cloin · l3acon · Nov 30, 2023 · Dec 4, 2023 · Dec 4, 2023 · Dec 4, 2023
diff --git a/.github/workflows/pr-ee-build.yml b/.github/workflows/pr-ee-build.yml
@@ -1,7 +1,7 @@
 name: Devel EE Build
 
 on:
-  pull_request:
+  pull_request_target:
     branches:
       - main
     types: [opened, reopened, synchronize]
@@ -13,17 +13,16 @@ jobs:
       matrix: ${{ steps.set-matrix.outputs.matrix }}
       length: ${{ steps.set-matrix.outputs.length }}
     steps:
-    - name: Checkout repo
-      uses: actions/checkout@v2
+    - name: Checkout main
+      uses: actions/checkout@v4
+
+    - name: Checkout external PR (or the same if you're Colin)
+      uses: actions/checkout@v4 
       with:
+        repository: ${{ github.event.pull_request.head.repo.full_name }}
         fetch-depth: 0
         ref: ${{ github.event.pull_request.head.ref != '' && github.event.pull_request.head.ref || 'main' }}
 
-    - name: Fetch the base and head refs
-      run: |
-        git fetch origin ${{ github.base_ref }}
-        git fetch origin ${{ github.head_ref }}
-
     - name: Generate matrix  
       id: generate-matrix
       run: |
@@ -46,14 +45,18 @@ jobs:
   build-ee:
     needs: [prepare-matrix]
     if: ${{ needs.prepare-matrix.outputs.length != '0' }}
+    outputs:
+      push_success: ${{ steps.push_to_ghcr.outputs.push_success }}
     runs-on: ubuntu-latest
-    environment: deploy
+    environment: test
     strategy:
       matrix: ${{fromJson(needs.prepare-matrix.outputs.matrix)}}
       fail-fast: false
     steps:
       - name: Checkout repo
         uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
 
       - name: Install python requirements (ansible-builder)
         run: pip install -r requirements.txt
@@ -63,20 +66,21 @@ jobs:
           echo "EE=${{ matrix.ee }}" >> $GITHUB_ENV
           SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-7)
           echo "IMAGE_TAG=pr-${{ github.event.number }}-$SHORT_SHA" >> $GITHUB_ENV
+          echo "IMAGE_REGISTRY=ghcr.io" >> $GITHUB_ENV
 
-      - name: Log in to quay.io
+      - name: Login to ghcr
         uses: redhat-actions/podman-login@v1
         with:
-          registry: quay.io
-          username: ${{ secrets.REDHAT_USERNAME }}
-          password: ${{ secrets.REDHAT_PASSWORD }}
+          registry: ${{ env.IMAGE_REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Log in to registry.redhat.io
         uses: redhat-actions/podman-login@v1
         with:
           registry: registry.redhat.io
-          username: ${{ secrets.REDHAT_USERNAME }}
-          password: ${{ secrets.REDHAT_PASSWORD }}
+          username: ${{ secrets.REDHAT_SA_USERNAME }}
+          password: ${{ secrets.REDHAT_SA_PASSWORD }}
 
       - name: Substitute token for automation hub
         run: |
@@ -94,10 +98,10 @@ jobs:
           # Create artifact file
           COMMANDS_FILE="commands-${{ matrix.ee }}.txt"
           echo "" >> $COMMANDS_FILE
-          echo "EE: ${{ env.EE }}" >> $COMMANDS_FILE
+          echo "${{ env.EE }}" >> $COMMANDS_FILE
           echo "" >> $COMMANDS_FILE
           echo "\`\`\`" > $COMMANDS_FILE
-          echo "podman pull quay.io/${{ secrets.QUAY_USER }}/${{ env.EE }}:${{ env.IMAGE_TAG }}" >> $COMMANDS_FILE
+          echo "podman pull ${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ env.EE }}:${{ env.IMAGE_TAG }}" >> $COMMANDS_FILE
           echo "\`\`\`" >> $COMMANDS_FILE
           echo "<details>" >> $COMMANDS_FILE
           echo "<summary><b>More info...</b></summary>" >> $COMMANDS_FILE
@@ -121,24 +125,26 @@ jobs:
           name: commands-${{ matrix.ee }}
           path: ${{ matrix.ee }}/commands-${{ matrix.ee }}.txt
 
-      - name: Push To quay.io
+      - name: Push To GHCR
+        id: push_to_ghcr
         uses: redhat-actions/push-to-registry@v2
         with:
           image: ${{ env.EE }}
-          tags: ${{ env.IMAGE_TAG }} ${{ github.sha }}
-          registry: quay.io/${{ secrets.QUAY_USER }}/
-          username: ${{ secrets.REDHAT_USERNAME }}
-          password: ${{ secrets.REDHAT_PASSWORD }}
+          tags: ${{ env.IMAGE_TAG }}
+          registry: ${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}
+
+      - name: Set push success flag
+        if: success()
+        run: echo "push_success=true" >> $GITHUB_ENV
 
