openshift
diff --git a/‎_attributes/common-attributes.adoc
Lines changed: 1 addition & 1 deletion b/‎_attributes/common-attributes.adoc
Lines changed: 1 addition & 1 deletion
diff --git a/‎cicd/pipelines/using-pipelines-as-code.adoc
Lines changed: 91 additions & 4 deletions b/‎cicd/pipelines/using-pipelines-as-code.adoc
Lines changed: 91 additions & 4 deletions
diff --git a/‎modules/op-cleaning-up-pipeline-run-using-pipelines-as-code.adoc
Lines changed: 26 additions & 0 deletions b/‎modules/op-cleaning-up-pipeline-run-using-pipelines-as-code.adoc
Lines changed: 26 additions & 0 deletions
diff --git a/‎modules/op-configuring-pipelines-as-code-for-a-git-repository-hosting-service-provider.adoc
Lines changed: 0 additions & 22 deletions b/‎modules/op-configuring-pipelines-as-code-for-a-git-repository-hosting-service-provider.adoc
Lines changed: 0 additions & 22 deletions
diff --git a/‎modules/op-creating-pipeline-run-using-pipelines-as-code.adoc
Lines changed: 176 additions & 0 deletions b/‎modules/op-creating-pipeline-run-using-pipelines-as-code.adoc
Lines changed: 176 additions & 0 deletions
diff --git a/‎modules/op-installing-pipelines-as-code-cli.adoc
Lines changed: 5 additions & 5 deletions b/‎modules/op-installing-pipelines-as-code-cli.adoc
Lines changed: 5 additions & 5 deletions
@@ -88,7 +88,7 @@ endif::[]
 //pipelines
 :pipelines-title: Red Hat OpenShift Pipelines
 :pipelines-shortname: Pipelines
-:pipelines-ver: pipelines-1.8
+:pipelines-ver: pipelines-1.9
 :tekton-chains: Tekton Chains
 :tekton-hub: Tekton Hub
 :pac: Pipelines as Code
 
@@ -6,7 +6,7 @@ include::_attributes/common-attributes.adoc[]
 
 toc::[]
 
-:FeatureName: Pipelines as Code
+// :FeatureName: Pipelines as Code
 
 [role="_abstract"]
 With {pac}, cluster administrators and users with the required privileges can define pipeline templates as part of source code Git repositories. When triggered by a source code push or a pull request for the configured Git repository, the feature runs the pipeline and reports the status.   
@@ -30,20 +30,107 @@ include::modules/op-installing-pipelines-as-code-on-an-openshift-cluster.adoc[le
 
 include::modules/op-installing-pipelines-as-code-cli.adoc[leveloffset=+1]
 
-include::modules/op-configuring-pipelines-as-code-for-a-git-repository-hosting-service-provider.adoc[leveloffset=+1]
+[id="using-pipelines-as-code-with-a-git-repository-hosting-service-provider"]
+== Using {pac} with a Git repository hosting service provider 
 
-include::modules/op-configuring-pipelines-as-code-for-a-github-app.adoc[leveloffset=+2]
+[role="_abstract"]
+After installing {pac}, cluster administrators can configure a Git repository hosting service provider. Currently, the following services are supported:
+
+* GitHub App
+* GitHub Webhook
+* GitLab
+* Bitbucket Server
+* Bitbucket Cloud
+
+[NOTE]
+====
+GitHub App is the recommended service for using with {pac}.
+====
+
+include::modules/op-using-pipelines-as-code-with-a-github-app.adoc[leveloffset=+1]
 
 include::modules/op-creating-a-github-application-in-administrator-perspective.adoc[leveloffset=+2]
 
