Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update module github.com/tektoncd/pipeline to v0.60.1 #209

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update module github.com/tektoncd/pipeline to v0.60.1 #209

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Apr 25, 2024
edited

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/tektoncd/pipeline v0.53.3 -> v0.60.1 age adoption passing confidence

Release Notes

tektoncd/pipeline (github.com/tektoncd/pipeline)

v0.60.1: Tekton Pipeline release v0.60.1 "Chinchilla Tobor"

Compare Source

-Docs @​ v0.60.1
-Examples @​ v0.60.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.1/release.yaml
REKOR_UUID=24296fb24b8ad77a3c629b9f100be0eec857bdac47e80bdeacaf4cebba95adb7f9918b91b27842c5

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.60.1@​sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes
  • 🐛 [release-v0.60.x] Fix: Allow less strict validation of the Resolver Name during Webhook. (#​7996)
  • 🐛 [release-v0.60.x] Fix: Update GetNameAndNamespace Parameters (#​7994)
Misc
Docs

Thanks

Thanks to these contributors who contributed to v0.60.1!

Extra shout-out for awesome release notes:
@​Aleromerog

v0.60.0: Tekton Pipeline release v0.60.0 "Chinchilla Tobor"

Compare Source

🎉 Artifacts through Sidecar Logs and Concise Resolver Syntax(Stage I)🎉

-Docs @​ v0.60.0
-Examples @​ v0.60.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.0/release.yaml
REKOR_UUID=24296fb24b8ad77a0f4210b40d70db3c3f419f177c49cdf9af22ac6e6f490d1141db7ca4ecb37796

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.60.0@​sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ feat: Surface artifacts through sidecar container logs. (#​7883)

Surface artifacts through sidecar container logs.

  • ✨ add namespace label/tag to non-deprecated throttle metrics (#​7879)

Add 'namespace' label/tag to the 'tekton_pipelines_controller_running_taskruns_throttled_by_quota' and 'tekton_pipelines_controller_running_taskruns_throttled_by_node' metrics, as kubernetes quota definitions are namespace scoped, hence certain namespaces may be more susceptible to quota throttling than others, and in a multi-node environment, not all namespaces are necessarily on the same node.

To enable this new label/tag, set 'metrics.taskrun.throttle.enable-namespace' to 'true' in the 'config-observability' ConfigMap

  • ✨ TEP-0154: Enable concise resolver syntax - stage 1 (#​7845)

TEP-0154: Enable concise resolver syntax

  • ✨ Add reason tag to duration metrics (#​7812)

The reason tag has been added to the duration metrics of taskrun and pipelinerun.

Fixes
  • 🐛 Propagate params in pipelines (#​7930)

Enable propagating params in Pipelines.

  • 🐛 Fix version mismatch of aws-sdk-go-v2 (#​7921)

Fixing "401 Not Authorized" using Image from private AWS ECR without specifying "command" or "script" in Task.

  • 🐛 allow for retry on typically transient k8s errors in both core controller and resolver for remote resolution (#​7894)

This fix address the lack of retry on transient kubernetes errors during remote resolution for tasks, etc.

  • 🐛 Fix: Faulty Remote Resource Accepted by Remote Resolution (#​7952)
  • 🐛 minor followup to PR 7894 (#​7950)
  • 🐛 fix: prevent repeated setting of pipeline name label (#​7732)
  • 🐛 fix: when using remote resources, the related metrics tag name is wrong (#​7731)
Misc
  • 🔨 Deprecate current resolution framework (#​7945)

Mark current resolver framework as deprecated. Note: we are not removing the interface to be compatible with our Go policy.

  • 🔨 misc: promote stepAction to beta (#​7920)

promote StepActions to beta

fix defaultEnableArtifacts flag uses wrong name

  • 🔨 Upgraded Remote Resolution Framework (#​7910)

Upgraded remote resolution framework.

