github tektoncd/triggers v0.28.0
Tekton Triggers release v0.28.0 "Tekton Triggers"
on GitHub

latest releases: v0.30.0, v0.29.1, v0.29.0...
4 months ago

-Docs @ v0.28.0
-Examples @ v0.28.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd

Obtain the attestation: 

REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file: 

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.28.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Set readOnlyRootFilesystem as true in Controller and Webhook (#1735)

    • Controller's and Webhook's Deployment security context readOnlyRootFilesystem are set to true to increase the security and to avoid being flagged by the security scanner

  • ✨ Update securityContext to include required configurations when the flag el-security-context is enabled (#1736) and (#1747)

    • Added new field default-run-as-non-root to configmap so that RunAsNonRoot can be now configured through config-defaults-triggers ConfigMap
      • Defaults values for RunAsNonRoot is true
    • Added new fields default-run-as-user and default-run-as-group to config-defaults-triggers configmap so that RunAsUser and RunAsGroup can be now configured through ConfigMap
      • Defaults values for RunAsUser and RunAsGroup 65532

Misc

  • 🔨 Bump 0.61.0 pipeline release (#1745)
  • 🔨 Bump github.com/hashicorp/go-retryablehttp from 0.7.2 to 0.7.7 (#1738)
  • 🔨 Handle validation when value for runAsGroup and runAsUser is empty (#1747)
  • 🔨 Bump knative.dev/serving from 0.38.6 to 0.39.0 (#1733)

Docs

  • 📖 fix: Markdown syntax error for Note in events.md (#1743)
  • 📖 Add v0.26.x and v0.27.x doc (#1732)

Thanks

Thanks to these contributors who contributed to v0.28.0!

Extra shout-out for awesome release notes:

Check out latest releases or
releases around tektoncd/triggers v0.28.0

Don't miss a new triggers release

NewReleases is sending notifications on new releases.

Get notifications