🎉 🪟 More Windows features 🪟, lots of fixes 🔨 and docs improvements 📖 ! 🎉

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.33.0/release.yaml

Attestation

The Rekor UUID for this release is 5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f

Obtain the attestation:

REKOR_UUID=5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | base64 --decode | jq

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.33.0/release.yaml 
REKOR_UUID=5d258716457107c85cf59b80c0091c333463eb7c2a9f2d6f5b642ca69ef2671f

# Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | base64 --decode | jq -r '.subject[]|.name + ":v0.33.0@sha256:" + .digest.sha256')

# Download the release file
curl "$RELEASE_FILE" > release.yaml

# For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do 
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Deprecation Notices

The scope-when-expressions-to-task flag will be removed in the next release.
We recommend migrating Pipelines to using when expressions scoped to the guarded Task only.

Upgrade Notices

🚨 Tekton v0.33.0 requires Kubernetes v1.21+ 🚨

The configuration flags disable-working-dir-overwrite and disable-home-env-overwrite and associated features are not available anymore. Users that rely on automatic workingDir and HOME overwrite must update their Tasks to explicitly them before updating to
this release.

The when expressions in a given Task are scoped to guard the Task only by default. Users that rely the Branch scope can use the scope-when-expressions-to-task to continue guarding the Task and its dependent Tasks.

Changes

Features

✨ [TEP-0059] Scope expressions to only (#4580)

The when expressions in a given Task are scoped to guard the Task only by default. Set scope-when-expressions-to-task to continue guarding the Task and its dependent Tasks. The scope-when-expressions-to-task flag will be removed soon so we recommend migrating Pipelines to using when expressions scoped to the guarded Task only.

✨ Add Step and Sidecar Overrides to TaskRun API (#4575)

[Feature] Adds API fields for Step and Sidecar Overrides to TaskRun. This feature is not yet implemented.

✨ Add resolution types to the API (#4502)

Syntax support for remote resolution, an alpha feature in development, has been added to pipelineRef and taskRef fields. Using the remote resolution fields is not yet possible, however, and will only result in errors.

✨ Support workingDir init on Windows (#4475)

Working dir initialization is now done using a Go binary in a new container image included in the release, which makes it portable to run on Windows nodes.

✨ Include Windows builds of cmd/nop in release process (#4474)

Include Windows support for the nop image, to enable Affinity Assistant for Windows, and more.

Backwards incompatible changes

In current release:

🚨 Remove deprecated flags home-env and working-dir 🧹 (#4587)

The configuration flags disable-working-dir-overwrite and disable-home-env-overwrite, after defaulting
to True for nine months (i.e. feature disabled), have now been removed completely, along with the associated
features which are not available in Tekton anymore.

Fixes

🐛 Fix for some arm64 machines. (#4588)

Fix problems on some arm64 machines.

🐛 Consider osversion when determining platform uniqueness (#4569)

Tweaks platform-specific command selection logic to handle images that provide multiple images for the same os+architecture, differing only by osversion (e.g., golang:1.17)

🐛 Ignore variant when looking up command for platform in entrypoint (#4550)

Loosen runtime platform selection logic to account for platforms with CPU variants

🐛 Add validation for PR infinite timeouts (#4539)

[Bug Fix] Add validation for 0 timeout for pipelinerun.timeouts.tasks and pipelinerun.timeouts.finally

🐛 Set correct timeout for PR tasks with elapsed time (#4532)

[Bug Fix] Account for elapsed time, pipeline.timeouts.tasks, and pipeline.tasks[].timeout when setting taskrun timeout

🐛 Account for PipelineRun elapsed time for timeouts (#4506)

[Bug fix]: Respect pipelinerun.timeouts.tasks for sequential TaskRuns or TaskRun retries

🐛 Fix Pipeline/Task to *Run label/annotation propagation 🥨 (#4478)

Fix labels and annotation propagation from Task/Pipeline to TaskRun/PipelineRun and thus the generated Pod

