Skip to content

Tekton Chains release v0.13.0

Compare
Choose a tag to compare
@tekton-robot tekton-robot released this 08 Nov 15:56
v0.13.0
516e492
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

-Docs @ v0.13.0
-Examples @ v0.13.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.13.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a71f63b3241ed6951f0f2d29cda204b818e0ac6cc80598d11aacf301aa1f139bc

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a71f63b3241ed6951f0f2d29cda204b818e0ac6cc80598d11aacf301aa1f139bc
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.13.0/release.yaml
REKOR_UUID=24296fb24b8ad77a71f63b3241ed6951f0f2d29cda204b818e0ac6cc80598d11aacf301aa1f139bc

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# Verify images in manifest (tekton.pub can be found in the chains repo)
cosign manifest verify release.yaml --key=tekton.pub

Changes

Features

  • 🎁 Added support for PipelineRun attestations (#436, #568, #573, #564, #598, #599, #601) 🎉 🎉 🎉
  • 🎁 Allow reading the pull secret from the podTemplate (#579)
  • 🎁 Add feature to extract structured signable targets and store them in subjects and materials in intoto provenance (#491)

Fixes

  • 🐛 Stop reconciliation on unrecoverable error (#607)

Misc

  • 🧹 Removed usage of Tekton Pipelines v1alpha for everything but PipelineResources (#538)
  • 🧹 Removed tekton-provenance storage option (#590) (This was already partially deprecated in v0.8.0, this removed lagging config options).

Docs

  • 📖 getting rid of 'pipelien' (#526)
  • 📖 Add the OpenSSF badge to the main README (#580)
  • 📖 fix: pubusub to pubsub in storage backend support of experimental features (#582)

Thanks

Thanks to these contributors who contributed to v0.13.0!

Extra shout-out for awesome release notes:

Contributors

wlynch, afrittoli, and 10 other contributors
Assets 4
Loading