-Docs @ v0.34.0
-Examples @ v0.34.0

Installation one-liner

kubectl apply -f https://infra.tekton.dev/tekton-releases/triggers/previous/v0.34.0/release.yaml
kubectl apply -f https://infra.tekton.dev/tekton-releases/triggers/previous/v0.34.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677af5fc7b3c5466e79e0ce84af7fbea9da03d09fcf1f91c05e1d34c23b20af28f3f

Obtain the attestation:

REKOR_UUID=108e9186e8c5677af5fc7b3c5466e79e0ce84af7fbea9da03d09fcf1f91c05e1d34c23b20af28f3f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://infra.tekton.dev/tekton-releases/triggers/previous/v0.34.0/release.yaml
REKOR_UUID=108e9186e8c5677af5fc7b3c5466e79e0ce84af7fbea9da03d09fcf1f91c05e1d34c23b20af28f3f

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.34.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ feat: auto fill http request content length for binding and cel eval tools (#1887)

feat: auto fill http request content length for binding and cel eval tools

• ✨ Add tkn triggers bootstrap command for automated setup (#1890)

Fixes

• 🐛 Update github interceptor to only validate sha-256 signature (#1899)

The GitHub interceptor now only accepts SHA-256 signatures via the X-Hub-Signature-256 header and no longer supports SHA-1 signatures via X-Hub-Signature. Standard GitHub webhooks are unaffected as GitHub sends both headers by default, but custom webhook implementations must update their HMAC signature generation from SHA-1 to SHA-256 or they will receive "no X-Hub-Signature-256 header set" errors.

• 🐛 fix: escape Tekton variable syntax in trigger parameters (#1896)

Bugfix: escape Tekton variable syntax in trigger parameters (e.g. when $() are found in pr.body.description)

• 🐛 fix: test instability in UpdateCACertToClusterInterceptorCRD unit test (#1878)

Misc

• 🔨 Update release-cheat-sheet (#1910)
• 🔨 chore: update pipelines for oracle bucket target (#1909)
• 🔨 Change the Pipelines install location to oracle infra from gcs (#1908)
• 🔨 Update Go version in golangci-lint workflow (#1907)
• 🔨 Pin checkout to sha in presubmit ci tests (#1906)
• 🔨 Bump github/codeql-action from 4.31.0 to 4.31.2 (#1905)
• 🔨 Bump github.com/tektoncd/pipeline from 1.5.0 to 1.6.0 in the all group (#1904)
• 🔨 Bump github/codeql-action from 3.30.6 to 4.31.0 (#1902)
• 🔨 Bump actions/upload-artifact from 4.6.2 to 5.0.0 (#1901)
• 🔨 Bump the all group with 7 updates (#1900)
• 🔨 Remove condition for dependabot in golangci-lint (#1894)
• 🔨 Pin actions by commit SHA (#1893)
• 🔨 Add GitHub Actions workflow for go coverage job (#1891)
• 🔨 Migrate to GH action for presubmit ci jobs (#1889)
• 🔨 Bump the all group across 1 directory with 15 updates (#1888)
• 🔨 Bump actions/setup-go from 5.5.0 to 6.0.0 (#1884)
• 🔨 Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /tools (#1881)
• 🔨 Bump actions/checkout from 4 to 5 (#1880)
• 🔨 Update release doc with v0.33.0 (#1877)
• 🔨 Remove linux/arm from platform we publish (#1875)

Thanks

Thanks to these contributors who contributed to v0.34.0!

• ❤️ @AlanGreene
• ❤️ @anithapriyanatarajan
• ❤️ @cmorinupgrade
• ❤️ @dependabot[bot]
• ❤️ @infernus01
• ❤️ @khrm
• ❤️ @l-qing
• ❤️ @savitaashture
• ❤️ @wuhuizuo

Extra shout-out for awesome release notes:

• 😍 @cmorinupgrade
• 😍 @infernus01
• 😍 @wuhuizuo