chore: update release-1.2 branch

.github/workflows/create-release.yml

@@ -185,6 +185,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          token: ${{ secrets.BOT_PAT }} # creating git tag using bot token because GITHUB_TOKEN would not trigger build workflow (https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow).
 
       - name: Create changelog
         env:
@@ -199,15 +200,14 @@ jobs:
           RELEASE_ID=$(./hack/ci/create_draft_release.sh $VERSION)
           echo "release_id=$RELEASE_ID" >> $GITHUB_OUTPUT
 
-      - name: Trigger prow job 'release-eventing-manager-build'
+      - name: Add lightweight tag to trigger release build job
+        env:
+          GITHUB_TOKEN: ${{ secrets.BOT_PAT }} # creating git tag using bot token because GITHUB_TOKEN would not trigger build workflow (https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow).
         run: |
-          # The job release-eventing-manager-build will be triggered by pushing a new tag (format: x.y.z) to the repo.
+          # The build job will be triggered by pushing a new tag (format: x.y.z) to the repo.
           git tag $VERSION
           git push origin $VERSION
 
-      - name: Wait for job 'release-eventing-manager-build' to succeed
-        run: ./hack/ci/wait-for-release-build-job.sh ${{ github.ref_name }} 600 10 30 # Inputs: repo (format: "owner/repo"), timeout, interval and initial wait time.
-
       - name: Create and upload eventing-manager.yaml and eventing-default-cr.yaml
         env:
           PULL_BASE_REF: ${{ needs.generate-version.outputs.VERSION }}
@@ -218,11 +218,20 @@ jobs:
         run: |
           ./hack/ci/render_and_upload_manifests.sh
 
+  wait-until-build-succeeds:
+    needs: [generate-version, create-draft]
+    uses: "kyma-project/eventing-tools/.github/workflows/wait-build-reusable.yml@main"
+    with:
+      repository: ${{ github.repository_owner }}/eventing-manager
+      git_ref: ${{ needs.generate-version.outputs.VERSION }}
+      git_check_run_name: "build-${{ needs.generate-version.outputs.VERSION }} / Build image"
+
   bump-sec-scanners-config-main:
     name: Bump sec-scanners-config.yaml on main branch
     needs: 
       - create-draft
       - generate-version
+      - wait-until-build-succeeds
     runs-on: ubuntu-latest
     env:
       VERSION: ${{ needs.generate-version.outputs.VERSION }}

.github/workflows/e2e-upgrade-test-reusable.yaml

@@ -18,9 +18,6 @@ on:
         required: true
         type: string
         description: "The image tag of the Eventing Manager after the upgrade"
-      build-job-name:
-        type: string
-        description: "The name of the build job to wait for"
       commit-sha:
         type: string
         description: "The commit sha of the new version"
@@ -88,20 +85,6 @@ jobs:
           make e2e-setup
           make e2e-eventing-setup
 
-      - name: Wait for the ${{ inputs.build-job-name }} job to succeed
-        if: ${{ inputs.build-job-name != '' }}
-        uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20
-        with:
-          context: ${{ inputs.build-job-name }}
-          commit_ref: "${{ inputs.commit-sha }}"
-          timeout: 600000 # 10 minutes in milliseconds
-          # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting)
-          check_interval: 60000 # 1 minute in milliseconds
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-          GITHUB_OWNER: "${{ github.repository_owner }}"
-          GITHUB_REPO: "eventing-manager"
-
       - name: Upgrade Eventing manager
         id: upgrade-eventing-manager
         run: |

