Extra shout-out for awesome release notes: