For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done
Changes
Features
:sparkles: TEP-0127-: Larger results using sidecar logs - Always enforce ReservedSidecarName validation (#5877)
Always enforce ReservedSidecarName validation check regardless of what the results-from feature flag is set to.
... (truncated)
Commits
45e6ed6 docs: fixing wrong matrix syntax in some places
17c604e Bump github.com/containerd/containerd from 1.6.12 to 1.6.14
0fb679a Bump github.com/jenkins-x/go-scm from 1.11.35 to 1.12.3
b994966 Add a PipelineRun Example for Creating a CustomRun
0027f65 Bump golang.org/x/oauth2 from 0.2.0 to 0.3.0
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/tektoncd/pipeline from 0.42.0 to 0.43.0.
Release notes
Sourced from github.com/tektoncd/pipeline's releases.
... (truncated)
Commits
45e6ed6
docs: fixing wrong matrix syntax in some places17c604e
Bump github.com/containerd/containerd from 1.6.12 to 1.6.140fb679a
Bump github.com/jenkins-x/go-scm from 1.11.35 to 1.12.3b994966
Add a PipelineRun Example for Creating a CustomRun0027f65
Bump golang.org/x/oauth2 from 0.2.0 to 0.3.02ee148d
TEP-0121: Reconciler Implementation60bc5bd
ref: prompt for specific error fields330eef8
Bump golang.org/x/crypto from 0.3.0 to 0.4.049fdbfb
Added validation for forbidden env.eb8bbac
TEP-101 Add new field envs to PodTemplate.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)