diff --git a/cicd/pipelines/op-release-notes.adoc b/cicd/pipelines/op-release-notes.adoc index c334f407d52c..4ef7ca59666b 100644 --- a/cicd/pipelines/op-release-notes.adoc +++ b/cicd/pipelines/op-release-notes.adoc @@ -23,6 +23,8 @@ include::modules/op-tkn-pipelines-compatibility-support-matrix.adoc[leveloffset= include::modules/making-open-source-more-inclusive.adoc[leveloffset=+1] // Modules included, most to least recent +include::modules/op-release-notes-1-10.adoc[leveloffset=+1] + include::modules/op-release-notes-1-9.adoc[leveloffset=+1] include::modules/op-release-notes-1-8.adoc[leveloffset=+1] diff --git a/modules/op-release-notes-1-10.adoc b/modules/op-release-notes-1-10.adoc new file mode 100644 index 000000000000..808ba78075f3 --- /dev/null +++ b/modules/op-release-notes-1-10.adoc @@ -0,0 +1,155 @@ +// Module included in the following assembly: +// +// * cicd/pipelines/op-release-notes.adoc +:_content-type: REFERENCE +[id="op-release-notes-1-10_{context}"] += Release notes for {pipelines-title} General Availability 1.10 + +With this update, {pipelines-title} General Availability (GA) 1.10 is available on {product-title} 4.11 and later versions. + +[id="new-features-1-10_{context}"] +== New features + +In addition to the fixes and stability improvements, the following sections highlight what is new in {pipelines-title} 1.10. + +[id="pipelines-new-features-1-10_{context}"] +=== Pipelines + +* With this update, you can specify environment variables in a `PipelineRun` or `TaskRun` pod template to override or append the variables that are configured in a task or step. Also, you can specify environment variables in a default pod template to use those variables globally for all `PipelineRuns` and `TaskRuns`. This update also adds a new default configuration `forbidden-envs` to filter the environment variables while propagating from pod templates. +* With this update, custom tasks in pipelines are enabled by default. ++ +[NOTE] +==== +To disable this update, set the `enable-custom-tasks` flag to `false` in the `feature-flags` config custom resource. +==== + +* This update supports the `v1beta1.CustomRun` API version for custom tasks. +* This update adds support for the `PipelineRun` reconciler to create a custom run. For example, custom `TaskRuns` created from `PipelineRuns` can now use API version `v1beta1.CustomRun` instead of `v1alpha1.Run`, if the `custom-task-version` feature flag is set to `v1beta1`, instead of the default value `v1alpha1`. ++ +[NOTE] +==== +You need to update the custom task controller to listen for the `*v1beta1.CustomRun` API version instead of `*v1alpha1.Run` in order to respond to `v1beta1.CustomRun` requests. +==== + +* This update adds a new field `retries` into `v1beta1.TaskRun` and `v1.TaskRun` specifications. + + +[id="triggers-new-features-1-10_{context}"] +=== Triggers + +* With this update, triggers support the creation of v1 `Pipelines`, `Tasks`, `PipelineRuns`, `TaskRuns`, and v1beta1 `CustomRuns` objects. +* With this update, GitHub Interceptor blocks a pull request trigger from being executed unless invoked by an owner or with a configurable comment by an owner. ++ +[NOTE] +==== +To enable or disable this update, set the value of the `githubOwners` parameter to `true` or `false` in the GitHub Interceptor configuration file. +==== + +* With this update, GitHub Interceptor has the ability to add a comma delimited list of all files that have changed for the push and pull request events. The list of changed files is added to the `changed_files` property of the event payload in the top-level extensions field. +* This update changes TLS `MinVersion` to `tls.VersionTLS12` so that triggers run on {product-title} when the Federal Information Processing Standards (FIPS) mode is enabled. + + +[id="cli-new-features-1-10_{context}"] +=== CLI + +* This update adds support to pass a Container Storage Interface (CSI) file as workspace at the time of starting a `Task`, `ClusterTask` or `Pipeline`. +* This update adds v1 API support to all CLI commands associated with task, pipeline, pipeline run, and task run resources. Tekton CLI works fine with both v1beta1 and v1 APIs for these resources. +* This update adds support for an object type parameter in the `start` and `describe` commands. + + +[id="operator-new-features-1-10_{context}"] +=== Operator + +* This update adds a `default-forbidden-env` parameter in optional pipeline properties. The parameter includes forbidden environment variables that should not be propagated if provided through pod templates. +* This update adds support for custom logos in Tekton Hub UI. To add a custom logo, set