8000 Releases · tektoncd/triggers · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Releases: tektoncd/triggers

Tekton Triggers release v0.32.0 "Tekton Triggers"

06 May 15:55
@tekton-robot tekton-robot
v0.32.0
4dbb0a6
Compare
Choose a tag to compare
Tekton Triggers release v0.32.0 "Tekton Triggers" Latest
Latest

-Docs @ v0.32.0
-Examples @ v0.32.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/release.yaml
REKOR_UUID=108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":
v0.32.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Add KUBERNETES_MIN_VERSION env to override k8s variable (#1818)

Add KUBERNETES_MIN_VERSION env to override k8s variable. Currently, it is set 1.28 by default.

  • ✨ Allow users to set custom securityContext in EventListener spec (#1832)
  1. Users can now define their own securityContext under the EventListener YAML.
    ex:
spec:
  serviceAccountName: tekton-triggers-example-sa
  resources:
    kubernetesResource:
      spec:
        template:
          spec:
            securityContext:
              runAsNonRoot: true
            containers:
              - resources:
                  requests:
                    memory: "64Mi"
                    cpu: "250m"
                  limits:
                    memory: "128Mi"
                    cpu: "500m"
                securityContext:
                  readOnlyRootFilesystem: true
  1. When el-security-context is true
  • If user sets a custom securityContext, it has given the priority and used same.
  • If not, a default securityContext is applied.

Fixes

Misc

  • 🔨 Bump the all group across 1 directory with 8 updates (#1838)
  • 🔨 Bump golangci/golangci-lint-action from 6.2.0 to 8.0.0 (#1837)
  • 🔨 Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#1835)
  • 🔨 Move Integration tests to GH action and Kind Cluster (#1829)
  • 🔨 Consume release pipeline images and task bundles from GHCR (#1821)
  • 🔨 Bump actions/setup-go from 5.3.0 to 5.4.0 (#1820)
  • 🔨 Bump golangci/golangci-lint-action from 6.2.0 to 6.5.2 (#1819)
  • 🔨 Enable GolangCI Linter used in Pipeline repo (#1647)
  • 🔨 Update to latest pipeline and knative/pkg (#1825)

Docs

  • 📖 Add ghcr.io migration banner to README.md. (#1828)

Thanks

Thanks to these contributors who contributed to v0.32.0!

Extra shout-out for awesome release notes:

Contributors

khrm, twoGiants, and 3 other contributors
Assets 6
Loading

Tekton Triggers release v0.31.0 "Tekton Triggers"

05 Feb 17:24
@tekton-robot tekton-robot
v0.31.0
66a7b7d
Compare
Choose a tag to compare
Tekton Triggers release v0.31.0 "Tekton Triggers"

-Docs @ v0.31.0
-Examples @ v0.31.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.31.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.31.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a07cc569190ef56db5be79598a0427d17fbb556b35148f100226157292f46d460

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a07cc569190ef56db5be79598a0427d17fbb556b35148f100226157292f46d460
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.31.0/release.yaml
REKOR_UUID=108e9186e8c5677a07cc569190ef56db5be79598a0427d17fbb556b35148f100226157292f46d460

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.31.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Triggers now support adding ImagePullSecrets field as part of EventListener object (#1787)
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
  name: fission-ci-listener-test
spec:
  serviceAccountName: tekton-triggers-example-sa
  resources:
    kubernetesResource:
      spec:
        template:
          spec:
            imagePullSecrets:
              - name: docker-login

Misc

  • 🔨 Bump the all group across 1 directory with 15 updates (#1804)
  • 🔨 Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (#1803)
  • 🔨 Bump actions/setup-go from 5.2.0 to 5.3.0 (#1802)
  • 🔨 Migrate to GitHubAction for GolangCI Lint (#1795)
  • 🔨 Bump actions/checkout from 2 to 4 (#1794)
  • 🔨 Bump github/codeql-action from 2 to 3 (#1793)
  • 🔨 Update release doc with v0.30.0 (#1781)

Docs

  • 📖 Point Gitlab Interceptors docs to more direct Webhook event types link (#1786)
  • 📖 Update DEVELOPMENT.md (#1783)

Thanks

Thanks to these contributors who contributed to v0.31.0!

