OpenShift CI upstream

[dfarrell07]

We need a way to do OpenShift testing upstream, without having to build upstream and send it to downstream QE for OpenShift testing.

We may be able to do this with GHA custom runners, or we may want to do this on a cloud provider like AWS.

Original:

Figure out how to give AWS credentials from CI so we can add AWS deploys GHA.

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect should allow us to give a GHA access to AWS without storing credentials even in GH secrets.

Pre-populated templates work very well for non-interactive openshift install, that’s what I use all the time.

Originally posted by @skitt in https://github.com/submariner-io/shipyard/issues/1014#issuecomment-1308436129

[stale[bot]]

This issue has been automatically marked as stale because it has not had activity for 60 days. It will be closed if no further activity occurs. Please make a comment if this issue/pr is still valid. Thank you for your contributions.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[dfarrell07]

I think we want to re-visit this as a part of adding more CI for cloud providers.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[dfarrell07]

There are now options to run custom GHA runners with big systems that might be able to run OpenShift.

We've also hit lots of issues trying to reduce RBAC upstream and test those changes with OpenShift downstream, which showed this to be a priority.

Re-doing the issue to be more generic about OpenShift in CI, will look into both methods.