  • 🔨 Bump go.opentelemetry.io/otel from 1.26.0 to 1.27.0 (#​7975)
  • 🔨 Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.26.0 to 1.27.0 (#​7972)
  • 🔨 chore(deps): bump github/codeql-action from 3.25.5 to 3.25.6 (#​7968)
  • 🔨 chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#​7967)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.58.1 to 1.58.2 in /tools (#​7966)
  • 🔨 chore(deps): bump github.com/containerd/containerd from 1.7.15 to 1.7.17 (#​7961)
  • 🔨 chore(deps): bump k8s.io/client-go from 0.27.13 to 0.27.14 in /test/custom-task-ctrls/wait-task-beta (#​7949)
  • 🔨 chore(deps): bump k8s.io/api from 0.27.13 to 0.27.14 in /test/custom-task-ctrls/wait-task-beta (#​7948)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 (#​7947)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.4 to 1.9.6 (#​7946)
  • 🔨 chore(deps): bump the all group in /tekton with 3 updates (#​7944)
  • 🔨 chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#​7943)
  • 🔨 chore(deps): bump github/codeql-action from 3.25.3 to 3.25.5 (#​7942)
  • 🔨 chore(deps): bump tj-actions/changed-files from 44.3.0 to 44.4.0 (#​7941)
  • 🔨 Add image replacement for amd64 specific image for entrypoint-resolution test and update docker-in-docker test image for Power. (#​7937)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.58.0 to 1.58.1 in /tools (#​7936)
  • 🔨 chore(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 (#​7934)
  • 🔨 chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#​7933)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#​7932)
  • 🔨 chore(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 (#​7931)
  • 🔨 chore(deps): bump github.com/jenkins-x/go-scm from 1.14.30 to 1.14.34 (#​7928)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.0 in /tools (#​7927)
  • 🔨 chore(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#​7926)
  • 🔨 chore(deps): bump the all group in /tekton with 2 updates (#​7925)
  • 🔨 chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 (#​7924)
  • 🔨 chore(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#​7923)
Docs
  • 📖 Update releases.md for v0.59 (#​7917)
  • 📖 v1beta1 fields updated to v1 in docs and examples (#​7873)

Thanks

Thanks to these contributors who contributed to v0.60.0!

Extra shout-out for awesome release notes:

v0.59.0: Tekton Pipeline release v0.59.0 "Scottish Fold Sox" LTS

Compare Source

🎉 Artifact Metadata, Improved StepActions and Improved Stability 🎉

-Docs @​ v0.59.0
-Examples @​ v0.59.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml
REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.0@​sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Upgrade Notices

Tekton v0.59 minimum Kubernetes version is 1.27.

Changes

Features

  • ✨ Add a feature flag to disable inline spec (#​7844)

Add a feature flag disable-inline-spec to disable embedded spec in Pipeline(PipelineSpec/TaskSpec), Taskrun(TaskSpec), and Pipelinerun. (PipelineSpec) By default, the inline specs will be enabled. Only if the flag is set to "pipeline", "pipelinerun" and "taskrun" or a combination like "pipeline,pipelinerun" would the inline spec be disabled for Pipeline, PipelineRun, or TaskRun.

  • ✨ Add description to StepActions (#​7831)

Add description to StepActions

  • ✨ kind/feat: Surface artifacts through termination message (#​7714)

Surface artifact metadata through termination message

Fixes
  • 🐛 fix: resolve pod creation failure on retry when using (#​7887)

fix: resolve pod creation failure on retry when using workspace.<name>.volume

  • 🐛 Fix ImagePullTimeout to use Initialized (#​7882)

Fix ImagePullTimeout to use "PodInitialized" or "PodReadyToStartContainers" PodCondition transition time

  • 🐛 Enable Param Substitution in StepAction resolver reference params (#​7872)

Enable Param Substitution in StepAction resolver reference params

  • 🐛 validate TaskRun retries in TestRunSpec is greater than or equal to zero (#​7836)

fix: the retries value has not been verified

  • 🐛 fix: stepresult intepolations does not accept multiple matches (#​7830)

fix: cannot use multiple step results at the same time for interpolation.

