pipelines-as-code icon indicating copy to clipboard operation
pipelines-as-code copied to clipboard
verified publisher icon openshift-pipelines

fix(matcher): prevent CEL from matching label events unintentionally

Open theakshaypant opened this issue 1 month ago โ€ข 2 comments

๐Ÿ“ Description of the Change

Add AST inspection in CEL evaluation to skip label events unless expression explicitly references labels. The AST walker checks "event_type" variable or ".labels" field This prevents generic "event == pull_request" CEL expressions unintentionally matching on label add/remove events.

๐Ÿ‘จ๐Ÿปโ€ Linked Jira

https://issues.redhat.com/browse/SRVKP-8491

๐Ÿ”— Linked GitHub Issue

N/A

๐Ÿš€ Type of Change

  • [x] ๐Ÿ› Bug fix (fix:)
  • [ ] โœจ New feature (feat:)
  • [ ] ๐Ÿ’ฅ Breaking change (feat!:, fix!:)
  • [ ] ๐Ÿ“š Documentation update (docs:)
  • [ ] โš™๏ธ Chore (chore:)
  • [ ] ๐Ÿ’… Refactor (refactor:)
  • [ ] ๐Ÿ”ง Enhancement (enhance:)
  • [ ] ๐Ÿ“ฆ Dependency update (deps:)

๐Ÿงช Testing Strategy

  • [x] Unit tests
  • [ ] Integration tests
  • [ ] End-to-end tests
  • [x] Manual testing
  • [ ] Not Applicable

๐Ÿค– AI Assistance

  • [ ] I have not used any AI assistance for this PR.
  • [x] I have used AI assistance for this PR.

If you have used AI assistance, please provide the following details:

Which LLM was used?

  • [ ] GitHub Copilot
  • [ ] ChatGPT (OpenAI)
  • [ ] Claude (Anthropic)
  • [x] Cursor
  • [ ] Gemini (Google)
  • [ ] Other: ____________

Extent of AI Assistance:

  • [ ] Documentation and research only
  • [ ] Unit tests or E2E tests only
  • [ ] Code generation (parts of the code)
  • [x] Full code generation (most of the PR)
  • [x] PR description and comments
  • [x] Commit message(s)

[!IMPORTANT] If the majority of the code in this PR was generated by an AI, please add a Co-authored-by trailer to your commit message. For example:

Co-authored-by: Gemini [email protected] Co-authored-by: ChatGPT [email protected] Co-authored-by: Claude [email protected] Co-authored-by: Cursor [email protected] Co-authored-by: Copilot [email protected]

**๐Ÿ’กYou can use the script ./hack/add-llm-coauthor.sh to automatically add these co-author trailers to your commits.

โœ… Submitter Checklist

  • [x] ๐Ÿ“ My commit messages are clear, informative, and follow the project's How to write a git commit message guide. The Gitlint linter ensures in CI it's properly validated
  • [x] โœจ I have ensured my commit message prefix (e.g., fix:, feat:) matches the "Type of Change" I selected above.
  • [x] โ™ฝ I have run make test and make lint locally to check for and fix any issues. For an efficient workflow, I have considered installing pre-commit and running pre-commit install to automate these checks.
  • [ ] ๐Ÿ“– I have added or updated documentation for any user-facing changes.
  • [x] ๐Ÿงช I have added sufficient unit tests for my code changes.
  • [ ] ๐ŸŽ I have added end-to-end tests where feasible. See README for more details.
  • [ ] ๐Ÿ”Ž I have addressed any CI test flakiness or provided a clear reason to bypass it.
  • [ ] If adding a provider feature, I have filled in the following and updated the provider documentation:
    • [ ] GitHub App
    • [ ] GitHub Webhook
    • [ ] Gitea/Forgejo
    • [ ] GitLab
    • [ ] Bitbucket Cloud
    • [ ] Bitbucket Data Center

theakshaypant avatar Dec 16 '25 05:12 theakshaypant