-include::modules/op-pipelines-as-code-command-reference.adoc[leveloffset=+1]
+include::modules/op-using-pipelines-as-code-with-github-webhook.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://docs.github.com/en/developers/webhooks-and-events/webhooks/creating-webhooks[GitHub Webhook documentation on GitHub]
+* link:https://docs.github.com/en/rest/guides/getting-started-with-the-checks-api[GitHub Check Runs documentation on GitHub]
+* link:https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token[Creating a personal access token on GitHub]
+* link:https://github.com/settings/tokens/new?description=pipelines-as-code-token&scopes=repo[Classic tokens with pre-filled permissions]
+
+include::modules/op-using-pipelines-as-code-with-gitlab.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html[GitLab Webhook documentation on GitLab]
+
+include::modules/op-using-pipelines-as-code-with-bitbucket-cloud.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/[Create app password on Bitbucket Cloud]
+* link:https://developer.atlassian.com/cloud/bitbucket/bitbucket-api-changes-gdpr/#introducing-atlassian-account-id-and-nicknames[Introducing Altassian Account ID and Nicknames]
+
+include::modules/op-using-pipelines-as-code-with-bitbucket-server.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html[Create personal tokens on Bitbucket Server]
+* link:https://support.atlassian.com/bitbucket-cloud/docs/manage-webhooks/#Create-webhooks[Create webhooks on Bitbucket server]
+
+include::modules/op-interfacing-pipelines-as-code-with-custom-certificates.adoc[leveloffset=+1]
+
+.Additional resources
+
+* xref:../../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object[Enabling the cluster-wide proxy]
+
+include::modules/op-using-repository-crd-with-pipelines-as-code.adoc[leveloffset=+1]
+
+include::modules/op-setting-concurrency-limits-in-repository-crd.adoc[leveloffset=+2]
+
+include::modules/op-using-pipelines-as-code-resolver.adoc[leveloffset=+1]
+
+include::modules/op-using-remote-task-annotations-with-pipelines-as-code.adoc[leveloffset=+2]
+
+include::modules/op-using-remote-pipeline-annotations-with-pipelines-as-code.adoc[leveloffset=+2]
+
+include::modules/op-creating-pipeline-run-using-pipelines-as-code.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://github.com/google/cel-spec/blob/master/doc/langdef.md[CEL language specification]
+
+include::modules/op-running-pipeline-run-using-pipelines-as-code.adoc[leveloffset=+1]
+
+include::modules/op-monitoring-pipeline-run-status-using-pipelines-as-code.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://github.com/chmouel/tekton-slack-task-status[An example task to send Slack messages on success or failure]
+* link:https://github.com/openshift-pipelines/pipelines-as-code/blob/7b41cc3f769af40a84b7ead41c6f037637e95070/.tekton/push.yaml[An example of a pipeline run with `finally` tasks triggered on push events]
+
+include::modules/op-using-private-repositories-with-pipelines-as-code.adoc[leveloffset=+1]
+
+.Additional resources
+
+* link:https://github.com/openshift-pipelines/pipelines-as-code/blob/main/test/testdata/pipelinerun_git_clone_private.yaml[An example of the `git-clone` task used for cloning private repositories]
+
+include::modules/op-cleaning-up-pipeline-run-using-pipelines-as-code.adoc[leveloffset=+1]
+
+include::modules/op-using-incoming-webhook-with-pipelines-as-code.adoc[leveloffset=+1]
 
 include::modules/op-customizing-pipelines-as-code-configuration.adoc[leveloffset=+1]
 
+include::modules/op-pipelines-as-code-command-reference.adoc[leveloffset=+1]
+
 [role="_additional-resources"]
 [id="additional-resources-pac"]
 == Additional resources
 
+* link:https://github.com/openshift-pipelines/pipelines-as-code/tree/main/.tekton[An example of the `.tekton/` directory in the Pipelines as Code repository]
+
 * xref:../../cicd/pipelines/installing-pipelines.adoc#installing-pipelines[Installing OpenShift Pipelines]
 
 * xref:../../cli_reference/tkn_cli/installing-tkn.adoc#installing-tkn[Installing tkn]
 
@@ -0,0 +1,26 @@
+// This module is included in the following assembly:
+//
+// *cicd/pipelines/using-pipelines-as-code.adoc
+
+:_content-type: REFERENCE
+[id="cleaning-up-pipeline-run-using-pipelines-as-code_{context}"]
+= Cleaning up pipeline run using {pac} 
+
+[role="_abstract"]
+
+There can be many pipeline runs in a user namespace. By setting the `max-keep-runs` annotation, you can configure {pac} to retain a limited number of pipeline runs that matches an event. For example:
+
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/max-keep-runs: "<max_number>" <1>
+...
+----
+<1> {pac} starts cleaning up right after it finishes a successful execution, retaining only the maximum number of pipeline runs configured using the annotation.
++
+[NOTE]
+====
+* {pac} skips cleaning the running pipelines, but cleans up the pipeline runs with an unknown status.
+* {pac} skips cleaning a failed pull request.
+====
+
@@ -0,0 +1,176 @@
+// This module is included in the following assembly:
+//
+// *cicd/pipelines/using-pipelines-as-code.adoc
+
+:_content-type: REFERENCE
+[id="creating-pipeline-run-using-pipelines-as-code_{context}"]
+= Creating a pipeline run using {pac}
+
+[role="_abstract"]
+To run pipelines using {pac}, you can create pipelines definitions or templates as YAML files in the `.tekton/` directory of the repository. You can reference YAML files in other repositories using remote URLs, but pipeline runs are only triggered by events in the repository containing the `.tekton/` directory.
+
+The {pac} resolver bundles the pipeline runs with all tasks as a single pipeline run without any external dependencies.
+
+[NOTE]
+====
+* For pipelines, use at least one pipeline run with a spec, or a separated `Pipeline` object.
+* For tasks, embed task spec inside a pipeline, or define separately as a Task object.
+====
+
+[discrete]
+.Parameterizing commits and URLs
+
+You can specify the parameters of your commit and URL by using dynamic, expandable variables with the {{<var>}} format. Currently, you can use the following variables:
+
+* `{{repo_owner}}`: The repository owner.
+* `{{repo_name}}`: The repository name.
+* `{{repo_url}}`: The repository full URL.
+* `{{revision}}`: Full SHA revision of a commit.
+* `{{sender}}`: The username or account id of the sender of the commit.
+* `{{source_branch}}`: The branch name where the event originated.
+* `{{target_branch}}`: The branch name that the event targets. For push events, it's the same as the `source_branch`.
+* `{{pull_request_number}}`: The pull or merge request number, defined only for a `pull_request` event type.
+* `{{git_auth_secret}}`: The secret name that is generated automatically with Git provider's token for checking out private repos.
+
+[discrete]
+.Matching an event to a pipeline run
+
+You can match different Git provider events with each pipeline by using special annotations on the pipeline run. If there are multiple pipeline runs matching an event, {pac} runs them in parallel and posts the results to the Git provider as soon a pipeline run finishes.
+
+[discrete]
+.Matching a pull event to a pipeline run
+
+You can use the following example to match the `pipeline-pr-main` pipeline with a `pull_request` event that targets the `main` branch:
+
+[source,yaml]
+----
+...
+  metadata:
+    name: pipeline-pr-main
+  annotations:
+    pipelinesascode.tekton.dev/on-target-branch: "[main]" <1>
+    pipelinesascode.tekton.dev/on-event: "[pull_request]"
+...
+----
+<1> You can specifiy multiple branches by adding comma-separated entries. For example, `"[main, release-nightly]"`. In addition, you can specify the following:
+* Full references to branches such as `"refs/heads/main"`
+* Globs with pattern matching such as `"refs/heads/\*"`,
+* Tags such as `"refs/tags/1.\*"`.
+
+[discrete]
+.Matching a push event to a pipeline run
+
+You can use the following example to match the `pipeline-push-on-main` pipeline with a `push` event targeting the `refs/heads/main` branch:
+
+[source,yaml]
+----
+...
+  metadata:
+    name: pipeline-push-on-main
+  annotations:
+    pipelinesascode.tekton.dev/on-target-branch: "[refs/heads/main]" <1>
+    pipelinesascode.tekton.dev/on-event: "[push]"
+...
+----
+<1> You can specifiy multiple branches by adding comma-separated entries. For example, `"[main, release-nightly]"`. In addition, you can specify the following:
+* Full references to branches such as `"refs/heads/main"`
+* Globs with pattern matching such as `"refs/heads/\*"`,
+* Tags such as `"refs/tags/1.\*"`.
+
+[discrete]
+.Advanced event matching
+
+{pac} supports using Common Expression Language (CEL) based filtering for advanced event matching. If you have the `pipelinesascode.tekton.dev/on-cel-expression` annotation in your pipeline run, {pac} uses the CEL expression and skips the `on-target-branch` annotation. Compared to the simple `on-target-branch` annotation matching, the CEL expressions allows complex filtering and negation.
+
+To use CEL based filtering with {pac}, consider the following examples of annotations:
+
+* To match a `pull_request` event targeting the `main` branch and coming from the `wip` branch:
++
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/on-cel-expression: |
+    event == "pull_request" && target_branch == "main" && source_branch == "wip"
+...
+----
+
+* To run a pipeline only if a path has changed, you can use the `.pathChanged` suffix function with a glob pattern:
++
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/on-cel-expression: |
+    event == "pull_request" && "docs/\*.md".pathChanged() <1>
+...
+----
+<1> Matches all markdown files in the `docs` directory.
+
+* To match all pull requests starting with the title `[DOWNSTREAM]`:
++
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/on-cel-expression: |
+    event == "pull_request && event_title.startsWith("[DOWNSTREAM]")
+...
+----
+
+* To run a pipeline on a `pull_request` event, but skipping the `experimental` branch:
++
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/on-cel-expression: |
+    event == "pull_request" && target_branch != experimental"
+...
+----
+
+For advanced CEL based filtering while using {pac}, you can use the following fields and suffix functions:
+
+* `event`: A `push` or `pull_request` event.
+* `target_branch`: The target branch.
+* `source_branch`: The branch of origin of a `pull_request` event. For `push` events, it is same as the `target_branch`.
+* `event_title`: Matches the title of the event, such as the commit title for a `push` event, and the title of a pull or merge request for a `pull_request` event. Currently, only GitHub, Gitlab, and BitbucketCloud are the supported providers.
+* `.pathChanged`: A suffix function to a string. The string can be a glob of a path to check if the path has changed. Currently, only GitHub and Gitlab are supported as providers.
+
+[discrete]
+.Using the temporary Github App token for Github API operations
+
+You can use the temporary installation token generated by {pac} from Github App to access the Github API. The token value is stored in the temporary `{{git_auth_secret}}` dynamic variable as generated for private repositories in the `git-provider-token` key.
+
+For example, to add a comment to a pull request, you can use the `github-add-comment` task from {tekton-hub} using a {pac} annotation:
+
+[source,yaml]
+----
+...
+  pipelinesascode.tekton.dev/task: "github-add-comment"
+...
+----
+
+You can then add a task to the `tasks` section or `finally` tasks in the pipeline run definition:
+
+[source,yaml]
+----
+[...]
+tasks:
+  - name:
+      taskRef:
+        name: github-add-comment
+      params:
+        - name: REQUEST_URL
+          value: "{{ repo_url }}/pull/{{ pull_request_number }}" <1>
+        - name: COMMENT_OR_FILE
+          value: "Pipelines as Code IS GREAT!"
+        - name: GITHUB_TOKEN_SECRET_NAME
+          value: "{{ git_auth_secret }}"
+        - name: GITHUB_TOKEN_SECRET_KEY
+          value: "git-provider-token"
+...
+----
+<1> By using the dynamic variables, you can reuse this snippet template for any pull request from any repository.
+
+[NOTE]
+====
+On GitHub apps, the generated installation token is available for 8 hours, and scoped to the repository from here the events originate, unless configured differently on the cluster.
+====
+
@@ -7,21 +7,21 @@
 = Installing {pac} CLI
 
 [role="_abstract"]
-Cluster administrators can use the `tkn-pac` and `opc` CLI tools on local machines or as containers for testing. The `tkn-pac` and `opc` CLI tools are installed automatically when you install the `tkn` CLI for {pipelines-title}.
+Cluster administrators can use the `tkn pac` and `opc` CLI tools on local machines or as containers for testing. The `tkn pac` and `opc` CLI tools are installed automatically when you install the `tkn` CLI for {pipelines-title}.
 
-You can install the `tkn-pac` and `opc` version `1.9.1` binaries for the supported platforms:
+You can install the `tkn pac` and `opc` version `1.9.1` binaries for the supported platforms:
 
 * link:https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/1.9.1/tkn-linux-amd64.tar.gz[Linux (x86_64, amd64)]
 * link:https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/1.9.1/tkn-linux-s390x.tar.gz[Linux on {ibmzProductName} and {linuxoneProductName} (s390x)]
 * link:https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/1.9.1/tkn-linux-ppc64le.tar.gz[Linux on {ibmpowerProductName} (ppc64le)]
 * link:https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/1.9.1/tkn-macos-amd64.tar.gz[macOS]
 * link:https://mirror.openshift.com/pub/openshift-v4/clients/pipeline/1.9.1/tkn-windows-amd64.zip[Windows]
 
-// In addition, you can install `tkn-pac` using the following methods:
+// In addition, you can install `tkn pac` using the following methods:
 
 // [CAUTION]
 // ====
-// The `tkn-pac` CLI tool available using these methods is _not updated regularly_.
+// The `tkn pac` CLI tool available using these methods is _not updated regularly_.
 // ====
 
 // * Install on Linux or Mac OS using the `brew` package manager:
@@ -43,7 +43,7 @@ You can install the `tkn-pac` and `opc` version `1.9.1` binaries for the support
 // [source,terminal]
 // ----
 // $ podman run -e KUBECONFIG=/tmp/kube/config -v ${HOME}/.kube:/tmp/kube \
-//      -it quay.io/openshift-pipeline/pipelines-as-code tkn-pac help
+//      -it quay.io/openshift-pipeline/pipelines-as-code tkn pac help
 // ----
 // +
 // You can also use `docker` as a substitute for `podman`.