Tekton Triggers release v0.24.2 "Tekton Triggers"

-Docs @ v0.24.2
-Examples @ v0.24.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.2/interceptors.yaml

Changes

Security

• [0.24.x] Bump GRPC to 1.56.3 (#1661)
• [v0.24.x] Bump golang.org/x/net from 0.11.0 to 0.17.0 (#1654)

Address the GHSA-qppj-fm5r-hxr3 - which involves HTTP/2 Stream Cancellation Attack

Misc

• [release-v0.24.x] Fix integration Test by upgrading Knative (#1655)

Thanks

Thanks to these contributors who contributed to v0.24.2!

• ❤️ @khrm

Tekton Triggers release v0.23.2 "Tekton Triggers"

-Docs @ v0.23.2
-Examples @ v0.23.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.2/interceptors.yaml

Changes

Fixes

Security

• [0.23.x] Bump GRPC to 1.56.3 (#1662)
• [v0.23.x] Bump golang.org/x/net from 0.11.0 to 0.17.0 (#1657)
  Address the GHSA-qppj-fm5r-hxr3 - which involves HTTP/2 Stream Cancellation Attack

Misc

• [release-v0.23.x] Fix integration Test by upgrading Knative (#1656)

Thanks

Thanks to these contributors who contributed to v0.23.2!

• ❤️ @khrm

Extra shout-out for awesome release notes:

• ❤️ @khrm

Tekton Triggers release v0.25.1 "Tekton Triggers"

-Docs @ v0.25.1
-Examples @ v0.25.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.1/interceptors.yaml

Changes

Fixes

• Bump golang.org/x/net from 0.11.0 to 0.17.0 (#1653)

Address the CVE-2023-44487 - which involves HTTP/2 Stream Cancellation Attack

Thanks

Thanks to these contributors who contributed to v0.25.1!

• ❤️ @khrm

Extra shout-out for awesome release notes:

• 😍 @khrm

Tekton Triggers release v0.25.0 "Tekton Triggers"

-Docs @ v0.25.0
-Examples @ v0.25.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.25.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a3b75040e94727f4d7a7246d5e704172f48f5969d1202903ecd5fb22a0cc5b0f5

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.25.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ Add probes support in Triggers eventlistener (#1633)

Triggers now support probes setting on EventListener object
Triggers now have default value for failure-threshold as 3 for both readiness and liveness probes

• ✨ Change Leader Election Config Map for Controllers and Webhook (#1624)
• ✨ Move interceptor structs to their specific interceptor implementations (#1588)

Backwards incompatible changes

In current release:

• 🚨 There are changes to move Interceptors structure to their specific interceptor implementations (#1588)
  So whoever depends on interceptor structure they have to change their import path
  This change effects for those who build something using Triggers code
  Example: Tekton CLI import path change and usage

Fixes

• 🐛 Fix EL Status URL for kubernetesresource.serviceport (#1632)

Misc

• 🔨 Remove third_party directory (#1579)
• 🔨 drop manual use of knative.dev/pkg::injection.Dynamic (#1594)
• 🔨 Fix SA1019 error by staticcheck due to deprecation (#1629)
• 🔨 Bump tekton/pipelines v0.50.1 LTS in preparation of release (#1625)
• 🔨 Update Cel-Go to v0.17.1 (#1622)
• 🔨 Fix integraion Test by upgrading Knative (#1616)
• 🔨 Update Cel-Go to v0.16.0 (#1613)
• 🔨 Add v0.23.1 and v0.24.0 (as LTS) to releases.md (#1582)

Docs

• 📖 Added clarification about escaping special character in TB (#1631)
• 📖 Add AWS CodeCommit examples for push request and also README to configure AWS CodeCommit (#1619)
• 📖 Add v0.24.1 to docs (#1608)

Thanks

Thanks to these contributors who contributed to v0.25.0!

• ❤️ @dibyom
• ❤️ @dprotaso
• ❤️ @kcloutie
• ❤️ @khrm
• ❤️ @savitaashture

Extra shout-out for awesome release notes:

• 😍 @dibyom
• 😍 @savitaashture

Tekton Triggers release v0.24.1 "Tekton Triggers"

-Docs @ v0.24.1
-Examples @ v0.24.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.1/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a2d710a90da7f62da10b6c562208f9042953f121566a007a0bdcf2280135cae56

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.24.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

• 🐛 [release-v0.24.x] Add SetType and SetSubject to CE sink response (#1605)
• 🐛 [release-v0.24.x] Fix k8s Events generation (#1604)

Notice

• In EventListener Response to event from CloudEvent providers, the Source will be changed in CloudEvent response to what we provide to CloudEvent sink (provided in CloudEventURI) during the processing of Triggers.

Thanks

Thanks to these contributors who contributed to v0.24.1!

• ❤️ @khrm

Tekton Triggers release v0.24.0 "Tekton Triggers"

-Docs @ v0.24.0
-Examples @ v0.24.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/release.yaml 
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.24.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77ad326130394b66644f55dcff5934aea2584561dbbc454134c61361188b50fd005

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.24.0@sha256:" + .digest.sha256')


# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ Slack interceptor 1542 (#1548)

Added a Slack Interceptor that allows you to extract fields from a slack slash command payload which are sent in the http form-data section.

• ✨ Add support for Affinity and TopologySpreadConstraints (#1540)

Triggers now support Affinity and TopologySpreadConstraints as part of Kubernetes and Custom resource

Fixes

• 🐛 Add Default Informers setup to Event Listener Sink (#1584)

Kubernetes API requests performed by EventListeners are now cached.

Misc

• 🔨 Remove PipelineResource support and bump pipeline to 0.46.0 (#1577)

This will remove PipelineResource and it's all occurrence and also bump pipeline to 0.46.0
and add Swagger.json for Triggers with Pipelines v0.46

• 🔨 Remove comparing serviceaccount in tests (#1576)

Remove comparing serviceaccount in tests

• 🔨 Move wlynch to emeritus_approvers (#1585)

• 🔨 Update pull_request_template.md (#1580)

• 🔨 Upgrade Tekton Pipelines to v0.47.0 (#1590)

• 🔨 Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#1581)

• 🔨 Fix Error by given linters during tests (#1578)

• 🔨 Adding Minimum Kubernetes version (#1560)

• 🔨 Upgrading Go to 1.19 (#1554)

• 🔨 Create codeql-analysis.yml (#1546)

• 🔨 Add the instruction for release attestation (#1545)

• 🔨 Add v0.23.0 to releases.md (#1544)

Docs

Thanks

Thanks to these contributors who contributed to v0.24.0!

• ❤️ @dependabot[bot]
• ❤️ @dibyom
• ❤️ @ilan-pinto
• ❤️ @khrm
• ❤️ @miguelvalerio
• ❤️ @piyush-garg
• ❤️ @pratap0007
• ❤️ @savitaashture
• ❤️ @wlynch

Extra shout-out for awesome release notes:

• 😍 @dibyom
• 😍 @ilan-pinto
• 😍 @miguelvalerio
• 😍 @piyush-garg
• 😍 @pratap0007
• 😍 @savitaashture
• 😍 @wlynch

Tekton Triggers release v0.23.1 "Tekton Triggers"

-Docs @ v0.23.1
-Examples @ v0.23.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.1/interceptors.yaml

Changes

Features

Fixes

Misc

• 🔨 [release-v0.23.x] Fix marshalJSON for lists of objects (#1557)

ix a bug in CEL interceptor's marshalJSON binding to allow marshaling of maps.

• 🔨 [release-v0.23.x] Upgrade to latest knative.dev/pkg 1.9 (#1558)

Docs

• 📖 [Release-v0.23.x] Fix Weight and Title in Docs (#1550)
• 📖 Fix Weight and Title in Docs (#1549)

Thanks

Thanks to these contributors who contributed to v0.23.1!

• ❤️ @khrm
• ❤️ @savitaashture

Extra shout-out for awesome release notes:

• 😍 @savitaashture

Tekton Triggers release v0.23.0

-Docs @ v0.23.0
-Examples @ v0.23.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a11b8a3dc45583f50a2166834931fa90e92b29af49e99c54e95972c81c27a5e56

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a11b8a3dc45583f50a2166834931fa90e92b29af49e99c54e95972c81c27a5e56
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.0/release.yaml
INTERCEPTORS_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.23.0/interceptors.yaml
REKOR_UUID=24296fb24b8ad77a11b8a3dc45583f50a2166834931fa90e92b29af49e99c54e95972c81c27a5e56

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.23.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml
curl "$INTERCEPTORS_FILE" >> release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ Github Interceptor to support Owners File Validation (#1516)

Github interceptor blocks a pull request trigger from being executed unless invoked by an owner or with a configurable comment by an owner, for example /ok_to_test. This feature can be enabled/disabled by feature flagging it true/false

• ✨ Add support for v1 pipeline types and customruns (#1514)

Triggers now allows creating v1 PipelineRuns, TaskRuns, Tasks, and Pipelines as well as v1beta1 CustomRuns

• ✨ add changed files to the github interceptor (#1507)

The GitHub Interceptor now has the ability to add a comma delimited list of all files that have changed (added, modified or deleted) for the push and pull_request events. The list of changed files are added to the changed_files property of the event payload in the top-level extensions field

