github workflows: remove release tests

[ivanvc]

This workflow has already been migrated to the prow infrastructure as a presubmit job, and it's stable.

The current GitHub workflow also has a second part, which uses Trivy to check for image vulnerabilities in the generated images. However, these results overlap (or duplicate) what we obtain with govulncheck, as our images are based on a distroless static Debian image. Therefore, it only checks the etcd binaries. For example, when we had the report of GO-2024-2527, it never failed.

So, I think we can delete it. Or, maybe another approach would be to move it to a periodic job.

Please read https://github.com/etcd-io/etcd/blob/main/CONTRIBUTING.md#contribution-flow.

[ahrtr]

However, these results overlap (or duplicate) what we obtain with govulncheck, as our images are based on a distroless static Debian image

govulncheck is scanning the golang source code, while trivy is scanning the image. They are different. I think we need both.

For example, when we had the report of GO-2024-2527, it never failed.

Do not get time to dig into the details. It shouldn't be a reason to remove trivy.

maybe another approach would be to move it to a periodic job.

I think It's better to run trivy on each PR instead of periodically. It doesn't take too much time or resource.

[ivanvc]

As this may be a longer conversation, I opened #19363.

[serathius]

Needs rebase

[ivanvc]

Needs rebase

@serathius, I didn't rebase because I thought we should first discuss the controversial part of this pull request either here or in #19363. If there's no discussion by next week, I'll bring the topic to the next community meeting.

[ivanvc]

/cc @ahrtr, @serathius

With an agreement on #19363. We can now remove the Trivy scan from this job.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.74%. Comparing base (5c147c0) to head (ed975c2).
Report is 6 commits behind head on main.

Additional details and impacted files

see 26 files with indirect coverage changes

@@            Coverage Diff             @@
##             main   #19358      +/-   ##
==========================================
- Coverage   68.82%   68.74%   -0.09%     
==========================================
  Files         421      421              
  Lines       35901    35901              
==========================================
- Hits        24708    24679      -29     
- Misses       9762     9788      +26     
- Partials     1431     1434       +3     

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5c147c0...ed975c2. Read the comment docs.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ahrtr, ivanvc, serathius

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• .github/OWNERS [ahrtr,ivanvc,serathius]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ivanvc]

/cherry-pick release-3.6

[k8s-infra-cherrypick-robot]

@ivanvc: #19358 failed to apply on top of branch "release-3.6":

Applying: github workflows: remove release tests
Using index info to reconstruct a base tree...
M	.github/workflows/release.yaml
Falling back to patching base and 3-way merge...
CONFLICT (modify/delete): .github/workflows/release.yaml deleted in github workflows: remove release tests and modified in HEAD. Version HEAD of .github/workflows/release.yaml left in tree.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 github workflows: remove release tests

In response to this:

/cherry-pick release-3.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.