feature request(ci): Upload built images as artifacts in PRs

[orfeas-k]

On pull requests, workflows should upload the built images as artifacts. This way,

1. reviewers can download those and test using the images (don't have to spend time building those themselves)
2. we would ensure the images we test (manually) are built in the same environment with the one that releases images

This is not a dashboard-specific thing, but I didn't know where to open this.

[Souheil-Yazji]

I think you're suggesting that PRs have an automated build and push to a public image registry, which can be reachable by any reviewer. It's a good idea but with large scale open source repos, that image registry could swell substantially and someone would need to manage that container registry. Some things to consider about:

1. Creating/managing the github action to build and push
2. It's possible to tag the image with only the branch name associated with the PR to apply a limit to images associated with a PR (in contrast to commit sha based tagging)
3. Managing and securing remote image registry

I do something in my organization's fork which allows us to include linting and CVE scanning using trivy, as well as making the image available.

[orfeas-k]

Hey @Souheil-Yazji, what I 'm suggesting is not to publishd to a public registry but rather push them as artifacts in the CI's run. This way, they are also scoped in the PR rather than a public registry, which could also imply that they are published for use there. An example can be seen in this PR's runs https://github.com/canonical/pipelines-rocks/actions/runs/11816173378 where visualization-server artifact represents the oci-image built from the PR.

[Souheil-Yazji]

ah I understand, thanks for that example!

This is a much better suggestion, and there doesn't seem to be immediate challenges. +1