v0.43.0

Pipelines as Code version v0.43.0

OpenShift Pipelines as Code v0.43.0 has been released 🥳

Important

This is the latest release on openshift-pipelines before moving to tektoncd org

✨ Major changes and Features

• Allow custom user agent for Gitea/Forgejo: Users can now configure a custom User-Agent header for Gitea and Forgejo providers, useful for identifying PAC instances in server logs.
  • Link: #2494
  • Jira: SRVKP-10579
• Add comment strategy support for Gitea provider: Introduced comment update strategy support for the Gitea provider, allowing users to control how status comments are managed on pull requests.
  • Link: #2503
  • Jira: SRVKP-10900
• Cache changed files in Gitea provider: Improved performance by caching changed files in the Gitea provider, reducing redundant API calls during pipeline runs.
  • Link: #2552
  • Jira: SRVKP-10944
• Show helpful message when /retest has nothing to retest: When a user issues /retest but there are no failed PipelineRuns to retry, PAC now responds with a clear, informative message instead of silently doing nothing.
  • Link: #2399
  • Jira: SRVKP-10373

🐛 Bug Fixes

• Restrict comment editing to PAC-owned comments (Gitea): Fixed an issue where PAC could inadvertently edit comments not created by its own identity on Gitea.
  • Link: #2488
  • Jira: SRVKP-10857
• Restrict comment editing to PAC-owned comments (GitHub): Fixed the same comment ownership issue on the GitHub provider, ensuring PAC only edits its own comments.
  • Link: #2487
  • Jira: SRVKP-10857
• Set PipelineURL for cached pipelines to resolve relative task paths: Fixed a bug where relative task references in cached pipelines failed to resolve because the PipelineURL was not being set.
  • Link: #2416
  • Jira: SRVKP-10604
• Parse branch vs tag by 'tag:' in gitops-comments: Fixed gitops comment parsing to correctly distinguish between branch and tag references using the tag: prefix.
  • Link: #2505
  • Jira: SRVKP-10915
• Preserve source_url on retest comment reruns (Gitea): Fixed an issue where the source URL was lost when retriggering runs via retest comments on Gitea.
  • Link: #2502
  • Jira: SRVKP-10575
• Avoid webhook feedback loop on no-ops comment events: Prevented PAC from creating an infinite feedback loop when processing comment events that result in no operations.
  • Link: #2504
  • Jira: SRVKP-10912
• Correct type for status options: Fixed incorrect type usage for provider status conclusion options.
  • Link: #2499
• Use positive check for InstallationID: Fixed label handling to use a positive check for InstallationID, preventing incorrect behavior with default values.
  • Link: #2506
• Workaround the GitLab diff API limit: Added a workaround for GitLab's diff API pagination limits, ensuring all changed files are detected even in large merge requests.
  • Link: #2482

📚 Documentation Updates

• Update Bitbucket Cloud docs for API tokens: Updated documentation to reflect the current API token authentication flow for Bitbucket Cloud.
  • Link: #2501
• Correct artifacthub API URL in docs: Fixed an incorrect ArtifactHub API URL in the documentation.
  • Link: #2530
• Revamp documentation site: Major documentation refresh with improved structure and navigation.
  • Link: #2532
• Refactor configmap documentation: Reorganized and clarified the configmap configuration reference.
  • Link: #2535
• Clarify App ID location in GitHub App details: Improved docs to make it clearer where to find the App ID in GitHub App settings.
  • Link: #2546

