Releases: tektoncd/triggers
Tekton Triggers release v0.30.0 "Tekton Triggers"
-Docs @ v0.30.0
-Examples @ v0.30.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.30.0/release.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562
Obtain the attestation:
REKOR_UUID=108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/${VERSION_TAG}/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/${VERSION_TAG}/interceptors.yaml
REKOR_UUID=108e9186e8c5677a05ca2593a924c2abaf6290c29d6d5192c8d918d7d74b054734c58b63ec6c8562
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.30.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Fixes
Misc
- 🔨 Bump pipeline 0.65.0 LTS (#1775)
- 🔨 Bump the CEl-GO to v0.21.0 (#1776)
- 🔨 Rename
Decade
toCentury
(#1773) - 🔨 Migrate nightly builds and releases to ghcr.io (#1767)
- 🔨 Add dependabot to update go mod and github action dependencies (#1770)
Docs
Thanks
Thanks to these contributors who contributed to v0.30.0!
- ❤️ @afrittoli
- ❤️ @khrm
- ❤️ @omertuc
- ❤️ @savitaashture
Tekton Triggers release v0.29.1 "Tekton Triggers"
-Docs @ v0.29.1
-Examples @ v0.29.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/interceptors.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509
Obtain the attestation:
REKOR_UUID=108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.1/release.yaml
REKOR_UUID=108e9186e8c5677a689b63ad4f04407989836cf4ad5a48b04c6a5ccbe0e7ae9335e54f8df273e509
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.29.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
- ✨ Set readOnlyRootFilesystem as true in Interceptor (#1763)
Interceptor's Deployment security context readOnlyRootFilesystem are set to true to increase the security and to avoid being flagged by the security scanner
Fixes
Misc
- 🔨 Bump Pipeline to v0.62.3 (#1762)
Bumping Pipeline to v0.62.3 to make client compatible with old pipeline versions
Docs
Thanks
Thanks to these contributors who contributed to v0.29.1!
Extra shout-out for awesome release notes:
Tekton Triggers release v0.29.0 "Tekton Triggers LTS"
-Docs @ v0.29.0
-Examples @ v0.29.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/interceptors.yaml
Attestation
The Rekor UUID for this release is 108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4
Obtain the attestation:
REKOR_UUID=108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.29.0/release.yaml
REKOR_UUID=108e9186e8c5677ad076cc4e98758a3298fe82176ab9bd6ab7d90e9ae59a0ccc9104b0d7ae540aa4
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.29.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
- ✨ Add new flag set-read-only-root-filesystem to set readOnlyRootFilesys… (#1742)
Added a new flag el-read-only-root-filesystem
to the tekton-triggers-controller
container. This flag, which is set to true
by default, configures the EventListener
container's securityContext.readOnlyRootFilesystem
to true
. This change aligns with Azure AKS best practices and enhances security.
- ✨ Update eventlistener podSeurityContext to adhere to restricted pod security (#1740)
Eventlistener podTemplate now includes securityContext settings: seccompProfile, runAsUser, runAsGroup, and fsGroup when flag el-security-context is true.
Breaking Changes
- 🚨 Metric name for eventlistener is changed from
eventlistener_event_count
toeventlistener_event_received_count
(#1755)
Misc
- 🔨 Install latest pipeline release in tests (#1758)
Install latest pipeline release in tests
- 🔨 Bump Pipelines to v0.62.1 (#1754)
Bump Pipelines to v0.62.1
- 🔨 Add runAsUser and runAsGroup under setSecurityContext flag (#1756)
Docs
- 📖 Remove duplicate Triggers reference from TriggerGroup section of documentation (#1757)
Updated Documentation on TriggerGroups
- 📖 Updated URL's on eventlisteners.md (#1750)
- 📖 fix(example): update default branch name in examples (#1748)
- 📖 Fixes eventlistener link and cel expression yaml example in docs (#1746)
Thanks
Thanks to these contributors who contributed to v0.29.0!
- ❤️ @Historyman
- ❤️ @danielfbm
- ❤️ @dependabot[bot]
- ❤️ @johankok
- ❤️ @khrm
- ❤️ @kristofferchr
- ❤️ @l-qing
- ❤️ @piyush-garg
- ❤️ @savitaashture
- ❤️ @sudhishmk
Extra shout-out for awesome release notes:
- 😍 @Historyman
- 😍 @khrm
- 😍 @kristofferchr
- 😍 @piyush-garg
Tekton Triggers release v0.28.0 "Tekton Triggers"
-Docs @ v0.28.0
-Examples @ v0.28.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/interceptors.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.28.0/release.yaml
REKOR_UUID=24296fb24b8ad77ab8d7c9926b0e67fa6a87b50dacf2e91bcaeb6c964a25d5e562dc0518c48a37fd
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.28.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
-
✨ Set readOnlyRootFilesystem as true in Controller and Webhook (#1735)
- Controller's and Webhook's Deployment security context
readOnlyRootFilesystem
are set to true to increase the security and to avoid being flagged by the security scanner
- Controller's and Webhook's Deployment security context
-
✨ Update securityContext to include required configurations when the flag el-security-context is enabled (#1736) and (#1747)
- Added new field default-run-as-non-root to configmap so that RunAsNonRoot can be now configured through config-defaults-triggers ConfigMap
- Defaults values for RunAsNonRoot is
true
- Defaults values for RunAsNonRoot is
- Added new fields
default-run-as-user
anddefault-run-as-group
toconfig-defaults-triggers
configmap so that RunAsUser and RunAsGroup can be now configured through ConfigMap- Defaults values for RunAsUser and RunAsGroup 65532
- Added new field default-run-as-non-root to configmap so that RunAsNonRoot can be now configured through config-defaults-triggers ConfigMap
Misc
- 🔨 Bump 0.61.0 pipeline release (#1745)
- 🔨 Bump github.com/hashicorp/go-retryablehttp from 0.7.2 to 0.7.7 (#1738)
- 🔨 Handle validation when value for runAsGroup and runAsUser is empty (#1747)
- 🔨 Bump knative.dev/serving from 0.38.6 to 0.39.0 (#1733)
Docs
Thanks
Thanks to these contributors who contributed to v0.28.0!
- ❤️ @danielfbm
- ❤️ @dependabot[bot]
- ❤️ @khrm
- ❤️ @savitaashture
Extra shout-out for awesome release notes:
- 😍 @khrm
- 😍 @savitaashture
Tekton Triggers release v0.27.0 "Tekton Triggers"
-Docs @ v0.27.0
-Examples @ v0.27.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/interceptors.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.27.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a38ac13bedf11db0c356ec34af7a0fd7103d41019a411116900fd90c970ea9d61
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.27.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
- ✨ Node port service match kubernetes resource (#1716)
Resolve node port when serviceType is NodePort
- ✨ Add LoadBalancerClass support in EventListener (#1708)
EventListners have a new field letting you choose on which LoadBalancer you want to expose the underlying service if you have severals.
- ✨ Remove tekton resource validation (#1699)
Removes the limit of only creating Tekton resources from within your TriggerTemplate. This will allow for other K8s resources to be created as well like for example K8s Jobs.
Fixes
- 🐛 Fix is-multi-ns flag for triggerGroups (#1725)
Fix that the --is-multi-ns flag on the eventlistener is set to true, when using a namespaceSelector on any triggerGroup.
- 🐛 Pass Content-Type Header to Interceptor (#1615)
Now Content-Type: application/json
is passed to the interceptor while making the request.
Misc
- 🔨 Bump CEL to v0.20.1 (#1730)
CEL interceptor updated to cel-go v0.20.1 and extensions for manipulating lists, sets and mathematical functions have been added.
- 🔨 Bump go to 1.21 and pipeline to v0.59.0 LTS (#1722)
Update Go version to 1.21 and Pipelines to v0.59.0. Minimum Kubernetes version is 1.27.
- 🔨 Update ko to 0.15.1 and Go to go1.22.2 for publish task (#1731)
- 🔨 Fix GolangCI issues causing test failures (#1724)
- 🔨 Move inactive maintainers to emeritus status (#1709)
Docs
- 📖 Add Minimum Kubernetes Version for Triggers (#1728)
- 📖 Fix API doc by adding TriggerTemplate to Resource Types (#1727)
- 📖 Document EventListener behaviour as CloudEvent sink (#1710)
- 📖 Fix typo (#1704)
- 📖 Add
lowerAscii()
andupperAscii()
to documentation (#1698)
Thanks
Thanks to these contributors who contributed to v0.27.0!
- ❤️ @AlanGreene
- ❤️ @Ferenc-
- ❤️ @GijsvanDulmen
- ❤️ @bigkevmcd
- ❤️ @dibyom
- ❤️ @jmcshane
- ❤️ @khrm
- ❤️ @nicolasbernard
- ❤️ @seternate
Extra shout-out for awesome release notes:
- 😍 @GijsvanDulmen
- 😍 @bigkevmcd
- 😍 @jmcshane
- 😍 @khrm
- 😍 @nicolasbernard
- 😍 @seternate
Tekton Triggers release v0.26.2 "Tekton Triggers"
-Docs @ v0.26.2
-Examples @ v0.26.2
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/interceptors.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.2/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a09d03a4ae6b0a0cc8785588ae183b9194b9e3123e9a5659bffdae449e24d3ae5
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.2@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Security Fixes
- Bump golang.org/x/net to fix CVE issue (#1721)
- Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 fix CVE issue (#1715)
- Bump github.com/cloudevents/sdk-go/v2 from 2.14.0 to 2.15.2 fix CVE issue (#1713)
Thanks
Thanks to these contributors who contributed to v0.26.2!
- ❤️ @khrm
- ❤️ @tekton-robot
Tekton Triggers release v0.26.1 "Tekton Triggers"
-Docs @ v0.26.1
-Examples @ v0.26.1
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/interceptors.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.1/release.yaml
REKOR_UUID=24296fb24b8ad77ada4bd989265c7c72c1dbd6295312ef4314f485d4221703b03c60f9edd76000c8
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.1@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
Fixes
- 🐛 Revert "Follow naming conventions for resourceTemplates" (#1694)
Changed the resourceTemplates tag back to resourcetemplates because it's breaking the upgrade flow. This is due to the existing TriggerTemplate data with the old tag still persisting in etcd. Consequently, during an upgrade with the new tag, the data isn't fetched for the trigger template as expected.
Misc
- 🔨 Modify the Knative package and Serving version to align with the Kubernetes version for compatibility (#1692)
With this commit, updating the version to maintain consistency with the Kubernetes version of Tekton Pipeline
Docs
Thanks
Thanks to these contributors who contributed to v0.26.1!
Extra shout-out for awesome release notes:
Tekton Triggers release v0.26.0 "Tekton Triggers"
-Docs @ v0.26.0
-Examples @ v0.26.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/interceptors.yaml
Attestation
The Rekor UUID for this release is 24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
Obtain the attestation:
REKOR_UUID=24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.26.0/release.yaml
REKOR_UUID=24296fb24b8ad77adb2b758a907715ae9c12bd31be75af1e58f488fa6d02f6f29886e7bb1aa4046c
# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.26.0@sha256:" + .digest.sha256')
# Download the release file
curl "$RELEASE_FILE" > release.yaml
# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
- ✨ Add string translation to CEL interceptor. (#1686)
New translate
function added to the CEL interceptor.
- ✨ Add first and last functions. (#1636)
Two new functions for the CEL interceptor, to allow easy access to the first and last elements in an array.
Breaking changes
In current release:
- 🚨
The decision to modify the tag from resourcetemplates to resourceTemplates within the triggerTemplate spec was made to align with JSON or YAML camelCase format standards. However, this alteration has caused a disruption in the upgrade process, as previous versions of Triggers relied on the resourcetemplates tag. which is a breaking change.
To address this issue, we reverted the change back and released Triggers version v0.26.1.
We will reintroduce the change when we support the new ApiVersion in Triggers. At that point, we'll utilize conversion functionality (convertTo and convertFrom) to ensure seamless transition. By incorporating the ApiVersion, we'll be able to adjust the tag accordingly. #1694
Fixes
- 🐛 Fix bitbucket server example when both SSH and HTTPS enabled (#1641)
Misc
- 🔨 Update Cel-go to v0.19.0 (#1688)
- 🔨 Bump Pipelines to v0.56.0 (#1683)
- 🔨 Bump tekton/pipelines v0.53.0 LTS release (#1671)
- 🔨 Add Triggers v0.25.2 and v0.24.2 to the release (#1669)
- 🔨 Follow naming conventions for resourceTemplates (#1650)
- 🔨 Remove Pipelineressources from integration test (#1643)
- 🔨 Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#1679)
- 🔨 Bump knative.dev/serving from 0.30.1-0.20220402124840-21c05dc9d9a4 to 0.39.0 (#1677)
- 🔨 Bump GRPC from 1.56.2 to 1.59.0 (#1660)
Docs
- 📖 Add v0.25.0 to docs (#1635)
Thanks
Thanks to these contributors who contributed to v0.26.0!
- ❤️ @bigkevmcd
- ❤️ @dependabot[bot]
- ❤️ @khrm
- ❤️ @savitaashture
Extra shout-out for awesome release notes:
- 😍 @bigkevmcd
- 😍 @khrm
Tekton Triggers release v0.25.3 "Tekton Triggers"
-Docs @ v0.25.3
-Examples @ v0.25.3
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.3/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.3/interceptors.yaml
Changes
Security
-
🔒 Disable HTTP/2 for webhoook by updating Knative
Fixes: GHSA-qppj-fm5r-hxr3 -
🔒 Bump ko to go 1.20 in release task
Fixes: GHSA-4374-p667-p6c8
Fixes
- 🐛 Update triggers core interceptor to create secret when necessary
Now the core interceptor will create secrets in only 2 cases:- when there is no secret present in the cluster.
- when certificates expire within the existing secret.
If secret exist and have valid certificates no need to recreate secret every time
Thanks
Thanks to these contributors who contributed to v0.25.3!
- ❤️ @khrm
- ❤️ @savitaashture
Extra shout-out for awesome release notes:
- 😍 @khrm
- 😍 @savitaashture
Tekton Triggers release v0.25.2 "Tekton Triggers"
-Docs @ v0.25.2
-Examples @ v0.25.2
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.2/interceptors.yaml
Changes
Security
- [0.25.x] Bump GRPC to 1.56.3 (#1659)
Address the GHSA-qppj-fm5r-hxr3 - which involves HTTP/2 Stream Cancellation Attack
Thanks
Thanks to these contributors who contributed to v0.25.2!
- ❤️ @khrm
Extra shout-out for awesome release notes:
- 😍 @khrm