Extra shout-out for awesome release notes:

Contributors

khrm, lx1036, and 3 other contributors
Loading

Tekton Triggers release v0.30.1 "Tekton Triggers"

02 Jan 17:50
@tekton-robot tekton-robot
v0.30.1
b27feb0
Compare
Choose a tag to compare
Tekton Triggers release v0.30.1 "Tekton Triggers"

-Docs @ v0.30.1
-Examples @ v0.30.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.30.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.30.1/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a6acf7d6fb9d83f562974223e03ced6fa0dc9fda20c2b47ff279c4b1a238f3185

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a6acf7d6fb9d83f562974223e03ced6fa0dc9fda20c2b47ff279c4b1a238f3185
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.30.1/release.yaml
REKOR_UUID=108e9186e8c5677a6acf7d6fb9d83f562974223e03ced6fa0dc9fda20c2b47ff279c4b1a238f3185

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.30.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

  • 🐛 [release-v0.30.x] Upgrade golang.org/x/crypto to 0.31.0 (#1785)

Misc

  • 🔨 [release-v0.30.x] Fix the release cheat sheet - Rekor ID Fetch (#1790)

Thanks

Thanks to these contributors who contributed to v0.30.1!

Extra shout-out for awesome release notes:

Contributors

savitaashture and tekton-robot
Loading

Tekton Triggers release v0.29.2 "Tekton Triggers"

02 Jan 15:47
@tekton-robot tekton-robot
v0.29.2
c2461e1
Compare
Choose a tag to compare
Tekton Triggers release v0.29.2 "Tekton Triggers"

-Docs @ v0.29.2
-Examples @ v0.29.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.2/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a2dae70ab726277f2c4c5ba39bcc1ac1bfd845967f596e06890934f5e86820376

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a2dae70ab726277f2c4c5ba39bcc1ac1bfd845967f596e06890934f5e86820376
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.2/release.yaml
REKOR_UUID=108e9186e8c5677a2dae70ab726277f2c4c5ba39bcc1ac1bfd845967f596e06890934f5e86820376

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.29.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Security Fixes

  • 🐛 [release-v0.29.x] Upgrade golang.org/x/crypto to 0.31.0 (#1784)

Misc

  • 🔨 [release-v0.29.x] Update the relese cheat-sheet (#1791)
  • 🔨 [release-v0.29.x] Fix the release cheat sheet - Rekor ID Fetch (#1789)
  • 🔨 [release-v0.29.x] Migrate nightly builds and releases to ghcr.io (#1788)

Thanks

Thanks to these contributors who contributed to v0.29.2!

Extra shout-out for awesome release notes:

Contributors

savitaashture and tekton-robot
Loading

Tekton Triggers release v0.30.0 "Tekton Triggers"

05 Nov 20:28
@tekton-robot tekton-robot
v0.30.0
c6d2a8d
Compare
Choose a tag to compare
Tekton Triggers release v0.30.0 "Tekton Triggers"

-Docs @ v0.30.0
-Examples @ v0.30.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.30.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/${VERSION_TAG}/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/${VERSION_TAG}/interceptors.yaml
REKOR_UUID=108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.30.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

Misc

  • 🔨 Bump pipeline 0.65.0 LTS (#1775)
  • 🔨 Bump the CEl-GO to v0.21.0 (#1776)
  • 🔨 Rename Decade to Century (#1773)
  • 🔨 Migrate nightly builds and releases to ghcr.io (#1767)
  • 🔨 Add dependabot to update go mod and github action dependencies (#1770)

Docs

  • 📖 Update the release cheat-sheet (#1769)
  • 📖 Update release doc with v0.29.0 LTS (#1759)

Thanks

Thanks to these contributors who contributed to v0.30.0!