the value of the `customLogo` parameter to base64 encoded URI of logo in the Tekton Hub CR. +* This update increments the version number of the git-clone task to 0.9. + + +[id="chains-new-features-1-10_{context}"] +=== Tekton Chains + +* This update adds annotations and labels to the `PipelineRun` and `TaskRun` attestations. +* This update adds a new format `slsa/v1`, which generates the same provenance as the one generated when requesting in the `in-toto` format. +* With this update, Sigstore features are moved out from the experimental features. +* With this update, the `predicate.materials` function includes image URI and digest information from all steps and sidecars for a `TaskRun`. + + +[id="tekton-hub-new-features-1-10_{context}"] +=== {tekton-hub} + +* This update supports installing, upgrading, or downgrading Tekton resources of v1 API version on the cluster. +* This update supports adding a custom logo in place of the {tekton-hub} logo in UI. +* This update extends the `tkn hub install` command functionality by adding a flag `--type artifact`, which fetches resources from the Artifact Hub and install them on your cluster. +* This update adds support tier, catalog, and org information as labels to the resources being installed from Artifact Hub to your cluster. + + +[id="pac-new-features-1-10_{context}"] +=== {pac} + +* This update enhances incoming webhook support. For a GitHub application installed on the cluster, you do not need to provide the `git_provider` specification for an incoming webhook. Instead, {pac} detects the secret and use it for the incoming webhook. +* With this update, you can use the same token to fetch remote tasks from the same host on GitHub with a non-default branch. +* With this update, {pac} supports Tekton v1 templates. You can have v1 and v1beta1 templates, which {pac} reads for PR generation. The PR is created as v1 on cluster. +* Before this update, OpenShift console UI would use a hardcoded pipeline run template as a fallback template when a runtime template was not found in the OpenShift namespace. This update provides a default pipeline run template for the console to use, `pipelines-as-code-template-default`, in the `pipelines-as-code` config map. +* With this update, {pac} supports Tekton Pipelines 0.44.0 minimal status. +* With this update, {pac} supports Tekton v1 API, which means {pac} is now compatible with Tekton v0.44 and later. +* With this update, you can configure custom console dashboards in addition to configuring a console for OpenShift and Tekton dashboards for k8s. +* With this update, {pac} detects the installation of a GitHub application initiated using the `tkn pac create repo` command and does not require a GitHub webhook if it was installed globally. +* Before this update, if there was an error on a `PipelineRun` execution and not on the tasks attached to `PipelineRun`, {pac} would not report the failure properly. With this update, {pac} reports the error properly on the GitHub checks when a `PipelineRun` could not get created. +* With this update, {pac} includes a `target_namespace` variable, which expands to the currently running namespace where the `PipelineRun` is executed. +* With this update, {pac} lets you bypass GitHub enterprise questions in the CLI bootstrap GitHub application. +* With this update, {pac} does not report errors when the repository CR was not found. +* With this update, {pac} reports an error if multiple pipeline runs with the same name were found. + + +[id="breaking-changes-1-10_{context}"] +== Breaking changes + +* With this update, the prior version of the `tkn` command is not compatible with {pipelines-title} 1.10. +* This update removes support for `Cluster` and `CloudEvent` pipeline resources from Tekton CLI. You cannot create pipeline resources by using the `tkn pipelineresource create` command. Also, the pipeline resources are not supported anymore in the `start` command of a task, cluster task, and pipeline. +* This update removes `tekton` as a provenance format from Tekton Chains. + + +[id="deprecated-features-1-10_{context}"] +== Deprecated and removed features + +* In {pipelines-title} 1.10, the `ClusterTask` commands are now deprecated and are planned to be removed in a future release. The `tkn task create` command is also deprecated with this update. +* In {pipelines-title} 1.10, the flags `-i` and `-o` that were used with the `tkn task start` command are now deprecated because the v1 API does not support pipeline resources. +* In {pipelines-title} 1.10, the flag `-r` that was used with the `tkn pipeline start` command is deprecated because the v1 API does