github tektoncd/triggers v0.35.0
Tekton Triggers release v0.35.0 "Tekton Triggers"
on GitHub

5 hours ago

-Docs @ v0.35.0
-Examples @ v0.35.0

Installation one-liner

kubectl apply -f https://infra.tekton.dev/tekton-releases/triggers/previous/v0.35.0/release.yaml
kubectl apply -f https://infra.tekton.dev/tekton-releases/triggers/previous/v0.35.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a45203936a8966245d4ee1bb04114c3c9a7a8ed99eae1e452c4e75cd00bfe19eb

Obtain the attestation: 

REKOR_UUID=108e9186e8c5677a45203936a8966245d4ee1bb04114c3c9a7a8ed99eae1e452c4e75cd00bfe19eb
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file: 

RELEASE_FILE=https://infra.tekton.dev/tekton-releases/triggers/previous/${VERSION_TAG}/release.yaml
INTERCEPTORS_FILE=https://infra.tekton.dev/tekton-releases/triggers/previous/${VERSION_TAG}/interceptors.yaml

REKOR_UUID=108e9186e8c5677a45203936a8966245d4ee1bb04114c3c9a7a8ed99eae1e452c4e75cd00bfe19eb

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.35.0@sha256:" + .digest.sha256')

# Download the release file
curl -L "$RELEASE_FILE" > release.yaml
curl -L "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

Misc

  • 🔨 Remove GHCR migration notice from readme (#1935)
  • 🔨 Bump step-security/harden-runner from 2.14.1 to 2.14.2 (#1946)
  • 🔨 Bump github/codeql-action from 4.32.1 to 4.32.2 (#1945)
  • 🔨 Bump the all group with 3 updates (#1944)
  • 🔨 Bump step-security/harden-runner from 2.14.0 to 2.14.1 (#1943)
  • 🔨 Bump actions/setup-go from 6.1.0 to 6.2.0 (#1942)
  • 🔨 Bump actions/checkout from 6.0.1 to 6.0.2 (#1941)
  • 🔨 Bump github/codeql-action from 4.31.8 to 4.32.0 (#1940)
  • 🔨 Bump the all group with 4 updates (#1939)
  • 🔨 Bump the all group across 1 directory with 14 updates (#1938)
  • 🔨 Bump github/codeql-action from 4.31.5 to 4.31.8 (#1933)
  • 🔨 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#1932)
  • 🔨 Bump step-security/harden-runner from 2.13.2 to 2.14.0 (#1931)
  • 🔨 Bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 (#1927)
  • 🔨 Bump actions/checkout from 6.0.0 to 6.0.1 (#1926)
  • 🔨 Bump actions/setup-go from 6.0.0 to 6.1.0 (#1921)
  • 🔨 Bump actions/checkout from 5.0.0 to 6.0.0 (#1920)
  • 🔨 Bump golangci/golangci-lint-action from 8.0.0 to 9.1.0 (#1919)
  • 🔨 Bump github/codeql-action from 4.31.2 to 4.31.5 (#1918)
  • 🔨 Bump the all group across 1 directory with 9 updates (#1917)
  • 🔨 Bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#1916)
  • 🔨 Bump step-security/harden-runner from 2.13.1 to 2.13.2 (#1913)
  • 🔨 Update release-cheat-sheet to work on OCI and release file with 0.34 version (#1911)

Thanks

Thanks to these contributors who contributed to v0.35.0!

Check out latest releases or
releases around tektoncd/triggers v0.35.0

Don't miss a new triggers release

NewReleases is sending notifications on new releases.

Get notifications