github tektoncd/pipeline v1.3.0
Tekton Pipeline release v1.3.0 LTS "Maine Coon Melfina"
on GitHub

latest releases: v1.3.2, v1.4.0, v1.3.1...
one month ago

-Docs @ v1.3.0
-Examples @ v1.3.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v1.3.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a690a6f48618080e44983b879f4ffb9b371b7107159bb3d4ab3052aa68e47dc74

Obtain the attestation: 

REKOR_UUID=108e9186e8c5677a690a6f48618080e44983b879f4ffb9b371b7107159bb3d4ab3052aa68e47dc74
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file: 

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v1.3.0/release.yaml
REKOR_UUID=108e9186e8c5677a690a6f48618080e44983b879f4ffb9b371b7107159bb3d4ab3052aa68e47dc74

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v1.3.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ exponential backoff in controller (#8926)

Introduced exponential backoff retry mechanism for createPod function to improve robustness against transient webhook issues in a heavy cluster during resource creation.

  • ✨ exponential backoff for and creation (#8902)
  • Introduced exponential backoff retry mechanism for createTaskRun and createCustomRun functions.
  • Retries are triggered only on mutating admission webhook timeouts (HTTP 500 with "timeout" in the error message).
  • Non-retryable errors (e.g., HTTP 400, validation failures) continue to fail immediately.
  • Feature is disabled by default. To enable, set enable-wait-exponential-backoff: "true" in the feature-flags ConfigMap.
  • Backoff parameters (duration, factor, steps) are configurable via the wait-exponential-backoff ConfigMap.
  • Improves robustness against transient webhook issues in a heavy cluster during resource creation.
  • ✨ Feature: Allow THREADS_PER_CONTROLLER env var to override default threads-per-controller value (#8890)

Default threads-per-controller value can be override by THREADS_PER_CONTROLLER env var

  • ✨ Add anti-affinity rules to controller's replicas (#8864)

As part of improving high availability (HA) for the Tekton Pipelines controller, this update adds a preferredDuringSchedulingIgnoredDuringExecution pod anti-affinity rule. This ensures that multiple replicas of the controller are preferably scheduled on different nodes, reducing the risk of service disruption in case of a node failure.

  • ✨ PodTemplate param substitution on TaskRunSpecs to enable multi-arch builds with Matrix (#8599)

TaskRuns and TaskRunSpecs now support param substitution on podTemplate fields. This allows operability with Matrix.

Fixes

  • 🐛 fix(pipeline): support variables in onError for pipeline v1beta1 (#8931)

fix(pipeline): support variables in onError for pipeline v1beta1

  • 🐛 fix: ensure git shell-out inherits environment variables (#8908)

fix: The git resolver now respects environment variables on the pod

  • 🐛 efficient polling in (#8901)

Binary file (standard input) matches

  • 🐛 Use tini-git image for the resolvers deployment (#8895)

The resolvers deployment now uses the tini init system to make sure we don't end up with a lot of git process zombies.

  • 🐛 Re-register metrics only during real update (#8863)

Misc

  • 🔨 Resolvers: remove default TEKTON_HUB_API URI (#8861)

Removing the default value of TEKTON_HUB_API in the resolvers deployment as the public instance of tektoncd/hub (hub.tekton.dev) will be shutdown in September. It's still possible to set this environment variable to a value for users who self host an instance of tektoncd/hub

  • 🔨 Remove linux/arm from platform we publish (#8657)

linux/arm images are not published anymore as part of the release. This means armv5, armv6 and armv7 are not supported anymore.

  • 🔨 Stop emitting deprecated metrics (#8875)

BREAKING CHANGE:

This commit removes the following deprecated metrics that have been replaced
by newer, more descriptive metrics:

PipelineRun Metrics:

  • pipelinerun_count → replaced by pipelinerun_total
  • running_pipelineruns_count → replaced by running_pipelineruns
  • running_pipelineruns_waiting_on_pipeline_resolution_count → replaced by running_pipelineruns_waiting_on_pipeline_resolution
  • running_pipelineruns_waiting_on_task_resolution_count → replaced by running_pipelineruns_waiting_on_task_resolution

TaskRun Metrics:

  • taskrun_count → replaced by taskrun_total
  • running_taskruns_count → replaced by running_taskruns
  • running_taskruns_throttled_by_quota_count → replaced by running_taskruns_throttled_by_quota
  • running_taskruns_throttled_by_node_count → replaced by running_taskruns_throttled_by_node

The replacement metrics provide the same functionality with improved naming
conventions and are already being recorded in the codebase.

  • 🔨 Make sure we do not validate ResolutionRequest on DELETE (#8857)

esolutionRequest are no more validated on DELETE, which is consistent with the rest of the pipeline's objects.

  • 🔨 Move ConfigMap helpers to testing framework and cleanup 🧹 pipelinerun_test.go 🧹. (#8920)
  • 🔨 Remove all reference to gcr.io tekton projects (#8885)
  • 🔨 build(deps): bump github.com/jenkins-x/go-scm from 1.15.1 to 1.15.4 (#8935)
  • 🔨 build(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 (#8922)
  • 🔨 refactor getSidecarLogPollingInterval() (#8909)
  • 🔨 build(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 (#8907)
  • 🔨 build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0 (#8900)
  • 🔨 build(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (#8899)
  • 🔨 build(deps): bump the all group in /tekton with 3 updates (#8898)
  • 🔨 nightly builds with gh actions (#8897)
  • 🔨 build(deps): bump k8s.io/client-go from 0.32.6 to 0.32.7 (#8896)
  • 🔨 build(deps): bump k8s.io/code-generator from 0.32.6 to 0.32.7 (#8893)
  • 🔨 build(deps): bump github.com/google/cel-go from 0.25.0 to 0.26.0 (#8892)
  • 🔨 build(deps): bump k8s.io/api from 0.32.6 to 0.32.7 (#8888)
  • 🔨 build(deps): bump github.com/jenkins-x/go-scm from 1.14.59 to 1.15.1 (#8884)
  • 🔨 build(deps): bump tj-actions/changed-files from cf79a64fed8a943fb1073260883d08fe0dfb4e56 to 055970845dd036d7345da7399b7e89f2e10f2b04 (#8883)
  • 🔨 build(deps): bump the all group in /tekton with 4 updates (#8882)
  • 🔨 Add Stanislav (twoGiants) as reviewer to Tekton Pipeline repository. (#8880)
  • 🔨 build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 (#8871)
  • 🔨 build(deps): bump tj-actions/changed-files from e8772ff27de71367c2771ef3e8b5b2075b3f8282 to cf79a64fed8a943fb1073260883d08fe0dfb4e56 (#8867)
  • 🔨 build(deps): bump the all group in /tekton with 4 updates (#8866)
  • 🔨 build(deps): bump github.com/jenkins-x/go-scm from 1.14.58 to 1.14.59 (#8865)
  • 🔨 build(deps): bump github.com/spiffe/spire-api-sdk from 1.12.0 to 1.12.4 (#8860)
  • 🔨 build(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2 (#8856)
  • 🔨 build(deps): bump github/codeql-action from 3.29.0 to 3.29.2 (#8855)
  • 🔨 build(deps): bump tj-actions/changed-files from d52d20fa3f981cb852b861fd8f55308b5fe29637 to e8772ff27de71367c2771ef3e8b5b2075b3f8282 (#8854)
  • 🔨 build(deps): bump the all group in /tekton with 4 updates (#8853)
  • 🔨 build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 (#8852)
  • 🔨 Update kubernetes version of the CI (#8758)
  • 🔨 Add a tool to generate the release name (#8629)

Docs

  • 📖 Document controller debugging configuration. (#8881)

Developer documentation in DEVELOPMENT.md contains a "Debugging" section explaining how to setup VSCode for debugging Tekton controllers running in a k8 cluster.

  • 📖 docs: fix typo in pipelineruns.md (#8851)

Thanks

Thanks to these contributors who contributed to v1.3.0!

Extra shout-out for awesome release notes:

Check out latest releases or
releases around tektoncd/pipeline v1.3.0

Don't miss a new pipeline release

NewReleases is sending notifications on new releases.

Get notifications