.github/workflows/e2e.yml

@@ -35,60 +35,52 @@ on:
       - PROJECT
 
 jobs:
-  wait-until-build-succeeds:
+  export-info:
     runs-on: ubuntu-latest
     outputs:
       image-name: ${{ steps.extract-image.outputs.image_name }}
+      git-ref: ${{ steps.extract-image.outputs.git_ref }}
     steps:
-      - uses: actions/checkout@v4
-
-      - name: Wait for the 'pull-eventing-manager-build' job to succeed
-        id: pull-wait-build
-        if: github.event_name == 'pull_request'
-        uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20
-        with:
-          context: "pull-eventing-manager-build"
-          commit_ref: "${{ github.event.pull_request.head.sha }}" # Note: 'github.event.pull_request.head.sha' is not same as 'github.sha' on pull requests.
-          timeout: 600000 # 10 minutes in milliseconds
-          # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting)
-          check_interval: 60000 # 1 minute in milliseconds
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-          GITHUB_OWNER: "${{ github.repository_owner }}"
-          GITHUB_REPO: "eventing-manager"
-
-      - name: Wait for the 'post-eventing-manager-build' job to succeed
-        id: push-wait-build
-        if: github.event_name == 'push'
-        uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20
-        with:
-          context: "post-eventing-manager-build"
-          commit_ref: "${{ github.sha }}"
-          timeout: 600000 # 10 minutes in milliseconds
-          # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting)
-          check_interval: 60000 # 1 minute in milliseconds
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-          GITHUB_OWNER: "${{ github.repository_owner }}"
-          GITHUB_REPO: "eventing-manager"
-
-      - name: Extract container image name from build logs (pull)
+      - name: export correct info based on event (PR or Push)
         id: extract-image
         env:
-          # Refernce: https://docs.github.com/en/actions/learn-github-actions/expressions#example
-          COMMIT_STATUS_JSON: "${{ github.event_name == 'push' && steps.push-wait-build.outputs.json || steps.pull-wait-build.outputs.json }}"
+          GIT_EVENT_NAME: "${{ github.event_name }}"
+          PR_NUMBER: "${{ github.event.number }}"
+          PR_HEAD_SHA: "${{ github.event.pull_request.head.sha }}"
+          HEAD_SHA: "${{ github.sha }}"
+        run: |
+          if [[ $GIT_EVENT_NAME == "pull_request" ]]
+          then
+            echo "exporting info for pull request..."
+            echo "image_name=europe-docker.pkg.dev/kyma-project/dev/eventing-manager:PR-${PR_NUMBER}" >> "$GITHUB_OUTPUT"
+            echo "git_ref=${PR_HEAD_SHA}" >> "$GITHUB_OUTPUT"
+          else
+            echo "exporting info for push..."
+            echo "image_name=europe-docker.pkg.dev/kyma-project/prod/eventing-manager:${HEAD_SHA}" >> "$GITHUB_OUTPUT"
+            echo "git_ref=${HEAD_SHA}" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Print info
+        env:
+          IMAGE_NAME: ${{ steps.extract-image.outputs.image_name }}
+          GIT_REF: ${{ steps.extract-image.outputs.git_ref }}
         run: |
-          ./scripts/extract_image_from_build_logs.sh
-          # export value to job output
-          export IMAGE_NAME="$(cat image.name)"
-          echo "IMAGE_NAME: ${IMAGE_NAME}"
-          echo "image_name=${IMAGE_NAME}" >> "$GITHUB_OUTPUT"
+          echo "IMAGE: $IMAGE_NAME"
+          echo "Git ref: $GIT_REF"
+
+
+  wait-until-build-succeeds:
+    needs: export-info
+    uses: "kyma-project/eventing-tools/.github/workflows/wait-build-reusable.yml@main"
+    with:
+      repository: ${{ github.repository_owner }}/eventing-manager
+      git_ref: ${{ needs.export-info.outputs.git-ref }}
+      git_check_run_name: "build / Build image"
 
   nats:
     runs-on: ubuntu-latest
-    needs: wait-until-build-succeeds
+    needs: [export-info, wait-until-build-succeeds]
     env:
-      MANAGER_IMAGE: ${{ needs.wait-until-build-succeeds.outputs.image-name }}
+      MANAGER_IMAGE: ${{ needs.export-info.outputs.image-name }}
 
     steps:
       - uses: actions/checkout@v4
@@ -152,9 +144,9 @@ jobs:
 