⚙️ Chores

• Consolidate JWT generation: Refactored GitHub JWT token generation into a single consolidated implementation.
  • Link: #2541
  • Jira: SRVKP-10952
• Revert GitHub comment workaround: Removed a previously needed workaround for GitHub comment deduplication.
  • Link: #2511
  • Jira: SRVKP-10938
• Constantize provider StatusOpt conclusion options: Refactored status option conclusions to use constants instead of raw strings.
  • Link: #2384
• Bump Forgejo SDK to v3: Updated the Forgejo SDK dependency to version 3.
  • Link: #2544
• Pin GitHub Actions to commit SHAs: Improved CI security by pinning all GitHub Actions to specific commit hashes.
  • Link: #2507
• Pin actions/checkout to a specific hash: Further CI security hardening by pinning the checkout action.
  • Link: #2556
• Bump actions/upload-artifact from 6.0.0 to 7.0.0: Updated CI dependency.
  • Link: #2521
• Bump actions/setup-go from 6.2.0 to 6.3.0: Updated CI dependency.
  • Link: #2520
• Bump actions/download-artifact from 7.0.0 to 8.0.0: Updated CI dependency.
  • Link: #2519
• Add task to generate AI release notes: Added a Tekton task for AI-powered release note generation.
  • Link: #2500
• Resolve golangci-lint issues: Fixed various linting warnings flagged by golangci-lint.
  • Link: #2551
• Fix docs generation tooling: Fixed the documentation build pipeline.
  • Link: #2538
• Sync PR template types with linter config: Aligned the PR template commit type list with the linter configuration.
  • Link: #2522
• Remove commit prefix checks in PR template: Simplified the PR template by removing commit prefix validation.
  • Link: #2525
• Reenable BitbucketDC and move more tests to GHE: Re-enabled Bitbucket Data Center e2e tests and migrated additional tests to GitHub Enterprise.
  • Link: #2497
• Split github_ghe job into 3 parallel chunks: Improved CI speed by parallelizing GHE test execution.
  • Link: #2517
• Implement file-based configuration for test environments: Added file-based config support for e2e test environment setup.
  • Link: #2512
• Use dynamic projects and smee for GitLab E2E: Improved GitLab e2e test isolation using dynamic projects and smee proxies.
  • Link: #2524
• Migrate GitHub webhook tests to GHE: Moved webhook tests from public GitHub to GitHub Enterprise for better test isolation.
  • Link: #2529
• Correct cache-fetch step reference in pipelines: Fixed an incorrect step reference in CI pipelines.
  • Link: #2537
• Update e2e workflow secrets configuration: Fixed e2e workflow secret references.
  • Link: #2555

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.43.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.43.0/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-43-0.pipelines-as-code.pages.dev

#...

v0.42.0

Pipelines as Code version v0.42.0

OpenShift Pipelines as Code v0.42.0 has been released 🥳

✨ Major changes and Features

• feat(github): add update comment strategy for GitHub: Add an update comment strategy for GitHub to create and update a single comment per PipelineRun on re-execution.
  • Link: #2481
  • Jira: SRVKP-10453
• feat(gitlab): add update comment stategy: Introduce an update comment strategy for GitLab which updates a single status comment per PipelineRun on every trigger.
  • Link: #2446
  • Jira: SRVKP-10453
• feat: Switch gitea to forgejo provider type: Introduce native configuration support for Forgejo as a distinct, first-class Git provider type.
  • Link: #2476
  • Jira: SRVKP-10487
• feat: Move some GitHub public e2e test to GHE: Enable the second controller flag in numerous GitHub integration tests to ensure broader coverage for GitHub Enterprise.
  • Link: #2466

🐛 Bug Fixes

• fix: Add target ns annotation to on-tag e2e pipelinerun: Add missing target namespace annotation to the on-tag e2e PipelineRun to resolve test execution failures.
  • Link: #2495
• fix: variables substitution issue on commit comment in GitLab: Fix variable substitution issues for commit comments in GitLab by providing the event payload in the body variable.
  • Link: #2391
  • Jira: SRVKP-9458
• fix: Rename gh Second to GHE and move remove flaky: Rename the secondary GitHub E2E provider to github_ghe for clarity and fold standalone flaky tests into the main matrix.
  • Link: #2480
• fix: Move to gitlab.pipelinesascode.com for e2e: Migrate E2E testing to a dedicated GitLab instance to prevent timeouts and improve test stability.
  • Link: #2492
• fix: Handle non-http(s) URLs in assembleTaskFQDNs: Add validation to ensure only HTTP(S) URLs are used as a base for resolving relative task URLs.
  • Link: #2486
  • Jira: SRVKP-10880
• fix(github): resolve pull_request_number on retest for pushed commits: Fix a bug where the pull_request_number variable was not substituted when a /retest command was issued on a pushed commit.
  • Link: #2473
  • Jira: SRVKP-10662
• fix: Update Go-SCM to v1.15.17 for Bitbucket Group Permissions: Bump go-scm to v1.15.17 to resolve permission checking bugs for Bitbucket Data Center groups.
  • Link: #2479
• fix: skip prun when target-ns repo cannot be found: Skip PipelineRun creation when a target-namespace annotation points to a namespace that lacks a matching Repository object.
  • Link: #2483
• fix: target-namespace annotation for gitops /test, /cancel comments: Fix target-namespace resolution to respect the PipelineRun template annotation for explicit /test and /cancel GitOps commands.
  • Link: #2472
• fix: Skip Bitbucket Datacenter tests temporarily: Temporarily skip Bitbucket Datacenter tests due to infrastructure unavailability.
  • Link: #2475
• fix: set the correct custom hub catalog type: Validate the custom hub catalog URL to correctly set the catalog type instead of defaulting to artifacthub.
  • Link: #2371
  • Jira: SRVKP-9976
• fix: Enforce webhook signature for Forgejo: Implement signature validation for Gitea and Forgejo webhooks to ensure incoming request authenticity.
  • Link: #2421
  • Jira: SRVKP-10609
• fix: change version to versiondata dir name: Rename the version directory to versiondata to fix linting-related failures in the coverage release YAML pipeline.
  • Link: #2469
• fix(github): support lightweight tags for GitOps commands: Correctly parse GitHub payloads to support GitOps commands like /test or /retest triggered on lightweight tags.
  • Link: #2407
  • Jira: SRVKP-10467
• test(gitlab): use push SHA to avoid stale MR API: Avoid stale SHA references after force pushes in GitLab by using the SHA directly from PushFilesToRefGit.
  • Link: #2453
• fix: use correct dir to store ghe gosmee payloads: Use the correct temporary directory to store and check GitHub Enterprise gosmee replay payloads for E2E tests.
  • Link: #2463
• fix(github): use correct name for failed checkruns on retest: Use the generated name fallback when reporting test failures to prevent failed check runs from being wiped out.
  • Link: #2455
  • Jira: SRVKP-10741
• fix: Check status by SHA in wait check: Fix SHA matching in wait/check test utilities to correctly find statuses when multiple exist for a repository.
  • Link: #2459
• fix: use random generated namespace in TestOthersRepositoryCreation: Use a randomly generated namespace to prevent namespace collision failures in the TestOthersRepositoryCreation test.
  • Link: #2458
• fix(github): add workaround for duplicate comment creation: Mitigate duplicate PR comments seen in E2E tests by adding a random sleep and re-check before creation.
  • Link: #2457
• perf(github): skip comment edit when body is already up to date: Optimize GitHub API usage by bypassing comment edit requests when the message body has not changed.
  • Link: #2452
• test: Update git-clone StepAction to tekton v1beta1: Update the git-clone StepAction API version from v1alpha1 to v1beta1 to align with current stable Tekton APIs.
  • Link: #2450
• fix: Rename golden file for flaky pull request test: Rename a golden test file to improve clarity and organization for testing flaky pull requests.
  • Link: #2449
• fix: E2E test improvements and CEL error reporting: Ensure CEL validation errors are only reported once per PR instead of producing duplicate comments.
  • Link: #2448
• fix: use fully qualified urls for images in .tekton: Add fully qualified URLs for all images used within the Tekton resources in the .tekton directory.
  • Link: #2447
• fix: Increase log line count for tests: Enforce naming conventions and increase log line checks in E2E tests to provide better diagnostics.
  • Link: #2445
• fix: Initialize gitea_tests array: Explicitly initialize the gitea_tests array to an empty array to prevent unexpected behavior during execution.
  • Link: 3dcef61
• fix: other Makefiles issues: Fix Makefile targets to properly pass commands to xargs, correct phonies, and fix git status usage.
  • Link: #2441
• fix: makefile not working: Update the Makefile to use null-delimited git ls-files to properly generate file lists for linters without throwing multiple target errors.
  • Link: #2440
• fix: Include concurrency provider in e2e tests: Include the concurrency provider in the conditional logic so the gosmee client executes properly for it.
  • Link: b51bedb
• fix: Show error and fatal logs in snazy output: Ensure error and fatal logs are properly surfaced and displayed in snazy test outputs.
  • Link: #2434
• fix(gitlab): enable skip-CI for merge requests: Fix skip-CI detection for GitLab merge requests by properly populating the SHAMessage during payload parsing.
  • Link: #2405
  • Jira: SRVKP-10440

📚 Documentation Updates

• docs(cel): clarify tech preview status and output differences: Add documentation to set expectations that the CEL evaluator is a tech preview and may beh...

v0.37.7

Pipelines as Code version v0.37.7

OpenShift Pipelines as Code v0.37.7 has been released 🥳

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.7/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.7/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-37-7.pipelines-as-code.pages.dev

Changelog

• 02b3041: Release yaml generated from 1936d60 for release v0.37.6 ( <>)
• 6e36620: fix: Handle non-http(s) URLs in assembleTaskFQDNs (@chmouel)

v0.39.5

Pipelines as Code version v0.39.5

OpenShift Pipelines as Code v0.39.5 has been released 🥳

This is bug fix release, notably fixes custom hub catalog type e7b6dc2

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.39.5/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.39.5/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-39-5.pipelines-as-code.pages.dev

Changelog

• 94651ce: Release yaml generated from 8dd8542 for release v0.39.4 ( <>)
• 806c41e: fix: decrease catalog count to fix unit tests (@zakisk)
• e7b6dc2: fix: set the correct custom hub catalog type (@pratap0007)
• e100f2d: refactor: reenable prealloc and fix it properly (@chmouel)

v0.37.6

Pipelines as Code version v0.37.6

OpenShift Pipelines as Code v0.37.6 has been released 🥳

This is bug fix release, notably fixes custom hub catalog type fdb94dc

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.6/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.6/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-37-6.pipelines-as-code.pages.dev

Changelog

• 3d67567: Release yaml generated from 02cb1b7 for release v0.37.5 ( <>)
• 43a77aa: fix: decrease catalog count to fix unit tests (@zakisk)
• 1936d60: fix: exclude python lib md files from lint-md (@zakisk)
• cc39105: fix: markdownlint error happening due to new version (@zakisk)
• fdb94dc: fix: set the correct custom hub catalog type (@pratap0007)
• 273cac7: refactor: reenable prealloc and fix it properly (@chmouel)

v0.41.1

Pipelines as Code v0.41.1

OpenShift Pipelines as Code v0.41.1 has been released.

Security Fix

• GitLab Security: Enforce mandatory webhook secret and token validation. 9a230ff.

Important

You may be affected if you did not set a webhook via a secret on your GitLab repository CR. If it is already configured according to the documentation, no changes are required.

Bug Fixes

• Performance: Major performance optimization for Bitbucket Cloud commit info lookup. 555aeb0 | SRVKP-10617
• UI/UX: Stabilize sorting logic for task logs and status. 667fd80
• UI/UX: Ensure deterministic PipelineRun sorting by name. b7b421f

Misc / Chores

• Testing: Update E2E test matrix for improved provider coverage. 5a5f4e8
• Docs: Update developer documentation for uv and release process. 384976b
• pr-ci Script Update: Refactor scripts to be executable directly with uv run.5f515b9
• CI Scaling: Divide Gitea tests equally across jobs. 41a632b
• Linter: Configure Tekton linter to skip revert commits.eb39d14
• Gitea: Split E2E tests for granular testing.ce269cc
• Deps: Bump actions/cache from 4 to 5. a541f27
• Workflow: Prevent E2E matrix jobs from cancelling on failure.65ece3f
• Logs: Redirect gosmee output and organize CI logs.8d7c9b1
• Maintenance: Rename GitHub PR test function for categorization. 9c30b5d
• Performance: Add ko build cache to E2E workflow. 7605c5a
• Deps: Update vendored Python dependencies.48a7720
• Tooling: Adopt uv for second-controller.py. 055e68a

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.41.1/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.41.1/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-41-1.pipelines-as-code.pages.dev

Full Changelog

• a541f27: chore(deps): bump actions/cache from 4 to 5 (@dependabot[bot])
• 7605c5a: chore: Add ko cache to e2e workflow (@chmouel)
• 8d7c9b1: chore: Redirect gosmee output and organize logs (@chmouel)
• eb39d14: chore: Skip revert commits in linter (@chmouel)
• 48a7720: chore: Update vendored dependencies (@chmouel)
• 055e68a: chore: Use uv for second-controller.py (@chmouel)
• 41a632b: chore: divide Gitea tests in equall number in 3 jobs (@zakisk)
• 65ece3f: ci: prevent e2e matrix jobs from cancelling on failure (@theakshaypant)
• 5f515b9: feat: Move pr-ci scripts to be executable with uv (@chmouel)
• 555aeb0: fix(bitbucketcloud): optimize commit info fetch (@zakisk)
• 9a230ff: fix: Enforce mandatory webhook secret for GitLab validation (@chmouel)
• b7b421f: fix: Stabilize pipeline run sorting by name when start times are equal (@chmouel)
• 667fd80: fix: Stabilize sorting logic for task logs and status (@chmouel)
• 5a5f4e8: fix: Update E2E test matrix and script (@chmouel)
• 384976b: fix: update dev docs for uv and release process (@chmouel)
• 9c30b5d: refactor: Rename github pull request test function (@chmouel)

v0.39.4

Pipelines as Code version v0.39.4

OpenShift Pipelines as Code v0.39.4 has been released 🥳

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.39.4/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.39.4/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-39-4.pipelines-as-code.pages.dev