🐛 Use pr.Timeouts.Pipeline in Custom Task reconcile (#4440)

[Bug fix]: Use pipeline.spec.timeouts.pipeline to determine pipeline timeout during custom task reconcile

🐛 Patch temp GOPATH hack script to handle nounset option (#4574)
🐛 Add taskSpec resources validation (#4547)
🐛 add default seccomp profile (#4520)
🐛 Update hack scripts to shim temp GOPATH as needed (#4465)
🐛 Fix incorrect format specifier in test files (#4495)
🐛 Fix tekton_pipelines_controller_taskrun_count recount bug (#4469)

Misc

🔨 Remove deprecated flags home-env and working-dir 🧹 (#4587)

🔨 Update write_test.go (#4570)
🔨 [refactor] Remove ImplicitParamEnabled context. (#4528)
🔨 Update k8schain (#4488)

Drops dependency on k8s cred providers, statically link GCR/ECR/ACR cred helpers' Go code instead

🔨 and supported in (#4481)
🔨 Revert 49a7fa to remove fake AWS creds (#4504)

The pipelines controller config previously included AWS environment variables as a workaround for a performance-related issue. The underlying issue appears to be fixed and so the environment variables have been removed from the controller.

🔨 use helper functions - MarkResource* (#4565)
🔨 cleanup - ApplyContext parameters (#4564)
🔨 minor cleanup - use MarkResource* instead of updating the status explicitly (#4561)
🔨 Add copyright notice to clock.go (#4505)
🔨 Move to Go 1.16 (#4497)
🔨 Drop minishift instructions (#4489)
🔨 Provide testing implementation of time.Now() (#4487)
🔨 Update the release notes to describe kustomize usage (#4509)
🔨 Separate buildPlatforms and publishPlatforms (#4486)
🔨 Bump knative.dev/pkg vendoring. Use klog/v2 (#4538)

🚨 Tekton now requires Kubernetes v1.21+ 🚨

🔨 Increase lease time of controller and webhook (#4541)
🔨 Use podTemplate ImagePullSecrets for Entrypoint Image Lookup (#4496)
🔨 Drop resource requests: from gohelloworld. (#4549)

Docs

📖 Update the feature flag docs (#4584)
📖 Add bash v4+ requirement to the development guide (#4498)
📖 Move kind development instructions to top of dev cluster instructions. (#4466)
📖 Update the deprecations table (#4586)
📖 debug is an alpha feature (#4573)
📖 Fix links to Why Aren't PipelineResources in Beta? (#4572)
📖 Fix kustomize invocation typo (#4537)
📖 Add doc links for Pipelines 0.28.3 (#4536)
📖 Add doc links for 0.29.1, 0.30.1, 0.31.1 and 0.32.1 (#4530)
📖 Update README.md (#4507)
📖 Add docs links for v0.32.0 (#4482)
📖 Update docs to reflect resource requests of pods (#4472)
📖 Update install docs to mention firewall reqs (#4517)

Thanks

Thanks to these contributors who contributed to v0.33.0!

❤️ @AlanGreene
❤️ @MrMYHuang
❤️ @R2wenD2
❤️ @Yongxuanzhang
❤️ @abayer
❤️ @afrittoli
❤️ @anu-baskar
❤️ @concaf
❤️ @guillaumerose
❤️ @imjasonh
❤️ @jerop
❤️ @khrm
❤️ @lbernick
❤️ @mattmoor
❤️ @pritidesai
❤️ @psychosis448
❤️ @sbwsg
❤️ @vdemeester
❤️ @wlynch

Extra shout-out for awesome release notes:

😍 @MrMYHuang
😍 @Yongxuanzhang
😍 @afrittoli
😍 @anu-baskar
😍 @guillaumerose
😍 @imjasonh
😍 @jerop
😍 @khrm
😍 @lbernick
😍 @mattmoor
😍 @sbwsg
😍 @vdemeester
😍 @wlynch

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Tekton Pipeline release v0.33.0 "Highlander HAL"