chore(go): bump github.com/tektoncd/pipeline from 0.60.2 to 0.61.0

[dependabot]

Bumps github.com/tektoncd/pipeline from 0.60.2 to 0.61.0.

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.61.0 "Ragdoll Data"

-Docs @ v0.61.0 -Examples @ v0.61.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.61.0/release.yaml
REKOR_UUID=24296fb24b8ad77a68cb504006aa006da7ebfef6d88e038545d3f4c2d314ba34f3c1d8a57dab26a8
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.61.0@sha256:" + .digest.sha256')
Download the release file
curl "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ Promote Larger Results via Sidecar Logs to Beta (#8043)

... (truncated)

Commits

• c2dc17a Add a flag on controllers to configure resyncPeriod
• 89ff137 Bump k8s.io/code-generator from 0.29.2 to 0.29.6
• 3224946 Bump k8s.io/client-go from 0.29.2 to 0.29.6
• 9b5a100 Bump k8s.io/client-go in /test/custom-task-ctrls/wait-task-beta
• 3ca7423 Makefile: install golangci-lint version from tools/go.mod
• 9bdb19a .github/workflow: use setup-go in codeql-analysis
• 639e836 Update golangci-lint to 1.59.x and fix linting
• defcd64 golangci-lint: exclude G601 from gosec
• e3f05b2 go.mod: remove k8s.io replace directive
• 84a3408 go.mod: switch go version to 1.22
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a konflux-ci member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[kasemAlem]

/ok-to-test

[openshift-ci]

🚨 This is a CI system failure, please consult with the QE team.

Click to view logs

�[36mINFO�[0m[2024-06-30T05:17:54Z] ci-operator version v20240628-842ba60f3      
�[36mINFO�[0m[2024-06-30T05:17:54Z] Loading configuration from https://config.ci.openshift.org for konflux-ci/integration-service@main 
�[36mINFO�[0m[2024-06-30T05:17:54Z] Resolved source https://github.com/konflux-ci/integration-service to main@e0eec3c9, merging: #787 ae42bec0 @dependabot[bot] 
�[33mWARN�[0m[2024-06-30T05:17:54Z] skipped directory "..2024_06_30_05_17_46.3207216979" when creating secret from directory "/secrets/ci-pull-credentials" 
�[36mINFO�[0m[2024-06-30T05:17:54Z] Requesting 4.14 from https://api.integration.openshift.com/api/upgrades_info/graph?arch=amd64&channel=fast-4.14 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Resolved release latest to quay.io/openshift-release-dev/ocp-release@sha256:e4424eeec8a386241a5348d556bdd6dd82ea68f4f19f30f71d18963fb5924e9e 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Using namespace https://console-openshift-console.apps.build04.34d2.p2.openshiftapps.com/k8s/cluster/projects/ci-op-y9t8vwn9 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Running [input:root], [input:e2e-test-runner], [release:latest-integration-service-e2e], src, redhat-appstudio-integration-service-image, integration-service-e2e 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Tagging openshift/release:golang-1.19 into pipeline:root. 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Tagging ci/redhat-appstudio:e2e-test-runner into pipeline:e2e-test-runner. 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Building src                                 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Found existing build "src-amd64"             
�[36mINFO�[0m[2024-06-30T05:17:55Z] Importing release image latest-integration-service-e2e. 
�[36mINFO�[0m[2024-06-30T05:17:55Z] Resolved release latest-integration-service-e2e to quay.io/openshift-release-dev/ocp-release:4.14.31-x86_64 
�[36mINFO�[0m[2024-06-30T05:18:23Z] Importing release 4.14.31 created at 2024-06-20 08:24:05 +0000 UTC with 189 images to tag release:latest-integration-service-e2e ... 
�[36mINFO�[0m[2024-06-30T05:19:58Z] Imported release 4.14.31 created at 2024-06-20 08:24:05 +0000 UTC with 189 images to tag release:latest-integration-service-e2e 
�[36mINFO�[0m[2024-06-30T06:09:58Z] Build src-amd64 succeeded after 1m18s        
�[36mINFO�[0m[2024-06-30T06:09:59Z] Image ci-op-y9t8vwn9/pipeline:src created     �[36mfor-build�[0m=src
�[36mINFO�[0m[2024-06-30T06:09:59Z] Building redhat-appstudio-integration-service-image 
�[36mINFO�[0m[2024-06-30T06:09:59Z] Created build "redhat-appstudio-integration-service-image-amd64" 
�[36mINFO�[0m[2024-06-30T06:11:03Z] Build redhat-appstudio-integration-service-image-amd64 failed, printing logs: 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

100     2  100     2    0     0     29      0 --:--:-- --:--:-- --:--:--    29

Caching blobs under "/var/cache/blobs".

Trying to pull image-registry.openshift-image-registry.svc:5000/ci-op-y9t8vwn9/pipeline@sha256:7dc9c9ba0b3c5b968e8ab3d335eba7933edcd63ce95f0494761dd6add88e0d52...

Getting image source signatures

Copying blob sha256:278861e2ce236e8b0c3531f9e4897c50d23bfebf35abc2610fed14b147830130

Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc

Copying blob sha256:f4fdbd3342f1ea76bdee05ec97e84625c9a438446298f854767e7c0118d034ad

Copying config sha256:a136074fa2d1d461f308d4b9293c1823c116f4b693c86ca2db72715d89963380

Writing manifest to image destination

time="2024-06-30T06:10:33Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled"

I0630 06:10:33.277691       1 defaults.go:112] Defaulting to storage driver "overlay" with options [mountopt=metacopy=on].

Caching blobs under "/var/cache/blobs".
Pulling image registry.access.redhat.com/ubi8/ubi-minimal:8.10-896.1717584414 ...

Trying to pull registry.access.redhat.com/ubi8/ubi-minimal:8.10-896.1717584414...

Getting image source signatures

Copying blob sha256:8393debac2ec316f87eab40af5451d57df2863f844f545d40447e46e025c9663

Copying config sha256:87cb70ba3eafffb5fbf4fefb887828c24e704d4ba388c6a5a2f57cc256c43b4f

Writing manifest to image destination
Pulling image registry.access.redhat.com/ubi9/go-toolset:1.21.10-1 ...

Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.21.10-1...

Getting image source signatures

Copying blob sha256:a81ae872c34530cc92055cc932e15a44a61624a66c0c136386bb7a4d20791aef

Copying blob sha256:edab65b863aead24e3ed77cea194b6562143049a9307cd48f86b542db9eecb6e

Copying blob sha256:c20470d0be35939741977f0ca184f1072d55e7d5cff1e9c4d7cb9baa9de9c9fb

Copying blob sha256:fcb3b197a73b700abaa9ba089b6e96d570365ce9ff0e4b355ba04c4b5fd8a590

Copying config sha256:0eb55fe21aab81e64ad12712939e846ba123d056442b7eb03b2a2279621870e0

Writing manifest to image destination

Adding transient rw bind mount for /run/secrets/rhsm

[1/2] STEP 1/23: FROM registry.access.redhat.com/ubi9/go-toolset:1.21.10-1 AS builder

Trying to pull registry.access.redhat.com/ubi9/go-toolset:1.21.10-1...

Getting image source signatures

Copying blob sha256:edab65b863aead24e3ed77cea194b6562143049a9307cd48f86b542db9eecb6e

Copying blob sha256:c20470d0be35939741977f0ca184f1072d55e7d5cff1e9c4d7cb9baa9de9c9fb

Copying blob sha256:a81ae872c34530cc92055cc932e15a44a61624a66c0c136386bb7a4d20791aef

Copying blob sha256:fcb3b197a73b700abaa9ba089b6e96d570365ce9ff0e4b355ba04c4b5fd8a590

Copying config sha256:0eb55fe21aab81e64ad12712939e846ba123d056442b7eb03b2a2279621870e0

Writing manifest to image destination

[1/2] STEP 2/23: ENV "BUILD_LOGLEVEL"="0"

[1/2] STEP 3/23: WORKDIR /opt/app-root/src

[1/2] STEP 4/23: COPY go.mod go.mod

[1/2] STEP 5/23: COPY go.sum go.sum

[1/2] STEP 6/23: RUN go mod download

go: github.com/tektoncd/[email protected]: module github.com/tektoncd/[email protected] requires go >= 1.22 (running go 1.21.10; GOTOOLCHAIN=local)

error: build error: building at STEP "RUN go mod download": while running runtime: exit status 1

�[36mINFO�[0m[2024-06-30T06:11:03Z] Ran for 53m8s

�[31mERRO�[0m[2024-06-30T06:11:03Z] Some steps failed:

�[31mERRO�[0m[2024-06-30T06:11:03Z]

could not run steps: step redhat-appstudio-integration-service-image failed: error occurred handling build redhat-appstudio-integration-service-image-amd64: the build redhat-appstudio-integration-service-image-amd64 failed after 1m4s with reason DockerBuildFailed: Dockerfile build strategy has failed.

�[36mINFO�[0m[2024-06-30T06:11:03Z] Reporting job state 'failed' with reason 'executing_graph:step_failed:building_project_image'

---

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/integration-service-e2e	ae42bec	link	true	/test integration-service-e2e
ci/prow/images	ae42bec	link	true	/test images

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[jsztuka]

Needs go 1.22 to be set in repo before merging.

[dependabot]

Superseded by #805.