v0.17.4

Pipelines as Code version v0.17.4

OpenShift Pipelines as Code v0.17.4 has been released 🥳

this is a minor release fixing some crashing in the controller and extend the timeout taking to update the annotations in case of conflicts with other controllers updating the annotations

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.4/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.4/release.k8s.yaml

Documentation

The documentation for this release is available here :

https://release-v0-17-4.pipelines-as-code.pages.dev

Changelog

• f5099a1: add /src as safe in dockerfile (@chmouel)
• 6e9f226: add workspace.source.dir as safe for git in release pipeline yaml (@savitaashture)
• 3d36674: add workspace.source.dir as safe for git in release pipeline yaml (@savitaashture)
• a0ff454: disable depguard for now (@chmouel)
• 17972c8: double default retry backoff for piplinerun patch (@gabemontero)
• 4990013: fix goreleaser deprecation notice (@chmouel)
• b646b2f: fix some markdownlint new error in code-of-conduct (@chmouel)
• c1b5211: more return original pipelinerun vs. nil on patch (@gabemontero)
• 9f47811: more safe directory of the workspaces source path (@chmouel)
• 133ebe5: return original pipelinerun vs. nil on patch error (@gabemontero)

v0.19.2

Pipelines as Code version v0.19.2

OpenShift Pipelines as Code patch version v0.19.2 has been released 🥳

This release fixes a crash, increase the timeout to try to update the pipelinerun annotations in case of conflicts among other fixes and documentation update.

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.2/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.2/release.k8s.yaml

Documentation

documentation is available here :

https://release-v0-19-2.pipelines-as-code.pages.dev

Changelog

• 8973f97: Fetch the hugo binary ourselves (@chmouel)
• 9641e39: Fix GitHub token scope issue when secret-github-app-token-scoped key is enabled and repo level as well as global configuration provided (@savitaashture)
• 554a319: Fix secret on custom params documentation (@chmouel)
• 2937e9e: disable depguard for now (@chmouel)
• 802f08c: double default retry backoff for piplinerun patch (@gabemontero)
• e77acb0: fix ghapp_token when we don't output jwt tokens (@chmouel)
• d09e388: return original pipelinerun vs. nil on patch error (@gabemontero)

v0.19.1

Pipelines as Code version v0.19.1

OpenShift Pipelines as Code patch version v0.19.1 has been released 🥳

This minor release fixes theses issues:

• CEL expression in Pipelines as Code has new values target_url and source_url available for filtering
  PR: #1272

• Users don't need to be a public member of the organization to be able to let run the CI:
  PR: #1286

• Updated installation doc on how to set configurations for PAC when installed using the Operator
  PR: #1220

• Pipelines as Code will not error out if non admin user try to list pac-configmap or repo CR with tkn pac
  PR: #1294

• tkn pac resolver has many different fixes and now let you output pipelinerun as tekto/v1beta1 instead of v1 letting users run pipelinerun on clusters that doesn't support v1 yet:
  PR: #1293

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.1/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.1/release.k8s.yaml

Documentation

documentation is available here :

https://release-v0-19-1.pipelines-as-code.pages.dev/

Changelog

• d3bcde4: Add --v1beta1 flag for pipelinerun output (@chmouel)
• 06c46a5: Add condition check to verify secret-github-app-token-scoped enabled or not (@savitaashture)
• c21e618: Add detailed info and addressed review comments (@savitaashture)
• fef77fd: Fix help message on -o flag (@chmouel)
• 6d29324: Fix java template (@piyush-garg)
• 2365c66: Improve logging doc with @mramendi proposed changes. (@AndrienkoAleksandr)
• 1171010: Make target_url and source_url field available in cel (@piyush-garg)
• bbfce2f: Move logging docs to settings.md (@AndrienkoAleksandr)
• e251abf: Rephrase running.md documentation (@chmouel)
• 91f33db: Update docs/content/docs/install/settings.md (@AndrienkoAleksandr)
• 7bd7020: Update installtion doc with operator configuration info (@savitaashture)
• e008b22: Use 'Pipelines as Code' in the logging doc (@AndrienkoAleksandr)
• 4dc57c6: [cli] Don't error when user cannot acces pac ns (@chmouel)
• 8f2dd07: add /src as safe in dockerfile (@chmouel)
• 0086170: add workspace.source.dir as safe for git (@chmouel)
• e042b53: add workspace.source.dir as safe for git in release pipeline yaml (@savitaashture)
• 4ce1279: add workspace.source.dir as safe for git in release pipeline yaml (@savitaashture)
• d20d460: don't just list the public members of a org (@chmouel)
• 50cb242: fix markdownlint (@chmouel)
• 8f68e57: tkn pac resolver fixes (@chmouel)
• 9e4df9b: use curl from docker hub (@chmouel)

v0.19.0

Pipelines as Code version v0.19.0

OpenShift Pipelines as Code patch version v0.19.0 has been released 🥳

Changes

• The Github Apps token scopes can now can be scoped to extra repositories by the user on the Repo CR instead of just being a global admin/only setting.