  • 🐛 Fix the naming for Metrics as per convention (#​7810)

We introduce new metrics with compliant naming.
Gauge metrics: Gauge metrics shouldn't end with count as it implies a counter.
Counter metrics: Counter metrics shouldn't end with count as it implies a counter from the histogram. Instead, we should use total.

Previous Metrics are deprecated because they don't satisfy the Prometheus naming convention. Consult https://github.com/tektoncd/pipeline/blob/main/docs/metrics.md to know the updated names and tags.

  • 🐛 Remove conversion configuration for (#​7796)

Remove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

  • 🐛 Do not register for conversion (#​7795)

Removed StepAction from the conversion webhook to reduce the log spam that it isn't configured for it.

  • 🐛 fix: ensure default type for params in remote tasks to prevent pipeline failures (#​7776)

fix: resolve issues that may cause pipeline failures when using remote resources

  • 🐛 fix: do not set default kind when taskRef resolver is present (#​7763)

fix: do not set default kind when taskRef resolver is present

  • 🐛 fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing (#​7761)

fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing

  • 🐛 Fix: Merge StepTemplate with Step containing Results and Params (#​7757)

Fix: Merge StepTemplate with Step containing Results and Params

  • 🐛 fix: the params in step replace other fields in step that are not in stepaction (#​7755)

Pass only the fields in stepaction and replace these fields with the params in step.

  • 🐛 Fix bugfix-release.sh behavior when there is nothing to release (#​7860)
  • 🐛 [StepActions] when using a stepTemplate the ref gets removed (#​7813)
Misc
  • 🔨 Update docker/docker to v26.0.0 (#​7842)

Update docker/docker dependency to v26.0.0

  • 🔨 Bump knative/pkg to 1.13 and k8s.io to 0.28.5 (#​7808)

knative/pkg dependency is now 1.13 and k8s.io dependencies are 0.28.x.
In addition, this makes the minimum kubernetes version supported by tektoncd/pipeline to be 1.27.