   PeerAuthentication:
     runs-on: ubuntu-latest
-    needs: wait-until-build-succeeds
+    needs: [export-info, wait-until-build-succeeds]
     env:
-      MANAGER_IMAGE: ${{ needs.wait-until-build-succeeds.outputs.image-name }}
+      MANAGER_IMAGE: ${{ needs.export-info.outputs.image-name }}
 
     steps:
       - uses: actions/checkout@v4
@@ -200,10 +192,10 @@ jobs:
           kubectl get peerauthentications.security.istio.io -A -o yaml
 
   backend-switching:
-    needs: wait-until-build-succeeds
+    needs: [export-info, wait-until-build-succeeds]
     if: github.event_name == 'push'
     uses: "./.github/workflows/e2e-backend-switching-reuseable.yml"
     with:
-      eventing-manager-image: ${{ needs.wait-until-build-succeeds.outputs.image-name }}
+      eventing-manager-image: ${{ needs.export-info.outputs.image-name }}
       cluster-name-prefix: "ghem-"
     secrets: inherit

.github/workflows/lint-go.yml

@@ -38,6 +38,6 @@ jobs:
           go-version-file: go.mod
 
       - name: golangci-lint
-        uses: golangci/[email protected].0
+        uses: golangci/[email protected].1
         with:
-          version: v1.57
+          version: v1.60.1

.github/workflows/pull-build-image.yaml

@@ -0,0 +1,18 @@
+name: Pull Build Image
+
+on:
+  pull_request_target:
+    types: [opened, edited, synchronize, reopened, ready_for_review]
+
+permissions:
+  id-token: write # This is required for requesting the JWT token
+  contents: read # This is required for actions/checkout
+
+jobs:
+  build:
+    uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main
+    with:
+      name: eventing-manager
+      dockerfile: Dockerfile
+      context: .
+      export-tags: true

.github/workflows/pull-e2e-upgrade-test.yaml

@@ -15,11 +15,18 @@ on:
       - PROJECT
 
 jobs:
+  wait-until-build-succeeds:
+    uses: "kyma-project/eventing-tools/.github/workflows/wait-build-reusable.yml@main"
+    with:
+      repository: ${{ github.repository_owner }}/eventing-manager
+      git_ref: ${{ github.event.pull_request.head.sha }}
+      git_check_run_name: "build / Build image"
+
   upgrade-test:
+    needs: wait-until-build-succeeds
     uses: ./.github/workflows/e2e-upgrade-test-reusable.yaml
     with:
       pre-upgrade-image-tag: main
       post-upgrade-image-tag: PR-${{ github.event.number }}
-      build-job-name: pull-eventing-manager-build
       commit-sha: ${{ github.event.pull_request.head.sha }}
     secrets: inherit

.github/workflows/pull-target-e2e.yml

@@ -34,22 +34,12 @@ jobs:
           ./scripts/is_pr_approved.sh
 
   wait-until-build-succeeds:
-    runs-on: ubuntu-latest
     needs: is-pr-approved
-    steps:
-      - name: Wait for the 'pull-eventing-manager-build' job to succeed
-        id: pull-wait-build
-        uses: kyma-project/wait-for-commit-status-action@2b3ffe09af8b6f40e1213d5fb7f91a7bd41ffb20
-        with:
-          context: "pull-eventing-manager-build"
-          commit_ref: "${{ github.event.pull_request.head.sha }}" # Note: 'github.event.pull_request.head.sha' is not same as 'github.sha' on pull requests.
-          timeout: 600000 # 10 minutes in milliseconds
-          # The check interval is kept long otherwise it will exhaust the GitHub rate limit (More info: https://docs.github.com/en/rest/overview/resources-in-the-rest-api?apiVersion=2022-11-28#rate-limiting)
-          check_interval: 60000 # 1 minute in milliseconds
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-          GITHUB_OWNER: "${{ github.repository_owner }}"
-          GITHUB_REPO: "eventing-manager"
+    uses: "kyma-project/eventing-tools/.github/workflows/wait-build-reusable.yml@main"
+    with:
+      repository: ${{ github.repository_owner }}/eventing-manager
+      git_ref: ${{ github.event.pull_request.head.sha }}
+      git_check_run_name: "build / Build image"
 
