From fd17a63e76f36dda01c8e46efa653fe4a5174f1a Mon Sep 17 00:00:00 2001
From: Guilherme Santos <santos1709@gmail.com>
Date: Wed, 13 May 2026 15:24:36 +0200
Subject: [PATCH 1/4] Add logic to retag lcm imgs, one for each cluster

---
 .github/workflows/lcm-pipeline.yaml | 96 ++++++++++++++++-------------
 VERSION                             |  2 +-
 2 files changed, 53 insertions(+), 45 deletions(-)

diff --git a/.github/workflows/lcm-pipeline.yaml b/.github/workflows/lcm-pipeline.yaml
index b7b2aad87..f5d98e5bc 100644
--- a/.github/workflows/lcm-pipeline.yaml
+++ b/.github/workflows/lcm-pipeline.yaml
@@ -62,8 +62,7 @@ jobs:
         run: |
           version=$(cat VERSION | tr -d '\n')
           echo "service_version=$version" >> $GITHUB_OUTPUT
-          major=$(echo "$version" | cut -d. -f1)
-          echo "service_major_version=M$major" >> $GITHUB_OUTPUT
+          echo "service_major_version=M$version" >> $GITHUB_OUTPUT
 
   dockerfiles-validation:
     needs: [ prepare-build ]
@@ -174,30 +173,31 @@ jobs:
           ecr-url: '${{ secrets.ECR_URL }}'
           dry-run: ${{ !inputs.deploy }}
 
-  register-bricks-staging:
-    runs-on:
-      group: infra1-runners-arc
-      labels: runners-small
-    needs: [ prepare-build, services-build ]
-    if: |
-      !cancelled() &&
-      !contains(needs.*.result, 'failure') &&
-      needs.prepare-build.outputs.images != '[]' &&
-      needs.prepare-build.outputs.images != ''
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v5
-      - name: Register bricks to staging
-        uses: ./.github/actions/rundeck
-        with:
-          server: '${{ secrets.RUNDECK_URL }}'
-          project: stg1-ansible
-          job-group: ansible/msf/hotfix
-          job-name: stg1_lcm_pipeline_component_tool
-          vault-url: ${{ secrets.VAULT_ADDRESS }}
+  # register-bricks-staging:
+  #   runs-on:
+  #     group: infra1-runners-arc
+  #     labels: runners-small
+  #   needs: [ prepare-build, services-build ]
+  #   if: |
+  #     !cancelled() &&
+  #     !contains(needs.*.result, 'failure') &&
+  #     needs.prepare-build.outputs.images != '[]' &&
+  #     needs.prepare-build.outputs.images != ''
+  #   steps:
+  #     - name: Checkout repository
+  #       uses: actions/checkout@v5
+  #     - name: Register bricks to staging
+  #       uses: ./.github/actions/rundeck
+  #       with:
+  #         server: '${{ secrets.RUNDECK_URL }}'
+  #         project: stg1-ansible
+  #         job-group: ansible/msf/hotfix
+  #         job-name: stg1_lcm_pipeline_component_tool
+  #         vault-url: ${{ secrets.VAULT_ADDRESS }}
 
   build-helmreleases:
-    needs: [ prepare-build, services-build, helm-charts-build, register-bricks-staging ]
+    # needs: [ prepare-build, services-build, helm-charts-build, register-bricks-staging ]
+    needs: [ prepare-build, services-build, helm-charts-build ]
     if: |
       !cancelled() &&
       !contains(needs.*.result, 'failure') &&
@@ -242,11 +242,15 @@ jobs:
       pipeline_identifier: ${{ needs.prepare-build.outputs.pipeline_identifier }}
 
   lcm-integration-e2e:
-    needs: [ prepare-build, register-bricks-staging, build-helmreleases, wait-for-deployment ]
+    needs: [ prepare-build, build-helmreleases, wait-for-deployment ]
+    # needs: [ prepare-build, register-bricks-staging, build-helmreleases, wait-for-deployment ]
+    # if: |
+    #   !cancelled() &&
+    #   !contains(needs.*.result, 'failure') &&
+    #   needs.register-bricks-staging.result == 'success'
     if: |
       !cancelled() &&
-      !contains(needs.*.result, 'failure') &&
-      needs.register-bricks-staging.result == 'success'
+      !contains(needs.*.result, 'failure')
     uses: ./.github/workflows/lcm-integration-e2e.yaml
     secrets: inherit
     permissions:
@@ -288,34 +292,38 @@ jobs:
       image_tag: ${{ needs.prepare-build.outputs.service_major_version }}
     secrets: inherit
 
