Skip to content
Snippets Groups Projects

chore(deps): update ghcr.io/tektoncd/triggers/webhook-dd1edc925ee1772a9f76e2c1bc291ef6 docker tag to v0.32.0 - autoclosed

Closed chore(deps): update ghcr.io/tektoncd/triggers/webhook-dd1edc925ee1772a9f76e2c1bc291ef6 docker tag to v0.32.0 - autoclosed
renovate/ghcr.io-tektoncd-triggers-webhook-dd1edc925ee1772a9f76e2c1bc291ef6-0.x into main
Closed Botaniker (Bot) requested to merge renovate/ghcr.io-tektoncd-triggers-webhook-dd1edc925ee1772a9f76e2c1bc291ef6-0.x into main

This MR contains the following updates:

Package Update Change OpenSSF
ghcr.io/tektoncd/triggers/webhook-dd1edc925ee1772a9f76e2c1bc291ef6 minor v0.31.0 -> v0.32.0 OpenSSF Scorecard

:warning: Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

tektoncd/triggers (ghcr.io/tektoncd/triggers/webhook-dd1edc925ee1772a9f76e2c1bc291ef6)

v0.32.0: Tekton Triggers release v0.32.0 "Tekton Triggers"

Compare Source

-Docs @​ v0.32.0 -Examples @​ v0.32.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/release.yaml
kubectl apply -f https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/interceptors.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/triggers/previous/v0.32.0/release.yaml
REKOR_UUID=108e9186e8c5677ab3a0005892bb67e811a79dfb38afdde7453855993480ace29e0146b4bbbc6662

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":
v0.32.0@​sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • :sparkles: Add KUBERNETES_MIN_VERSION env to override k8s variable (#​1818)

Add KUBERNETES_MIN_VERSION env to override k8s variable. Currently, it is set 1.28 by default.

  • :sparkles: Allow users to set custom securityContext in EventListener spec (#​1832)
  1. Users can now define their own securityContext under the EventListener YAML. ex:
spec:
  serviceAccountName: tekton-triggers-example-sa
  resources:
    kubernetesResource:
      spec:
        template:
          spec:
            securityContext:
              runAsNonRoot: true
            containers:
              - resources:
                  requests:
                    memory: "64Mi"
                    cpu: "250m"
                  limits:
                    memory: "128Mi"
                    cpu: "500m"
                securityContext:
                  readOnlyRootFilesystem: true
  1. When el-security-context is true
  • If user sets a custom securityContext, it has given the priority and used same.
  • If not, a default securityContext is applied.
Fixes
Misc
  • :hammer: Bump the all group across 1 directory with 8 updates (#​1838)
  • :hammer: Bump golangci/golangci-lint-action from 6.2.0 to 8.0.0 (#​1837)
  • :hammer: Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#​1835)
  • :hammer: Move Integration tests to GH action and Kind Cluster (#​1829)
  • :hammer: Consume release pipeline images and task bundles from GHCR (#​1821)
  • :hammer: Bump actions/setup-go from 5.3.0 to 5.4.0 (#​1820)
  • :hammer: Bump golangci/golangci-lint-action from 6.2.0 to 6.5.2 (#​1819)
  • :hammer: Enable GolangCI Linter used in Pipeline repo (#​1647)
  • :hammer: Update to latest pipeline and knative/pkg (#​1825)
Docs
  • :book: Add ghcr.io migration banner to README.md. (#​1828)

Thanks

Thanks to these contributors who contributed to v0.32.0!

Extra shout-out for awesome release notes:

Configuration

:date: Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.

:recycle: Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

:no_bell: Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • Loading
  • Loading
  • Loading
Please register or sign in to reply