  • 🔨 Update golangci version and configuration, and fix errors (#​7832)
  • 🔨 Fix: add notes for why not to import the dependency pkg for OptimisticLockErrorMsg (#​7780)
  • 🔨 Fix shell for tag-images step (#​7912)
  • 🔨 Fix the shell in crane image (#​7911)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.25.0 to 1.26.0 (#​7908)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.25.0 to 1.26.0 (#​7905)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#​7900)
  • 🔨 chore(deps): bump tj-actions/changed-files from 44.0.1 to 44.3.0 (#​7899)
  • 🔨 chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 (#​7898)
  • 🔨 chore(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 (#​7897)
  • 🔨 chore(deps): bump github/codeql-action from 3.25.0 to 3.25.1 (#​7896)
  • 🔨 chore(deps): bump k8s.io/client-go from 0.27.11 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#​7891)
  • 🔨 chore(deps): bump k8s.io/api from 0.27.12 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#​7890)
  • 🔨 chore(deps): bump code.gitea.io/sdk/gitea from 0.17.1 to 0.18.0 (#​7889)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#​7885)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.10 to 3.25.0 (#​7884)
  • 🔨 kind/misc: add error log (#​7874)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#​7868)
  • 🔨 chore(deps): bump tj-actions/changed-files from 44.0.0 to 44.0.1 (#​7867)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.63.0 to 1.63.2 (#​7866)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.3 to 1.9.4 (#​7862)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (#​7861)
  • 🔨 release: add a small script to "automate" bugfix releases (#​7855)
  • 🔨 chore: fix function names in comment (#​7853)
  • 🔨 chore(deps): bump github.com/containerd/containerd from 1.7.14 to 1.7.15 (#​7849)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.25.0 (#​7848)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.2 to 1.9.3 (#​7847)
  • 🔨 .github/workflow: update (and harden) codeql workflow (#​7843)
  • 🔨 chore(deps): bump golang.org/x/sync from 0.6.0 to 0.7.0 (#​7835)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.0 (#​7834)
  • 🔨 chore(deps): bump github.com/jenkins-x/go-scm from 1.14.29 to 1.14.30 (#​7829)
  • 🔨 Initiate Conformance Test Suite (#​7826)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.2 to 1.8.3 (#​7825)
  • 🔨 chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.7 to 2.2.0 (#​7824)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.2 to 1.8.3 (#​7823)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.3 (#​7821)
  • 🔨 chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#​7820)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.2 to 1.8.3 (#​7819)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.2 to 1.8.3 (#​7818)
  • 🔨 chore(deps): bump tj-actions/changed-files from 43.0.1 to 44.0.0 (#​7817)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.57.1 to 1.57.2 in /tools (#​7816)
  • 🔨 chore(deps): bump github.com/jenkins-x/go-scm from 1.14.26 to 1.14.29 (#​7815)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.1 to 1.9.2 (#​7806)
  • 🔨 chore(deps): bump tj-actions/changed-files from 43.0.0 to 43.0.1 (#​7803)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 (#​7802)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.56.2 to 1.57.1 in /tools (#​7785)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.0 to 1.9.1 (#​7784)
  • 🔨 chore(deps): bump github.com/google/cel-go from 0.20.0 to 0.20.1 (#​7783)
  • 🔨 chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.1 to 2.15.2 (#​7782)
  • 🔨 chore(deps): bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 (#​7781)
  • 🔨 chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#​7750)
  • 🔨 .github/workflows: make codeql a bit quicker (#​7728)
  • 🔨 Replace out of date publish images with cgr.dev equivalents. (#​7359)
  • 🔨 Update golang/x/net to handle GO-2024-2687 (#​7841)
Docs
  • 📖 fix(docs): correct closing bracket in CEL expressions (#​7903)
  • 📖 remove ref release-pipeline-nightly.yaml (#​7864)
  • 📖 Fix: update golangci-lint docs link (#​7790)
  • 📖 Documenting latest release - 0.58 (#​7786)
  • 📖 updating releases file to include 0.53.4 and 0.56.2 (#​7741)
  • 📖 fix imagePullBackOff doc (#​7679)

Thanks

Thanks to these contributors who contributed to v0.59.0!

Extra shout-out for awesome release notes:

v0.58.0: Tekton Pipeline release v0.58.0 "Bombay Robbie"

Compare Source

🎉 displayName in childReferences and dynamic specifications of secrets and configmaps in workspaces 🎉

-Docs @​ v0.58.0
-Examples @​ v0.58.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.58.0/release.yaml
REKOR_UUID=24296fb24b8ad77ad32de0077ddf3d746f9072f2d536cec99e2add11d56d964943ea86f5265aec54

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.58.0@&#8203;sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ TEP-0147: introduce feature flag to guard artifacts feature (#​7705)

Introduces a feature flag enable-artifacts.

  • ✨ TEP 0147: add inputs/outputs to stepState (#​7703)

introduce inputs/outputs to stepState for future artifacts work

  • ✨ implementing TEP-0150 - in (#​7683)

A fully resolved displayName is now available in childReferences along with the pipelineTaskName. This is mainly beneficial to parameterize and easily distinguish matrix instances of the task.

  • ✨ feat: support for variable interpolation in workspace.* (in PipelineRun and TaskRun) (#​7671)

feat: support for variable interpolation in workspace.* (in PipelineRun and TaskRun)

