Event triggering with Tekton!
-Docs @ v0.26.1 -Examples @ v0.26.1
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/interceptors.yaml
The Rekor UUID for this release is 24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/release.yaml
REKOR_UUID=24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.26.1!
Extra shout-out for awesome release notes:
-Docs @ v0.26.0 -Examples @ v0.26.0
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/interceptors.yaml
The Rekor UUID for this release is 24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/release.yaml
REKOR_UUID=24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
New translate
function added to the CEL interceptor.
Two new functions for the CEL interceptor, to allow easy access to the first and last elements in an array.
In current release:
The decision to modify the tag from resourcetemplates to resourceTemplates within the triggerTemplate spec was made to align with JSON or YAML camelCase format standards. However, this alteration has caused a disruption in the upgrade process, as previous versions of Triggers relied on the resourcetemplates tag. which is a breaking change.
To address this issue, we reverted the change back and released Triggers version v0.26.1. We will reintroduce the change when we support the new ApiVersion in Triggers. At that point, we'll utilize conversion functionality (convertTo and convertFrom) to ensure seamless transition. By incorporating the ApiVersion, we'll be able to adjust the tag accordingly. https://github.com/tektoncd/triggers/pull/1694
Thanks to these contributors who contributed to v0.26.0!
Extra shout-out for awesome release notes:
-Docs @ v0.25.3 -Examples @ v0.25.3
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.3/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.3/interceptors.yaml
:lock: Disable HTTP/2 for webhoook by updating Knative Fixes: https://github.com/advisories/GHSA-qppj-fm5r-hxr3
:lock: Bump ko to go 1.20 in release task Fixes: https://github.com/advisories/GHSA-4374-p667-p6c8
Thanks to these contributors who contributed to v0.25.3!
Extra shout-out for awesome release notes:
-Docs @ v0.25.2 -Examples @ v0.25.2
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.2/interceptors.yaml
Thanks to these contributors who contributed to v0.25.2!
Extra shout-out for awesome release notes:
-Docs @ v0.24.2 -Examples @ v0.24.2
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.2/interceptors.yaml
Address the https://github.com/advisories/GHSA-qppj-fm5r-hxr3 - which involves HTTP/2 Stream Cancellation Attack
Thanks to these contributors who contributed to v0.24.2!
-Docs @ v0.23.2 -Examples @ v0.23.2
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.2/interceptors.yaml
Thanks to these contributors who contributed to v0.23.2!
Extra shout-out for awesome release notes:
-Docs @ v0.25.1 -Examples @ v0.25.1
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.1/interceptors.yaml
Address the CVE-2023-44487 - which involves HTTP/2 Stream Cancellation Attack
Thanks to these contributors who contributed to v0.25.1!
Extra shout-out for awesome release notes:
-Docs @ v0.25.0 -Examples @ v0.25.0
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
The Rekor UUID for this release is 24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.25.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Triggers now support probes setting on EventListener object Triggers now have default value for failure-threshold as 3 for both readiness and liveness probes
In current release:
Thanks to these contributors who contributed to v0.25.0!
Extra shout-out for awesome release notes:
-Docs @ v0.24.1 -Examples @ v0.24.1
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/interceptors.yaml
The Rekor UUID for this release is 24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.24.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Thanks to these contributors who contributed to v0.24.1!
-Docs @ v0.24.0 -Examples @ v0.24.0
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/interceptors.yaml
The Rekor UUID for this release is 24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.24.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Added a Slack Interceptor
that allows you to extract fields from a slack slash command payload which are sent in the http form-data section.
Triggers now support Affinity and TopologySpreadConstraints as part of Kubernetes and Custom resource
Kubernetes API requests performed by EventListeners are now cached.
This will remove PipelineResource and it's all occurrence and also bump pipeline to 0.46.0 and add Swagger.json for Triggers with Pipelines v0.46
Remove comparing serviceaccount in tests
:hammer: Move wlynch to emeritus_approvers (#1585)
:hammer: Update pull_request_template.md (#1580)
:hammer: Upgrade Tekton Pipelines to v0.47.0 (#1590)
:hammer: Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#1581)
:hammer: Fix Error by given linters during tests (#1578)
:hammer: Adding Minimum Kubernetes version (#1560)
:hammer: Upgrading Go to 1.19 (#1554)
:hammer: Create codeql-analysis.yml (#1546)
:hammer: Add the instruction for release attestation (#1545)
:hammer: Add v0.23.0 to releases.md (#1544)
Thanks to these contributors who contributed to v0.24.0!
Extra shout-out for awesome release notes: