chore: enable dockerhub push & new consortia envs (#6)

- enable push to dockerhub for init containers
- combine init container for consortia environments into one image
- enable stable and rc (release candidate) environments
- add consortia specific files (env specific values files and argo app templates)
why:
- move to new container registry
- retire helm-environments branch
- improve setup in general

.github/pull_request_template.md

@@ -0,0 +1,24 @@
+## Description
+
+Please include a summary of the change.
+
+## Why
+
+Please include an explanation of why this change is necessary as well as relevant motivation and context. List any dependencies that are required for this change.
+
+## Issue
+
+Link to Github issue.
+
+## Checklist
+
+Please delete options that are not relevant.
+
+- [ ] I have followed the [contributing guidelines](https://github.com/eclipse-tractusx/portal-assets/blob/main/developer/Technical%20Documentation/Dev%20Process/How%20to%20contribute.md#commit-and-pr-guidelines)
+- [ ] I have performed a self-review of my changes
+- [ ] I have successfully tested my changes
+- [ ] I have added comments in the default values.yaml file with helm-docs syntax ('# -- ') if relevant for installation
+- [ ] I have commented my changes, particularly in hard-to-understand areas
+- [ ] I have added a copyright and license header in all affected files
+- [ ] I have performed [IP checks](https://eclipse-tractusx.github.io/docs/release/trg-7/trg-7-04#checking-libraries-using-the-eclipse-dash-license-tool) for added or updated 3rd party libraries
+- [ ] I have created and linked IP issues or requested their creation by a committer

.github/workflows/centralidp-chart-test.yaml

@@ -23,11 +23,24 @@ on:
   push:
     paths:
       - 'charts/centralidp/**'
-    branches: [main, helm-environments]
+    branches: [ main ]
   pull_request:
     paths:
       - 'charts/centralidp/**'
   workflow_dispatch:
+    inputs:
+      node_image:
+        description: 'kindest/node image for k8s kind cluster'
+        # k8s version from 3.1 release
+        default: 'kindest/node:v1.24.6'
+        required: false
+        type: string
+      upgrade_from:
+        description: 'portal chart version to upgrade from'
+        # centralidp version from 3.1 release
+        default: '1.1.0'
+        required: false
+        type: string
 
 jobs:
   lint-test:
@@ -38,6 +51,12 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Kubernetes KinD Cluster
+        uses: container-tools/kind-action@v2
+        with:
+          version: v0.19.0
+          node_image: ${{ github.event.inputs.node_image || 'kindest/node:v1.24.6' }}
+
       - name: Set up Helm
         uses: azure/setup-helm@v3
         with:
@@ -46,30 +65,35 @@ jobs:
       # Setup python as a prerequisite for chart linting 
       - uses: actions/setup-python@v4
         with:
-          python-version: 3.7
+          python-version: '3.9'
+          check-latest: true
 
       - name: Set up chart-testing
         uses: helm/chart-testing-action@v2.3.1
 
-      # - name: Run chart-testing (list-changed)
-      #   id: list-changed
-      #   run: |
-      #     changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
-      #     if [[ -n "$changed" ]]; then
-      #       echo "::set-output name=changed::true"
-      #     fi
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+          fi
 
       # run chart linting 
       - name: Run chart-testing (lint)
         run: ct lint --charts charts/centralidp --config charts/chart-testing-config.yaml
 
-      # Preparing a kind cluster to install and test charts on
-      - name: Create kind cluster
-        uses: helm/kind-action@v1.4.0
-        # if: steps.list-changed.outputs.changed == 'true'
-
-      # install the chart to the kind cluster and run helm test
       # define charts to test with the --charts parameter
       - name: Run chart-testing (install)
         run: ct install --charts charts/centralidp --config charts/chart-testing-config.yaml
-        # if: steps.list-changed.outputs.changed == 'true'
+        if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'
+
+        # Upgrade the released centralidp chart version with the locally available chart
+      - name: Run helm upgrade
+        run: |
+          helm repo add bitnami-full-index https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami
+          helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev
+          helm install centralidp tractusx-dev/centralidp --version ${{ github.event.inputs.upgrade_from || '1.1.0' }}
+          helm dependency update charts/centralidp
+          helm upgrade centralidp charts/centralidp
+        if: github.event_name != 'pull_request' || steps.list-changed.outputs.changed == 'true'

.github/workflows/cx-iam-beta.yml → .github/workflows/cx-iam-consortia.yml

@@ -17,53 +17,61 @@
 # SPDX-License-Identifier: Apache-2.0
 ###############################################################
 
-name: IAM-BETA
+name: IAM CONSORTIA
 
 on: 
   push:
     tags:
-      - 'v*'
+      - 'v*.*.*'
   workflow_dispatch:
 
+env:
+  IMAGE_NAMESPACE: "tractusx"
+  IMAGE_NAME: "portal-iam-consortia"
+  REF_NAME: "${{ github.ref_name }}"
+
 jobs:
   build:
-    name: 90 iam-import image built
+    name: Build-and push image for init container
     runs-on: ubuntu-latest
     permissions:
       contents: read
-      packages: write
-    env:
-      REGISTRY: ghcr.io
-      IMAGE_NAME: ${{ github.repository }}_iam-import-beta
 
     steps:
-      - name: Get tag name
-        id: git-tag
-        run: echo ::set-output name=git-version::${GITHUB_REF/refs\/tags\//}
-
-      # Get the latest sources
       - name: Checkout
         uses: actions/checkout@v3
 
-      - name: Login to GitHub Container Registry
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
         uses: docker/login-action@v2
         with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          username: ${{ secrets.DOCKER_HUB_USER }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
 
-      - name: Extract Metadata (tags, labels) for Docker
+      - name: Docker meta
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          images: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest
+            type=raw,value=${{ env.REF_NAME }}
 
-      # Build and push KeyCloak custom images for central and shared idp instances
-      - name: 'Build and push KeyCloak images'
+      - name: Build and push Keycloak init container
         uses: docker/build-push-action@v4
         with:
           context: .
-          file: docker/Dockerfile.beta.import
-          push: true
-          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.git-tag.outputs.git-version }}, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+          file: docker/Dockerfile.consortia.import
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+
+      # https://github.com/peter-evans/dockerhub-description
+      - name: Update Docker Hub description
+        if: github.event_name != 'pull_request'
+        uses: peter-evans/dockerhub-description@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USER }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+          repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
+          readme-filepath: "./docker/notice-iam-consortia.md"