Tekton Pipeline release v0.33.0 "Highlander HAL"
π πͺ More Windows features πͺ, lots of fixes π¨ and docs improvements π ! π
-Docs @ v0.33.0
-Examples @ v0.33.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.33.0/release.yaml
Attestation
The Rekor UUID for this release is 5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f
Obtain the attestation:
REKOR_UUID=5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | base64 --decode | jq
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.33.0/release.yaml
REKOR_UUID=5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | base64 --decode | jq -r '.subject[]|.name + ":v0.33.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Deprecation Notices
The scope-when-expressions-to-task
flag will be removed in the next release.
We recommend migrating Pipelines
to using when
expressions scoped to the guarded Task
only.
Upgrade Notices
π¨ Tekton v0.33.0 requires Kubernetes v1.21+ π¨
The configuration flags disable-working-dir-overwrite
and disable-home-env-overwrite
and associated features are not available anymore. Users that rely on automatic workingDir
and HOME
overwrite must update their Tasks
to explicitly them before updating to
this release.
The when
expressions in a given Task
are scoped to guard the Task
only by default. Users that rely the Branch
scope can use the scope-when-expressions-to-task
to continue guarding the Task
and its dependent Tasks
.
Changes
Features
- β¨ [TEP-0059] Scope expressions to only (#4580)
The when
expressions in a given Task
are scoped to guard the Task
only by default. Set scope-when-expressions-to-task
to continue guarding the Task
and its dependent Tasks
. The scope-when-expressions-to-task
flag will be removed soon so we recommend migrating Pipelines
to using when
expressions scoped to the guarded Task
only.
- β¨ Add Step and Sidecar Overrides to TaskRun API (#4575)
[Feature] Adds API fields for Step and Sidecar Overrides to TaskRun. This feature is not yet implemented.
- β¨ Add resolution types to the API (#4502)
Syntax support for remote resolution, an alpha feature in development, has been added to pipelineRef and taskRef fields. Using the remote resolution fields is not yet possible, however, and will only result in errors.
- β¨ Support workingDir init on Windows (#4475)
Working dir initialization is now done using a Go binary in a new container image included in the release, which makes it portable to run on Windows nodes.
- β¨ Include Windows builds of cmd/nop in release process (#4474)
Include Windows support for the nop image, to enable Affinity Assistant for Windows, and more.
Backwards incompatible changes
In current release:
- π¨ Remove deprecated flags home-env and working-dir π§Ή (#4587)
The configuration flags disable-working-dir-overwrite
and disable-home-env-overwrite
, after defaulting
to True
for nine months (i.e. feature disabled), have now been removed completely, along with the associated
features which are not available in Tekton anymore.
Fixes
- π Fix for some arm64 machines. (#4588)
Fix problems on some arm64 machines.
- π Consider osversion when determining platform uniqueness (#4569)
Tweaks platform-specific command selection logic to handle images that provide multiple images for the same os+architecture, differing only by osversion (e.g., golang:1.17)
- π Ignore variant when looking up command for platform in entrypoint (#4550)
Loosen runtime platform selection logic to account for platforms with CPU variants
- π Add validation for PR infinite timeouts (#4539)
[Bug Fix] Add validation for 0 timeout for pipelinerun.timeouts.tasks
and pipelinerun.timeouts.finally
- π Set correct timeout for PR tasks with elapsed time (#4532)
[Bug Fix] Account for elapsed time, pipeline.timeouts.tasks, and pipeline.tasks[].timeout when setting taskrun timeout
- π Account for PipelineRun elapsed time for timeouts (#4506)
[Bug fix]: Respect pipelinerun.timeouts.tasks
for sequential TaskRuns or TaskRun retries
- π Fix Pipeline/Task to *Run label/annotation propagation π₯¨ (#4478)
Fix labels and annotation propagation from Task/Pipeline to TaskRun/PipelineRun and thus the generated Pod
- π Use pr.Timeouts.Pipeline in Custom Task reconcile (#4440)
[Bug fix]: Use pipeline.spec.timeouts.pipeline to determine pipeline timeout during custom task reconcile
- π Patch temp GOPATH hack script to handle nounset option (#4574)
- π Add taskSpec resources validation (#4547)
- π add default seccomp profile (#4520)
- π Update hack scripts to shim temp GOPATH as needed (#4465)
- π Fix incorrect format specifier in test files (#4495)
- π Fix tekton_pipelines_controller_taskrun_count recount bug (#4469)
Misc
- π¨ Remove deprecated flags home-env and working-dir π§Ή (#4587)
The configuration flags disable-working-dir-overwrite
and disable-home-env-overwrite
, after defaulting
to True
for nine months (i.e. feature disabled), have now been removed completely, along with the associated
features which are not available in Tekton anymore.
