github tektoncd/pipeline v0.59.0
Tekton Pipeline release v0.59.0 "Scottish Fold Sox" LTS
on GitHub

11 days ago

🎉 Artifact Metadata, Improved StepActions and Improved Stability 🎉

-Docs @ v0.59.0
-Examples @ v0.59.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

Obtain the attestation: 

REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file: 

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.59.0/release.yaml
REKOR_UUID=24296fb24b8ad77afedce0421f9d0b300ed47db5907cad59970fed93f978290fd32680173c43e675

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.59.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Upgrade Notices

Tekton v0.59 minimum Kubernetes version is 1.27.

Changes

Features

  • ✨ Add a feature flag to disable inline spec (#7844)

Add a feature flag disable-inline-spec to disable embedded spec in Pipeline(PipelineSpec/TaskSpec), Taskrun(TaskSpec), and Pipelinerun. (PipelineSpec) By default, the inline specs will be enabled. Only if the flag is set to "pipeline", "pipelinerun" and "taskrun" or a combination like "pipeline,pipelinerun" would the inline spec be disabled for Pipeline, PipelineRun, or TaskRun.

  • ✨ Add description to StepActions (#7831)

Add description to StepActions

  • ✨ kind/feat: Surface artifacts through termination message (#7714)

Surface artifact metadata through termination message

Fixes

  • 🐛 fix: resolve pod creation failure on retry when using (#7887)

fix: resolve pod creation failure on retry when using workspace.<name>.volume

  • 🐛 Fix ImagePullTimeout to use Initialized (#7882)

Fix ImagePullTimeout to use "PodInitialized" or "PodReadyToStartContainers" PodCondition transition time

  • 🐛 Enable Param Substitution in StepAction resolver reference params (#7872)

Enable Param Substitution in StepAction resolver reference params

  • 🐛 validate TaskRun retries in TestRunSpec is greater than or equal to zero (#7836)

fix: the retries value has not been verified

  • 🐛 fix: stepresult intepolations does not accept multiple matches (#7830)

fix: cannot use multiple step results at the same time for interpolation.

  • 🐛 Fix the naming for Metrics as per convention (#7810)

We introduce new metrics with compliant naming.
Gauge metrics: Gauge metrics shouldn't end with count as it implies a counter.
Counter metrics: Counter metrics shouldn't end with count as it implies a counter from the histogram. Instead, we should use total.

Previous Metrics are deprecated because they don't satisfy the Prometheus naming convention. Consult https://github.com/tektoncd/pipeline/blob/main/docs/metrics.md to know the updated names and tags.

  • 🐛 Remove conversion configuration for (#7796)

Remove conversion webhook configuration from the ClusterTask CRD, it doesn't need it.

  • 🐛 Do not register for conversion (#7795)

Removed StepAction from the conversion webhook to reduce the log spam that it isn't configured for it.

  • 🐛 fix: ensure default type for params in remote tasks to prevent pipeline failures (#7776)

fix: resolve issues that may cause pipeline failures when using remote resources

  • 🐛 fix: do not set default kind when taskRef resolver is present (#7763)

fix: do not set default kind when taskRef resolver is present

  • 🐛 fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing (#7761)

fix(taskrun): emit warning for missing secret in ServiceAccount instead of failing

  • 🐛 Fix: Merge StepTemplate with Step containing Results and Params (#7757)

Fix: Merge StepTemplate with Step containing Results and Params

  • 🐛 fix: the params in step replace other fields in step that are not in stepaction (#7755)

Pass only the fields in stepaction and replace these fields with the params in step.

  • 🐛 Fix bugfix-release.sh behavior when there is nothing to release (#7860)
  • 🐛 [StepActions] when using a stepTemplate the ref gets removed (#7813)

Misc

  • 🔨 Update docker/docker to v26.0.0 (#7842)

Update docker/docker dependency to v26.0.0

  • 🔨 Bump knative/pkg to 1.13 and k8s.io to 0.28.5 (#7808)

knative/pkg dependency is now 1.13 and k8s.io dependencies are 0.28.x.
In addition, this makes the minimum kubernetes version supported by tektoncd/pipeline to be 1.27.

