Dedicated oci-image-builder task to print built images

[dekiel]

Description Image builder binary sets GitHub output with list of built images. The list is constructed by applying a regex on log lines, fetched for ADO pipeline execution. The regex expect to find image URI in a string which starts with '--image-to-sign'. This string is present in logs because we use an image-builder flag 'image-to-sign'

The oci-image-builder should have dedicated step to produce an entry in logs which will be used for building built images output. Having a dedicated step is an a way to explicitly define the pipeline is providing this data. The purpose of the task will be clear and well understood, making it less possible to accidentally break reusable workflow output.

Using an image-builder flag name as a string to match builds implicit dependency between setting github output and sign only mode in the tool. This dependency is not documented and can be easily overlooked. A change in sign only mode or in oci-image-builder pipeline may cause the image-builder binary will not be able to find expected string.

Acceptance Criteria

• [ ] Image builder binary uses a dedicated key to match lines in ADO pipeline logs.
• [ ] oci-image-builder pipeline has dedicated step to write built images URI to the logs.
• [ ] The feature is documented in image-builder binary.
• [ ] Setting github output is tested in scope of whole application not only unit test for the function maching regex in lines.

[KacperMalachowski]

I think any way of relying on ADO logs is inconvenient. We should find a dedicated format and provide e.g. an artifact in that format that's available through standard API call.

[dekiel]

@KacperMalachowski what is inconvenient in using ADO logs. We always get this logs in the client. Why not use them? Till now this approach was working fine. Why we need to add another component for storing artifacts, calling API and increase a complexity by this?

[KacperMalachowski]

@dekiel Artifact storing can be handled by azure directly, with dedicated function that already exists in ado client package provided by microsoft. Retry mechanism is well implemented on our side as well already.

With logs we need use regex to find section with data for our need, including some mechanism to be sure it's not duplicated etc. With artifact we can simply create file in pipeline, upload it and then download it when we need it. It can also be in any format.