Tekton Chains release v0.23.1 "v0.23.1"

-Docs @ v0.23.1
-Examples @ v0.23.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.23.1/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677abb59fa4c082fc973d07d8056d1ef35e04aa8a6f1b25c41ff1401dfc6b7614b74

Obtain the attestation:

REKOR_UUID=108e9186e8c5677abb59fa4c082fc973d07d8056d1ef35e04aa8a6f1b25c41ff1401dfc6b7614b74
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.23.1/release.yaml
REKOR_UUID=108e9186e8c5677abb59fa4c082fc973d07d8056d1ef35e04aa8a6f1b25c41ff1401dfc6b7614b74

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.23.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

• 🐛 [release-v0.23.x] fix nil pointer (#1249)

Thanks

Thanks to these contributors who contributed to v0.23.1!

• ❤️ @lcarva
• ❤️ @savitaashture
• ❤️ @tekton-robot

Extra shout-out for awesome release notes:

• 😍 @lcarva
• 😍 @savitaashture
• 😍 @tekton-robot

Tekton Chains release v0.22.3 "v0.22.3"

-Docs @ v0.22.3
-Examples @ v0.22.3

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.3/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82

Obtain the attestation:

REKOR_UUID=108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.3/release.yaml
REKOR_UUID=108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.3@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

• 🐛 Fix nil-pointer references (#1286 and #1246)

Misc

• 🔨 Upgrade golang.org/x/crypto to 0.31.0 (#1269)

Thanks

Thanks to these contributors who contributed to v0.22.3!

• ❤️ @jkhelil
• ❤️ @lcarva
• ❤️ @savitaashture
• ❤️ @tekton-robot

Extra shout-out for awesome release notes:

• 😍 @jkhelil
• 😍 @lcarva
• 😍 @savitaashture
• 😍 @tekton-robot

Tekton Chains release v0.23.0 "v0.23.0"

-Docs @ v0.23.0
-Examples @ v0.23.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.23.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ab986b84dbd84e8bcaeb653ee623796517fd53400ea437f6eb4623849befd0dfb

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ab986b84dbd84e8bcaeb653ee623796517fd53400ea437f6eb4623849befd0dfb
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.23.0/release.yaml
REKOR_UUID=108e9186e8c5677ab986b84dbd84e8bcaeb653ee623796517fd53400ea437f6eb4623849befd0dfb

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.23.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ Support mongo server url path (#1213)

Fixes

• 🐛 Fix nil pointer dereference when taksrun is canceled (#1237)
• 🐛 Fix mapping between Status.Steps and Status.TaskSpec.Steps (#1188)

Misc

• 🔨 Controller image is now available at ghcr.io/tektoncd/chains/controller-92006fd957c0afd31de6a40b3e33b39f

Docs

• 📖 Added visual guide representing chains config options (#1183)

Thanks

Thanks to these contributors who contributed to v0.23.0!

• ❤️ @AlanGreene
• ❤️ @PuneetPunamiya
• ❤️ @afrittoli
• ❤️ @anithapriyanatarajan
• ❤️ @dependabot[bot]
• ❤️ @jkhelil
• ❤️ @lcarva
• ❤️ @vdemeester

Extra shout-out for awesome release notes:

• 😍 @AlanGreene
• 😍 @PuneetPunamiya
• 😍 @afrittoli
• 😍 @anithapriyanatarajan
• 😍 @jkhelil
• 😍 @lcarva
• 😍 @vdemeester

Tekton Chains release v0.22.2 "v0.22.2"

-Docs @ v0.22.2
-Examples @ v0.22.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.2/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.2/release.yaml
REKOR_UUID=108e9186e8c5677a49be2ef4baa7ddffeee2ddd856775f64215023ef1e11a91ef48873740f2d8c6c

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

• 🐛 Fix missing platforms in controller image 1212

Thanks

Thanks to these contributors who contributed to v0.22.2!

• ❤️ @lcarva

Extra shout-out for awesome release notes:

• 😍 @lcarva

Tekton Chains release v0.22.1 "v0.22.1"

-Docs @ v0.22.1
-Examples @ v0.22.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.1/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4

Obtain the attestation:

REKOR_UUID=108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.1/release.yaml
REKOR_UUID=108e9186e8c5677afcb66d14b0e3bffb5169977777bdbce07d4e4f5a11265d612dfca2e7b92d70d4

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

• 🐛 Fix nil-pointer error when mapping Status.Steps to Status.TaskSpec.Steps (#1203)

Thanks

Thanks to these contributors who contributed to v0.22.1!

• ❤️ @jkhelil

Extra shout-out for awesome release notes:

• 😍 @jkhelil

Tekton Chains release v0.22.0 "v0.22.0"

-Docs @ v0.22.0
-Examples @ v0.22.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yaml
REKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

• 🐛 Calculate subjects per formatter (#1132)

• 🐛 Fix no repeated subjects for v2alpha4 pipelineruns (#1130)

• 🐛 Fix field names in generated json statement (#1129)

Docs

• 📖 Bump patch release version (#1136)

• 📖 Release v0.21.0 made. (#1126)

Thanks

Thanks to these contributors who contributed to v0.22.0!

• ❤️ @PuneetPunamiya
• ❤️ @anithapriyanatarajan
• ❤️ @chitrangpatel
• ❤️ @concaf
• ❤️ @dependabot[bot]
• ❤️ @jkhelil
• ❤️ @lcarva
• ❤️ @renzodavid9
• ❤️ @tarilabs

Extra shout-out for awesome release notes:

• 😍 @PuneetPunamiya
• 😍 @anithapriyanatarajan
• 😍 @chitrangpatel
• 😍 @concaf
• 😍 @dependabot[bot]
• 😍 @jkhelil
• 😍 @lcarva
• 😍 @renzodavid9
• 😍 @tarilabs

Tekton Chains release v0.21.1 "v0.21.1"

-Docs @ v0.21.1
-Examples @ v0.21.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.1/release.yaml
REKOR_UUID=24296fb24b8ad77af3a8dfba0b4149ff8cd32f3d134dd934f7ef9a8a3b1f757da722884329a5e502

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.21.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

• #1132
• #1130
• #1129

Misc

Docs

Thanks

Thanks to these contributors who contributed to v0.21.1!

• ❤️ @renzodavid9

Extra shout-out for awesome release notes:

• 😍 @renzodavid9

Tekton Chains release v0.21.0 "v0.21.0"

-Docs @ v0.21.0
-Examples @ v0.21.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.21.0/release.yaml
REKOR_UUID=24296fb24b8ad77a008e67226b97749c72147c47d58ad0199693ea2734c9afd1487ec0c491ab08b1

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.21.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• SLSA Format v2alpha4: Support for Results produced by StepActions (#1111, #1118).

Deprecation Notices

• 🚨 Deprecated SLSA formats v2alpha1, v2alpha2(#1122)

Fixes

Misc

• 🔨 Make chains QPS and Burst configuration consistent (#1100)

Docs

• 📖 Update metrics documentation with the prefix (#1112)

Thanks

Thanks to these contributors who contributed to v0.21.0!

• ❤️ @PuneetPunamiya
• ❤️ @aaron-prindle
• ❤️ @concaf
• ❤️ @dependabot[bot]
• ❤️ @khrm
• ❤️ @lcarva
• ❤️ @renzodavid9
• ❤️ @sabre1041
• ❤️ @sudhishmk
• ❤️ @wlynch

Extra shout-out for awesome release notes:

• 😍 @PuneetPunamiya
• 😍 @aaron-prindle
• 😍 @concaf
• 😍 @dependabot[bot]
• 😍 @khrm
• 😍 @lcarva
• 😍 @renzodavid9
• 😍 @sabre1041
• 😍 @sudhishmk
• 😍 @wlynch

Tekton Chains release v0.20.1 "v0.20.1"

-Docs @ v0.20.1
-Examples @ v0.20.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.20.1/release.yaml
REKOR_UUID=24296fb24b8ad77ad1aadad57df62bc26ce52500a64bddbd663980150134db39aa5a37af6d374683

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.20.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

✨ Expose new performance parameters to control controller's execution. See docs at https://tekton.dev/docs/chains/performance for details.

Thanks

Thanks to these contributors who contributed to v0.20.1!

• ❤️ @lcarva

Extra shout-out for awesome release notes:

• 😍 @lcarva

Tekton Chains release v0.19.1 "v0.19.1"

-Docs @ v0.19.1
-Examples @ v0.19.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.19.1/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.19.1/release.yaml
REKOR_UUID=24296fb24b8ad77a7c128356d18f99bcee53c5dd1e3c4ec431629bb1fc07a2b46731956a5d86e3f5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.19.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

✨ Expose new performance parameters to control controller's execution. See docs at https://tekton.dev/docs/chains/performance for details.

Thanks

Thanks to these contributors who contributed to v0.19.1!

• ❤️ @lcarva

Extra shout-out for awesome release notes:

• 😍 @lcarva