  • Doc: https://main.pipelines-as-code.pages.dev/docs/guide/repositorycrd/#scope-github-token-to-a-list-of-private-and-public-repositories-within-and-outside-namespaces

• The output of the logging of the controller and watcher are now configurable with configmap the same way others tekton controllers are configured.

  • Doc: https://pipelinesascode.com/dev/#configuring-debug-logging

• The custom console driver now respects the custom parameters from CR

  • Doc: https://pipelinesascode.com/docs/install/settings/#custom-console-or-dashboard

• For an extra layer of security you can now make Pac lookup for PipelineRuns definitions in a .tekton directory from the default branch instead of the source event.

  • Doc: https://pipelinesascode.com/docs/guide/repositorycrd/#pipelinerun-definition-provenance

• PaaC logs should now have the namespace match added when there is one

  • PR: #1251

• To make it easy to try PaC for users on OpenShift local or other non accessible from the internet OpenShift installs we now let the user install a forwarding hook to make it work with GitHub.

  • PR: #1262

• We are now using the task as served from hub instead of the raw url from Github. This will help with rate limiting and with private hub install with private tasks.

  • PR: #1256

• We are now exposing the PAC labels as well as annotations. Since Paac labels needs to be modified to the kubernetes constraint for label values we expose them as annotations to be relied on unmodified.

  • PR #1228

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.19.0/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• 6759f72: Add annotation instead of labels and modified code to use constants (@savitaashture)
• 61b9ed6: Add doc about changing log level. (@AndrienkoAleksandr)
• ba73300: Add namespace info to the logger (@savitaashture)
• 821846f: Add some tests for bootstrap and controller (@chmouel)
• 81aa055: Addressed review comments and updated doc (@savitaashture)
• 40b5022: Bump docker/metadata-action from 4.3.0 to 4.4.0 (@dependabot[bot])
• aff80e6: Fix CI issue and removed TestGithubPullRequestRemoteTaskAnnotations e2e test as well as updated workflow for kind e2e and nightly (@savitaashture)
• c4a31f1: Fix hack/upload-file-to-github.py upload (@chmouel)
• 208e197: Fix heading for error detection (@chmouel)
• 9b23aea: Fix pipelinesascode_github_test (@chmouel)
• d55888b: Improve logging doc with more actual info. (@AndrienkoAleksandr)
• 8b772e0: Let the user install gosmee on bootstrap on OpenShift (@chmouel)
• 28f7790: Let user define pipeline provenance definition (@chmouel)
• 9dd8fae: Make custom console respect custom params (@chmouel)
• 210ca2e: Make pod logs configurable with config map. (@AndrienkoAleksandr)
• ed98243: Move customparams feature to its own package (@chmouel)
• c64daf7: Refactored ScopeTokenToListOfRepos and moved to Github provider package (@savitaashture)
• e526be5: Remove new line from kubernetes labels (@chmouel)
• 07fa876: Scope GitHub token to a list of provided private and public repository (@savitaashture)
• 79a3d75: Show hook URL for the github app in cli info install (@chmouel)
• 30d3dd9: Update repositorycrd md file (@savitaashture)
• fc17737: Use GitHub official company name instead of Github (@chmouel)
• bcbd54c: Use internal url from hub instead of public rawurl (@chmouel)
• b9a0c91: Use knative to get namespace. (@AndrienkoAleksandr)
• 7202d1a: add link to the documentation for configmap.yaml (@chmouel)
• 6a6b4ff: add our own rule for vale to check (@chmouel)
• bf4d913: add some helpful comments in configmap example (@chmouel)
• 7d5b1c3: add test for webhook secret (@chmouel)
• 77f4de6: add unittest for getLogURLMergePatch (@chmouel)
• be2f571: don't just rely on ldflags to generate version (@chmouel)
• 132a78a: fix markdownlint custom rule (@chmouel)
• 035cf40: fix review comments and added some info log (@savitaashture)
• 8bcf255: fix some markdownlint new error in code-of-conduct (@chmouel)
• 074d632: let set string on upload-file-to-github.py script (#1264) (@chmouel)
• 2cbe1d2: markdownlint fix (@chmouel)
• c1aff88: more Github to GitHub replacement in docs (@chmouel)
• 968a45f: remove some non used deadcode! (@chmouel)
• a34c6e3: removed unused GithubAppTokenScopeRepos as its moved to settings field (@savitaashture)
• a45a317: rename config_maxkeepruns_test to github_config_maxkeepruns_test (@chmouel)

v0.15.6

Pipelines as Code version v0.15.6

OpenShift Pipelines as Code patch version v0.15.6 has been released. This release fix one low security bug when the temporary github token can leak to the github checks interface in case there is a infrastructure failure and paac cannot create the secret on cluster.

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.15.6/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.15.6/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• 69a6a2d: Don't show the secret content if we cannot create the secret (@chmouel)
• 8fcca8e: pin docker version or it will fail (@chmouel)

v0.18.0

Pipelines as Code version v0.18.0

OpenShift Pipelines as Code patch version v0.18.0 has been released 🥳

Some of the major Features added to this version are:

• Support custom parameters on Repository CR Doc
• Add check suite support #1191
• Add 'tkn pac info install` command, to give you an overview of your install configuration and setup #1229
• Let user target a push or a incoming event for incoming webhook 2257276
• Enable error detection from container log enabled by default: #1209
• Error out if multiple pipelineruns with same name are found #1203

See the ChangeLog below for a more complete list of changes.

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.18.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.18.0/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• 881bb8b: Add -f to pr logs command (@savitaashture)
• 73ee349: Add @sm43 to OWNERS file (@chmouel)
• 496b0dc: Add NO_COLOR to vale (@chmouel)
• 061f38c: Add check suite support for github provider (@chmouel)
• 3f72574: Add client side URL validation for Tekton Dashboard URL (@savitaashture)
• a393ddc: Add coverage via github workflow (@chmouel)
• cf22b58: Add information on 'tkn pac info' command for Pipelines as Code installation (@chmouel)
• e52bfa2: Add unit tests to info configmap (@savitaashture)
• bcdf0c5: Add unit tests to promt and status files (@savitaashture)
• 7558bd3: Always use latest ubi-minimal to build image (@chmouel)
• a49a9ab: Bump actions/setup-go from 3 to 4 (@dependabot[bot])
• 7aef575: Do not validate users when pull-request is from the same repository (@savitaashture)
• 4f79a68: Don't error out when repo is not found (@chmouel)
• 330f183: Don't show the secret content if we cannot create the secret (@chmouel)
• 881b184: Error out if multiple pipelineruns with same name are found (@sm43)
• 7130a67: Fix TestGiteaPullRequest e2e failure (@chmouel)
• 11337b9: Fix bad section for tkn pac logs (@chmouel)
• 9820da9: Fix custom console dashboard issue and added e2e (@savitaashture)
• 619ce45: Fix github user collaborator check (@pbrogan12)
• ceb66bf: Fix golangci-lint latest (@chmouel)
• 4c1dc1a: Fix label issue for original-prname (@savitaashture)
• d403fe3: Fix linter errors (@chmouel)
• af44809: Fix on-cel-expression used for event=push and target_branch=main (@savitaashture)
• fb7baad: Fix regexp for error reporting (@chmouel)
• d21cdd3: Let user target a push or a incoming event for incoming webhook (@chmouel)
• 6a61ac3: Make sure we clean the labels before creating the secrets. (@chmouel)
• 8eeca3f: Move pipelinerun labels to pipelinerun annotation (@savitaashture)
• ea46c2d: Not sure why GH_APPS_TOKEN is not working (@chmouel)
• 6a7aa10: Only run kind e2e on go and yaml changes (@chmouel)
• d6bb16e: Remove the gif easter egg (@chmouel)
• 4af49cf: Rephrase statuses documentation (@chmouel)
• 0e79399: Rephrase the Private Repositories documentation (@chmouel)
• 084bd5c: Report pipelinerun error properly (@chmouel)
• a99fdf5: Scope gitea e2e token to let do setup (@chmouel)
• 9c14eb6: Support custom params on CR (@chmouel)
• c2afeff: Sync vale to latest RHT rules or it will fails in CI (@chmouel)
• 5a63e6f: Update README.md (@chmouel)
• aae3394: Update all dependencies (@chmouel)
• 616b954: Update doc with another example on how to use the github token (@chmouel)
• c246338: Use a token that can post to pull request (@chmouel)
• 7ca41da: Use hook.pipelinesascode.com now, smee.io is not active anymore (@chmouel)
• dfef891: add fix-markdownlint makefile target (@chmouel)
• 8c80a7b: build images for arm64 architecture (@pbrogan12)
• 8c1bb96: cache docker image layers with builtins method (@chmouel)
• d97f318: document the fact that duplicate name are not allowed (@chmouel)
• 92f2de5: don't use git.io anymore (@chmouel)
• 61179d2: enable error detection from container logs on github apps by default (@chmouel)
• bd18d28: include -f into the code part or it will look weird (@chmouel)
• d4d18d3: make coverage difference in paac pipeline (@chmouel)
• a8048e9: make sure we access pull_request_target (@chmouel)
• b4c8bf0: make sure we access pull_request_target (@chmouel)
• 3440637: skip git test in coverage (@chmouel)
• 34660d7: trying to figure out why we cannot access secret (@chmouel)
• 04a38ee: use buildkit for building image (@chmouel)
• 00dd308: use default branch for kind-nightly (@chmouel)

v0.17.3

Pipelines as Code version v0.17.3

OpenShift Pipelines as Code patch version v0.17.3 has been released, see the changelog below for a list of bugfixes this releases bring.

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.3/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.3/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• b697a2c: Add -f to pr logs command (@savitaashture)
• c2ee473: Add client side URL validation for Tekton Dashboard URL (@savitaashture)
• 3832083: Backport fix to add scopes to user apps (@chmouel)
• c2eb938: Don't show the secret content if we cannot create the secret (@chmouel)
• 65f94d0: Fix TestGiteaPullRequest e2e failure (@chmouel)
• 8edc6a1: Fix label issue for original-prname (@savitaashture)
• 29786f2: Fix on-cel-expression used for event=push and target_branch=main (@savitaashture)
• 2ed5abb: Fix regexp for error reporting (@chmouel)
• 8601304: Remove the gif easter egg (@chmouel)
• a1e63ac: Report pipelinerun error properly (@chmouel)
• ec81dba: Scope gitea e2e token to let do setup (@chmouel)
• 7734988: Sync vale to latest RHT rules or it will fails in CI (@chmouel)
• 5403294: don't use git.io anymore (@chmouel)
• f7ad1a2: include -f into the code part or it will look weird (@chmouel)

v0.17.2

Pipelines as Code version v0.17.2

OpenShift Pipelines as Code patch version v0.17.2 has been released 🥳

This minor release fixes theses issues:

• Don't report error when the Repository CR is not found #1217 - Doc
• Error out if multiple pipelineruns with same name are found #1203 - Doc
• Fix Github collaborator check when you have more than 100 users #1187
• Fix custom console not working - #1216

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.2/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.2/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• ffeff4d: Don't error out when repo is not found (@chmouel)
• 7cadcea: Error out if multiple pipelineruns with same name are found (@sm43)
• 7888eee: Fix custom console dashboard issue and added e2e (@savitaashture)
• 66740a9: Fix github user collaborator check (@pbrogan12)
• 9825206: Fix golangci-lint latest (@chmouel)
• 2138a48: build images for arm64 architecture (@pbrogan12)
• 3fe959f: document the fact that duplicate name are not allowed (@chmouel)

v0.17.1

Pipelines as Code version v0.17.1

OpenShift Pipelines as Code patch version v0.17.1 has been released 🥳

This is a patch release on v0.17.1 with the following fixes:

• We are now properly detecting if there is a github app installation for tkn pac create repo and not ask for github webhook if it was globally installled. #1177
• We are now reporting properly the error when the PipelineRun could not get created. If there is an error on the PipelineRun and not on the tasks attached to the PipelineRun we used to not be able to report the failure properly. Now it should report properly on the Github Checks when there is an error. #1183
• We have clarified the error message when there is no match on a pipelinerun from the tekton dir #1174
• Let User bypass GH enteprise question in cli bootstrap github-app by respecting the github-auth-url switch #1184

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.1/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.1/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• 4b1da61: Add label app.kubernetes.io/part-of while creating secret pipelines-as-code-secret (@savitaashture)
• a55fece: Added a check to watch on secret pipelines-as-code-secret to decide GithubApp or Webhook (@savitaashture)
• fe40c18: Fix tkn pac resolve (@chmouel)
• efab6ed: Let User bypass GH enteprise question in cli bootstrap github-app (@chmouel)
• e6a6804: Make sure coverage pipeline target the main branch (@chmouel)
• 6a68ddb: More helpful error message when we cannot find task/pipeline (@chmouel)
• b32c3e0: Properly report error when the PipelineRun could not get created (@chmouel)
• 2aef20f: Properly test resolve with golden output (@chmouel)
• bf32de0: Removed extra colon form provider pop up message (@savitaashture)
• a7a37a2: remove debug message which fill out logs (@chmouel)

v0.17.0

Pipelines as Code version v0.17.0

The latest version of Pipelines as Code, version v0.17.0, has been released 🥳

The main objective of this major release is to support the new Tekton v1 API, which means that Pipelines-as-Code is now compatible with Tekton v0.44 and higher. Although Pipelines-as-Code can still read PipelineRun and Tasks in the .tekton/ directory as v1beta1, it will generate v1 PipelineRun on the Cluster.

Moreover, a new feature has been added that allows users to configure a custom console/dashboard for links generated by Pipelines-as-Code. For more information on this, please refer to the Documentation and PR links provided.

In addition, the functionality of incoming webhooks has been improved. Now, there is no need for a Personal Token when using the Github App driver. As long as you have the Repo CR into the namespace matching the URL and an incoming webhook secret, Pipelines-as-Code will automatically generate temporary tokens for Github API operations. To see an example, please refer to the example provided in the documentation.

Installation

To install this version you can install the release.yaml with kubectl for your platform :

Openshift

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.0/release.yaml

Kubernetes

kubectl apply -f https://github.com/openshift-pipelines/pipelines-as-code/releases/download/v0.17.0/release.k8s.yaml

Documentation

documentation is available here :

https://pipelinesascode.com

Changelog

• 381bc0d: Add gitea e2e-test for secret hiding feature (@chmouel)
• c6ef106: Add test to cover ListRepos and fixed review comments (@savitaashture)
• 2ba2dbb: Add unit test for GetStatusFromTaskStatusOrFromAsking (@chmouel)
• 7a71a87: Added e2e test to verify Incoming for GithubApp (@savitaashture)
• 234e4aa: Added multi-arch support (@mayurwaghmode)
• 17691b4: Adjust the pac pipeline run on push (@chmouel)
• 1a68cb4: Bump docker/build-push-action from 3.3.0 to 4.0.0 (@dependabot[bot])
• 0227d0f: Bump golang.org/x/net from 0.5.0 to 0.7.0 (@dependabot[bot])
• e4331d3: Bump ravsamhq/notify-slack-action from 1 to 2 (@dependabot[bot])
• 5e8e41c: Detect properly PAC_DIR install (@chmouel)
• 461f329: Enhance incoming webhook for github apps (@savitaashture)
• c2efac6: Enhance incoming webhook for github apps (@savitaashture)
• a95dd0b: Fix gitea e2e test getting log of bad yaml (@chmouel)
• c5344a5: Fix issue related to repository URL if it contains at the end (@savitaashture)
• e2e1680: Fix pylint errors (@chmouel)
• 2b6f35a: Fix string comparision for ErrorDetectionSimpleRegexp (@savitaashture)
• c2bd1ce: Make sure we use upstream git-clone (@chmouel)
• 80f33a0: Makefile: replace /bin/bash to bash (@vdemeester)
• fdf873e: Migrate to tekton1 API (@chmouel)
• 2640e5c: Only execute the e2e tests on push (@chmouel)
• 59a9cd3: Rephrase introduction again (@chmouel)
• a9738ae: Revert "Migrate to tekton1 API" (@chmouel)
• 911c86e: Revert "Revert "Migrate to tekton1 API"" (@chmouel)
• c876c92: Separate slow e2e test to nightly (@chmouel)
• 7453774: Update documentation to reference the github token scoping (@chmouel)
• 7a6a982: Update pkg/consoleui/custom.go (@chmouel)
• 3a29358: Updated incoming webhook implementation as per the review comments (@savitaashture)
• 918f834: Use local gitea now (@chmouel)
• a496c54: add custom console driver (@chmouel)
• ac63160: don't set TEST_GITEA_INTERNAL_URL when using internal gitea (@chmouel)
• be2382b: more helpful error about which remote ressource has failed to be parsed (@chmouel)
• 88981ec: remove validation for now (@chmouel)
• d0f856e: use git-clone task (@chmouel)
• c9280cf: use the same groupname as other in secret creation (@chmouel)