Fixes
  • 🐛 fix: avoid panic when used pipelineRef or pipelineSpec in pipeline task (#​7722)

fix: avoid panic when used pipelineRef or pipelineSpec in pipeline task

  • 🐛 fix: pipeline execution status test case index error (#​7742)
  • 🐛 Migrate jaeger to otel API (#​7547)
Misc
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 (#​7774)
  • 🔨 chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#​7773)
  • 🔨 chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#​7772)
  • 🔨 chore(deps): bump tj-actions/changed-files from 42.1.0 to 43.0.0 (#​7771)
  • 🔨 chore(deps): bump github.com/containerd/containerd from 1.7.13 to 1.7.14 (#​7770)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.6 to 3.24.8 (#​7769)
  • 🔨 chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#​7768)
  • 🔨 chore(deps): bump k8s.io/api from 0.27.11 to 0.27.12 in /test/custom-task-ctrls/wait-task-beta (#​7767)
  • 🔨 chore(deps): bump tj-actions/changed-files from 42.0.5 to 42.1.0 (#​7747)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.5 to 3.24.6 (#​7735)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.1 to 1.8.2 (#​7727)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.1 to 1.8.2 (#​7723)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#​7719)
  • 🔨 chore(deps): bump tj-actions/changed-files from 42.0.4 to 42.0.5 (#​7718)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.8.7 to 1.9.0 (#​7712)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.23.1 to 1.24.0 (#​7710)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel from 1.23.1 to 1.24.0 (#​7709)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 (#​7702)
  • 🔨 chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#​7696)
  • 🔨 chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.1 (#​7695)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.56.1 to 1.56.2 in /tools (#​7676)
  • 🔨 fix: reduce warnings caused by woke scan results (#​7558)
  • 🔨 Bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible (#​7526)
Docs
  • 📖 [TEP-0129] Move CRDs definition and update multi-tenancy docs accordingly (#​7598)

Document simple installation instructions for a Tekton multi-tenancy setup.

  • 📖 docs: changing the variable camel cases (#​7701)
  • 📖 fix:add missing documentation link (#​7697)
  • 📖 Fix link to CEL in WhenExpression docs (#​7692)
  • 📖 Fix typo in additional configs doc (#​7689)
  • 📖 Add release v0.57.0 to the list of releases (#​7687)
  • 📖 Add feature flags recording demo for developer guide (#​7662)
  • 📖 docs: optimize examples for propagating results (#​7554)

Thanks

Thanks to these contributors who contributed to v0.58.0!

Extra shout-out for awesome release notes:

v0.57.0: Tekton Pipeline release v0.57.0 "Burmilla Baymax"

Compare Source

-Docs @​ v0.57.0
-Examples @​ v0.57.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.57.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77add7b0a9a7946185efd5c044009544db4ec1a3799c4b6a95285f979f1fd78cc75

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77add7b0a9a7946185efd5c044009544db4ec1a3799c4b6a95285f979f1fd78cc75
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.57.0/release.yaml
REKOR_UUID=24296fb24b8ad77add7b0a9a7946185efd5c044009544db4ec1a3799c4b6a95285f979f1fd78cc75

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.57.0@&#8203;sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Allow for the specified duration (#​7666)

Configure default-imagepullbackoff-timeout to allow imagePullBackOff to retry and wait for the specified duration before failing the pipeline.

  • ✨ Add granular termination reason in container termination message (#​7565)

Steps in a TaskRun will have more granular termination reasons indicating what exactly happened in new terminationReason field: Completed, Continued, Error, TimeoutExceeded, Skipped, TaskRunCancelled

Fixes
  • 🐛 fix(pipeline): correct warning path for duplicate param name in pipeline tasks (#​7651)

fix: correct warning path for duplicate param name in pipeline tasks

  • 🐛 The field in Final Task cannot parse ordinary Task status information. (#​7637)

The status of the referenced ordinary task is replaced before calculating the final task when.cel.

  • 🐛 fix: prevent modification of annotations on completed TaskRuns (#​7603)

fix: the pipeline controller will no longer modify any annotation it has set on completed pipelineruns

  • 🐛 allow pipeline runs whose task/custom runs have been deleted still timeout (#​7557)

PipelineRuns that timeout will no longer be blocked on reaching a terminal, cancelled state if their underlying TaskRuns or CustomRuns were deleted beforehand.

  • 🐛 update docker-in-docker testimage for s390x (#​7652)
Misc

Created v0.56 LTS release.

