From 6680512ea9e7deede861e0acf4263578495f31f0 Mon Sep 17 00:00:00 2001
From: Romain Arnaud <rarnaud@redhat.com>
Date: Thu, 15 Feb 2024 14:46:24 -0500
Subject: [PATCH] Remove the developer/devenv image from the CI

The image is brittle because the image tag is floating.
Since the image is just used for development, it should not be
an issue to remove it from the CI.

rh-pre-commit.version: 2.1.0
rh-pre-commit.check-secrets: ENABLED
---
 .github/workflows/build-push-images.yaml      | 40 -------------------
 .../individual-image-scanner-quay.yaml        | 27 -------------
 .github/workflows/periodic-scanner-quay.yaml  |  1 -
 3 files changed, 68 deletions(-)

diff --git a/.github/workflows/build-push-images.yaml b/.github/workflows/build-push-images.yaml
index 3e6db39c7..348cffe53 100644
--- a/.github/workflows/build-push-images.yaml
+++ b/.github/workflows/build-push-images.yaml
@@ -30,10 +30,6 @@ jobs:
               - '.github/workflows/build-push-images.yaml'
               - 'developer/images/dependencies/**'
               - 'shared/**'
-            devenv:
-              - '.github/workflows/build-push-images.yaml'
-              - 'developer/images/devenv/**'
-              - 'shared/**'
             e2e-test-runner:
               - '.github/workflows/build-push-images.yaml'
               - 'ci/images/e2e-test-runner/**'
@@ -157,42 +153,6 @@ jobs:
         run: |
           ./ci/images/quay-upload/image-upload.sh --debug
 
-      # Build and push devenv image, tagged with the branch name and the commit SHA.
-      - name: Build devenv Image
-        id: build-image-devenv
-        if: steps.filter.outputs.devenv == 'true'
-        uses: redhat-actions/buildah-build@v2
-        with:
-          image: devenv
-          context: .
-          tags: latest ${{ steps.vars.outputs.sha_short }} ${{ github.ref_name }}
-          containerfiles: |
-            ./developer/images/devenv/Dockerfile
-      - name: Push to quay.io
-        id: push-to-quay-devenv
-        if: steps.filter.outputs.devenv == 'true'
-        uses: redhat-actions/push-to-registry@v2
-        with:
-          image: ${{ steps.build-image-devenv.outputs.image }}
-          tags: ${{ steps.build-image-devenv.outputs.tags }} ${{ github.ref_name }}
-          registry: quay.io/redhat-pipeline-service
-          username: ${{ secrets.QUAY_USERNAME }}
-          password: ${{ secrets.QUAY_TOKEN }}
-      - name: Print image url
-        if: steps.filter.outputs.devenv == 'true'
-        run: |
-          echo "Image pushed to ${{ steps.push-to-quay-devenv.outputs.registry-paths }}"
-      - name: Tag latest commit ID to quay.io
-        id: tag-commit-quay-devenv
-        if: steps.filter.outputs.devenv != 'true'
-        env:
-          image: devenv
-          registry: quay.io/redhat-pipeline-service
-          username: ${{ secrets.QUAY_USERNAME }}
-          password: ${{ secrets.QUAY_TOKEN }}
-        run: |
-          ./ci/images/quay-upload/image-upload.sh --debug
-
       # Build and push e2e-test-runner image, tagged with latest and the commit SHA.
       - name: Build e2e-test-runner Image
         id: build-image-e2e-test-runner
diff --git a/.github/workflows/individual-image-scanner-quay.yaml b/.github/workflows/individual-image-scanner-quay.yaml
index 45b81bcda..3cf6737c3 100644
--- a/.github/workflows/individual-image-scanner-quay.yaml
+++ b/.github/workflows/individual-image-scanner-quay.yaml
@@ -25,7 +25,6 @@ jobs:
       ci-runner-output: ${{ steps.ci-runner-scan.outputs.VULNERABILITIES_EXIST }}
       dependencies-update-output: ${{ steps.dependencies-update-scan.outputs.VULNERABILITIES_EXIST }}
       e2e-test-runner-output: ${{ steps.e2e-test-runner-scan.outputs.VULNERABILITIES_EXIST }}
-      devenv-output: ${{ steps.devenv-scan.outputs.VULNERABILITIES_EXIST }}
       quay-upload-output: ${{ steps.quay-upload-scan.outputs.VULNERABILITIES_EXIST }}
       static-checks-output: ${{ steps.static-checks-scan.outputs.VULNERABILITIES_EXIST }}
       vulnerability-scan-output: ${{ steps.vulnerability-scan.outputs.VULNERABILITIES_EXIST }}
@@ -43,9 +42,6 @@ jobs:
               - '.github/workflows/build-push-images.yaml'
               - 'developer/images/dependencies/**'
               - 'shared/**'
-            devenv:
-              - 'developer/images/devenv/**'
-              - 'shared/**'
             e2e-test-runner:
               - 'ci/images/e2e-test-runner/**'
               - 'shared/**'
@@ -77,16 +73,6 @@ jobs:
         env:
           IMAGE_NAME: dependencies-update
 
-      - name: devenv scan
-        continue-on-error: true
-        id: devenv-scan
-        if: steps.filter.outputs.devenv == 'true'
-        run: |
-          ./ci/images/vulnerability-scan/scan-image.sh | tee /tmp/clair-scan.log
-          echo "VULNERABILITIES_EXIST=$(tail -1 /tmp/clair-scan.log)" >> $GITHUB_OUTPUT
-        env:
-          IMAGE_NAME: devenv
-
       - name: quay-upload scan
         continue-on-error: true
         id: quay-upload-scan
@@ -158,19 +144,6 @@ jobs:
             echo "No vulnerabilities found"
           fi
 
-      - name: Check devenv results
-        id: check-devenv-results
-        if: always()
-        run: |
-          res=${{ needs.scans.outputs.devenv-output }}
-          res=${res:=0}
-          if [[ $res != 0 ]]; then
-            echo "Vulnerabilities found with devenv image. Please check scans job for more details."
-            exit 1
-          else
-            echo "No vulnerabilities found"
-          fi
-
       - name: Check quay-upload results
         id: check-quay-upload-results
         if: always()
diff --git a/.github/workflows/periodic-scanner-quay.yaml b/.github/workflows/periodic-scanner-quay.yaml
index 64b8dfb80..f9e2f5b96 100644
--- a/.github/workflows/periodic-scanner-quay.yaml
+++ b/.github/workflows/periodic-scanner-quay.yaml
@@ -25,7 +25,6 @@ jobs:
           images: (
             "ci-runner"
             "dependencies-update"
-            "devenv"
             "e2e-test-runner"
             "quay-upload"
             "static-checks"