Contributors

khrm, afrittoli, and 2 other contributors
Loading
0 Join discussion

Tekton Triggers release v0.29.1 "Tekton Triggers"

04 Sep 15:43
@tekton-robot tekton-robot
v0.29.1
616cae1
Compare
Choose a tag to compare
Tekton Triggers release v0.29.1 "Tekton Triggers"

-Docs @ v0.29.1
-Examples @ v0.29.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/release.yaml
REKOR_UUID=108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.29.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml &am
10000
p;& echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Set readOnlyRootFilesystem as true in Interceptor (#1763)

Interceptor's Deployment security context readOnlyRootFilesystem are set to true to increase the security and to avoid being flagged by the security scanner

Fixes

Misc

  • 🔨 Bump Pipeline to v0.62.3 (#1762)

Bumping Pipeline to v0.62.3 to make client compatible with old pipeline versions

Docs

Thanks

Thanks to these contributors who contributed to v0.29.1!

Extra shout-out for awesome release notes:

Contributors

tekton-robot
Loading

Tekton Triggers release v0.29.0 "Tekton Triggers LTS"

21 Aug 09:56
@tekton-robot tekton-robot
v0.29.0
b133ef7
Compare
Choose a tag to compare
Tekton Triggers release v0.29.0 "Tekton Triggers LTS"

-Docs @ v0.29.0
-Examples @ v0.29.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/release.yaml
REKOR_UUID=108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.29.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Add new flag set-read-only-root-filesystem to set readOnlyRootFilesys… (#1742)

Added a new flag el-read-only-root-filesystem to the tekton-triggers-controller container. This flag, which is set to true by default, configures the EventListener container's securityContext.readOnlyRootFilesystem to true. This change aligns with Azure AKS best practices and enhances security.

  • ✨ Update eventlistener podSeurityContext to adhere to restricted pod security (#1740)

Eventlistener podTemplate now includes securityContext settings: seccompProfile, runAsUser, runAsGroup, and fsGroup when flag el-security-context is true.

Breaking Changes

  • 🚨 Metric name for eventlistener is changed from eventlistener_event_count
    to eventlistener_event_received_count (#1755)

Misc

  • 🔨 Install latest pipeline release in tests (#1758)

Install latest pipeline release in tests

  • 🔨 Bump Pipelines to v0.62.1 (#1754)

Bump Pipelines to v0.62.1

  • 🔨 Add runAsUser and runAsGroup under setSecurityContext flag (#1756)

Docs

  • 📖 Remove duplicate Triggers reference from TriggerGroup section of documentation (#1757)

Updated Documentation on TriggerGroups

  • 📖 Updated URL's on eventlisteners.md (#1750)
  • 📖 fix(example): update default branch name in examples (#1748)
  • 📖 Fixes eventlistener link and cel expression yaml example in docs (#1746)

Thanks

Thanks to these contributors who contributed to v0.29.0!

Extra shout-out for awesome release notes:

Contributors

johankok, khrm, and 8 other contributors
Loading

Tekton Triggers release v0.28.0 "Tekton Triggers"

08 Jul 08:02
@tekton-robot tekton-robot
v0.28.0
87e123e
Compare
Choose a tag to compare
Tekton Triggers release v0.28.0 "Tekton Triggers"

-Docs @ v0.28.0
-Examples @ v0.28.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.28.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Set readOnlyRootFilesystem as true in Controller and Webhook (#1735)

    • Controller's and Webhook's Deployment security context readOnlyRootFilesystem are set to true to increase the security and to avoid being flagged by the security scanner

  • ✨ Update securityContext to include required configurations when the flag el-security-context is enabled (#1736) and (#1747)

