Skip to content

Releases: tektoncd/operator

Tekton Operator release v0.78.1 "Ringneck Parakeets"

18 Dec 12:42
@tekton-robot tekton-robot
v0.78.1
6c0a52d

Choose a tag to compare

View all tags
Tekton Operator release v0.78.1 "Ringneck Parakeets" Latest
Latest

-Docs @ v0.78.1
-Examples @ v0.78.1

Installation one-liner

kubectl apply -f https://infra.tekton.dev/tekton-releases/operator/previous/v0.78.1/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a676ad8d1de42ccf0121438fc0ddbcbc89f47470effae10f52e7c0f13216c1157

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a676ad8d1de42ccf0121438fc0ddbcbc89f47470effae10f52e7c0f13216c1157
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Changes

Features

Fixes

  • 🐛 [cherry-pick: release-v0.78.x] fix: prevent unintended directory overwrite from PR #3057 (#3083)
  • 🐛 [cherry-pick: release-v0.78.x] Override the catalog URL only when the Hub catalog type is set to artifacthub (#3082)

Misc

  • 🔨 [cherry-pick#3106:release-0.78.x] fix: multi-arch-build failures due to ko build issue (#3110)

Docs

Thanks

Thanks to these contributors who contributed to v0.78.1!

Extra shout-out for awesome release notes:

Contributors

tekton-robot, anithapriyanatarajan, and mbpavan
Assets 6
Loading

tekton-operator-0.78.1

18 Dec 12:39
@github-actions github-actions
tekton-operator-0.78.1
6c0a52d

Choose a tag to compare

View all tags
tekton-operator-0.78.1

A Helm chart to deploy the Tekton Operator and its CRDs

Loading

Tekton Operator release v0.78.0 "Oituri Batis"

08 Dec 10:35
@tekton-robot tekton-robot
v0.78.0
e2e528b

Choose a tag to compare

View all tags
Tekton Operator release v0.78.0 "Oituri Batis"

-Docs @ v0.78.0
-Examples @ v0.78.0

Installation one-liner

kubectl apply -f https://infra.tekton.dev/tekton-releases/operator/previous/v0.78.0/release.yaml

Changes

Features

  • ✨ Add Route support for Tekton Results (#2877)

Enable Route support in Tekton Results. By default, a Route is created on the cluster, and users can optionally configure a custom host and path.

Fixes

  • 🐛 replace container args by key and avoid duplicates (#2862)

Binary file (standard input) matches

Misc

  • 🔨 Pin actions by commit SHA (#2917)

  • 🔨 Add GitHub Actions workflow for go coverage job (#2913)

  • 🔨 Update dependabot labels for github actions (#2939)

  • 🔨 Bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#2988)

  • 🔨 feat: update release targeting oci bucket (#2975)

  • 🔨 Bump golang.org/x/sync from 0.17.0 to 0.18.0 (#2962)

  • 🔨 Bump github.com/tektoncd/triggers from 0.32.0 to 0.34.0 (#2961)

  • 🔨 Bump chainguard-dev/actions from 1.5.7 to 1.5.8 (#2960)

  • 🔨 Bump step-security/harden-runner from 2.13.1 to 2.13.2 (#2959)

  • 🔨 Bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 (#2958)

  • 🔨 Bump github.com/tektoncd/pipeline from 1.5.0 to 1.6.0 (#2941)

  • 🔨 Bump github/codeql-action from 4.31.0 to 4.31.2 (#2940)

  • 🔨 Bump golang.org/x/mod from 0.28.0 to 0.29.0 (#2925)

  • 🔨 Bump github.com/tektoncd/pipeline from 1.4.0 to 1.5.0 (#2915)

  • 🔨 Bump github.com/spf13/viper from 1.20.1 to 1.21.0 (#2891)

  • 🔨 Bump k8s.io/apiextensions-apiserver from 0.32.8 to 0.32.9 (#2890)

  • 🔨 Bump golang.org/x/mod from 0.27.0 to 0.28.0 (#2883)

  • 🔨 Bump golang.org/x/sync from 0.16.0 to 0.17.0 (#2882)

  • 🔨 Bump github.com/tektoncd/pipeline from 1.3.1 to 1.4.0 (#2881)

  • 🔨 [bot] bump payload versions (#2878)

  • 🔨 Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 (#2872)

  • 🔨 Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#2871)

  • 🔨 Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 (#2860)

  • 🔨 Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 (#2857)

Docs

Thanks

Thanks to these contributors who contributed to v0.78.0!

Extra shout-out for awesome release notes:

Contributors

vdemeester, AlanGreene, and 13 other contributors
Loading

Tekton Operator release v0.77.0 "Amethyst woodstar"

21 Aug 12:24
@tekton-robot tekton-robot
v0.77.0
86343ff

Choose a tag to compare

View all tags
Tekton Operator release v0.77.0 "Amethyst woodstar"

-Docs @ v0.77.0
-Examples @ v0.77.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.77.0/release.yaml

Attestation

Obtain the attestation:

REKOR_UUID=
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/operator/previous/v0.77.0/release.yaml
REKOR_UUID=

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.77.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • add init container support to tekton-operator deployment (#2809)
  • Add service monitoring for pruner (#2844)
  • Fix proxy namespace for tekton-results-api-service in ConsolePlugin (#2841)
  • update s2i image (#2837)
  • Bump actions/checkout from 4 to 5 (#2827)
  • Update OPC task image reference in OpenShift config (#2825)
  • ADD: buildah-ns task as a part of openshift-pipelines namespace (#2824)
  • cleanup: Remove the unnecessary preUpgrade function from the pre-upgrade step (#2820)
  • Delete default tekton results tls secret during pre upgrade (#2819)
  • fix(openshift git resolver): mount the trusted-ca-configmap into component's system ca store in Openshift (#2814)
  • fix: prevent panic when pruner field is nil during upgrade (#2810)
  • add additionalEnvs capability to operator deployment (#2808)
  • Hide Tekton Pruner cr from openshift console UI (#2806)
  • Fix: Corrected PostgreSQL PGDATA and volume mount path to ensure data persistence (#2799)
  • Bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 (#2798)
  • Update PostgreSQL version from 13 to 16 (#2797)
  • Enable TektonPruner Configuration from tektonconfig (#2794)
  • OCPBUGS-58034: Update steps for 'Deploying an application with a pipeline' quick start (#2790)
  • make triggers install optional (#2780)
  • chore(fetch): bump task‑containers tasks from v0.7.0 to v0.7.1 (#2769)
  • feat: add recursive manifest fetching support (#2766)
  • Decouple RBAC and Trusted CA Bundle configurations in OpenShift extension (#2764)
  • Update TektonPruner.Disabled to *bool so it can be set to default value if not set. (#2750)
  • update list supported releases (#2745)
  • fix release script (#2744)
  • Add ServiceMonitor for Results (#2739)
  • Restrict pipeline service account permissions for openshift (#2702)

Fixes

Misc

  • 🔨 Bump k8s.io/apiextensions-apiserver from 0.32.6 to 0.32.8 (#2846)
  • 🔨 Bump golang.org/x/mod from 0.26.0 to 0.27.0 (#2829)
  • 🔨 Bump github.com/tektoncd/pipeline from 1.3.0 to 1.3.1 (#2828)
  • 🔨 Bump github.com/tektoncd/pipeline from 1.2.0 to 1.3.0 (#2821)
  • 🔨 Bump golang.org/x/mod from 0.25.0 to 0.26.0 (#2801)
  • 🔨 Bump golang.org/x/sync from 0.15.0 to 0.16.0 (#2800)
  • 🔨 Bump github.com/tektoncd/pipeline from 1.1.0 to 1.2.0 (#2791)
  • 🔨 Bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 (#2785)
  • 🔨 Bump github.com/openshift-pipelines/pipelines-as-code from 0.35.1 to 0.36.0 (#2784)
  • 🔨 Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 (#2783)
  • 🔨 Bump github.com/sigstore/cosign/v2 from 2.5.0 to 2.5.2 (#2775)
  • 🔨 Bump k8s.io/apiextensions-apiserver from 0.32.5 to 0.32.6 (#2774)
  • 🔨 Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 (#2761)
  • 🔨 Bump github.com/openshift-pipelines/pipelines-as-code from 0.35.0 to 0.35.1 (#2754)
  • 🔨 Bump golang.org/x/mod from 0.24.0 to 0.25.0 (#2753)
  • 🔨 Bump golang.org/x/sync from 0.14.0 to 0.15.0 (#2752)
  • 🔨 Bump github.com/tektoncd/pipeline from 1.0.0 to 1.1.0 (#2751)

Docs

Thanks

Thanks to these contributors who contributed to v0.77.0!

Extra shout-out for awesome release notes:

Contributors

vikram-raj, pramodbindal, and 10 other contributors
Loading

tekton-operator-0.77.0

21 Aug 12:25
@github-actions github-actions
tekton-operator-0.77.0
86343ff

Choose a tag to compare

View all tags
tekton-operator-0.77.0

A Helm chart to deploy the Tekton Operator and its CRDs

Loading

Tekton Operator release v0.76.0 "Amethyst sunbird"

18 Jul 05:48
@tekton-robot tekton-robot
v0.76.0
3a13845

Choose a tag to compare

View all tags
Tekton Operator release v0.76.0 "Amethyst sunbird"

-Docs @ v0.76.0
-Examples @ v0.76.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.76.0/release.yaml

Attestation

The Rekor UUID for this release is ``

Obtain the attestation:

REKOR_UUID=
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/operator/previous/v0.76.0/release.yaml
REKOR_UUID=

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.76.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • Add TektonPruner CRD,CR and Type Specs
  • Add Controller for TektonPruner
  • Support custom DB secret in Results
  • Add html_url to github-push CTB to fix clone issue Git clone was failing with a 403 error when using git-repo-url because body.repository.url points to the GitHub API URL. To resolve this, a new parameter git-repo-html-url has been introduced, which uses body.repository.html_url — the correct URL for cloning the repository.
  • Add KUBERNETES_MIN_VERSION env to kuberneted based installation
  • Convert result watcher deployment to statefulset ordinals
  • chore: Add pac cancel-in-progress setting in docs and tests
  • update: Added skip-push-event settings for PaC
  • Add LoggingPluginMultipartRegex for ResultsAPI
  • Improve operator logging for installerset reconcile operations
  • Improve operator logging for trigger reconcile operations
  • Improve operator logging for result reconcile operations
  • Improve operator logging for dashboard reconcile operations
  • Improve operator logging for mag reconcile operations
  • Improve operator logging for pipeline reconcile operations
  • Improve operator logging for chains reconcile operations
  • Improve operator logging for tektonconfig reconcile operations
  • enforce stricter securityContext rules on operator and webhook containers

Fixes

  • 🐛 Fix the rbac for ecosystem tasks and stepactions (#2732)

  • 🐛 Update Result API container env (#2622)

Before this fix, changes in Result API properties didn't used to apply to running results API server pod and required a manual start.

  • 🐛 fix(docs): correct configuration error in TektonResult (#2604)

docs: corrected the configuration error in the example of TektonResult

Misc

  • 🔨 Fix subpath capitalisation (#2729)

  • 🔨 Bump k8s.io/apiextensions-apiserver from 0.32.4 to 0.32.5 (#2741)

  • 🔨 Bump github.com/open-policy-agent/opa from 1.1.0 to 1.4.0 (#2713)

  • 🔨 Bump golang.org/x/sync from 0.13.0 to 0.14.0 (#2711)

  • 🔨 Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 (#2686)

  • 🔨 Bump golang.org/x/sync from 0.12.0 to 0.13.0 (#2676)

  • 🔨 Bump github.com/spf13/viper from 1.20.0 to 1.20.1 (#2667)

  • 🔨 Bump github.com/spf13/viper from 1.19.0 to 1.20.0 (#2656)

  • 🔨 Bump k8s.io/apiextensions-apiserver from 0.29.14 to 0.29.15 (#2655)

  • 🔨 Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#2652)

  • 🔨 [bot] bump payload versions (#2646)

  • 🔨 Bump golang.org/x/net from 0.35.0 to 0.36.0 (#2629)

  • 🔨 Bump gomodules.xyz/jsonpatch/v2 from 2.4.0 to 2.5.0 (#2628)

  • 🔨 Bump golang.org/x/mod from 0.23.0 to 0.24.0 (#2627)

  • 🔨 Bump golang.org/x/sync from 0.11.0 to 0.12.0 (#2626)

  • 🔨 Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 (#2609)

  • 🔨 Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#2608)

  • 🔨 Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (#2607)

  • 🔨 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (#2606)

Docs

  • 📖 Add ghcr.io migration banner to README.md. (#2681)

Thanks

Thanks to these contributors who contributed to v0.76.0!

Extra shout-out for awesome release notes:

Contributors

vdemeester, khrm, and 16 other contributors
Loading

tekton-operator-0.76.0

17 Jul 11:22
@github-actions github-actions
tekton-operator-0.76.0
d04cee1

Choose a tag to compare

View all tags
tekton-operator-0.76.0

A Helm chart to deploy the Tekton Operator and its CRDs

Loading

Tekton Operator release v0.75.0 "Buff-sided robin"

17 Mar 10:47
@tekton-robot tekton-robot
v0.75.0
39cdc4d

Choose a tag to compare

View all tags
Tekton Operator release v0.75.0 "Buff-sided robin"

-Docs @ v0.75.0
-Examples @ v0.75.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.75.0/release.yaml

Attestation

The Rekor UUID for this release is ``

Obtain the attestation:

REKOR_UUID=
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/operator/previous/v0.75.0/release.yaml
REKOR_UUID=

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.75.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Component Org Version
Chains tektoncd v0.24.0
Dashboard tektoncd v0.54.0
Hub tektoncd v1.20.0
Manual Approval Gate openshift-pipelines v0.5.0
Pipeline tektoncd v0.68.0
Pipeline-as-code openshift-pipelines v0.33.0
Results tektoncd v0.14.0
Triggers tektoncd v0.31.0

What's Changed

  • update charts on main with devel version by @jkhelil in #2419
  • add version 0.74.0 to supported version on the readme by @jkhelil in #2420
  • Bump github.com/tektoncd/pipeline from 0.65.1 to 0.65.2 by @dependabot in #2422
  • Bump k8s.io/apiextensions-apiserver from 0.29.10 to 0.29.11 by @dependabot in #2423
  • Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @dependabot in #2424
  • Updates go.mod by executing update-codegen script by @PuneetPunamiya in #2425
  • Update base image from rhel8/ubi8 to rhel9/ubi9 by @savitaashture in #2426
  • [bot] bump payload versions by @github-actions in #2428
  • fix namespace reconciliation error during openshift rbac reconciliation by @anithapriyanatarajan in #2432
  • Remove older versions of task and stepactions resolver installersets by @pratap0007 in #2430
  • [bot] bump payload versions by @github-actions in #2435
  • [bot] bump payload versions by @github-actions in #2440
  • enable fips compliance on openshift operator by @jkhelil in #2429
  • [bot] bump payload versions by @github-actions in #2443
  • [bot] bump payload versions by @github-actions in #2446
  • Bump golang.org/x/sync from 0.9.0 to 0.10.0 by @dependabot in #2449
  • [bot] bump payload versions by @github-actions in #2452
  • Bump github.com/tektoncd/pipeline from 0.65.2 to 0.66.0 by @dependabot in #2448
  • Adds runtimeclassname support in options field for deployment and statefulsets by @PuneetPunamiya in #2441
  • Upgrade golang.org/x/crypto to 0.31.0 by @vdemeester in #2454
  • Bump k8s.io/apiextensions-apiserver from 0.29.11 to 0.29.12 by @dependabot in #2457
  • update pruner sha with latest by @jkhelil in #2460
  • [bot] bump payload versions by @github-actions in #2463
  • Update the release to use ghcr.io by @afrittoli in #2462
  • Update DEVELOPMENT.md by @clintonsteiner in #2465
  • Fix wrong shell in release task by @afrittoli in #2466
  • Fix nightly failures by @afrittoli in #2475
  • [bot] bump payload versions by @github-actions in #2477
  • Update ecosystem task version to fix buildah issue by @savitaashture in #2480
  • Update TektonConfig CR's addon params to remove cluster tasks params by @pratap0007 in #2439
  • Bump github.com/tektoncd/triggers from 0.30.0 to 0.30.1 by @dependabot in #2483
  • fix: avoid panic when upgrading pipeline in tektonconfig by @l-qing in #2482
  • Switch to golangci-lint GH action by @afrittoli in #2493
  • Fix ghcr.io auth in release by @afrittoli in #2491
  • Fix serviceaccount path by @afrittoli in #2497
  • fix: resolve panic issue in script when label is specified during bundle build by @l-qing in #2494
  • Bump golang.org/x/net from 0.28.0 to 0.33.0 by @dependabot in #2496
  • [bot] bump payload versions by @github-actions in #2485
  • Update golang.org/x/net to 0.33.0 by @vdemeester in #2469
  • refactor namespace reconciliation to ensure openshift rbac requisites by @anithapriyanatarajan in #2468
  • [bot] bump payload versions by @github-actions in #2513
  • fix: get tektonconfig version from label by @l-qing in #2518
  • Bump helm/chart-releaser-action from 1.6.0 to 1.7.0 by @dependabot in #2519
  • fix: avoid panic when reconciling namespace without owner reference by @l-qing in #2516
  • fix(e2e): resolve instability issues in end-to-end tests by @l-qing in #2517
  • Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 by @dependabot in #2520
  • Bump k8s.io/apiextensions-apiserver from 0.29.12 to 0.29.13 by @dependabot in #2521
  • [bot] bump payload versions by @github-actions in #2524
  • [bot] bump payload versions by @github-actions in #2527
  • move chart images to ghcr.io by @jkhelil in #2533
  • restore community tasks as openshift addons by @jkhelil in #2427
  • [bot] bump payload versions by @github-actions in #2546
  • restore pruner sha with ghcr.io by @jkhelil in #2537
  • Ensure the configured TargetNamespace overrides the default namespace in the Dashboard's container args by @aThorp96 in #2542
  • Fix fetch-component-release task in nightly release by @AlanGreene in #2547
  • Bump github.com/tektoncd/pipeline from 0.66.0 to 0.68.0 by @dependabot in #2550
  • Add tekton-caches stepActions into operator catalog by @pramodbindal in #2551
  • add trigger creation as prerequisite to dashboard e2e to ensure tekto… by @jkhelil in #2555
  • Add Results configuration in tekton config by @pratap0007 in #2398
  • update config yaml with new image pac cli and sidecarlogresults pipeline info by @savitaashture in #2565
  • Update images of registry.redhat.io by @savitaashture in #2566
  • Bump gotest.tools/v3 from 3.5.1 to 3.5.2 by @dependabot in #2559
  • Bump github.com/sigstore/cosign/v2 from 2.4.1 to 2.4.2 by @dependabot in #2561
  • Bump golangci/golangci-lint-action from 6.2.0 to 6.3.2 by @dependabot in #2564
  • Bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot in #2560
  • Bump github.com/tektoncd/triggers from 0.30.1 to 0.31.0 by @dependabot in #2562
  • Support addition of new containers provided as options by @enarha in #2557
  • [bot] bump payload versions by @github-actions in #2568
  • Add proxy in the ConsolePlugin by @pratap0007 in #2545
  • [bot] bump payload versions by @github-actions in #2569
  • Bump golang.or...
Read more

