Refactor/modernize CI, add stable distribution SHAs

What does this MR do?

Replacement for !961 (closed), now targeting default branch.

Add stable distributions SHAs

Record the SHA of base distribution images at the start of final image building process. This ensure that all images will have a common base layer even if upstream updates a floating tag during pipeline execution. This also automatically breaks cache if the upstream image changes between pipeline runs!

Refactor CI to use include, extends, rules

Simplify the rules and needs definitions on a per-Job level by refactoring / dividing the Jobs to make use of:

• workflow:rules
• include:rules
• extends
• reference
• rules & reference

This divides the .gitlab-ci.yml into parts, using include to pull them back in from .gitlab/ci/*.

The resulting division:

• rules, only rules and DRY componets for rules
• deps, just dependencies.io job
• common, with all base job definitions, commonalities to all of CI
• debian, debian specific definitions and extends for each image
• ubi, UBI specific definitions and extends for each image

The goal of this is to make it far less complicated to define job inter-dependency, as we now separate them based on the pipeline type via the include stanza of .gitlab-ci.yml using rules.

Dividing up the YAML necessitated the move from any anchor merging (<<: *job-base) to the use of extends and reference.

ALSO: move when: always to when: on_success where appropriate Note, that on_success is the default, so some instances removed.

See also: !956 (comment 903075014)

Related issues

Related to:

• gitlab-org/charts/gitlab#2958 (closed)
• gitlab-org/charts/gitlab#3045 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion

Required

• Merge Request Title, and Description are up to date, accurate, and descriptive
• MR targeting the appropriate branch
• MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes
• Documentation created/updated
• Integration tests added to GitLab QA
• The impact any change in container size has should be evaluated