    • Added new field default-run-as-non-root to configmap so that RunAsNonRoot can be now configured through config-defaults-triggers ConfigMap
      • Defaults values for RunAsNonRoot is true
    • Added new fields default-run-as-user and default-run-as-group to config-defaults-triggers configmap so that RunAsUser and RunAsGroup can be now configured through ConfigMap
      • Defaults values for RunAsUser and RunAsGroup 65532

Misc

  • 🔨 Bump 0.61.0 pipeline release (#1745)
  • 🔨 Bump github.com/hashicorp/go-retryablehttp from 0.7.2 to 0.7.7 (#1738)
  • 🔨 Handle validation when value for runAsGroup and runAsUser is empty (#1747)
  • 🔨 Bump knative.dev/serving from 0.38.6 to 0.39.0 (#1733)

Docs

  • 📖 fix: Markdown syntax error for Note in events.md (#1743)
  • 📖 Add v0.26.x and v0.27.x doc (#1732)

Thanks

Thanks to these contributors who contributed to v0.28.0!

Extra shout-out for awesome release notes:

Contributors

khrm, danielfbm, and 2 other contributors
Loading

Tekton Triggers release v0.27.0 "Tekton Triggers"

10 May 12:12
@tekton-robot tekton-robot
v0.27.0
f76be74
Compare
Choose a tag to compare
Tekton Triggers release v0.27.0 "Tekton Triggers"

-Docs @ v0.27.0
-Examples @ v0.27.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.27.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Node port service match kubernetes resource (#1716)

Resolve node port when serviceType is NodePort

  • ✨ Add LoadBalancerClass support in EventListener (#1708)

EventListners have a new field letting you choose on which LoadBalancer you want to expose the underlying service if you have severals.

  • ✨ Remove tekton resource validation (#1699)

Removes the limit of only creating Tekton resources from within your TriggerTemplate. This will allow for other K8s resources to be created as well like for example K8s Jobs.

Fixes

  • 🐛 Fix is-multi-ns flag for triggerGroups (#1725)

Fix that the --is-multi-ns flag on the eventlistener is set to true, when using a namespaceSelector on any triggerGroup.

  • 🐛 Pass Content-Type Header to Interceptor (#1615)

Now Content-Type: application/json is passed to the interceptor while making the request.

Misc

  • 🔨 Bump CEL to v0.20.1 (#1730)

CEL interceptor updated to cel-go v0.20.1 and extensions for manipulating lists, sets and mathematical functions have been added.

  • 🔨 Bump go to 1.21 and pipeline to v0.59.0 LTS (#1722)

Update Go version to 1.21 and Pipelines to v0.59.0. Minimum Kubernetes version is 1.27.

  • 🔨 Update ko to 0.15.1 and Go to go1.22.2 for publish task (#1731)
  • 🔨 Fix GolangCI issues causing test failures (#1724)
  • 🔨 Move inactive maintainers to emeritus status (#1709)

Docs

  • 📖 Add Minimum Kubernetes Version for Triggers (#1728)
  • 📖 Fix API doc by adding TriggerTemplate to Resource Types (#1727)
  • 📖 Document EventListener behaviour as CloudEvent sink (#1710)
  • 📖 Fix typo (#1704)
  • 📖 Add lowerAscii() and upperAscii() to documentation (#1698)

Thanks

Thanks to these contributors who contributed to v0.27.0!

Extra shout-out for awesome release notes:

Contributors

nicolasbernard, khrm, and 7 other contributors
Loading

Tekton Triggers release v0.26.2 "Tekton Triggers"

30 Apr 12:17
@tekton-robot tekton-robot
v0.26.2
80de3d1
Compare
Choose a tag to compare
Tekton Triggers release v0.26.2 "Tekton Triggers"

-Docs @ v0.26.2
-Examples @ v0.26.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Security Fixes

  • Bump golang.org/x/net to fix CVE issue (#1721)
  • Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 fix CVE issue (#1715)
  • Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 fix CVE issue (#1713)

Thanks

Thanks to these contributors who contributed to v0.26.2!

Contributors

khrm and tekton-robot
Loading
0 Join discussion
0