Pipeline Versions Save

A cloud-native Pipeline resource.

v0.59.0

1 month ago

🎉 Artifact Metadata, Improved StepActions and Improved Stability 🎉

-Docs @ v0.59.0 -Examples @ v0.59.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml
REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Upgrade Notices

Tekton v0.59 minimum Kubernetes version is 1.27.

Changes

Features

  • :sparkles: Add a feature flag to disable inline spec (#7844)

Add a feature flag disable-inline-spec to disable embedded spec in Pipeline(PipelineSpec/TaskSpec), Taskrun(TaskSpec), and Pipelinerun. (PipelineSpec) By default, the inline specs will be enabled. Only if the flag is set to "pipeline", "pipelinerun" and "taskrun" or a combination like "pipeline,pipelinerun" would the inline spec be disabled for Pipeline, PipelineRun, or TaskRun.

  • :sparkles: Add description to StepActions (#7831)

Add description to StepActions

  • :sparkles: kind/feat: Surface artifacts through termination message (#7714)

Surface artifact metadata through termination message

Fixes

  • :bug: fix: resolve pod creation failure on retry when using (#7887)

fix: resolve pod creation failure on retry when using workspace.<name>.volume

  • :bug: Fix ImagePullTimeout to use Initialized (#7882)

Fix ImagePullTimeout to use "PodInitialized" or "PodReadyToStartContainers" PodCondition transition time

  • :bug: Enable Param Substitution in StepAction resolver reference params (#7872)

Enable Param Substitution in StepAction resolver reference params

  • :bug: validate TaskRun retries in TestRunSpec is greater than or equal to zero (#7836)

fix: the retries value has not been verified

  • :bug: fix: stepresult intepolations does not accept multiple matches (#7830)

fix: cannot use multiple step results at the same time for interpolation.

  • :bug: Fix the naming for Metrics as per convention (#7810)

We introduce new metrics with compliant naming. Gauge metrics: Gauge metrics shouldn't end with count as it implies a counter. Counter metrics: Counter metrics shouldn't end with count as it implies a counter from the histogram. Instead, we should use total.

Previous Metrics are deprecated because they don't satisfy the Prometheus naming convention. Consult https://github.com/tektoncd/pipeline/blob/main/docs/metrics.md to know the updated names and tags.

  • :bug: Remove conversion configuration for (#7796)

Remove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

  • :bug: Do not register for conversion (#7795)

Removed StepAction from the conversion webhook to reduce the log spam that it isn't configured for it.

  • :bug: fix: ensure default type for params in remote tasks to prevent pipeline failures (#7776)

fix: resolve issues that may cause pipeline failures when using remote resources

  • :bug: fix: do not set default kind when taskRef resolver is present (#7763)

fix: do not set default kind when taskRef resolver is present

  • :bug: fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing (#7761)

fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing

  • :bug: Fix: Merge StepTemplate with Step containing Results and Params (#7757)

Fix: Merge StepTemplate with Step containing Results and Params

  • :bug: fix: the params in step replace other fields in step that are not in stepaction (#7755)

Pass only the fields in stepaction and replace these fields with the params in step.

  • :bug: Fix bugfix-release.sh behavior when there is nothing to release (#7860)
  • :bug: [StepActions] when using a stepTemplate the ref gets removed (#7813)

Misc

  • :hammer: Update docker/docker to v26.0.0 (#7842)

Update docker/docker dependency to v26.0.0

  • :hammer: Bump knative/pkg to 1.13 and k8s.io to 0.28.5 (#7808)

knative/pkg dependency is now 1.13 and k8s.io dependencies are 0.28.x. In addition, this makes the minimum kubernetes version supported by tektoncd/pipeline to be 1.27.