  • 🔨 matrix name updated to end with the instance count (#​7563)

taskRun names updated to end with the instance count for all fan out instances of matrix.

  • 🔨 Isolate new env nightly feature flag test (#​7686)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (#​7685)
  • 🔨 chore(deps): bump tj-actions/changed-files from 42.0.2 to 42.0.4 (#​7684)
  • 🔨 chore(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 (#​7682)
  • 🔨 chore(deps): bump github.com/google/cel-go from 0.19.0 to 0.20.0 (#​7681)
  • 🔨 chore(deps): bump k8s.io/client-go from 0.27.8 to 0.27.11 in /test/custom-task-ctrls/wait-task-beta (#​7673)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 (#​7670)
  • 🔨 Patch Release v0.56.1 (#​7665)
  • 🔨 Patch Release v0.56.1 (#​7663)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.22.0 to 1.23.1 (#​7659)
  • 🔨 chore(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#​7658)
  • 🔨 Update e2e-test script for per-feature flag test (#​7657)
  • 🔨 Fix typo in publish task (#​7648)
  • 🔨 Bump github.com/golangci/golangci-lint from 1.55.1 to 1.56.1 in /tools (#​7646)
  • 🔨 Bump go.opentelemetry.io/otel from 1.22.0 to 1.23.1 (#​7645)
  • 🔨 Bump github.com/opencontainers/image-spec from 1.1.0-rc3 to 1.1.0-rc6 (#​7635)
  • 🔨 Bump github/codeql-action from 3.23.1 to 3.24.0 (#​7634)
  • 🔨 TEP-0138 New features to use Per-feature flag struct (#​7633)
  • 🔨 Bump github.com/containerd/containerd from 1.6.19 to 1.7.13 (#​7628)
  • 🔨 Per-feature Flag Test Suite (#​7627)
  • 🔨 Bump github.com/google/go-containerregistry from 0.18.0 to 0.19.0 (#​7624)
  • 🔨 Bump tj-actions/changed-files from 42.0.0 to 42.0.2 (#​7622)
  • 🔨 Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#​7620)
  • 🔨 Bump github.com/google/go-containerregistry from 0.17.0 to 0.18.0 (#​7616)
  • 🔨 Bump google.golang.org/grpc from 1.60.1 to 1.61.0 (#​7612)
  • 🔨 Bump github.com/google/uuid from 1.5.0 to 1.6.0 (#​7611)
  • 🔨 Bump github.com/opencontainers/image-spec from 1.1.0-rc3 to 1.1.0-rc.6 (#​7610)
  • 🔨 Bump github.com/containerd/containerd from 1.6.19 to 1.7.12 (#​7609)
  • 🔨 Bump go.opentelemetry.io/otel/sdk from 1.21.0 to 1.22.0 (#​7606)
  • 🔨 Bump github.com/jenkins-x/go-scm from 1.14.25 to 1.14.26 (#​7605)
  • 🔨 Bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc.6 (#​7604)
  • 🔨 Bump code.gitea.io/sdk/gitea from 0.16.0 to 0.17.1 (#​7597)
  • 🔨 Bump github.com/containerd/containerd from 1.7.11 to 1.7.12 (#​7596)
  • 🔨 Bump github.com/google/cel-go from 0.18.1 to 0.19.0 (#​7594)
  • 🔨 Bump tj-actions/changed-files from 41.1.1 to 42.0.0 (#​7593)
  • 🔨 Bump github/codeql-action from 3.23.0 to 3.23.1 (#​7592)
  • 🔨 Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#​7591)
  • 🔨 Bump go.opentelemetry.io/otel from 1.21.0 to 1.22.0 (#​7586)
  • 🔨 Bump github.com/jenkins-x/go-scm from 1.14.24 to 1.14.25 (#​7585)
  • 🔨 Bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.7 (#​7584)
  • 🔨 Bump github.com/google/go-containerregistry from 0.17.0 to 0.18.0 (#​7583)
  • 🔨 Bump github.com/go-git/go-git/v5 from 5.10.0 to 5.11.0 (#​7582)
  • 🔨 Error sweep: fix error messages for timing out Runs (#​7572)
  • 🔨 Label user error for failed TaskRunStatus message (#​7543)
  • 🔨 Add pre-commit rules (#​7367)
Docs
  • 📖 Pipeline v0.44.x LTS End of Life (#​7613)

Release v0.44 LTS is EOL

Thanks

Thanks to these contributors who contributed to v0.57.0!

