downgraded go version to 1.23.6 and downgraded
cert-manager dependency version as well.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

*   The finalizer name used by the controller was updated.
*   A new constant `FinalizerName` was introduced for the explicit part of the
name.
*   The finalizer name was updated to combine the group name and the new
constant.
*   This change aligns the finalizer naming with common Kubernetes conventions.

Fixes #1763

Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>
Co-authored-by: zakisk <zashaikh@redhat.com>

Before this patch pipeline was triggered on any merge request update,
regardless of what changed such as title, description or assigne changes

With the current change, pipeline will be triggered only when labels
are added or removed

Signed-off-by: PuneetPunamiya <ppunamiy@redhat.com>

When a PipelineRun template in the .tekton/ directory
contains a YAML syntax error, the error message was
prefixed with a confusing "cannot locate templates
in .tekton directory" message.

This change ensures the error accurately reflects that
a file was found but failed to parse, avoiding
confusion between empty .tekton directory
and a malformed one.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

- Added ReadHeaderTimeout, ReadTimeout, and IdleTimeout to HTTP server
  for improved security and reliability

The handling of YAML validation errors was refactored to be more
intelligent and less noisy. It now only reports errors for resources
that are identified as Tekton resources or are fundamentally invalid YAML.

- Refactored validation errors from a simple map to a structured type
  that includes the resource name, schema, and error object.
- Updated YAML parsing to extract the resource's `apiVersion` (schema)
  even when the document fails to decode fully as a Tekton object.
- Implemented filtering to report validation errors only for resources
  with a `tekton.dev` API group or for generic YAML syntax errors.
- This prevents creating error comments on pull requests for other
  valid, non-Tekton YAML files located in the `.tekton` directory.

Jira: https://issues.redhat.com/browse/SRVKP-7906

Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>

- Added error handling for closing HTTP response body to improve robustness
- Changed list function to return result of writer flush for better
  error reporting

Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>

invalidated empty commits in push in bitbucket data center
as we may want to check commit field for commit SHA.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

fixed an issue where push pipeline run was not triggering on
pr merge when pipeline run definition is having on-path-cahnge
annotation. this was happening due to bitbucket data center
api behavior that it creates merge commit on pr merge that
is set as HEAD commit of the branch and when changes for that
commit is retrieved, they're being received empty because
merge commit in bitbucket data center doesn't contain code
changes of its parent.

https://issues.redhat.com/browse/SRVKP-7432

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

made changes to goreleaser to use homebrews_casks
instead of brews

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

this fixes logs message in GetTektonDir func for event
type.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

fixed golangci-lint revive var-naming error in linters

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

this commits changes value of on-target-branch annotation
in go-testing PipelineRun to make it be triggered when
any branch is targeted in the PaC repo.

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

Fix nil-pointer panic when /rate_limit returns success without SCIM data
or when the HTTP response itself is nil.
Add early err/resp checks and ensure rl and rl.SCIM are non-nil
before accessing them.

Jira: https://issues.redhat.com/browse/SRVKP-8075

Signed-off-by: Zaki Shaikh <zashaikh@redhat.com>

unmarshal non-Tekton custom resources, such as `ImageDigestMirrorSet`,
or `StepActions` as PipelineRuns. This caused the PaC bot to post misleading
"PipelineRun failure" comments on pull requests, even when all CI
jobs were successful.

This change updates the parsing logic to specifically check for and
ignore non-Tekton resources found within the `.tekton` directory.
By skipping these files, we prevent erroneous parsing errors and
stop the bot from posting false-positive comments.

This resolves the issue where developers were confused by failure
notifications on otherwise successful PRs, improving the overall
developer experience by reducing unnecessary noise. The fix ensures
that comments are only posted for legitimate PipelineRun failures.

Jira: https://issues.redhat.com/browse/SRVKP-8112

Signed-off-by: Chmouel Boudjnah <chmouel@redhat.com>

Signed-off-by: Ben Dronen <dronenb@users.noreply.github.com>