  • :hammer: Update golangci version and configuration, and fix errors (#7832)
  • :hammer: Fix: add notes for why not to import the dependency pkg for OptimisticLockErrorMsg (#7780)
  • :hammer: Fix shell for tag-images step (#7912)
  • :hammer: Fix the shell in crane image (#7911)
  • :hammer: chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.25.0 to 1.26.0 (#7908)
  • :hammer: chore(deps): bump go.opentelemetry.io/otel/sdk from 1.25.0 to 1.26.0 (#7905)
  • :hammer: chore(deps): bump the all group in /tekton with 4 updates (#7900)
  • :hammer: chore(deps): bump tj-actions/changed-files from 44.0.1 to 44.3.0 (#7899)
  • :hammer: chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 (#7898)
  • :hammer: chore(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 (#7897)
  • :hammer: chore(deps): bump github/codeql-action from 3.25.0 to 3.25.1 (#7896)
  • :hammer: chore(deps): bump k8s.io/client-go from 0.27.11 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#7891)
  • :hammer: chore(deps): bump k8s.io/api from 0.27.12 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#7890)
  • :hammer: chore(deps): bump code.gitea.io/sdk/gitea from 0.17.1 to 0.18.0 (#7889)
  • :hammer: chore(deps): bump the all group in /tekton with 4 updates (#7885)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.10 to 3.25.0 (#7884)
  • :hammer: kind/misc: add error log (#7874)
  • :hammer: chore(deps): bump the all group in /tekton with 4 updates (#7868)
  • :hammer: chore(deps): bump tj-actions/changed-files from 44.0.0 to 44.0.1 (#7867)
  • :hammer: chore(deps): bump google.golang.org/grpc from 1.63.0 to 1.63.2 (#7866)
  • :hammer: chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.3 to 1.9.4 (#7862)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (#7861)
  • :hammer: release: add a small script to "automate" bugfix releases (#7855)
  • :hammer: chore: fix function names in comment (#7853)
  • :hammer: chore(deps): bump github.com/containerd/containerd from 1.7.14 to 1.7.15 (#7849)
  • :hammer: chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.25.0 (#7848)
  • :hammer: chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.2 to 1.9.3 (#7847)
  • :hammer: .github/workflow: update (and harden) codeql workflow (#7843)
  • :hammer: chore(deps): bump golang.org/x/sync from 0.6.0 to 0.7.0 (#7835)
  • :hammer: chore(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.0 (#7834)
  • :hammer: chore(deps): bump github.com/jenkins-x/go-scm from 1.14.29 to 1.14.30 (#7829)
  • :hammer: Initiate Conformance Test Suite (#7826)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.2 to 1.8.3 (#7825)
  • :hammer: chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.7 to 2.2.0 (#7824)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.2 to 1.8.3 (#7823)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.3 (#7821)
  • :hammer: chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#7820)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.2 to 1.8.3 (#7819)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.2 to 1.8.3 (#7818)
  • :hammer: chore(deps): bump tj-actions/changed-files from 43.0.1 to 44.0.0 (#7817)
  • :hammer: chore(deps): bump github.com/golangci/golangci-lint from 1.57.1 to 1.57.2 in /tools (#7816)
  • :hammer: chore(deps): bump github.com/jenkins-x/go-scm from 1.14.26 to 1.14.29 (#7815)
  • :hammer: chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.1 to 1.9.2 (#7806)
  • :hammer: chore(deps): bump tj-actions/changed-files from 43.0.0 to 43.0.1 (#7803)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 (#7802)
  • :hammer: chore(deps): bump github.com/golangci/golangci-lint from 1.56.2 to 1.57.1 in /tools (#7785)
  • :hammer: chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.0 to 1.9.1 (#7784)
  • :hammer: chore(deps): bump github.com/google/cel-go from 0.20.0 to 0.20.1 (#7783)
  • :hammer: chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.1 to 2.15.2 (#7782)
  • :hammer: chore(deps): bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 (#7781)
  • :hammer: chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7750)
  • :hammer: .github/workflows: make codeql a bit quicker (#7728)
  • :hammer: Replace out of date publish images with cgr.dev equivalents. (#7359)
  • :hammer: Update golang/x/net to handle GO-2024-2687 (#7841)

Docs

  • :book: fix(docs): correct closing bracket in CEL expressions (#7903)
  • :book: remove ref release-pipeline-nightly.yaml (#7864)
  • :book: Fix: update golangci-lint docs link (#7790)
  • :book: Documenting latest release - 0.58 (#7786)
  • :book: updating releases file to include 0.53.4 and 0.56.2 (#7741)
  • :book: fix imagePullBackOff doc (#7679)

Thanks

Thanks to these contributors who contributed to v0.59.0!

  • :heart: @JeromeJu
  • :heart: @Ma-YuXin
  • :heart: @afrittoli
  • :heart: @chitrangpatel
  • :heart: @cugykw
  • :heart: @dependabot[bot]
  • :heart: @ericzzzzzzz
  • :heart: @garethjevans
  • :heart: @isibeni
  • :heart: @kgcarr
  • :heart: @khrm
  • :heart: @l-qing
  • :heart: @lunarwhite
  • :heart: @lvyaoting
  • :heart: @pritidesai
  • :heart: @skaegi
  • :heart: @vdemeester
  • :heart: @wlynch

Extra shout-out for awesome release notes:

  • :heart_eyes: @Ma-YuXin
  • :heart_eyes: @chitrangpatel
  • :heart_eyes: @cugykw
  • :heart_eyes: @ericzzzzzzz
  • :heart_eyes: @khrm
  • :heart_eyes: @l-qing
  • :heart_eyes: @skaegi
  • :heart_eyes: @vdemeester

v0.50.6

1 month ago

-Docs @ v0.50.6 -Examples @ v0.50.6

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.6/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.6/release.yaml
REKOR_UUID=24296fb24b8ad77ab39f94a9c6627f1ae85c428863d0dbdbea4c9481976f30c00d5f9f712a117720

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.50.6@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • :bug: [release-v0.50.x] Remove conversion configuration for (#7798)

emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

  • :bug: [release-v0.50.x] fix: ensure clustertask annotations are synced to taskrun (#7656)

ix: ensure ClusterTask annotations and labels are synced to TaskRun

  • :bug: [release-v0.50.x] Fix validations for Sidecars to be consistent (#7451)

idecars are now validated at admission webhook

  • :bug: [release-v0.50.x] don't return validation error when final tasks failed/skipped (#7485)
  • [release-v0.50.x] chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7858)
  • [release-v0.50.x] Update go-git/v5 for CVE-2023-49569 (#7839)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.50.6!

  • :heart: @tekton-robot
  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @tekton-robot
  • :heart_eyes: @vdemeester

v0.47.9

1 month ago

-Docs @ v0.47.9 -Examples @ v0.47.9

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.9/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.9/release.yaml
REKOR_UUID=24296fb24b8ad77a97b4cab5b45b50c5ccf7747c415168ca5a52a02bf17db08b9289c8518215ab4e

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.9@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • [release-v0.47.x] chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7859)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.47.9!

  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @vdemeester

v0.56.4

1 month ago

-Docs @ v0.56.4 -Examples @ v0.56.4

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml
REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.4@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • :bug: [release-v0.56.x] [StepActions] when using a stepTemplate the ref gets removed (#7814)
  • [release-v0.56.x] chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7856)
  • [release-v0.56.x] Update go-git/v5 for CVE-2023-49569 (#7837)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.56.4!

  • :heart: @tekton-robot
  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @vdemeester

v0.53.6

1 month ago

-Docs @ v0.53.6 -Examples @ v0.53.6

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.6/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.6/release.yaml
REKOR_UUID=24296fb24b8ad77a58dae7f6faf9762bba17f2a70c00ecee45c691a6679e49878ddb4fc34cca12ee

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.6@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • [release-v0.53.x] chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7857)
  • [release-v0.53.x] Update go-git/v5 for CVE-2023-49569 (#7838)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.53.6!

  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @vdemeester

v0.47.8

1 month ago

-Docs @ v0.47.8 -Examples @ v0.47.8

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.8/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.8/release.yaml
REKOR_UUID=24296fb24b8ad77a4e15157f9968c5f4a015417a5c1d728fb85cf766ef9357ef1cc3abc19e871f58

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.8@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • [release-v0.47.x] Update go-git/v5 for CVE-2023-49569 (#7840)

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.47.8!

  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @vdemeester

v0.56.3

2 months ago

-Docs @ v0.56.3 -Examples @ v0.56.3

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml
REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.3@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • :bug: [release-v0.56.x] Fix: Merge StepTemplate with Step containing Results and Params (#7809)

ix: Merge StepTemplate with Step containing Results and Params

  • :bug: [release-v0.56.x] Do not register for conversion (#7801)

emoved StepAction from the conversion webhook to reduce the log spam that it isn't configured for it.

  • :bug: [release-v0.56.x] Remove conversion configuration for (#7800)

emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.56.3!

  • :heart: @tekton-robot

Extra shout-out for awesome release notes:

  • :heart_eyes: @tekton-robot

v0.47.7

2 months ago

-Docs @ v0.47.7 -Examples @ v0.47.7

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.7/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.47.7/release.yaml
REKOR_UUID=24296fb24b8ad77aec77ad419d1de1867a08ec105634b5ff541aad517abfb411bac62f6f26340f07

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.47.7@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • :bug: [release-v0.47.x] Remove conversion configuration for (#7799)

emove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.47.7!

  • :heart: @tekton-robot

Extra shout-out for awesome release notes:

  • :heart_eyes: @tekton-robot

v0.53.5

2 months ago

-Docs @ v0.53.5 -Examples @ v0.53.5

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.5/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.53.5/release.yaml
REKOR_UUID=24296fb24b8ad77a9d50edf817e79b97e161157785b92ff8000bf03e6a52970312def3c7a407be06

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.53.5@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • :bug: [release-v0.53.x] Remove conversion configuration for ClusterTask (#7797)

Remove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.53.5!