Extra shout-out for awesome release notes:

v0.56.4: Tekton Pipeline release v0.56.4 "Persian Terminator"

Compare Source

-Docs @​ v0.56.4
-Examples @​ v0.56.4

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.4/release.yaml
REKOR_UUID=24296fb24b8ad77a246fb071bb1e27bb8c9aa3c80aa8f7f284a3f17e41f49960167d60df9ae6a20f

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.4@&#8203;sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes
  • 🐛 [release-v0.56.x] [StepActions] when using a stepTemplate the ref gets removed (#​7814)
  • [release-v0.56.x] chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#​7856)
  • [release-v0.56.x] Update go-git/v5 for CVE-2023-49569 (#​7837)
Misc
Docs

Thanks

Thanks to these contributors who contributed to v0.56.4!

Extra shout-out for awesome release notes:

v0.56.3: Tekton Pipeline release v0.56.3 "Persian Terminator"

Compare Source

-Docs @​ v0.56.3
-Examples @​ v0.56.3

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.56.3/release.yaml
REKOR_UUID=24296fb24b8ad77ae45e562eaaa6a469881e47013e15601d6644002bc596ca9464a382cdec3f2b5d

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.56.3@&#8203;sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/github.com-tektoncd-pipeline-0.x branch from d447565 to e607d05 Compare May 8, 2024 02:53
@renovate renovate bot force-pushed the renovate/github.com-tektoncd-pipeline-0.x branch from e607d05 to a04b1c0 Compare May 22, 2024 22:00
@renovate renovate bot changed the title Update module github.com/tektoncd/pipeline to v0.59.0 Update module github.com/tektoncd/pipeline to v0.60.0 May 22, 2024
@renovate renovate bot force-pushed the renovate/github.com-tektoncd-pipeline-0.x branch from a04b1c0 to 33fd869 Compare May 28, 2024 20:20
@renovate renovate bot changed the title Update module github.com/tektoncd/pipeline to v0.60.0 Update module github.com/tektoncd/pipeline to v0.60.1 May 28, 2024
@renovate renovate bot force-pushed the renovate/github.com-tektoncd-pipeline-0.x branch from 33fd869 to 541a50a Compare June 4, 2024 10:37
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jun 4, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 19 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.20 -> 1.22.3
k8s.io/apimachinery v0.28.5 -> v0.29.0
github.com/golang/protobuf v1.5.3 -> v1.5.4
github.com/google/cel-go v0.17.1 -> v0.20.1
github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 -> v2.20.0
golang.org/x/crypto v0.22.0 -> v0.23.0
golang.org/x/exp v0.0.0-20230307190834-24139beb5833 -> v0.0.0-20230515195305-f3d0a9c9a5cc
golang.org/x/net v0.24.0 -> v0.25.0
golang.org/x/oauth2 v0.17.0 -> v0.20.0
golang.org/x/sys v0.19.0 -> v0.20.0
golang.org/x/term v0.19.0 -> v0.20.0
golang.org/x/text v0.14.0 -> v0.15.0
google.golang.org/api v0.165.0 -> v0.171.0
google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20240520151616-dc85e6b867a5
google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20240515191416-fc5f0ca64291
google.golang.org/grpc v1.61.1 -> v1.64.0
google.golang.org/protobuf v1.33.0 -> v1.34.1
k8s.io/gengo v0.0.0-20221011193443-fad74ee6edd9 -> v0.0.0-20230829151522-9cce18d56c01
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 -> v0.0.0-20231010175941-2dd684a91f00
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 -> v4.4.1

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jun 4, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants