feat: onboard Pipelines as Code to CVE fixer workflow

[theakshaypant]

Component Onboarding: Pipelines as Code

Jira Component

Name: Pipelines as Code

Repositories Added

• https://github.com/tektoncd/pipelines-as-code (upstream)

Active Branches

main, release-v0.48.x, release-0.42.x, release-v0.39.x, release-v0.37.x, release-v0.27.x

Container Images

• openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel9
• openshift-pipelines/pipelines-pipelines-as-code-controller-rhel9
• openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel9
• openshift-pipelines/pipelines-pipelines-as-code-cli-rhel9

Generated Guidance

Created .cve-fix/examples.md for tektoncd/pipelines-as-code based on analysis of 16 merged CVE/security PRs (see PR 2).

Next Steps for Reviewers

• Verify Jira component name matches exactly
• Verify repo URLs and active branch names
• Add downstream/midstream repos if they exist

🤖 Generated by /onboard

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Walkthrough

This PR adds a new Pipelines as Code component entry to the component-repository-mappings configuration file, including the upstream tektoncd/pipelines-as-code repository, active branches, and container image references. The configuration's metadata timestamp is updated to reflect the change date.

Changes

Pipelines as Code Component Mapping

Layer / File(s)	Summary
Pipelines as Code component configuration workflows/cve-fixer/component-repository-mappings.json	New Pipelines as Code component entry is added with tektoncd/pipelines-as-code repository, branch mappings, and container image references. Configuration metadata.last_updated is updated from 2026-05-19 to 2026-06-12.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• ambient-code/workflows#108: Earlier schema refactor for the same component-repository-mappings.json file that enables this new component entry.

Suggested reviewers

• jwm4
• jeremyeder

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: onboarding the Pipelines as Code component to the CVE fixer workflow, which matches the core objective of adding its configuration to the mappings file.
Description check	✅ Passed	The description provides detailed context about the Pipelines as Code component onboarding, including repositories, branches, and container images, which directly relates to the configuration changes in the pull request.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[theakshaypant]

Opened in wrong repo. Correct repo is openshift-pipelines/ambient-workflows.