  • :heart: @tekton-robot

Extra shout-out for awesome release notes:

  • :heart_eyes: @tekton-robot

v0.58.0

2 months ago

🎉 displayName in childReferences and dynamic specifications of secrets and configmaps in workspaces 🎉

-Docs @ v0.58.0 -Examples @ v0.58.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml
REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.58.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • :sparkles: TEP-0147: introduce feature flag to guard artifacts feature (#7705)

Introduces a feature flag enable-artifacts.

  • :sparkles: TEP 0147: add inputs/outputs to stepState (#7703)

introduce inputs/outputs to stepState for future artifacts work

  • :sparkles: implementing TEP-0150 - in (#7683)

A fully resolved displayName is now available in childReferences along with the pipelineTaskName. This is mainly beneficial to parameterize and easily distinguish matrix instances of the task.

  • :sparkles: feat: support for variable interpolation in workspace.* (in PipelineRun and TaskRun) (#7671)

feat: support for variable interpolation in workspace.* (in PipelineRun and TaskRun)

Fixes

  • :bug: fix: avoid panic when used pipelineRef or pipelineSpec in pipeline task (#7722)

fix: avoid panic when used pipelineRef or pipelineSpec in pipeline task

  • :bug: fix: pipeline execution status test case index error (#7742)
  • :bug: Migrate jaeger to otel API (#7547)

Misc

  • :hammer: chore(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 (#7774)
  • :hammer: chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#7773)
  • :hammer: chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#7772)
  • :hammer: chore(deps): bump tj-actions/changed-files from 42.1.0 to 43.0.0 (#7771)
  • :hammer: chore(deps): bump github.com/containerd/containerd from 1.7.13 to 1.7.14 (#7770)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.6 to 3.24.8 (#7769)
  • :hammer: chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#7768)
  • :hammer: chore(deps): bump k8s.io/api from 0.27.11 to 0.27.12 in /test/custom-task-ctrls/wait-task-beta (#7767)
  • :hammer: chore(deps): bump tj-actions/changed-files from 42.0.5 to 42.1.0 (#7747)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 (#7735)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.1 to 1.8.2 (#7727)
  • :hammer: chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.1 to 1.8.2 (#7723)
  • :hammer: chore(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#7719)
  • :hammer: chore(deps): bump tj-actions/changed-files from 42.0.4 to 42.0.5 (#7718)
  • :hammer: chore(deps): bump github.com/spiffe/spire-api-sdk from 1.8.7 to 1.9.0 (#7712)
  • :hammer: chore(deps): bump go.opentelemetry.io/otel/sdk from 1.23.1 to 1.24.0 (#7710)
  • :hammer: chore(deps): bump go.opentelemetry.io/otel from 1.23.1 to 1.24.0 (#7709)
  • :hammer: chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 (#7702)
  • :hammer: chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#7696)
  • :hammer: chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.1 (#7695)
  • :hammer: chore(deps): bump github.com/golangci/golangci-lint from 1.56.1 to 1.56.2 in /tools (#7676)
  • :hammer: fix: reduce warnings caused by woke scan results (#7558)
  • :hammer: Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible (#7526)

Docs

  • :book: [TEP-0129] Move CRDs definition and update multi-tenancy docs accordingly (#7598)

Document simple installation instructions for a Tekton multi-tenancy setup.

  • :book: docs: changing the variable camel cases (#7701)
  • :book: fix:add missing documentation link (#7697)
  • :book: Fix link to CEL in WhenExpression docs (#7692)
  • :book: Fix typo in additional configs doc (#7689)
  • :book: Add release v0.57.0 to the list of releases (#7687)
  • :book: Add feature flags recording demo for developer guide (#7662)
  • :book: docs: optimize examples for propagating results (#7554)

Thanks

Thanks to these contributors who contributed to v0.58.0!

  • :heart: @AlanGreene
  • :heart: @JeromeJu
  • :heart: @afrittoli
  • :heart: @cugykw
  • :heart: @dependabot[bot]
  • :heart: @ericzzzzzzz
  • :heart: @katmutua
  • :heart: @kmjayadeep
  • :heart: @l-qing
  • :heart: @pritidesai
  • :heart: @vdemeester

Extra shout-out for awesome release notes:

  • :heart_eyes: @afrittoli
  • :heart_eyes: @ericzzzzzzz
  • :heart_eyes: @l-qing
  • :heart_eyes: @pritidesai