Releases: tektoncd/chains
Tekton Chains release v0.22.2 "v0.22.2"
-Docs @ v0.22.2
-Examples @ v0.22.2
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.2/release.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c
Obtain the attestation:
REKOR_UUID=108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.2/release.yaml
REKOR_UUID=108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.2@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Fixes
- π Fix missing platforms in controller image 1212
Thanks
Thanks to these contributors who contributed to v0.22.2!
- β€οΈ @lcarva
Extra shout-out for awesome release notes:
- π @lcarva
Tekton Chains release v0.22.1 "v0.22.1"
-Docs @ v0.22.1
-Examples @ v0.22.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.1/release.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4
Obtain the attestation:
REKOR_UUID=108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.1/release.yaml
REKOR_UUID=108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Fixes
- π Fix nil-pointer error when mapping Status.Steps to Status.TaskSpec.Steps (#1203)
Thanks
Thanks to these contributors who contributed to v0.22.1!
- β€οΈ @jkhelil
Extra shout-out for awesome release notes:
- π @jkhelil
Tekton Chains release v0.22.0 "v0.22.0"
-Docs @ v0.22.0
-Examples @ v0.22.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c
Obtain the attestation:
REKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yaml
REKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Fixes
-
π Calculate subjects per formatter (#1132)
-
π Fix no repeated subjects for v2alpha4 pipelineruns (#1130)
-
π Fix field names in generated json statement (#1129)
Docs
Thanks
Thanks to these contributors who contributed to v0.22.0!
- β€οΈ @PuneetPunamiya
- β€οΈ @anithapriyanatarajan
- β€οΈ @chitrangpatel
- β€οΈ @concaf
- β€οΈ @dependabot[bot]
- β€οΈ @jkhelil
- β€οΈ @lcarva
- β€οΈ @renzodavid9
- β€οΈ @tarilabs
Extra shout-out for awesome release notes:
- π @PuneetPunamiya
- π @anithapriyanatarajan
- π @chitrangpatel
- π @concaf
- π @dependabot[bot]
- π @jkhelil
- π @lcarva
- π @renzodavid9
- π @tarilabs
Tekton Chains release v0.21.1 "v0.21.1"
-Docs @ v0.21.1
-Examples @ v0.21.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.1/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.1/release.yaml
REKOR_UUID=24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.21.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Fixes
Misc
Docs
Thanks
Thanks to these contributors who contributed to v0.21.1!
- β€οΈ @renzodavid9
Extra shout-out for awesome release notes:
- π @renzodavid9
Tekton Chains release v0.21.0 "v0.21.0"
-Docs @ v0.21.0
-Examples @ v0.21.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.0/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.0/release.yaml
REKOR_UUID=24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.21.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Deprecation Notices
- π¨ Deprecated SLSA formats
v2alpha1
,v2alpha2
(#1122)
Fixes
Misc
- π¨ Make chains QPS and Burst configuration consistent (#1100)
Docs
- π Update metrics documentation with the prefix (#1112)
Thanks
Thanks to these contributors who contributed to v0.21.0!
- β€οΈ @PuneetPunamiya
- β€οΈ @aaron-prindle
- β€οΈ @concaf
- β€οΈ @dependabot[bot]
- β€οΈ @khrm
- β€οΈ @lcarva
- β€οΈ @renzodavid9
- β€οΈ @sabre1041
- β€οΈ @sudhishmk
- β€οΈ @wlynch
Extra shout-out for awesome release notes:
- π @PuneetPunamiya
- π @aaron-prindle
- π @concaf
- π @dependabot[bot]
- π @khrm
- π @lcarva
- π @renzodavid9
- π @sabre1041
- π @sudhishmk
- π @wlynch
Tekton Chains release v0.20.1 "v0.20.1"
-Docs @ v0.20.1
-Examples @ v0.20.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.1/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.1/release.yaml
REKOR_UUID=24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.20.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
β¨ Expose new performance parameters to control controller's execution. See docs at https://tekton.dev/docs/chains/performance for details.
Thanks
Thanks to these contributors who contributed to v0.20.1!
- β€οΈ @lcarva
Extra shout-out for awesome release notes:
- π @lcarva
Tekton Chains release v0.19.1 "v0.19.1"
-Docs @ v0.19.1
-Examples @ v0.19.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.19.1/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.19.1/release.yaml
REKOR_UUID=24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.19.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
β¨ Expose new performance parameters to control controller's execution. See docs at https://tekton.dev/docs/chains/performance for details.
Thanks
Thanks to these contributors who contributed to v0.19.1!
- β€οΈ @lcarva
Extra shout-out for awesome release notes:
- π @lcarva
Tekton Chains release v0.16.2 "v0.16.2"
-Docs @ v0.16.2
-Examples @ v0.16.2
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.16.2/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77ad276f944cf9798a9954b710976f8f2c9cfb9df8f568b340e3258ce6bfbf05a87
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ad276f944cf9798a9954b710976f8f2c9cfb9df8f568b340e3258ce6bfbf05a87
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.16.2/release.yaml
REKOR_UUID=24296fb24b8ad77ad276f944cf9798a9954b710976f8f2c9cfb9df8f568b340e3258ce6bfbf05a87
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.16.2@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
β¨ Expose new performance parameters to control controller's execution. See docs at https://tekton.dev/docs/chains/performance for details.
Thanks
Thanks to these contributors who contributed to v0.16.2!
- β€οΈ @lcarva
Extra shout-out for awesome release notes:
- π @lcarva
Tekton Chains release v0.20.0 "v0.20.0"
-Docs @ v0.20.0
-Examples @ v0.20.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.0/release.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77a79f6dabf3b9add9b797b33976d32f36f15c8316405a84f1dcd2c509a86d9cc0c
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a79f6dabf3b9add9b797b33976d32f36f15c8316405a84f1dcd2c509a86d9cc0c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.0/release.yaml
REKOR_UUID=24296fb24b8ad77a79f6dabf3b9add9b797b33976d32f36f15c8316405a84f1dcd2c509a86d9cc0c
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.20.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
- β¨ Change Leader Election Config Map for Chains Controller (#1025)
- β¨ Add PipelineRun support to storage/gcs (#971)
- β¨ Add v2alpha3 format (#1031)
Fixes
- π Fix value for storage.oci.repository (#974)
Misc
- π¨ feat: update chain's controllers to use v1 Tekton APIs natively while converting to v1beta1 to keep formats backwards compatible (#1016)
Docs
Thanks
Thanks to these contributors who contributed to v0.20.0!
- β€οΈ @PuneetPunamiya
- β€οΈ @SergK
- β€οΈ @aaron-prindle
- β€οΈ @dependabot[bot]
- β€οΈ @khrm
- β€οΈ @sudhishmk
- β€οΈ @wlynch
Extra shout-out for awesome release notes:
- π @PuneetPunamiya
- π @SergK
- π @aaron-prindle
- π @dependabot[bot]
- π @khrm
- π @sudhishmk
- π @wlynch
Tekton Chains release v0.19.0 "v0.19.0"
-Docs @ v0.19.0
-Examples @ v0.19.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.19.0/release.yaml
Attestation
Verify that all container images in the attestation are in the release file:
Note
Due to a bug in Pipelines, this release's signatures were not uploaded to the Rekor transparency log.
To verify the release images without Rekor, run:
cosign verify --key=tekton.pub --insecure-ignore-tlog=true gcr.io/tekton-releases/github.com/tektoncd/chains/cmd/controller:v0.19.0@sha256:a94236f0cb474d018b3a1a65e1e59e75fd03d7aaecf8c6a8d7df51ab7f04e5d3
Build attestation can be found here: https://search.sigstore.dev/?logIndex=45626858
Changes
Features
Fixes
- π Handle duplicates in subjects and materials consistently (#926)
Misc
- Removes unused context from the wrap function (#960)
Thanks
Thanks to these contributors who contributed to v0.19.0!
- β€οΈ @PuneetPunamiya
- β€οΈ @cguest97
- β€οΈ @chuangw6
- β€οΈ @dependabot[bot]
- β€οΈ @joejstuart
- β€οΈ @lcarva
- β€οΈ @wlynch
Extra shout-out for awesome release notes:
- π @PuneetPunamiya
- π @cguest97
- π @chuangw6
- π @dependabot[bot]
- π @joejstuart
- π @lcarva
- π @wlynch