Tekton Pipeline release v0.44.0 "Siamese Linguo" LTS

-Docs @ v0.44.0
-Examples @ v0.44.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.44.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77aef37f64a4b4a1f8feb128277e9de47fc1ce4ec75e99229c3447da52e951cb8bd

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77aef37f64a4b4a1f8feb128277e9de47fc1ce4ec75e99229c3447da52e951cb8bd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.44.0/release.yaml
REKOR_UUID=24296fb24b8ad77aef37f64a4b4a1f8feb128277e9de47fc1ce4ec75e99229c3447da52e951cb8bd

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.44.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ make the webhook controller name configurable (#6007)

The webhook controller name can be configured using WEBHOOK_ADMISSION_CONTROLLER_NAME environment variable in webhook deployment.

• ✨ [TEP-0091] Trusted Resources

  • enable KMS in VerificationPolicy for trusted resources (#5965)
  • Add KMS filed into v1alpha1.VerificationPolicy (#5891)
  • add KMS libraries (#5890)

• ✨ [TEP-0124] implement opentelemetry Jaeger tracing (#5746)

Added support for tracing using Jaeger and OpenTelemetry. It can be enabled by adding the following environment variables to controller manifest

• OTEL_EXPORTER_JAEGER_ENDPOINT is the HTTP endpoint for sending spans directly to a collector.
• OTEL_EXPORTER_JAEGER_USER is the username to be sent as authentication to the collector endpoint. (optional)
• OTEL_EXPORTER_JAEGER_PASSWORD is the password to be sent as authentication to the collector endpoint. (optional)

Backwards incompatible changes

In current release:

• 🚨 "embedded-status" now defaults to "minimal" (#5934)
• 🚨 Cluster PipelineResources have been removed (#5996)
• 🚨 CloudEvent PipelineResources have been removed (#5995)

Fixes

• 🐛 Fix PipelineRunStatus Reconciler for EmbeddedStatus Switch (#5989)

fixes updates for reconciling pipelinerunstatus when switching the embeddedstatus feature flag. it resets the status.runs and status.taskruns to nil with minimal EmbeddedStatus and status.childReferences to nil with full embeddedstatus.

• 🐛 Fix task parameter value substitution error due to propagateParams (#6004)

Misc

• 🔨 Cleanup resources of ClusterTask (#5977)

remove GetClusterTask func

• 🔨 [TEP074] Remove Cluster pipelineResources (#5996)

action required: please migrate off of cluster pipelineresources as it is removed, please refer to the doc at https://github.com/tektoncd/pipeline/blob/main/docs/pipelineresources.md#replacing-a-cluster-resource
kubeconfigwriter image are not built nor maintained from now on

• 🔨 [TEP074] Remove CloudEvent pipelineResources (#5995)

action required: please migrate off of cloudevent pipelineresources as it is removed, please refer to the doc at https://github.com/tektoncd/pipeline/blob/main/docs/pipelineresources.md#replacing-a-cloudevent-resource

• 🔨 TEP-0114: Remove Feature Flag (#5975)

Removed the feature flag enable-custom-tasks.

• 🔨 Switch the Default Value of Feature Flag to (#5961)

The default value of custom-task-version is changed from v1alpha1 to v1beta1, which means v1beta1.CustomRun will be created out of a Custom Task PipelineTask instead of v1alpha1.Run.

Deprecation Notice: v1alpha1.Run will be removed in release v0.47.0.

• 🔨 [TEP0100] Default to minimal embedded-status (#5934)

switch the default value of embedded-status to minimal
the embedded-status flag along with the both and full functionalities are deprecated, and will be removed in v0.45.

• 🔨 Correct required v.s. optional fields in run status (#5819)

Remove optional tag for startTime and completionTime in TaskRun/PipelineRun status, and add option tag for provenance field in TaskRun/PipelineRun status.

• 🔨 Fully remove kubeconfigwriter image (#6018)
• 🔨 Add sidecarlogresults to images in release pipeline (#5912)

Docs

• 📖 Update releases.md for v0.43 patch releases (#5982)
• 📖 [docs] Added go-licenses to development setup. (#5929)
• 📖 Update releases for v0.43.0 (#5917)

Thanks

Thanks to these contributors who contributed to v0.44.0!

• ❤️ @AlanGreene
• ❤️ @JeromeJu
• ❤️ @XinruZhang
• ❤️ @Yongxuanzhang
• ❤️ @abayer
• ❤️ @bendory
• ❤️ @chengjoey
• ❤️ @chuangw6
• ❤️ @dependabot[bot]
• ❤️ @dibyom
• ❤️ @jerop
• ❤️ @kmjayadeep
• ❤️ @lbernick
• ❤️ @my-git9
• ❤️ @pritidesai
• ❤️ @vdemeester

Extra shout-out for awesome release notes:

• 😍 @JeromeJu
• 😍 @XinruZhang
• 😍 @Yongxuanzhang
• 😍 @chuangw6
• 😍 @kmjayadeep
• 😍 @pritidesai