diff --git a/hack/dev/kind/install.sh b/hack/dev/kind/install.sh
index 8407bef86..79d689719 100755
--- a/hack/dev/kind/install.sh
+++ b/hack/dev/kind/install.sh
@@ -25,23 +25,23 @@ export TARGET=kubernetes
 export DOMAIN_NAME=paac-127-0-0-1.nip.io
 
 if [ -z "${TEST_GITEA_SMEEURL}" ]; then
-	echo "You should forward the URL via smee, create a URL in there by going to https://hook.pipelinesascode.com"
-	echo "set it up as environement variable in the 'TEST_GITEA_SMEEURL=https://hook.pipelinesascode.com/XXXXXXXX' variable"
-	exit 1
+  echo "You should forward the URL via smee, create a URL in there by going to https://hook.pipelinesascode.com"
+  echo "set it up as environement variable in the 'TEST_GITEA_SMEEURL=https://hook.pipelinesascode.com/XXXXXXXX' variable"
+  exit 1
 fi
 if ! builtin type -p kind &>/dev/null; then
-	echo "Install kind. https://kind.sigs.k8s.io/docs/user/quick-start/#installation"
-	exit 1
+  echo "Install kind. https://kind.sigs.k8s.io/docs/user/quick-start/#installation"
+  exit 1
 fi
 kind=$(type -p kind)
 if ! builtin type -p ko &>/dev/null; then
-	echo "Install ko. https://ko.build/install/"
-	exit 1
+  echo "Install ko. https://ko.build/install/"
+  exit 1
 fi
 ko=$(type -p ko)
 if ! builtin type -p gosmee &>/dev/null; then
-	echo "Install gosmee. https://github.com/chmouel/gosmee?tab=readme-ov-file#install"
-	exit 1
+  echo "Install gosmee. https://github.com/chmouel/gosmee?tab=readme-ov-file#install"
+  exit 1
 fi
 
 TMPD=$(mktemp -d /tmp/.GITXXXX)
@@ -56,7 +56,7 @@ GITEA_HOST=${GITEA_HOST:-"localhost:3000"}
 NO_REINSTALL_KIND=${NO_REINSTALL_KIND:-""}
 
 [[ $(uname -s) == "Darwin" ]] && {
-	SUDO=
+  SUDO=
 }
 
 # cleanup on exit (useful for running locally)
@@ -64,35 +64,35 @@ cleanup() { rm -rf ${TMPD}; }
 trap cleanup EXIT
 
 function start_registry() {
-	running="$(docker inspect -f '{{.State.Running}}' ${REG_NAME} 2>/dev/null || echo false)"
+  running="$(docker inspect -f '{{.State.Running}}' ${REG_NAME} 2>/dev/null || echo false)"
 
-	if [[ ${running} != "true" ]]; then
-		docker rm -f kind-registry || true
-		docker run \
-			-d --restart=always -p "127.0.0.1:${REG_PORT}:5000" \
-			-e REGISTRY_HTTP_SECRET=secret \
-			--name "${REG_NAME}" \
-			registry:2
-	fi
+  if [[ ${running} != "true" ]]; then
+    docker rm -f kind-registry || true
+    docker run \
+      -d --restart=always -p "127.0.0.1:${REG_PORT}:5000" \
+      -e REGISTRY_HTTP_SECRET=secret \
+      --name "${REG_NAME}" \
+      registry:2
+  fi
 }
 
 function reinstall_kind() {
-	${SUDO} $kind delete cluster --name ${KIND_CLUSTER_NAME} || true
-	sed "s,%DOCKERCFG%,${HOME}/.docker/config.json," kind.yaml >${TMPD}/kconfig.yaml
+  ${SUDO} $kind delete cluster --name ${KIND_CLUSTER_NAME} || true
+  sed "s,%DOCKERCFG%,${HOME}/.docker/config.json," kind.yaml >${TMPD}/kconfig.yaml
 
-	cat <<EOF >>${TMPD}/kconfig.yaml
+  cat <<EOF >>${TMPD}/kconfig.yaml
 containerdConfigPatches:
 - |-
   [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${REG_PORT}"]
     endpoint = ["http://${REG_NAME}:5000"]
 EOF
 
-	${SUDO} ${kind} create cluster --name ${KIND_CLUSTER_NAME} --config ${TMPD}/kconfig.yaml
-	mkdir -p $(dirname ${KUBECONFIG})
-	${SUDO} ${kind} --name ${KIND_CLUSTER_NAME} get kubeconfig >${KUBECONFIG}
+  ${SUDO} ${kind} create cluster --name ${KIND_CLUSTER_NAME} --config ${TMPD}/kconfig.yaml
+  mkdir -p $(dirname ${KUBECONFIG})
+  ${SUDO} ${kind} --name ${KIND_CLUSTER_NAME} get kubeconfig >${KUBECONFIG}
 
-	docker network connect "kind" "${REG_NAME}" 2>/dev/null || true
-	cat <<EOF | kubectl apply -f -
+  docker network connect "kind" "${REG_NAME}" 2>/dev/null || true
+  cat <<EOF | kubectl apply -f -
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -107,135 +107,137 @@ EOF
 }
 
 function install_nginx() {
-	echo "Installing nginx"
-	kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml >/dev/null
-	i=0
-	echo -n "Waiting for nginx to come up: "
-	while true; do
-		[[ ${i} == 120 ]] && exit 1
-		ep=$(kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=180s 2>/dev/null || true)
-		[[ -n ${ep} ]] && break
-		sleep 5
-		i=$((i + 1))
-	done
-	echo "done."
+  echo "Installing nginx"
+  kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml >/dev/null
+  i=0
+  echo -n "Waiting for nginx to come up: "
+  while true; do
+    [[ ${i} == 120 ]] && exit 1
+    ep=$(kubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=180s 2>/dev/null || true)
+    [[ -n ${ep} ]] && break
+    sleep 5
+    i=$((i + 1))
+  done
+  echo "done."
 }
 
 function install_tekton() {
-	echo "Installing Tekton Pipeline"
-	kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml >/dev/null
-	echo "Installing Tekton Dashboard"
-	kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml >/dev/null
-	i=0
-	echo -n "Waiting for tekton pipeline to come up: "
-	tt=pipelines
-	while true; do
-		[[ ${i} == 120 ]] && exit 1
-		ep=$(kubectl get ep -n tekton-pipelines tekton-${tt}-webhook -o jsonpath='{.subsets[*].addresses[*].ip}')
-		[[ -n ${ep} ]] && break
-		sleep 2
-		i=$((i + 1))
-	done
-	echo "done."
+  echo "Installing Tekton Pipeline"
+  kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml >/dev/null
+  echo "Installing Tekton Dashboard"
+  kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml >/dev/null
+  i=0
+  echo -n "Waiting for tekton pipeline to come up: "
+  tt=pipelines
+  while true; do
+    [[ ${i} == 120 ]] && exit 1
+    ep=$(kubectl get ep -n tekton-pipelines tekton-${tt}-webhook -o jsonpath='{.subsets[*].addresses[*].ip}')
+    [[ -n ${ep} ]] && break
+    sleep 2
+    i=$((i + 1))
+  done
+  echo "done."
 
-	echo "Installaing Dashboard Ingress"
-	sed -e "s,%DOMAIN_NAME%,${DOMAIN_NAME}," ingress-dashboard.yaml | kubectl apply -f-
+  echo "Enable step actions feature flag"
+  kubectl patch configmap -n tekton-pipelines --type merge -p '{"data":{"enable-step-actions": "true"}}' feature-flags
+  echo "Installing Dashboard Ingress"
+  sed -e "s,%DOMAIN_NAME%,${DOMAIN_NAME}," ingress-dashboard.yaml | kubectl apply -f-
 }
 
 function install_pac() {
-	[[ -z ${PAC_DIR} && $(git rev-parse --show-toplevel 2>/dev/null) != "" ]] &&
-		PAC_DIR=$(git rev-parse --show-toplevel)
+  [[ -z ${PAC_DIR} && $(git rev-parse --show-toplevel 2>/dev/null) != "" ]] &&
+    PAC_DIR=$(git rev-parse --show-toplevel)
 
-	[[ -z ${PAC_DIR} && $(git rev-parse --show-toplevel 2>/dev/null) == "" ]] &&
-		PAC_DIR=$GOPATH/src/github.com/openshift-pipelines/pipelines-as-code
+  [[ -z ${PAC_DIR} && $(git rev-parse --show-toplevel 2>/dev/null) == "" ]] &&
+    PAC_DIR=$GOPATH/src/github.com/openshift-pipelines/pipelines-as-code
 
-	if [[ -n ${INSTALL_FROM_RELEASE} ]]; then
-		kubectl apply -f ${PAC_RELEASE:-https://github.com/openshift-pipelines/pipelines-as-code/raw/stable/release.k8s.yaml}
-	else
-		[[ -d ${PAC_DIR} ]] || {
-			echo "I cannot find the PAC installation directory, set the variable \$PAC_DIR to define it. or launch this script from inside where the pac code is checkout"
-			exit 1
-		}
-		oldPwd=${PWD}
-		cd ${PAC_DIR}
-		echo "Deploying PAC from ${PAC_DIR}"
-		if [[ -n ${PAC_DEPLOY_SCRIPT:-""} ]]; then
-			${PAC_DEPLOY_SCRIPT}
-		else
-			env KO_DOCKER_REPO=localhost:5000 $ko apply -f config --sbom=none -B >/dev/null
-		fi
-		cd ${oldPwd}
-	fi
-	configure_pac
-	echo "controller: http://controller.${DOMAIN_NAME}"
-	echo "dashboard: http://dashboard.${DOMAIN_NAME}"
+  if [[ -n ${INSTALL_FROM_RELEASE} ]]; then
+    kubectl apply -f ${PAC_RELEASE:-https://github.com/openshift-pipelines/pipelines-as-code/raw/stable/release.k8s.yaml}
+  else
+    [[ -d ${PAC_DIR} ]] || {
+      echo "I cannot find the PAC installation directory, set the variable \$PAC_DIR to define it. or launch this script from inside where the pac code is checkout"
+      exit 1
+    }
+    oldPwd=${PWD}
+    cd ${PAC_DIR}
+    echo "Deploying PAC from ${PAC_DIR}"
+    if [[ -n ${PAC_DEPLOY_SCRIPT:-""} ]]; then
+      ${PAC_DEPLOY_SCRIPT}
+    else
+      env KO_DOCKER_REPO=localhost:5000 $ko apply -f config --sbom=none -B >/dev/null
+    fi
+    cd ${oldPwd}
+  fi
+  configure_pac
+  echo "controller: http://controller.${DOMAIN_NAME}"
+  echo "dashboard: http://dashboard.${DOMAIN_NAME}"
 }
 
 function configure_pac() {
-	kubectl get service -n pipelines-as-code
-	service_name=pipelines-as-code-controller
-	kubectl get service -n pipelines-as-code -o name |
-		sed 's/.*\///' |
-		grep -q el-pipelines-as-code-interceptor &&
-		service_name=el-pipelines-as-code-interceptor
+  kubectl get service -n pipelines-as-code
+  service_name=pipelines-as-code-controller
+  kubectl get service -n pipelines-as-code -o name |
+    sed 's/.*\///' |
+    grep -q el-pipelines-as-code-interceptor &&
+    service_name=el-pipelines-as-code-interceptor
 
-	sed -e "s,%DOMAIN_NAME%,${DOMAIN_NAME}," -e "s,%SERVICE_NAME%,${service_name}," ingress-pac.yaml | kubectl apply -f-
+  sed -e "s,%DOMAIN_NAME%,${DOMAIN_NAME}," -e "s,%SERVICE_NAME%,${service_name}," ingress-pac.yaml | kubectl apply -f-
 
-	kubectl patch configmap -n pipelines-as-code -p "{\"data\":{\"bitbucket-cloud-check-source-ip\": \"false\"}}" pipelines-as-code &&
-		kubectl patch configmap -n pipelines-as-code -p "{\"data\":{\"tekton-dashboard-url\": \"http://dashboard.${DOMAIN_NAME}\"}}" --type merge pipelines-as-code
-	# add custom catalog so we can use it in e2e, this will points to the normal upstream hub so we can easily use it
-	kubectl patch configmap -n pipelines-as-code -p '{"data":{"catalog-1-id": "custom", "catalog-1-name": "tekton", "catalog-1-url": "https://api.hub.tekton.dev/v1"}}' --type merge pipelines-as-code
-	# add one more custom catalog so we can use it in e2e for multiple catalog support, this will points to the normal upstream hub so we can easily use it
+  kubectl patch configmap -n pipelines-as-code -p "{\"data\":{\"bitbucket-cloud-check-source-ip\": \"false\"}}" pipelines-as-code &&
+    kubectl patch configmap -n pipelines-as-code -p "{\"data\":{\"tekton-dashboard-url\": \"http://dashboard.${DOMAIN_NAME}\"}}" --type merge pipelines-as-code
+  # add custom catalog so we can use it in e2e, this will points to the normal upstream hub so we can easily use it
+  kubectl patch configmap -n pipelines-as-code -p '{"data":{"catalog-1-id": "custom", "catalog-1-name": "tekton", "catalog-1-url": "https://api.hub.tekton.dev/v1"}}' --type merge pipelines-as-code
+  # add one more custom catalog so we can use it in e2e for multiple catalog support, this will points to the normal upstream hub so we can easily use it
   kubectl patch configmap -n pipelines-as-code -p '{"data":{"catalog-2-id": "custom2", "catalog-2-name": "tekton", "catalog-2-url": "https://api.hub.tekton.dev/v1"}}' --type merge pipelines-as-code
-	set +x
-	if [[ -n ${PAC_PASS_SECRET_FOLDER} ]]; then
-		echo "Installing PAC secrets"
-		kubectl delete secret pipelines-as-code-secret -n pipelines-as-code 2>/dev/null || true
-		kubectl create secret generic pipelines-as-code-secret -n pipelines-as-code
-		for passk in github-application-id github-private-key webhook.secret; do
-			if [[ ${passk} == *-key ]]; then
-				b64d=$(pass show ${PAC_PASS_SECRET_FOLDER}/${passk} | base64 -w0)
-			else
-				b64d=$(echo -n $(pass show ${PAC_PASS_SECRET_FOLDER}/${passk}) | base64 -w0)
-			fi
-			kubectl patch secret -n pipelines-as-code -p "{\"data\":{\"${passk}\": \"${b64d}\"}}" \
-				--type merge pipelines-as-code-secret >/dev/null
-		done
-	else
-		echo "No secret has been installed"
-		echo "you need to create a pass https://www.passwordstore.org/ folder with"
-		echo "github-application-id github-private-key webhook.secret information in there"
-		echo "and export the PAC_PASS_SECRET_FOLDER variable to that folder"
-		echo "or install your pipelines-as-code-secret manually"
-		kubectl delete secret -n pipelines-as-code pipelines-as-code-secret >/dev/null 2>/dev/null || true
-	fi
+  set +x
+  if [[ -n ${PAC_PASS_SECRET_FOLDER} ]]; then
+    echo "Installing PAC secrets"
+    kubectl delete secret pipelines-as-code-secret -n pipelines-as-code 2>/dev/null || true
+    kubectl create secret generic pipelines-as-code-secret -n pipelines-as-code
+    for passk in github-application-id github-private-key webhook.secret; do
+      if [[ ${passk} == *-key ]]; then
+        b64d=$(pass show ${PAC_PASS_SECRET_FOLDER}/${passk} | base64 -w0)
+      else
+        b64d=$(echo -n $(pass show ${PAC_PASS_SECRET_FOLDER}/${passk}) | base64 -w0)
+      fi
+      kubectl patch secret -n pipelines-as-code -p "{\"data\":{\"${passk}\": \"${b64d}\"}}" \
+        --type merge pipelines-as-code-secret >/dev/null
+    done
+  else
+    echo "No secret has been installed"
+    echo "you need to create a pass https://www.passwordstore.org/ folder with"
+    echo "github-application-id github-private-key webhook.secret information in there"
+    echo "and export the PAC_PASS_SECRET_FOLDER variable to that folder"
+    echo "or install your pipelines-as-code-secret manually"
+    kubectl delete secret -n pipelines-as-code pipelines-as-code-secret >/dev/null 2>/dev/null || true
+  fi
 
-	echo "Set Active Namespace to pipelines-as-code"
-	kubectl config set-context --current --namespace=pipelines-as-code >/dev/null
-	echo "Run: gosmee client --saveDir /tmp/replays ${TEST_GITEA_SMEEURL} http://controller.${DOMAIN_NAME}"
+  echo "Set Active Namespace to pipelines-as-code"
+  kubectl config set-context --current --namespace=pipelines-as-code >/dev/null
+  echo "Run: gosmee client --saveDir /tmp/replays ${TEST_GITEA_SMEEURL} http://controller.${DOMAIN_NAME}"
 }
 
 function install_gitea() {
-	env GITEA_URL="http://${GITEA_HOST}" GITEA_HOST=$GITEA_HOST GITEA_USER="pac" \
-		GITEA_PASSWORD="pac" GITEA_REPO_NAME="pac-e2e" ./gitea/deploy.py
+  env GITEA_URL="http://${GITEA_HOST}" GITEA_HOST=$GITEA_HOST GITEA_USER="pac" \
+    GITEA_PASSWORD="pac" GITEA_REPO_NAME="pac-e2e" ./gitea/deploy.py
 }
 
 main() {
-	if [[ -z ${NO_REINSTALL_KIND} ]]; then
-		start_registry
-		reinstall_kind
-	else
-		echo "Skipping kind reinstall"
-	fi
-	install_nginx
-	install_tekton
-	install_pac
-	[[ -z ${DISABLE_GITEA} ]] && install_gitea
-	echo "And we are done :): "
+  if [[ -z ${NO_REINSTALL_KIND} ]]; then
+    start_registry
+    reinstall_kind
+  else
+    echo "Skipping kind reinstall"
+  fi
+  install_nginx
+  install_tekton
+  install_pac
+  [[ -z ${DISABLE_GITEA} ]] && install_gitea
+  echo "And we are done :): "
 }
 
 function usage() {
-	cat <<EOF
+  cat <<EOF
 Usage: $0 [OPTIONS]
 