  • 🔨 Update golangci version and configuration, and fix errors (#7832)
  • 🔨 Fix: add notes for why not to import the dependency pkg for OptimisticLockErrorMsg (#7780)
  • 🔨 Fix shell for tag-images step (#7912)
  • 🔨 Fix the shell in crane image (#7911)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.25.0 to 1.26.0 (#7908)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.25.0 to 1.26.0 (#7905)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#7900)
  • 🔨 chore(deps): bump tj-actions/changed-files from 44.0.1 to 44.3.0 (#7899)
  • 🔨 chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 (#7898)
  • 🔨 chore(deps): bump actions/upload-artifact from 4.3.1 to 4.3.3 (#7897)
  • 🔨 chore(deps): bump github/codeql-action from 3.25.0 to 3.25.1 (#7896)
  • 🔨 chore(deps): bump k8s.io/client-go from 0.27.11 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#7891)
  • 🔨 chore(deps): bump k8s.io/api from 0.27.12 to 0.27.13 in /test/custom-task-ctrls/wait-task-beta (#7890)
  • 🔨 chore(deps): bump code.gitea.io/sdk/gitea from 0.17.1 to 0.18.0 (#7889)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#7885)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.10 to 3.25.0 (#7884)
  • 🔨 kind/misc: add error log (#7874)
  • 🔨 chore(deps): bump the all group in /tekton with 4 updates (#7868)
  • 🔨 chore(deps): bump tj-actions/changed-files from 44.0.0 to 44.0.1 (#7867)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.63.0 to 1.63.2 (#7866)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.3 to 1.9.4 (#7862)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (#7861)
  • 🔨 release: add a small script to "automate" bugfix releases (#7855)
  • 🔨 chore: fix function names in comment (#7853)
  • 🔨 chore(deps): bump github.com/containerd/containerd from 1.7.14 to 1.7.15 (#7849)
  • 🔨 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.24.0 to 1.25.0 (#7848)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.2 to 1.9.3 (#7847)
  • 🔨 .github/workflow: update (and harden) codeql workflow (#7843)
  • 🔨 chore(deps): bump golang.org/x/sync from 0.6.0 to 0.7.0 (#7835)
  • 🔨 chore(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.0 (#7834)
  • 🔨 chore(deps): bump github.com/jenkins-x/go-scm from 1.14.29 to 1.14.30 (#7829)
  • 🔨 Initiate Conformance Test Suite (#7826)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.2 to 1.8.3 (#7825)
  • 🔨 chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.7 to 2.2.0 (#7824)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.2 to 1.8.3 (#7823)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore from 1.8.1 to 1.8.3 (#7821)
  • 🔨 chore(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 (#7820)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.2 to 1.8.3 (#7819)
  • 🔨 chore(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.2 to 1.8.3 (#7818)
  • 🔨 chore(deps): bump tj-actions/changed-files from 43.0.1 to 44.0.0 (#7817)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.57.1 to 1.57.2 in /tools (#7816)
  • 🔨 chore(deps): bump github.com/jenkins-x/go-scm from 1.14.26 to 1.14.29 (#7815)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.1 to 1.9.2 (#7806)
  • 🔨 chore(deps): bump tj-actions/changed-files from 43.0.0 to 43.0.1 (#7803)
  • 🔨 chore(deps): bump github/codeql-action from 3.24.8 to 3.24.9 (#7802)
  • 🔨 chore(deps): bump github.com/golangci/golangci-lint from 1.56.2 to 1.57.1 in /tools (#7785)
  • 🔨 chore(deps): bump github.com/spiffe/spire-api-sdk from 1.9.0 to 1.9.1 (#7784)
  • 🔨 chore(deps): bump github.com/google/cel-go from 0.20.0 to 0.20.1 (#7783)
  • 🔨 chore(deps): bump github.com/cloudevents/sdk-go/v2 from 2.15.1 to 2.15.2 (#7782)
  • 🔨 chore(deps): bump github.com/google/go-containerregistry from 0.19.0 to 0.19.1 (#7781)
  • 🔨 chore(deps): Migrate to github.com/go-jose/go-jose/v3 (#7750)
  • 🔨 .github/workflows: make codeql a bit quicker (#7728)
  • 🔨 Replace out of date publish images with cgr.dev equivalents. (#7359)
  • 🔨 Update golang/x/net to handle GO-2024-2687 (#7841)

Docs

  • 📖 fix(docs): correct closing bracket in CEL expressions (#7903)
  • 📖 remove ref release-pipeline-nightly.yaml (#7864)
  • 📖 Fix: update golangci-lint docs link (#7790)
  • 📖 Documenting latest release - 0.58 (#7786)
  • 📖 updating releases file to include 0.53.4 and 0.56.2 (#7741)
  • 📖 fix imagePullBackOff doc (#7679)

Thanks

Thanks to these contributors who contributed to v0.59.0!

Extra shout-out for awesome release notes:

Check out latest releases or
releases around tektoncd/pipeline v0.59.0

Don't miss a new pipeline release

NewReleases is sending notifications on new releases.

Get notifications