   backend-switching:
     needs: wait-until-build-succeeds

.github/workflows/push-build-image.yaml

@@ -0,0 +1,39 @@
+name: Push Build Image
+
+on:
+  push:
+    branches:
+      - "main"
+      - "release-*"
+    paths-ignore:
+      - "docs/**"
+
+permissions:
+  id-token: write # This is required for requesting the JWT token
+  contents: read # This is required for actions/checkout
+
+jobs:
+  compute-tags:
+    runs-on: ubuntu-latest
+    outputs:
+      tags: ${{ steps.get_tag.outputs.TAGS }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Get the latest tag
+        id: get_tag
+        run: |
+          {
+            echo 'TAGS<<EOF'
+            echo "${{ github.sha }}"
+            echo "${{ github.ref_name}}"
+            echo EOF
+          } >> "$GITHUB_OUTPUT"
+  build:
+    needs: compute-tags
+    uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main
+    with:
+      name: eventing-manager
+      dockerfile: Dockerfile
+      context: .
+      tags: ${{ needs.compute-tags.outputs.tags }}

.github/workflows/push-e2e-upgrade-test.yaml

@@ -28,12 +28,18 @@ jobs:
         run: |
           echo "latest_release_tag=$(curl -s https://api.github.com/repos/kyma-project/eventing-manager/releases/latest | jq -r '.tag_name')" >> "$GITHUB_OUTPUT"
 
+  wait-until-build-succeeds:
+    uses: "kyma-project/eventing-tools/.github/workflows/wait-build-reusable.yml@main"
+    with:
+      repository: ${{ github.repository_owner }}/eventing-manager
+      git_ref: ${{ github.sha }}
+      git_check_run_name: "build / Build image"
+
   upgrade-test:
     uses: ./.github/workflows/e2e-upgrade-test-reusable.yaml
-    needs: get-latest-release
+    needs: [get-latest-release, wait-until-build-succeeds]
     with:
       pre-upgrade-image-tag: ${{ needs.get-latest-release.outputs.latest_release_tag }}
       post-upgrade-image-tag: main
-      build-job-name: post-eventing-manager-build
       commit-sha: ${{ github.sha }}
     secrets: inherit

.github/workflows/tag-build-image.yaml

@@ -0,0 +1,37 @@
+name: Tag Build Image
+
+on:
+  push:
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+' # This will trigger the workflow when a tag (x.y.z) is pushed.
+
+permissions:
+  id-token: write # This is required for requesting the JWT token
+  contents: read # This is required for actions/checkout
+
+jobs:
+  compute-tags:
+    runs-on: ubuntu-latest
+    outputs:
+      tags: ${{ steps.get_tag.outputs.TAGS }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Get the latest tag
+        id: get_tag
+        run: |
+          {
+            echo 'TAGS<<EOF'
+            echo "${{ github.sha }}"
+            echo "${{ github.ref_name}}"
+            echo EOF
+          } >> "$GITHUB_OUTPUT"
+  build:
+    name: build-${{ github.ref_name }} # The release pipeline will check the status of this job by this name format (e.g. build-1.0.1).
+    needs: compute-tags
+    uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main
+    with:
+      name: eventing-manager
+      dockerfile: Dockerfile
+      context: .
+      tags: ${{ needs.compute-tags.outputs.tags }}

.golangci.yaml

@@ -28,6 +28,7 @@ linters:
     - paralleltest
     - copyloopvar
     - perfsprint
+    - gomnd
 
 linters-settings:
   stylecheck: