- Notifications
You must be signed in to change notification settings - Fork154
Tekton Chains release v0.22.0 "v0.22.0"
7fd8992 This commit was created on GitHub.com and signed with GitHub’sverified signature.
-Docs @ v0.22.0
-Examples @ v0.22.0
Installation one-liner
kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yaml
Attestation
The Rekor UUID for this release is108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c
Obtain the attestation:
REKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9crekor-cli get --uuid$REKOR_UUID --format json| jq -r .Attestation| jq.
Verify that all container images in the attestation are in the release file:
RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.0/release.yamlREKOR_UUID=108e9186e8c5677ac79d95cacbef63aabcf5ee0d85a766a74682843083420ed17a445a797f31fd9c# Obtains the list of images with sha from the attestationREKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid"$REKOR_UUID" --format json| jq -r .Attestation| jq -r'.subject[]|.name + ":v0.22.0@sha256:" + .digest.sha256')# Download the release filecurl"$RELEASE_FILE"> release.yaml# For each image in the attestation, match it to the release fileforimagein$REKOR_ATTESTATION_IMAGES;doprintf$image; grep -q$image release.yaml&&echo" ===> ok"||echo" ===> no match";done
Changes
Features
Fixes
🐛 Calculate subjects per formatter (#1132)
🐛 Fix no repeated subjects for v2alpha4 pipelineruns (#1130)
🐛 Fix field names in generated json statement (#1129)
Docs
Thanks
Thanks to these contributors who contributed to v0.22.0!
- ❤️@PuneetPunamiya
- ❤️@anithapriyanatarajan
- ❤️@chitrangpatel
- ❤️@concaf
- ❤️@dependabot[bot]
- ❤️@jkhelil
- ❤️@lcarva
- ❤️@renzodavid9
- ❤️@tarilabs
Extra shout-out for awesome release notes:
Contributors
tarilabs, lcarva, and 7 other contributors
Assets4
Uh oh!
There was an error while loading.Please reload this page.