Fixes

• 🐛 Change TLS MinVersion to in order to make Triggers run on OCP where FIPS enabled (#1518)

Changed TLS MinVersion to tls.VersionTLS12 in order to make Triggers run on OCP(Where FIPS enabled) as OCP uses MInTLS as 1.2 for all components

• 🐛 Add SecurityContext to Eventlistener containers (#1494)

Eventlistener containers now contain the right security context to allow running with restricted pod security admission

• 🐛 Skip webhook validation on delete for v1beta1 (#1470)

Resource validation is skipped on deletion

• 🐛 Remove the GO111MODULE=off in release pipeline (#1536)
• 🐛 Fix the error message during InterceptorExecution (#1523)

Misc

• 🔨 Add v0.22.2 to releases.md (#1532)

• 🔨 chore: use http constants to replace numbers (#1531)

• 🔨 Add v0.22.x to releases.md (#1511)

• 🔨 test: use T.Setenv to set env vars in tests (#1491)

• 🔨 Update ko image to latest with Go 1.19 (#1541)

• 🔨 Fix go1.19 related codegen issues (#1534)

• 🔨 Remove git files from KODATA (#1533)

• 🔨 Update Pipelines to v0.44 and cel-go to v0.13.0 (#1525)

Docs

Thanks

Thanks to these contributors who contributed to v0.23.0!

• ❤️ @Juneezee
• ❤️ @dependabot[bot]
• ❤️ @dibyom
• ❤️ @kcloutie
• ❤️ @khrm
• ❤️ @lbernick
• ❤️ @my-git9
• ❤️ @nagasree9
• ❤️ @savitaashture

Extra shout-out for awesome release notes:

• 😍 @dependabot[bot]
• 😍 @dibyom
• 😍 @kcloutie
• 😍 @lbernick
• 😍 @my-git9
• 😍 @nagasree9
• 😍 @savitaashture

Tekton Triggers release v0.22.2 "Tekton Triggers"

-Docs @ v0.22.2
-Examples @ v0.22.2

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.2/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.2/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a0f930f513e632de87b322aa71f55d0223274ba1270553b8aec75be52a95e2540

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a0f930f513e632de87b322aa71f55d0223274ba1270553b8aec75be52a95e2540
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.2/release.yaml
REKOR_UUID=24296fb24b8ad77a0f930f513e632de87b322aa71f55d0223274ba1270553b8aec75be52a95e2540

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.2@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

• 🐛 Change TLS MinVersion to tls.VersionTLS12 in order to make Triggers run on OCP where FIPS enabled (#1521)

Changed TLS MinVersion to tls.VersionTLS12 in order to make Triggers run on Openshift cluster(Where FIPS enabled) as Openshift uses MInTLS as 1.2 for all components

• 🐛 Replace cloudevents resource with task from hub (#1530)

Cloud events pipeline resource was removed from pipelines recently. Triggers E2E tests run against the main branch of pipelines and that the getting-started tutorial still uses this resource, so Triggers e2e tests have been failing.

Misc

• 🔨 Bump golang.org/x/net from 0.1.0 to 0.7.0 (#1529)

Fixes GHSA-69cg-p879-7622

Thanks

Thanks to these contributors who contributed to v0.22.2!

• ❤️ @khrm
• ❤️ @savitaashture

Extra shout-out for awesome release notes:

• 😍 @khrm
• 😍 @savitaashture

Tekton Triggers release v0.22.1 "Tekton Triggers"

-Docs @ v0.22.1
-Examples @ v0.22.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.1/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.1/interceptors.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a9a5778385ae597be33104fbf5b171adcf449e023a3add7cddad9a3ce4b2ec9c6

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a9a5778385ae597be33104fbf5b171adcf449e023a3add7cddad9a3ce4b2ec9c6
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.22.1/release.yaml
REKOR_UUID=24296fb24b8ad77a9a5778385ae597be33104fbf5b171adcf449e023a3add7cddad9a3ce4b2ec9c6

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.1@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

Fixes

• [release-v0.22.x] Fix the lint error given by CI (#1510)

• [release-v0.22.x] Restore v1alpha1.Runs as valid resources (#1509)
  Restore support for Runs in TriggerTemplates

• [release-v0.22.x] Set default Interceptor.Kind for EventListener TriggerGroups (#1508)
  Sets a default interceptor kind for interceptors in event listener trigger groups.

Thanks

Thanks to these contributors who contributed to v0.22.1!

• ❤️ @abayer
• ❤️ @afrittoli
• ❤️ @khrm
• ❤️ @tekton-robot

Extra shout-out for awesome release notes:

• ❤️ @abayer
• ❤️ @afrittoli
• ❤️ @khrm
• ❤️ @tekton-robot