💝 Auto-skip push to registry if secrets are not set

[cardil]

Changes

• 💝 Auto-skip push to registry, if secrets are not set
  • Allows to build images, checking the build

/kind enhancement

[openshift-ci]

@cardil: The label(s) kind/enhancement cannot be applied, because the repository doesn't have them.

In response to this:

Changes

• 💝 Auto-skip push to registry, if secrets are not set
  • Allows to build images, checking the build

/kind enhancement

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: cardil
Once this PR has been reviewed and has the lgtm label, please assign skonto for approval by writing /assign @skonto in a comment. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[cardil]

Builds well: https://github.com/cardil/kn-plugin-event/actions/runs/3639317955/jobs/6142552634

/cc @mgencur
/cc @pierDipi

[pierDipi]

I lack context, what's the reason for this?

[cardil]

I would like to have option to run those builds for PRs, and other development branches, so you may know that it should build the images well, before the merge.

[pierDipi]

I would like to have option to run those builds for PRs, and other development branches, so you may know that it should build the images well, before the merge.

In that case, can't we use something like if: github.event_name == 'push'?
it seems like an hack to use secrets presence to infer push or not push

[cardil]

This is a reusable action that builds and pushes images.

It makes sense to push only if the secrets are set, right? Depending on secrets makes far more sense than limiting this to work in pushes only, which for me, is unrelated to pushing to the registry.

[mgencur]

What does it bring ... depending on the secrets? This github action will always run on github, not locally.
It's more understandable to have what @pierDipi suggested. The user knows that pushing will be done only on push, not in pre-submit phase. If you want this for debugging purposes to run this on your repo then pushing the images will fail anyway if you don't have the secrets set, which might be a good signal. In other words, failing the github action if the secrets are not provided is expected.
Depending on the presence of secrets only raises questions like the one from @pierDipi . Using if: github.event_name == 'push' makes it clear immediately, it is self-documenting.

[cardil]

@mgencur wrote:

What does it bring ... depending on the secrets? This github action will always run on github, not locally.

Sure, it will always run on Github. I thought this may allow testing the build on fork, as the forks doesn't have secrets configured. You push your code to your fork, and Github action fires on your fork repo, before you even create a PR.

It's more understandable to have what @pierDipi suggested. The user knows that pushing will be done only on push, not in pre-submit phase. If you want this for debugging purposes to run this on your repo then pushing the images will fail anyway if you don't have the secrets set, which might be a good signal. In other words, failing the github action if the secrets are not provided is expected. Depending on the presence of secrets only raises questions like the one from @pierDipi . Using if: github.event_name == 'push' makes it clear immediately, it is self-documenting.

I think both of those conditions are valid. I'll add github.event_name == 'push'. That would allow to run this workflow for the pull_request event.