ci: skeleton

Signed-off-by: viktor-kurchenko <viktor.kurchenko@isovalent.com>

Author: viktor-kurchenko

.github/workflows/openshift-cert.yaml

@@ -0,0 +1,114 @@
+name: OpenShift Operator certification pipeline
+on:
+  push:
+  workflow_dispatch:
+    inputs:
+      aws_region:
+        description: 'AWS region'
+        default: 'us-east-1'
+        type: choice
+        options:
+          - 'us-east-1'
+          - 'us-east-2'
+          - 'us-west-2'
+          - 'us-west-1'
+          - 'eu-west-1'
+          - 'eu-central-1'
+          - 'sa-east-1'
+          - 'ap-northeast-1'
+          - 'ap-southeast-1'
+          - 'ap-southeast-2'
+          - 'ap-northeast-2'
+      ocp_version:
+        description: 'Openshift version'
+        default: 'ocp-4-17'
+        type: choice
+        options:
+          - 'ocp-4-14'
+          - 'ocp-4-15'
+          - 'ocp-4-16'
+          - 'ocp-4-17'
+      cilium_version:
+        description: 'Cilium Version to use (ex: 1.16.4)'
+        default: "1.16.4"
+        required: true
+      is_released:
+        description: 'Is this version released ? No: `-ci` will be added to cilium_version'
+        required: false
+        type: boolean
+        default: false
+      run_tests:
+        description: 'Run tests on the deployed cluster'
+        required: false
+        type: boolean
+        default: false
+      do_not_destroy:
+        description: 'Do not destroy the cluster'
+        required: false
+        type: boolean
+        default: false
+
+permissions:
+  contents: read
+  id-token: write
+  pull-requests: read
+  statuses: write
+
+env:
+  TERRAFORM_VERSION: 1.10.3
+  PULL_SECRET_FILE: pull_secret.json
+
+jobs:
+  deploy:
+    runs-on: ubuntu-24.04
+    timeout-minutes: 120
+    steps:
+      - name: Checkout workflow context branch
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # 3.1.2
+        with:
+          terraform_version: "${{ env.TERRAFORM_VERSION }}"
+          terraform_wrapper: false
+
+      - name: Checkout OpenShift CuTE repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          repository: isovalent/cute-openshift-aws
+          token: ${{ secrets.READ_PRIVATE_REPOSITORIES }} # TODO: replace with ISOVALENT_BOT_READ_PRIVATE_REPOSITORIES
+          path: ocp
+
+      - name: Configure terraform variables
+        working-directory: ./ocp/${{ inputs.ocp_version }}
+        run: |
+          echo '${{ secrets.RH_PULL_SECRET }}' | python -m json.tool > ${{ env.PULL_SECRET_FILE }}
+
+          cat > terraform.tfvars<<EOF
+          cluster_name         = "ocp-cert"
+          owner                = "ci"
+          pull_secret_path     = "${{ env.PULL_SECRET_FILE }}"
+          base_domain          = "ci.covalent.lol"
+          worker_instance_type = "m5.xlarge"
+          create_subscription  = false
+          install_tetragon     = false
+          EOF
+
+          cat terraform.tfvars
+
+      - name: Test
+        working-directory: ./ocp/${{ inputs.ocp_version }}
+        run: |
+          echo "testing..."
+          pwd
+          ls -lah
+          ls -lah ..
+
+      - name: Clean
+        if: always()
+        timeout-minutes: 60
+        working-directory: ./ocp/${{ inputs.ocp_version }}
+        run: |
+          rm ${{ env.PULL_SECRET_FILE }}