MDBF-770 - GitHub Reusable Workflows

[RazvanLiviuVarzaru]

@grooverdan @fauust @vladbogo .
The core idea is to use GitHub reusable workflows to divide image builds into groups of parent workflows.

Based on the "matrix" in bbw_build_container.yml, parent workflows were created to reflect Dockerfile usage. Each workflow monitors changes in the corresponding Dockerfile, allowing for more granular control over which images are built.

A master workflow, "build-workflow-dispatcher," is available to trigger all the child workflows manually or when the template is changed.

Rollout Plan:

• In bbw_build_container_template.yml, the PUSH to QUAY/GHCR is commented out so we can push this commit and perform regression tests against the current bbw_build_container workflow.
• All pending contributions to bbw_build_container should be rebased and adapted to this new workflow by either changing the template file or the corresponding parent workflow.
• Our forks should be synced after this is merged.
• when we are ready to activate PUSH to registries, we uncomment QUAY/GHCR blocks of code in the template file and disable the old workflow
• the old workflow should stay disabled for a while in case of a rollback

Pending contributions that should be adapted:

• MDBF-779 Sles/opensuse 15.5 #518 @grooverdan
• MDBF-702 - remove ubuntu 2310 builders #470 - me
• Eol 2 #464 - @vladbogo

If I'm missing something please let me know.

[RazvanLiviuVarzaru]

Right now there's a lot of noise in the checks section of this Pull Request.
This is because files are defined for the first time. A similar run will happen when we first merge to DEV.
After that on Pull Request only affected workflows will trigger.

[grooverdan]

Happy to get this done and merged use.

Rebasing existing work on this can occur afterwards.

Could enable GHCR as the first proof to have some images to test from the build, leaving QUAY for afterwards.

In favour of a quick cleanup. Things are in code history for reverting, if they are maintained for possible revert it tends to linger.

[RazvanLiviuVarzaru]

Happy to get this done and merged use.

Rebasing existing work on this can occur afterwards.

Could enable GHCR as the first proof to have some images to test from the build, leaving QUAY for afterwards.

In favour of a quick cleanup. Things are in code history for reverting, if they are maintained for possible revert it tends to linger.

@grooverdan
If I enable GHCR all images will be rebuilt based on the first trigger of "Dispatch all builds.." but I assume that's no problem, since that's our backup system and provides us some insights on the builds as you mentioned. And I want to test that secrets:inherited is really working.

I would keep bbw_build_container.yml for a while, not very much, until we enable QUAY also on these workflows.
So the next pull request will be:

• remove build_bbw_container.yml
• enable push on quay for new workflows.

How does it sound?

[RazvanLiviuVarzaru]

@grooverdan So, I've enabled push to GHCR:
b56e3e4

I will double check everything to see if I have the right images, tags, platforms, and other parameters right.
I would like a review from @vladbogo and @fauust also . This is kind of major change so additional pair of eyes won't hurt.

@fauust If it's ok for you, that OpenSuse/SLES logic for moving files to be available for any container, I would provide it in a different patch as there are already many things to test. --> solved in: acffa3e

[RazvanLiviuVarzaru]

One commit to address conditions on which dispatcher runs in parallel with other workflows (Triggered by docker files).
666a608

[RazvanLiviuVarzaru]

For the failures reported in checks

• centos-7 - same as in bbw_build_container
• centosstream9 - same as in bbw_build_container
• opensuse / sles -> bug reported by Daniel in https://bugzilla.opensuse.org/show_bug.cgi?id=1228968