       - name: Print summary
         run: |
           echo "## :rocket: Usage" >> $GITHUB_STEP_SUMMARY
-          echo "Image pushed to repository: quay.io/${{ secrets.QUAY_USER }}/${{ env.EE }}:${{ env.IMAGE_TAG }}" >> $GITHUB_STEP_SUMMARY
-          echo "> \`podman pull quay.io/${{ secrets.QUAY_USER }}/${{ env.EE }}:${{ env.IMAGE_TAG }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "Image pushed to repository: ${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ env.EE }}:${{ env.IMAGE_TAG }}" >> $GITHUB_STEP_SUMMARY
+          echo "> \`podman pull ${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ env.EE }}:${{ env.IMAGE_TAG }}\`" >> $GITHUB_STEP_SUMMARY
 
   post-comment:
-    if: github.event_name == 'pull_request'
-    needs: build-ee 
+    needs: build-ee
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

diff --git a/README.md b/README.md
@@ -1,13 +1,14 @@
 # Build execution environments with `ansible-builder`
 ## Building execution environment images for use in [ansible workshops](https://github.com/ansible/workshops)
-### This repo responds to modifications on `main` by building a new container image with Github Actions to be used as an execution environment for Ansible Automation Platform 2.
+### This repo responds to modifications on `main` and pull requests to main by building new container images with Github Actions to be used as an execution environment for Ansible Automation Platform 2.
 
 [![ServiceNow EE build](https://github.com/cloin/ee-builds/actions/workflows/servicenow-ee-build.yml/badge.svg)](https://github.com/cloin/ee-builds/actions/workflows/servicenow-ee-build.yml) [![Windows EE build](https://github.com/cloin/ee-builds/actions/workflows/windows-ee-build.yml/badge.svg)](https://github.com/cloin/ee-builds/actions/workflows/windows-ee-build.yml) [![f5 EE build](https://github.com/cloin/ee-builds/actions/workflows/f5-ee-build.yml/badge.svg)](https://github.com/cloin/ee-builds/actions/workflows/f5-ee-build.yml) [![RHEL 90 min EE build](https://github.com/cloin/ee-builds/actions/workflows/rhel_90-ee.yml/badge.svg?branch=main)](https://github.com/cloin/ee-builds/actions/workflows/rhel_90-ee.yml)
 
-![workflow](https://user-images.githubusercontent.com/8515817/140567781-616a7507-607e-41af-b668-4d3850776dc9.png)
+![workflow](https://github.com/cloin/ee-builds/assets/8515817/1417c81b-a98d-4889-9bb3-0d133a54c8d0)
+
 
 ### Contributions
-The directories in this repository should follow the format that `ansible-builder` expects. See [servicenow-ee](https://github.com/cloin/ee-builds/tree/main/servicenow-ee) as an example. The name you give the directory should also be the name of the image. You can also copy the [servicenow-ee workflow](https://github.com/cloin/ee-builds/blob/main/.github/workflows/servicenow-ee-build.yml) file and adjust the parameters on lines 2 and 25-27. Questions? Open an issue!
+The directories in this repository should follow the format that `ansible-builder` expects. See [servicenow-ee](https://github.com/cloin/ee-builds/tree/main/servicenow-ee) as an example. The name you give the directory should also be the name of the image. You can also copy the [servicenow-ee workflow](https://github.com/cloin/ee-builds/blob/main/.github/workflows/servicenow-ee-build.yml) file and adjust the parameters. Questions? Open an issue!
 
 
 ### Useful documentation and links

diff --git a/bigpanda-ee/ansible-collections.yml b/bigpanda-ee/ansible-collections.yml
@@ -5,3 +5,4 @@ collections:
   - ansible.utils
   - ansible.posix
   - bigpanda.incident
+
diff --git a/product-demos-ee/execution-environment.yml b/product-demos-ee/execution-environment.yml
@@ -2,7 +2,7 @@
 version: 3
 images:
   base_image:
-    name: 'registry.redhat.io/ansible-automation-platform-22/ee-minimal-rhel8:latest'
+    name: 'registry.redhat.io/ansible-automation-platform-24/ee-minimal-rhel8:latest'
 
 dependencies:
   galaxy: requirements.yml

diff --git a/servicenow-ee/ansible-collections.yml b/servicenow-ee/ansible-collections.yml
@@ -9,4 +9,3 @@ collections:
   - name: servicenow.itsm
     version: 2.2.0
   - name: kubealex.eda
-
diff --git a/servicenow-ee/execution-environment.yml b/servicenow-ee/execution-environment.yml
@@ -1,6 +1,5 @@
 ---
 version: 3
-
 images:
   base_image:
     name: registry.redhat.io/ansible-automation-platform-23/ee-minimal-rhel8:latest
@@ -29,4 +28,3 @@ additional_build_steps:
         # Use the above ARG to define an environment variable holding
         # the token for resolving private collections
         - ENV ANSIBLE_GALAXY_SERVER_AUTOMATION_HUB_TOKEN=$AH_TOKEN
-
diff --git a/swingsight-ee/execution-environment.yml b/swingsight-ee/execution-environment.yml
@@ -1,6 +1,5 @@
 ---
 version: 1
-
 build_arg_defaults:
   EE_BASE_IMAGE: 'registry.redhat.io/ansible-automation-platform-22/ee-supported-rhel8'
 

diff --git a/workshop_ee/requirements.yml b/workshop_ee/requirements.yml
@@ -9,3 +9,5 @@ collections:
   - name: community.mysql
   - name: containers.podman
   - name: infra.controller_configuration
+  - name: community.crypto
+  - name: chocolatey.chocolatey
Original file line number	Diff line number	Diff line change
Expand Up		@@ -5,3 +5,4 @@ collections:
		- ansible.utils
		- ansible.posix
		- bigpanda.incident
Original file line number	Diff line number	Diff line change
Expand Up		@@ -9,4 +9,3 @@ collections:
		- name: servicenow.itsm
		version: 2.2.0
		- name: kubealex.eda