Run docker image on infra.ci only

[NotMyFault]

We don't store creds on ci.j, causing the step to fail every time on ci.jenkins.io. I propose we run this on infra.ci only, from where the image is deployed.

[hervelemeur]

The only downside with that is now you need infra access to check docker builds.

Last time I thought about it I was about to implement a parameter to the shared pipeline function to optionally disable image publication (which AFAIR is the only failing step due to the missing credentials), but I didn't finished it. To be continued?

[hervelemeur]

For ref, I don't remember atm exactly what was missing, shouldn't be that much, just that at that time I switched to another more important subject and didn't came back to it yet: https://github.com/jenkins-infra/pipeline-library/pull/784

I'll take another look in 2024.

Thus my revised review would be a +/-0 on merging this PR, easy to revert if needed.

[NotMyFault]

Isn't that already the case? Images aren't deployed from ci.j, and therefore you can't check the status there at all? Similar to other jobs deploying from infra.ci

[hervelemeur]

Here the important part is to build docker images on a public instance so everyone can check builds logs and debug Dockerfile changes.

Ref:

• https://github.com/jenkins-infra/account-app/issues/177

The current problem from memory and if not mistaken is that the shared pipeline function always build and publish, while it would be nice to keep it only build on ci.j for example.

[dduportal]

+100 with what @hervelemeur said.