 Options:
@@ -252,50 +254,50 @@ EOF
 }
 
 while getopts "ROGhgpcrb" o; do
-	case "${o}" in
-	h)
-		usage
-		exit
-		;;
-	b)
-		start_registry
-		reinstall_kind
-		install_nginx
-		install_tekton
-		exit
-		;;
-	c)
-		configure_pac
-		exit
-		;;
-	p)
-		install_pac
-		exit
-		;;
-	R)
+  case "${o}" in
+  h)
+    usage
+    exit
+    ;;
+  b)
+    start_registry
+    reinstall_kind
+    install_nginx
+    install_tekton
+    exit
+    ;;
+  c)
+    configure_pac
+    exit
+    ;;
+  p)
+    install_pac
+    exit
+    ;;
+  R)
 
-		echo "Restarting pac pods"
-		kubectl delete pod -l app.kubernetes.io/part-of=pipelines-as-code -n pipelines-as-code || true
-		;;
-	r)
-		INSTALL_FROM_RELEASE=yes
-		;;
-	O)
-		NO_REINSTALL_KIND=yes
-		;;
-	g)
-		install_gitea
-		exit
-		;;
-	G)
-		DISABLE_GITEA=yes
-		;;
+    echo "Restarting pac pods"
+    kubectl delete pod -l app.kubernetes.io/part-of=pipelines-as-code -n pipelines-as-code || true
+    ;;
+  r)
+    INSTALL_FROM_RELEASE=yes
+    ;;
+  O)
+    NO_REINSTALL_KIND=yes
+    ;;
+  g)
+    install_gitea
+    exit
+    ;;
+  G)
+    DISABLE_GITEA=yes
+    ;;
 
-	*)
-		echo "Invalid option"
-		exit 1
-		;;
-	esac
+  *)
+    echo "Invalid option"
+    exit 1
+    ;;
+  esac
 done
 shift $((OPTIND - 1))
 
diff --git a/test/gitea_test.go b/test/gitea_test.go
index 0772539ac..6dffd361f 100644
--- a/test/gitea_test.go
+++ b/test/gitea_test.go
@@ -118,6 +118,21 @@ func TestGiteaPullRequestPrivateRepository(t *testing.T) {
 	tgitea.WaitForSecretDeletion(t, topts, topts.TargetRefName)
 }
 
+func TestGiteaStepActions(t *testing.T) {
+	topts := &tgitea.TestOpts{
+		Regexp:      successRegexp,
+		TargetEvent: triggertype.PullRequest.String(),
+		YAMLFiles: map[string]string{
+			".tekton/pipelinerun-stepaction.yaml": "testdata/pipelinerun-stepactions.yaml",
+		},
+		ExpectEvents:   false,
+		CheckForStatus: "success",
+	}
+	_, f := tgitea.TestPR(t, topts)
+	defer f()
+	tgitea.WaitForSecretDeletion(t, topts, topts.TargetRefName)
+}
+
 // TestGiteaBadYaml we can't check pr status but this shows up in the
 // controller, so let's dig ourself in there....  TargetNS is a random string, so
 // it can only success if it matches it.
diff --git a/test/testdata/pipelinerun-stepactions.yaml b/test/testdata/pipelinerun-stepactions.yaml
new file mode 100644
index 000000000..b920752a5
--- /dev/null
+++ b/test/testdata/pipelinerun-stepactions.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  name: "\\ .PipelineName //"
+  annotations:
+    pipelinesascode.tekton.dev/target-namespace: "\\ .TargetNamespace //"
+    pipelinesascode.tekton.dev/on-target-branch: "[\\ .TargetBranch //]"
+    pipelinesascode.tekton.dev/on-event: "[\\ .TargetEvent //]"
+spec:
+  pipelineSpec:
+    tasks:
+      - name: stepactions-task
+        taskSpec:
+          steps:
+            - name: fetch-repo-with-stepaction
+              ref:
+                resolver: http
+                params:
+                  - name: url
+                    value: https://raw.githubusercontent.com/tektoncd/catalog/main/stepaction/git-clone/0.1/git-clone.yaml
+              params:
+                - name: output-path
+                  value: "/tmp/output"
+                - name: url
+                  value: "https://github.com/openshift-pipelines/pac-demo"
+                - name: revision
+                  value: "main"