Changelog

• 798eba6: Release yaml generated from 6043174 for release v0.39.3 ( <>)
• 8dd8542: fix(bitbucketcloud): optimize commit info fetch (@zakisk)
• afb202b: fix: Enforce mandatory webhook secret for GitLab validation (@chmouel)

v0.37.5

Pipelines as Code version v0.37.5

OpenShift Pipelines as Code v0.37.5 has been released 🥳

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.5/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.37.5/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-37-5.pipelines-as-code.pages.dev

Changelog

• 7c8fb46: Release yaml generated from f0420c5 for release v0.37.4 ( <>)
• 02cb1b7: fix(bitbucketcloud): optimize commit info fetch (@zakisk)
• 7427b70: fix: Enforce mandatory webhook secret for GitLab validation (@chmouel)

v0.41.0

Pipelines as Code version v0.41.0

OpenShift Pipelines as Code v0.41.0 has been released 🥳

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.41.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.41.0/release.k8s.yaml

✨ Features

• 🛡️ Enhanced CEL Expressions: Added direct access to custom parameter variables within CEL expressions, allowing for more flexible pipeline logic. e95b4e7

• 🌐 Advanced Token Scoping: Introduced glob pattern support for repositories when defining token scopes in GitHub. 18413b1

• 🧠 Flexible Logic Support: Added support for arbitrary CEL expressions using the new cel: prefix for complex event matching. 751f931

🐛 Bug Fixes

• 🔄 Merge Commit Reliability: Implemented an exponential backoff retry mechanism for PR lookups to handle GitHub API indexing delays on merge commits. 618fac5

• 🛑 Accurate Lifecycle Reporting: Fixed an issue where deleted PipelineRuns remained stuck in pending; the controller now explicitly reports a cancelled status upon deletion. c690b58

• 🏷️ Improved Event Matching: Resolved a bug in the matcher to prevent CEL from unintentionally matching label events. 1a3b241

• 💬 Smarter GitLab Feedback: Reduced Merge Request noise by skipping comments for non-permission-related errors. 6a956e4

• 🏗️ Concurrency Stability: Improved test reliability by ensuring PipelineRuns are correctly filtered by SHA in concurrency test suites. 9b8d81f

• 🔗 GitLab Provider Routing: Fixed an issue where the GitLab provider failed to retrieve URLs when hosted on the same host. bafda32

• 📡 Gitea/Forgejo Stability: Added retry logic for Gitea status updates and migrated Gitea integration to use the Forgejo SDK. 7a00a56, 152ce93

• 🧹 Catalog Cleanup: Removed the deprecated public Tekton Hub as a built-in catalog to favor modern repository standards. 882c31b

• 📊 Status Sync: Corrected logic to ensure pending and running commit statuses are accurately synchronized with the provider platform. 7ca0bd9

• 🧩 Safety Checks: Added handling for nil bodies in CEL evaluations to prevent controller crashes during specific event processing. 8b8ddda

• 🚨 Linting Fixes: Resolved prealloc and other golangci-lint errors to maintain code quality standards. d6d9f48, d5d71cf

🧰 Misc / Maintenance

• 🤖 Agent Migration: Moved project skills and documentation to the new AGENTS.md and Claude-based format. 01dfc83

• 🏗️ Architecture Refactoring: Renamed internal Gitea structures to Forgejo and migrated secondary controller installation to use startpaac. fba88e7, 8aee3e7

• 📦 Go Version Bump: Updated Golang versions in Tekton configurations for improved performance and security. 4961902

• 🧹 Repo Hygiene: Updated .gitignore to include temporary directories and removed obsolete local CI development scripts. c26acc7, 4376b32

• 🔒 Security Hardening: Integrated minica CA certificates into E2E workflows and added necessary secrets to environment workflows. b82a29b, c84902d45a5e14763fdbd727b338844ddcf7904b

• 🧪 E2E Tooling: Integrated gosmee for the main controller and Gitea in E2E tests to improve webhook replay capabilities. 6b4af55, c8ab303

• 📝 Style Guide: Updated Vale style guide links to maintain documentation consistency. cff5590

• 🐳 Modernized Base Images: Upgraded project base images to UBI 10 to ensure the latest security patches and runtime compliance. 63bd2d9

• 🛠️ Infrastructure Upgrades: Updated the CI workflow and Kind configurations to improve development environment reliability. 032d13c

• ⚡ Optimized E2E Testing: Enabled parallel binary building during end-to-end tests to significantly reduce CI wait times. 6addfb3

• 🐍 Dependency Update: bump pyasn1 from 0.6.1 to 0.6.2 in /hack/pr-ci 582d56d

• 🐍 Dependency Update: bump urllib3 from 2.6.2 to 2.6.3 in /hack/pr-ci 177abe3

• 📦 Dependency Update: Update dependencies f98d1d5

• 📦 Dependency Update: Update python dependencies b681ad5

• 🚮 Cleanup: Remove code.gitea.io/gitea 0a22413

Documentation

The documentation for this release is available here :

https://release-v0-41-0.pipelines-as-code.pages.dev

Changelog

• bcdb85f: Revert "fix: Increase loop max in concurrent PR test" (@chmouel)
• 582d56d: chore(deps): bump pyasn1 from 0.6.1 to 0.6.2 in /hack/pr-ci (@dependabot[bot])
• 177abe3: chore(deps): bump urllib3 from 2.6.2 to 2.6.3 in /hack/pr-ci (@dependabot[bot])
• 0a22413: chore(deps): remove code.gitea.io/gitea (@theakshaypant)
• 6b4af55: chore: Add gosmee for main controller E2E test (@chmouel)
• c84902d: chore: Add secrets to the env workflows (@chmouel)
• c26acc7: chore: Add temporary directories to gitignore (@chmouel)
• a92013e: chore: Fix makefile ignore when collecting files (@chmouel)
• b82a29b: chore: Install minica CA certificate in e2e workflow (@chmouel)
• 7ea8473: chore: Migrate CI to forgejo (@chmouel)
• cff5590: chore: Update Vale style guide links (@chmouel)
• f98d1d5: chore: Update dependencies (@chmouel)
• 4961902: chore: Update golang version in Tekton configurations (@chmouel)
• b681ad5: chore: Update python dependencies (@chmouel)
• 01dfc83: chore: move to Claude skills and AGENTS.md (@chmouel)
• e95b4e7: feat(cel): add direct custom param variable access in expressions (@theakshaypant)
• 18413b1: feat(github): add glob pattern support for token scope repos (@theakshaypant)
• 6addfb3: feat: Build binaries in parallel in e2e (@chmouel)
• 751f931: feat: Support arbitrary CEL expressions with cel: prefix (@chmouel)
• 032d13c: feat: Update CI workflow and Kind configuration (@chmouel)
• 63bd2d9: feat: Update base images to UBI 10 (@chmouel)
• 1a3b241: fix(matcher): prevent CEL from matching label events unintentionally (@theakshaypant)
• c8ab303: fix: Add gosmee replay for Gitea controller (@chmouel)
• 7a00a56: fix: Add retry logic for Gitea status updates (@chmouel)
• 618fac5: fix: Add retry logic for PR lookup on merge commits (@zakisk)
• 9b8d81f: fix: Filter PipelineRuns by SHA in concurrency tests (@chmouel)
• bafda32: fix: GitLab provider getting a URL on same host (@chmouel)
• fda8d68: fix: Increase loop max in concurrent PR test (@chmouel)
• 3b30e03: fix: Remove redundant gosmee client setup for Gitea (@chmouel)
• 152ce93: fix: Update Gitea to use Forgejo SDK (@chmouel)
• 7ca0bd9: fix: correctly update pending and running commit status (#2341) (@ab-ghosh)
• 8b8ddda: fix: handle nil body in CEL eval (@chmouel)
• d6d9f48: fix: prealloc error in golangci-lint (@zakisk)
• 882c31b: fix: remove deprecated public Tekton Hub as built-in catalog (@chmouel)
• c690b58: fix: report cancelled status when PipelineRun is deleted (@zakisk)
• 6a956e4: fix: skip MR comment for non-permission errors (#2340) (@ab-ghosh)
• 4376b32: refactor: Remove old local ci dev scripts (@chmouel)
• fba88e7: refactor: Rename Gitea structs to forgejostructs (@chmouel)
• 8aee3e7: refactor: Use startpaac to install second controller (@chmouel)
• d5d71cf: refactor: reenable prealloc and fix it properly (@chmouel)

v0.40.0

OpenShift Pipelines as Code v0.40.0 has been released 🥳

✨ Features

• ✨ Require explicit body and headers flags for CEL expressions, making webhook CEL evaluation stricter and more explicit
  🔗 1eabf1c

• ⚡ Cache vcs.GetFiles() results to reduce redundant VCS API calls, significantly improving performance on large repositories
  🔗 9175257

• ⏭️ Add support for a “skip CI” command, allowing users to explicitly bypass CI execution from commit or PR commands
  🔗 222e82b

🐛 Bug Fixes

• 🧪 Disable retry logic in the GitLab test client, reducing GitLab provider test runtime from ~60s to under 1s
  🔗 ebd538b

• 🔐 Fix GitLab permission checks to respect the remember-ok-to-test setting, aligning authorization behavior with configuration
  🔗 6a0d179

• 📄 Ensure GitLab GetFiles and CreateComment correctly page through API results, preventing missing files or comments
  🔗 9d60ff7

• 🧩 Add nil checks in CEL webhook parsers, preventing panics on malformed or incomplete payloads
  🔗 605306d

• 🏷️ Assign unique status names for Bitbucket Cloud checks, avoiding collisions in status reporting
  🔗 fba42f2

• 🧾 Lower log level for GitHub skip messages from error to info, reducing log noise for expected behavior
  🔗 5b4173f

• 🔄 Do not return an error when PipelineRun patching fails, improving controller robustness during transient failures
  🔗 420f4c0

• 🧭 Automatically detect Tekton Hub type when catalog type is empty, fixing task resolution edge cases
  🔗 063c543

• 📝 Fix markdownlint failures introduced by newer markdownlint versions, restoring CI stability
  🔗 5b220d7

🧰 Misc / Maintenance

• 📦 Bump actions/checkout from v5 to v6 to align CI with the latest GitHub Actions runtime
  🔗 565420c

• 📦 Bump actions/upload-artifact from v5 to v6, moving CI artifacts to Node.js 24
  🔗 e6870e6

• 🔐 Update golang.org/x/crypto dependency, pulling in upstream security and correctness fixes
  🔗 c8dc5d4

• 🧹 Refine golangci-lint configuration, scoping revive exclusions and enforcing exhaustive switch defaults
  🔗 4d75ddc
  🔗 2be7e0b

• 📚 CLI documentation cleanup, reformatting curl examples for clarity
  🔗 610dd2c

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.40.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.40.0/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-40-0.pipelines-as-code.pages.dev

Changelog

• 565420c: chore(deps): bump actions/checkout from 5 to 6 (@dependabot[bot])
• e6870e6: chore(deps): bump actions/upload-artifact from 5 to 6 (@dependabot[bot])
• c8dc5d4: chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.45.0 (@dependabot[bot])
• 4d75ddc: chore(lint): scope revive var-naming exclusion to specific packages (@theakshaypant)
• 2be7e0b: chore(lint): set golangci default switch case as exhaustive (@aThorp96)
• 610dd2c: docs(cli): reformat curl command example to single line (@theakshaypant)
• 1eabf1c: feat(cel): require body and headers flags (@theakshaypant)
• 9175257: feat(perf): cache vcs.GetFiles() to reduce redundant VCS API volume (@aThorp96)
• 222e82b: feat: add skip CI command support (@theakshaypant)
• fba42f2: fix(bitbucket-cloud): assign unique statue name in Bitbucket Cloud (@zakisk)
• 605306d: fix(cel): add nil checks to prevent panics in webhook parsers (@theakshaypant)
• 5b4173f: fix(github): change skip log level from error to info (@infernus01)
• 6a0d179: fix(gitlab): check permission according to RememberOkToTest setting (@zakisk)
• ebd538b: fix(gitlab): disable retry logic in test client (@infernus01)
• 9d60ff7: fix(gitlab): ensure GetFiles and CreateComment pages over API results (@aThorp96)
• 420f4c0: fix: Do not return error when PipelineRun patching is failed (#2338) (@zakisk)
• 063c543: fix: auto-detect hub type when catalog type is empty (@zakisk)
• 5b220d7: fix: markdownlint error happening due to new version (@zakisk)

]