Tekton Pipeline release v0.47.0 "Chartreux Rachel" LTS #6580
afrittoli
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
🎉 Trusted Resources, Matrix Execution and various improvements 🎉
-Docs @ v0.47.0
-Examples @ v0.47.0
Installation one-liner
Attestation
The Rekor UUID for this release is
24296fb24b8ad77a26cba25047813dca68dd316baedd830ade34aac05e6f51ccd73a54a013021440
Obtain the attestation:
Verify that all container images in the attestation are in the release file:
Upgrade Notices
Tekton v0.47 requires Kubernetes 1.24 or newer
v1alpha1.Run objects are no longer supported. You must upgrade to v1beta1.CustomRun before upgrading to this release. See https://github.com/tektoncd/pipeline/blob/main/docs/migrating-v1alpha1.Run-to-v1beta1.CustomRun.md for migration instructions
Feature flag
custom-task-version
has been removed, tekton pipeline will stop supportingv1alpha1.Run
and only usev1beta1.CustomRun
.for trusted resources users, please change feature flag resource-verification-mode to trusted-resources-verification-no-match-policy, please refer to https://github.com/tektoncd/pipeline/blob/main/docs/trusted-resources.md#enable-trusted-resources to learn how to config the new trusted-resources-verification-no-match-policy feature flag
Changes
Features
Propagated workspaces is now a stable feature.
The mode of VerificationPolicy determines how failing policies for trusted resources are handled. When set to warn, failing policies will log a warning but not fail the taskrun/pipelinerun. When set to enforce, failing policies will cause the taskrun/pipelinerun to fail if the policy cannot be verified.
Users can now specify a
PipelineTask
withMatrix Include Parameters
to generate explicit combinations or adda specific combination of input values for Matrix Parameters.
Add mode field into VerificationPolicy to controls whether fail taskrun/pipelinerun or not when fails verification
[action required] for trusted resources users, please change feature flag resource-verification-mode to trusted-resources-verification-no-match-policy, please refer to https://github.com/tektoncd/pipeline/blob/main/docs/trusted-resources.md#enable-trusted-resources to learn how to config the new trusted-resources-verification-no-match-policy feature flag
✨ [TEP-0089] SPIRE for non-falsifiable provenance - IsSpireEnabled ([TEP-0089] SPIRE for non-falsifiable provenance - IsSpireEnabled #6524)
✨ TEP-0118: Update TaskRun Validation for Matrix Include Params (TEP-0118: Update TaskRun Validation for Matrix Include Params #6418)
✨ [TEP-0047] add display name to pipeline spec and task spec ([TEP-0047] add display name to pipeline spec and task spec #6294)
Fixes
bug fix: reduced webhook log spam related to conversion of ResolutionRequests
TEP-0133: Apply default resolver to finally tasks
Make sure the conversion webhook sees the live configmaps instead of the default ones
Avoid occasional failures of TaskRun/PipelineRun execution using remote resolution.
When encountering a permanent error during the creation of run resources in pipelinerun, stop retrying and set the failure reason to "CreateRunFailed".
users can still view the output through the Pod log API if stdoutConfig.path or stderrConfig.path is specified
Fix a bug that made big PipelineRuns get stuck in the running state in the cluster
pkg/resolution/resource
(test: add unit tests forpkg/resolution/resource
#6433)Misc
BREAKING CHANGE: v1beta1.CustomRuns GVK was changed to properly match it's type (Runs -> CustomRuns). This may break relationships that are relying on the incorrect GVK value. Clients not relying on the GVK value from the Go type are unaffected.
action required: v1alpha1.Run objects are no longer supported. You must upgrade to v1beta1.CustomRun before upgrading to this release. See https://github.com/tektoncd/pipeline/blob/main/docs/migrating-v1alpha1.Run-to-v1beta1.CustomRun.md for migration instructions
action required: Feature flag custom-task-version is removed, tekton pipeline will stop supporting v1alpha1 Run and only use v1beta1 CustomRun.
pkg/git has been removed
allow e2e tests to run on openshift using securitycontext fields simple
Revert removal of client fields for PipelineResources for backwards compatibility. PipelineResources are still no longer functional and will not work with this version of Tekton.
Example command to list tasks that use PipelineResources and must be deleted before upgrading (works for other Tekton CRDs as well):
kubectl get taskruns --all-namespaces -o json | jq -r '.items[] | select(.metadata.annotations["[tekton.dev/v1beta1Resources](http://tekton.dev/v1beta1Resources)"] | (. != "{}") and (. != "") and (. != null)) | .metadata.namespace + "/" + .metadata.name + " " + .metadata.creationTimestamp'
Images built as part of releases no longer contain contents of third_party/. (Images still contain contents of vendor/.)
exhaustive
linter. (Hygiene: enableexhaustive
linter. #6484)nolint
items. 🧹 🧹 🧹 (Cleanup: addressed variousnolint
items. 🧹 🧹 🧹 #6477)isCustomTask
(Split up and refactorisCustomTask
#6447)[]Param
to the newParams
type (Clean Up: Update[]Param
to the newParams
type #6446)errorlint
. (Hygiene: enableerrorlint
. #6340)Docs
Migrate documentation from v1beta1 to v1 API
Thanks
Thanks to these contributors who contributed to v0.47.0!
Extra shout-out for awesome release notes:
This discussion was created from the release Tekton Pipeline release v0.47.0 "Chartreux Rachel" LTS.
Beta Was this translation helpful? Give feedback.
All reactions