not support pipeline resources. +* The {pipelines-title} 1.10 update sets the `openshiftDefaultEmbeddedStatus` parameter to `both` with `full` and `minimal` embedded status. Also, the flag to change the default embedded status will be removed and the pipeline default embedded status will be moved to minimal in a future release. + +[id="known-issues-1-10_{context}"] +== Known issues + +* This update includes the following backward incompatible changes: +** Removal of cluster `PipelineResources` +** Removal of cloud event `PipelineResources` +* If the pipelines metrics feature does not work after a cluster upgrade, run the following command as a workaround: ++ +[source,terminal] +---- +$ oc get tektoninstallersets.operator.tekton.dev | awk '/pipeline-main-static/ {print $1}' | xargs oc delete tektoninstallersets +---- +* With this update, usage of external databases, such as the Crunchy PostgreSQL is not supported on {ibmpowerProductName}, {ibmzProductName}, and {linuxoneProductName}. Instead, use the default {tekton-hub} database. + +[id="fixed-issues-1-10_{context}"] +== Fixed issues + +* Before this update, the `opc pac` command generated a runtime error instead of showing any help. This update fixes the `opc pac` command to show the help message. +* Before this update, running the `tkn pac create repo` command needed the webhook details for creating a repository. With this update, the `tkn-pac create repo` command does not configure a webhook when your GitHub application is installed. +* Before this update, Pipelines as Code would not report a pipeline run creation error when Tekton Pipelines had issues creating the `PipelineRun` resource. For example, a non-existing task in a pipeline run would show no status. With this update, PAC shows the proper error message coming from `tekton/pipeline` along with the task that is missing. +* This update fixes UI page redirection after a successful authentication. Now, you are redirected to the same page where you had attempted to log in to Tekton Hub. +* This update fixes the `list` command with these flags, `--all-namespaces` and `--output=yaml`, for a cluster task, an individual task, and a pipeline. +* This update removes the forward slash in the end of the `repo.spec.url` URL so that it matches with the URL coming from GitHub. +* Before this update, the `marshalJSON` function would not marshal a list of objects. With this update, the `marshalJSON` function marshals the list of objects. +* With this update, PAC lets you bypass GitHub enterprise questions in the CLI bootstrap GitHub application. +* This update fixes the GitHub collaborator check when your repository has more than 100 users. +* With this update, the `sign` and `verify` commands for a task or pipeline work fine without the kubernetes configuration file. +* With this update, Tekton Operator cleans leftover pruner cron jobs if pruner has been skipped on a namespace. +* Before this update, the API `ConfigMap` would not be updated with user configured value for catalog refresh interval. This update fixes the `CATALOG_REFRESH_INTERVAL` API in the Tekon Hub CR. +* This update fixes reconciling of `PipelineRunStatus` when changing the `EmbeddedStatus` feature flag. This update resets the following parameters: +** Reset the `status.runs` and `status.taskruns` parameters to `nil` with `minimal EmbeddedStatus` +** Reset the `status.childReferences` parameter to `nil` with `full EmbeddedStatus` +* This update adds a conversion configuration to the `ResolutionRequest` CRD. This update properly configures conversion from `v1alpha1.ResolutionRequest` to `v1beta1.ResolutionRequest`. +* This update checks for duplicate workspaces associated with a pipeline task. +* This update fixes the default value for enabling resolvers in the code. +* This update fixes `TaskRef` and `PipelineRef` names conversion by using a resolver. \ No newline at end of file diff --git a/modules/op-tkn-pipelines-compatibility-support-matrix.adoc b/modules/op-tkn-pipelines-compatibility-support-matrix.adoc index 8a0a32791554..d822dfde35a6 100644 --- a/modules/op-tkn-pipelines-compatibility-support-matrix.adoc +++ b/modules/op-tkn-pipelines-compatibility-support-matrix.adoc @@ -18,6 +18,7 @@ GA:: General Availability | {pipelines-title} Version 7+| Component Version | OpenShift Version | Support Status | Operator | Pipelines | Triggers | CLI | Catalog | Chains | Hub | {pac} | | +|1.10 | 0.44.x | 0.23.x | 0.30.x | NA | 0.15.x (TP) | 1.12.x (TP) | 0.17.x (GA) | 4.11, 4.12, 4.13 (planned) | GA |1.9 | 0.41.x | 0.22.x | 0.28.x | NA | 0.13.x (TP) | 1.11.x (TP) | 0.15.x (GA) | 4.11, 4.12, 4.13 (planned) | GA