Migrate Jenkins Docker images publishing jobs from trusted.ci.jenkins.io to release.ci.jenkins.io

[dduportal]

• [ ] Jenkins Controller Docker Image: it would allow automating even more the releases (called by the packaging job instead of having to be built manually or as a cron job)

• [ ] Jenkins Agent images: it would avoid "tag wave" that we do not understand on trusted.ci.jenkins.io

Generally, trusted.ci.jenkins should be targeted to be replaced (because its management is uneasy and its a legacy system compared to modern and portable kubernetes workloads).

~Please note that this requires release.ci.jenkins.io to be migrated (in #2844) to a private cluster to achieve "enough" trust for the underlying infrastructure.~

[timja]

Please note that this requires release.ci.jenkins.io to be migrated (in https://github.com/jenkins-infra/helpdesk/issues/2844) to a private cluster to achieve "enough" trust for the underlying infrastructure.

Migrating to a private cluster should not be a blocker. As it's already releasing Jenkins which is a higher trust event than the docker images so this seems like a strange comment to me.

(not saying not to do a private cluster but this seems unnecessarily joined)

[dduportal]

Please note that this requires release.ci.jenkins.io to be migrated (in #2844) to a private cluster to achieve "enough" trust for the underlying infrastructure.

Migrating to a private cluster should not be a blocker. As it's already releasing Jenkins which is a higher trust event than the docker images so this seems like a strange comment to me.

(not saying not to do a private cluster but this seems unnecessarily joined)

That is a fair point! The blocker was only being able to spawn VM agents with Docker engine from release.ci, which is working so this issue can be worked on at any moment!