We are excited to announce the launch of kuberollouttrigger-action on February 8, 2026. This new GitHub Action simplifies the final step of your continuous delivery pipeline by providing a secure, automated way to trigger container rollouts in your environments.

By integrating seamlessly with the kuberollouttrigger ecosystem, this action removes the friction of manually updating deployments or managing precarious long-lived secrets in your CI/CD workflows.

What it does

kuberollouttrigger-action acts as a secure bridge between your GitHub Actions workflow and your rollout trigger endpoint. Here are the core capabilities introduced in this launch:

  • Passwordless Authentication with OIDC: The action leverages GitHub’s OpenID Connect (OIDC) provider to fetch short-lived tokens. This means you no longer need to store static API keys or passwords as GitHub Secrets.
  • Targeted Rollout Triggers: It sends a precise POST request containing the specific container image and tag that should be deployed, ensuring your environment is updated with the exact build you just produced.
  • Modern Runtime: Built on Node.js 24, the action ensures high performance and utilizes modern JavaScript standards for reliability.
  • Flexible Configuration: With a configurable timeout-seconds input, you can tune the action to match the responsiveness of your specific infrastructure.

Why it matters

In many deployment pipelines, the “last mile”—telling the cluster to actually use the new image—is often the most fragile part. Traditional methods rely on long-lived credentials that pose a security risk if leaked, or complex scripts that are hard to maintain.

kuberollouttrigger-action solves this by shifting to an identity-based security model. By using OIDC, your workflow proves its identity to your trigger service dynamically. This not only hardens your security posture but also streamlines your YAML configurations, making your deployment process more robust and easier to audit.

Getting Started

To integrate kuberollouttrigger-action into your workflow, add it as a step in your job. Ensure your job has the necessary permissions to request the OIDC token.

Example Workflow

permissions:
  id-token: write
  contents: read

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: unitvectory-labs/kuberollouttrigger-action@v0.1.0
        with:
          audience: $
          url: $
          image: my-app-image
          tag: v1.0.0

We are thrilled to provide this tool to the community to help make Kubernetes rollouts safer and more automated.

This post was AI-generated using the model unsloth/gemma-4-31B-it-GGUF:UD-Q5_K_XL on 2026-04-12, based on the kuberollouttrigger-action repository and the v0.1.0 release. Author: release-storyteller