Contributors

vdemeester, afrittoli, and 14 other contributors
Loading

tekton-operator-0.75.0

03 Mar 07:37
@github-actions github-actions
tekton-operator-0.75.0
07fcbf7

Choose a tag to compare

View all tags
tekton-operator-0.75.0

A Helm chart to deploy the Tekton Operator and its CRDs

Loading

Tekton Operator release v0.74.1 "Buzzing flowerpecker"

24 Jan 10:11
@tekton-robot tekton-robot
v0.74.1
e09bbad

Choose a tag to compare

View all tags
Tekton Operator release v0.74.1 "Buzzing flowerpecker"

-Docs @ v0.74.1
-Examples @ v0.74.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.74.1/release.yaml

Attestation

The Rekor UUID for this release is ``

Obtain the attestation:

REKOR_UUID=
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/operator/previous/v0.74.1/release.yaml
REKOR_UUID=

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.74.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Component Org Version
Chains tektoncd v0.23.1
Dashboard tektoncd v0.52.0
Hub tektoncd v1.19.2
Manual Approval Gate openshift-pipelines v0.4.1
Pipeline tektoncd v0.65.5
Pipeline-as-code openshift-pipelines v0.29.1
Results tektoncd v0.13.3
Triggers tektoncd v0.30.1

Features

Fixes

  • 🐛 [0.74.x] Update pruner sha with latest (#2461)
  • 🐛 [0.74.x] Update ecosystem task version to fix buildah issue (#2481)

Misc

  • 🔨 Bump golang.org/x/crypto to v0.31.0 (#2459)

Docs

Thanks

Thanks to these contributors who contributed to v0.74.1!

Extra shout-out for awesome release notes:

Contributors

jkhelil, savitaashture, and 2 other contributors
Loading