- π¨ Update write_test.go (#4570)
- π¨ [refactor] Remove ImplicitParamEnabled context. (#4528)
- π¨ Update k8schain (#4488)
Drops dependency on k8s cred providers, statically link GCR/ECR/ACR cred helpers' Go code instead
The pipelines controller config previously included AWS environment variables as a workaround for a performance-related issue. The underlying issue appears to be fixed and so the environment variables have been removed from the controller.
- π¨ use helper functions - MarkResource* (#4565)
- π¨ cleanup - ApplyContext parameters (#4564)
- π¨ minor cleanup - use MarkResource* instead of updating the status explicitly (#4561)
- π¨ Add copyright notice to clock.go (#4505)
- π¨ Move to Go 1.16 (#4497)
- π¨ Drop minishift instructions (#4489)
- π¨ Provide testing implementation of time.Now() (#4487)
- π¨ Update the release notes to describe kustomize usage (#4509)
- π¨ Separate buildPlatforms and publishPlatforms (#4486)
- π¨ Bump knative.dev/pkg vendoring. Use klog/v2 (#4538)
π¨ Tekton now requires Kubernetes v1.21+ π¨
- π¨ Increase lease time of controller and webhook (#4541)
- π¨ Use podTemplate ImagePullSecrets for Entrypoint Image Lookup (#4496)
- π¨ Drop resource
requests:
fromgohelloworld
. (#4549)
Docs
- π Update the feature flag docs (#4584)
- π Add bash v4+ requirement to the development guide (#4498)
- π Move kind development instructions to top of dev cluster instructions. (#4466)
- π Update the deprecations table (#4586)
- π debug is an alpha feature (#4573)
- π Fix links to Why Aren't PipelineResources in Beta? (#4572)
- π Fix kustomize invocation typo (#4537)
- π Add doc links for Pipelines 0.28.3 (#4536)
- π Add doc links for 0.29.1, 0.30.1, 0.31.1 and 0.32.1 (#4530)
- π Update README.md (#4507)
- π Add docs links for v0.32.0 (#4482)
- π Update docs to reflect resource requests of pods (#4472)
- π Update install docs to mention firewall reqs (#4517)
Thanks
Thanks to these contributors who contributed to v0.33.0!
- β€οΈ @AlanGreene
- β€οΈ @MrMYHuang
- β€οΈ @R2wenD2
- β€οΈ @Yongxuanzhang
- β€οΈ @abayer
- β€οΈ @afrittoli
- β€οΈ @anu-baskar
- β€οΈ @concaf
- β€οΈ @guillaumerose
- β€οΈ @imjasonh
- β€οΈ @jerop
- β€οΈ @khrm
- β€οΈ @lbernick
- β€οΈ @mattmoor
- β€οΈ @pritidesai
- β€οΈ @psychosis448
- β€οΈ @sbwsg
- β€οΈ @vdemeester
- β€οΈ @wlynch
Extra shout-out for awesome release notes:
- π @MrMYHuang
- π @Yongxuanzhang
- π @afrittoli
- π @anu-baskar
- π @guillaumerose
- π @imjasonh
- π @jerop
- π @khrm
- π @lbernick
- π @mattmoor
- π @sbwsg
- π @vdemeester
- π @wlynch