github tektoncd/pipeline v0.40.2
Tekton Pipeline release v0.40.2 "Himalayan Sonny"

latest releases: v0.65.1, v0.62.5, v0.65.0...
2 years ago

-Docs @ v0.40.2
-Examples @ v0.40.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.40.2/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a2573afa5bfbd4582c0eb8c844009ee685a7e9abf6ae42b4d00b20c7485096315

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a2573afa5bfbd4582c0eb8c844009ee685a7e9abf6ae42b4d00b20c7485096315
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.40.2/release.yaml
REKOR_UUID=24296fb24b8ad77a2573afa5bfbd4582c0eb8c844009ee685a7e9abf6ae42b4d00b20c7485096315

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.40.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

  • 🐛 [release-v0.40.x] Write TaskRun.Status.TaskSpec with replaced spec on every reconcile run (#5584)

ix TaskRun parameter etc replacement logic to persist in the TaskRun's Status properly

Misc

  • 🔨 [release-v0.40.x] tekton: make sure the git workingdir is not dirty… (#5583)

ix the -dirty suffix in pipeline.tekton.dev/release annotation

  • 🔨 [release-v0.40.x] Update ko to v0.12.0 (#5567)

Docs

Thanks

Thanks to these contributors who contributed to v0.40.2!

Extra shout-out for awesome release notes:

Don't miss a new pipeline release

NewReleases is sending notifications on new releases.