Add github workflow to build and push watcher operator images

[raukadah]

This is based on nova operator workflow. It will build the images once a pr gets merged.

Jira: https://issues.redhat.com/browse/OSPRH-11419

[raukadah]

These are Organization secrets available to all repos.

[SeanMooney]

we also have https://github.com/openstack-k8s-operators/nova-operator/blob/main/.github/workflows/build-operator-dont-publish.yaml in nova

the difference is the build-operator-dont-publish.yaml runs on PRs
the where as this one runs only after the change merges since it runs on "push" to a branch which includes merging pr

i guess since we have the meta content provider we can skip the don't push version so this looks reasonable to me

we also have the prow job to build the images in fips mode so we can probably drop the build-operator-dont-publish.yaml github action form nova now.

[SeanMooney]

i have not configured the required jobs yet so i put a hold until they report back.

we can configure that shortly

for now ill approve this and when the jobs report back ill drop the hold and test if the tide integration is working correctly.

note while your are correct about the org secret and that this workflow you should work the only think I'm unsure about is do we need to manually create the image repo in quay.io first

we can only test that after this merges.
if the post merge action fails we can create the image and retirgger it or wait for the next patch to build and push the image.

[SeanMooney]

we also have https://github.com/openstack-k8s-operators/nova-operator/blob/main/.github/workflows/build-operator-dont-publish.yaml in nova

the difference is the build-operator-dont-publish.yaml runs on PRs
the where as this one runs only after the change merges since it runs on "push" to a branch which includes merging pr

i guess since we have the meta content provider we can skip the don't push version so this looks reasonable to me

we also have the prow job to build the images in fips mode so we can probably drop the build-operator-dont-publish.yaml github action form nova now.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: amoralej, marios, SeanMooney

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [SeanMooney,amoralej,marios]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[raukadah]

Thank you @SeanMooney for the review and comments.
I saw all the required jobs are configured. meta-content-provider zuul job runs under rdoproject.org/github-check pipeline.

Since this pr makes changes to .github/workflows directory. In ci-framework, ^.github/.*$ is marked as a irrelevant file to skip zuul jobs. So, No jobs got triggered against rdoproject.org/github-check pipeline.
Currently this pr is blocked waiting for rdoproject.org/github-check status to be reported. Can We remove the required job for rdoproject.org/github-check to unblock this pr?

Tide tries to make sure all the jobs running against a pr needs to pass otherwise it will not merge. Need your views on this, thank you!

[viroel]

Thank you @SeanMooney for the review and comments. I saw all the required jobs are configured. meta-content-provider zuul job runs under rdoproject.org/github-check pipeline.

Since this pr makes changes to .github/workflows directory. In ci-framework, ^.github/.*$ is marked as a irrelevant file to skip zuul jobs. So, No jobs got triggered against rdoproject.org/github-check pipeline. Currently this pr is blocked waiting for rdoproject.org/github-check status to be reported. Can We remove the required job for rdoproject.org/github-check to unblock this pr?

Tide tries to make sure all the jobs running against a pr needs to pass otherwise it will not merge. Need your views on this, thank you!

instead of removing the requirement. we can just override the job is this case.

[viroel]

/override rdoproject.org/github-check

github-check is a no run for this PR

[openshift-ci]

@viroel: Overrode contexts on behalf of viroel: rdoproject.org/github-check

In response to this:

/override rdoproject.org/github-check

github-check is a no run for this PR

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[raukadah]

Thank you @SeanMooney for the review and comments. I saw all the required jobs are configured. meta-content-provider zuul job runs under rdoproject.org/github-check pipeline.
Since this pr makes changes to .github/workflows directory. In ci-framework, ^.github/.*$ is marked as a irrelevant file to skip zuul jobs. So, No jobs got triggered against rdoproject.org/github-check pipeline. Currently this pr is blocked waiting for rdoproject.org/github-check status to be reported. Can We remove the required job for rdoproject.org/github-check to unblock this pr?
Tide tries to make sure all the jobs running against a pr needs to pass otherwise it will not merge. Need your views on this, thank you!

instead of removing the requirement. we can just override the job is this case.

Ah, yes correct @viroel , I forgot about this, thank you :-)

[SeanMooney]

So what we should do is add the a noop job and have that run on the files that are filtered out for the other jobs. That's what we do in the cloud ops jobs