Skip to content

chore(deps): bump github.com/openshift-pipelines/pipelines-as-code from 0.45.0 to 0.46.0#3432

Merged
tekton-robot merged 2 commits into
mainfrom
dependabot/go_modules/github.com/openshift-pipelines/pipelines-as-code-0.46.0
May 28, 2026
Merged

chore(deps): bump github.com/openshift-pipelines/pipelines-as-code from 0.45.0 to 0.46.0#3432
tekton-robot merged 2 commits into
mainfrom
dependabot/go_modules/github.com/openshift-pipelines/pipelines-as-code-0.46.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 19, 2026
edited
Loading

Bumps github.com/openshift-pipelines/pipelines-as-code from 0.45.0 to 0.46.0.

Release notes

Sourced from github.com/openshift-pipelines/pipelines-as-code's releases.

v0.46.0

Pipelines as Code version v0.46.0

OpenShift Pipelines as Code v0.46.0 has been released 🥳

✨ Major changes and Features

  • Distributed tracing for webhook handling and PipelineRun timing: When tracing is enabled via the pipelines-as-code-config-observability ConfigMap, PaC emits OpenTelemetry trace spans for webhook event processing and PipelineRun lifecycle timing, with W3C trace context propagation.
  • Implement GetCommitStatuses on Forgejo: The Forgejo/Gitea provider now returns real commit statuses instead of nil, enabling the annotation matcher to correctly detect pruned-but-successful pipeline runs so /retest only re-runs failed pipelines.
  • Enable recursive .tekton dir retrieval for Forgejo: PipelineRuns nested in subdirectories under .tekton/ are now discovered and executed on Forgejo, instead of only top-level entries.
  • Handle Forgejo headers in CLI provider auto-detection: The tkn pac cel command now recognizes X-Forgejo-Event-Type headers for automatic Forgejo webhook provider detection.
  • Reduce informer cache memory usage: Added TransformFuncs to Repository and PipelineRun informers that strip large unnecessary fields (ManagedFields, Annotations, Status, Spec) before objects enter the cache.
  • Cache check-run lookups with retry: GitHub check-run API responses are now cached to avoid repeated paginated API calls during status updates, with concurrent goroutines sharing a single in-flight fetch.

🐛 Bug Fixes

  • Fix /ok-to-test not triggering CI on GitHub webhook PRs: The GitHub client was never initialized for webhook-based issue comment events, causing /ok-to-test from an admin to silently fail on unauthorized PRs.
  • Clear pending check on ok-to-test for GitHub webhook: The pending check run created for unauthorized PRs was never resolved after an admin commented /ok-to-test, leaving it stuck indefinitely.
  • Update /ok-to-test status to success for GitLab: Similar to Forgejo, GitLab now updates the "pending approval" commit status to success after /ok-to-test is posted on an unauthorized user's MR.
  • Pin GitLab commit statuses to the same pipeline: Caches the pipeline_id from the first SetCommitStatus response so all subsequent status updates for the same SHA stay on the same GitLab pipeline, preventing split statuses.
  • Map GitLab skipped status correctly: Use gitlab.Skipped state instead of gitlab.Canceled when the conclusion is skipped, so GitLab pipelines show the correct skipped status.
  • Restrict same-repo ACL permission to trusted context: Issue comment senders are no longer granted trust based solely on same-repo PR shape; they must pass collaborator, org-membership, or OWNERS checks.
  • Guard nil response and cap comment pagination in ACL checks: Prevents a panic when wrapAPI returns a nil response on transport-level failures, and caps comment pagination to avoid unbounded API calls.
  • Prevent duplicate Repository CR on trailing slash: The webhook admission controller now normalizes URLs before comparison, preventing bypass of uniqueness validation by appending a trailing slash.
  • Use provided target ref in GetFileInsideRepo: Fixed GetFileInsideRepo ignoring the caller-supplied target ref and substituting runevent.BaseBranch, which caused OWNERS ACL and remote task fetches to resolve against the wrong branch.
  • Resolve CEL expression failure on Bitbucket Cloud push events: Push events incorrectly set Event to a string instead of a JSON object, causing all CEL expressions to fail with an unmarshal error.
  • Truncate Bitbucket Cloud commit status key to 40-char limit: Bitbucket Cloud limits commit status keys to 40 characters; status keys are now properly truncated.
  • Use pull request number from issue comment payload: Use the PR number directly from the issue comment payload instead of parsing it from the pull request URL.
  • Fix skip-install option in bootstrap command: The bootstrap process now correctly allows users to bypass the installation check, preventing failures when Pipelines as Code is already installed.

📚 Documentation Updates

... (truncated)

Commits
  • 74b0d28 fix(github-webhook): clear pending check on ok-to-test
  • eda5331 fix(bitbucket-cloud): fix status key handling for build statuses
  • c37a213 fix: Use pull request number from issue comment payload
  • baf49e3 dep: update go-github dependency
  • b0bcbac fix(gitlab): pin commit statuses to same pipeline
  • e951778 fix: fix skip-install option to bootstrap command
  • 0948d88 docs: note about e2e permission in bb cloud docs
  • 357d970 Revert "chore: Use GHE fro github enterprise instead of second"
  • 88e8d39 chore: Use GHE fro github enterprise instead of second
  • 7c46558 perf(github): cache check-run lookups with retry
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels May 19, 2026
@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label May 19, 2026
@anithapriyanatarajan anithapriyanatarajan mentioned this pull request May 21, 2026
Merged
4 tasks
@dependabot
chore(deps): bump github.com/openshift-pipelines/pipelines-as-code
fb4e69a 
Bumps [github.com/openshift-pipelines/pipelines-as-code](https://github.com/openshift-pipelines/pipelines-as-code) from 0.45.0 to 0.46.0.
- [Release notes](https://github.com/openshift-pipelines/pipelines-as-code/releases)
- [Commits](tektoncd/pipelines-as-code@v0.45.0...v0.46.0)

---
updated-dependencies:
- dependency-name: github.com/openshift-pipelines/pipelines-as-code
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/openshift-pipelines/pipelines-as-code-0.46.0 branch from 84b42f4 to fb4e69a Compare May 28, 2026 07:25
@anithapriyanatarajan @tekton-robot
chore: fix failing unit tests during upgrade
aa7b595 
Signed-off-by: Anitha Natarajan <anataraj@redhat.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 28, 2026

Merging this branch will not change overall coverage

Impacted Packages Coverage Δ 🤖
github.com/tektoncd/operator/pkg/apis/operator/v1alpha1 36.29% (ø)
Coverage by file

Changed unit test files

  • github.com/tektoncd/operator/pkg/apis/operator/v1alpha1/openshiftpipelinesascode_defaults_test.go

@anithapriyanatarajan
Copy link
Copy Markdown
Contributor

anithapriyanatarajan commented May 28, 2026

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label May 28, 2026
@anithapriyanatarajan
Copy link
Copy Markdown
Contributor

anithapriyanatarajan commented May 28, 2026

/approve

@tekton-robot
Copy link
Copy Markdown
Contributor

tekton-robot commented May 28, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anithapriyanatarajan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:
  • OWNERS [anithapriyanatarajan]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 28, 2026
@tekton-robot tekton-robot merged commit a4e8dba into main May 28, 2026
16 checks passed
@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/openshift-pipelines/pipelines-as-code-0.46.0 branch May 28, 2026 13:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anithapriyanatarajan anithapriyanatarajan Awaiting requested review from anithapriyanatarajan

@khrm khrm Awaiting requested review from khrm

Assignees

@anithapriyanatarajan anithapriyanatarajan

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anithapriyanatarajan @tekton-robot