-  register-bricks-prod:
+  notify-image-available:
     runs-on:
       group: infra1-runners-arc
       labels: runners-small
-    needs: [ prepare-build, promote-to-stable ]
+    needs: [ prepare-build ]
+    permissions:
+      pull-requests: write
     if: |
       !cancelled() &&
       !contains(needs.*.result, 'failure') &&
       needs.prepare-build.outputs.images != '[]' &&
       needs.prepare-build.outputs.images != '' &&
       inputs.deploy
-    strategy:
-      matrix:
-        cluster: [ na1, ca2, perf1, bom1, syd1, na3, eu1, fra1 ]
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v5
-      - name: Register bricks to ${{ matrix.cluster }}
-        uses: ./.github/actions/rundeck
-        with:
-          server: '${{ secrets.RUNDECK_URL }}'
-          project: ${{ matrix.cluster }}-ansible
-          job-group: ansible/msf/hotfix
-          job-name: ${{ matrix.cluster }}_lcm_pipeline_component_tool
-          vault-url: ${{ secrets.VAULT_ADDRESS }}
+      - name: Comment on PR
+        run: |
+          gh pr comment ${{ inputs.pr_number }} \
+            --repo ${{ github.repository }} \
+            --body "## LCM bricks image available
+
+          New image \`stable/lcm-bricks\` available and tagged for all prod clusters.
+          Please, manually run the respective rundeck job for each: ${{ secrets.RUNDECK_URL }}
+
+          | | |
+          |---|---|
+          | **Version** | \`${{ needs.prepare-build.outputs.service_version }}\` |
+          | **Build tag** | \`${{ needs.prepare-build.outputs.image_tag }}\` |
+        env:
+          GH_TOKEN: ${{ secrets.TOKEN_GITHUB_YENKINS }}
 
   create-auto-merge-prod-pr:
-    needs: [ prepare-build, build-helmreleases, register-bricks-prod ]
+    needs: [ prepare-build, build-helmreleases ]
     if: |
       !cancelled() &&
       !contains(needs.*.result, 'failure') &&
@@ -335,7 +343,7 @@ jobs:
     secrets: inherit
 
   create-manual-merge-prod-pr:
-    needs: [ prepare-build, build-helmreleases, register-bricks-prod ]
+    needs: [ prepare-build, build-helmreleases ]
     if: |
       !cancelled() &&
       !contains(needs.*.result, 'failure') &&
diff --git a/VERSION b/VERSION
index 80fd26f37..f46ce326f 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.7.105
+3.7.106

From c3c765b535c113ede81f0b32dc0292992a1b31cd Mon Sep 17 00:00:00 2001
From: Guilherme Santos <santos1709@gmail.com>
Date: Thu, 21 May 2026 18:47:57 +0200
Subject: [PATCH 2/4] Add temporary test workflow for lcm-pipeline with
 deploy=true

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/test-lcm-pipeline.yaml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 .github/workflows/test-lcm-pipeline.yaml

diff --git a/.github/workflows/test-lcm-pipeline.yaml b/.github/workflows/test-lcm-pipeline.yaml
new file mode 100644
index 000000000..08e8c4141
--- /dev/null
+++ b/.github/workflows/test-lcm-pipeline.yaml
@@ -0,0 +1,20 @@
+name: test-lcm-pipeline
+on:
+  workflow_dispatch:
+    inputs:
+      pr_number:
+        required: true
+        type: string
+jobs:
+  test:
+    uses: ./.github/workflows/lcm-pipeline.yaml
+    with:
+      AUTO_MERGE: false
+      base_branch: master
+      deploy: true
+      pr_number: ${{ inputs.pr_number }}
+    secrets: inherit
+    permissions:
+      contents: read
+      id-token: write
+      pull-requests: write

From e1861dc3b4ece64033b85302a9cc15374eb4711b Mon Sep 17 00:00:00 2001
From: Guilherme Santos <santos1709@gmail.com>
Date: Thu, 21 May 2026 18:58:03 +0200
Subject: [PATCH 3/4] Update test workflow to use push trigger
 (workflow_dispatch requires default branch)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/test-lcm-pipeline.yaml | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/test-lcm-pipeline.yaml b/.github/workflows/test-lcm-pipeline.yaml
index 08e8c4141..5caa8da74 100644
--- a/.github/workflows/test-lcm-pipeline.yaml
+++ b/.github/workflows/test-lcm-pipeline.yaml
@@ -1,10 +1,8 @@
 name: test-lcm-pipeline
 on:
-  workflow_dispatch:
-    inputs:
-      pr_number:
-        required: true
-        type: string
+  push:
+    branches:
+      - gsantos-grif716
 jobs:
   test:
     uses: ./.github/workflows/lcm-pipeline.yaml
@@ -12,7 +10,7 @@ jobs:
       AUTO_MERGE: false
       base_branch: master
       deploy: true
-      pr_number: ${{ inputs.pr_number }}
+      pr_number: "2079"
     secrets: inherit
     permissions:
       contents: read

From 2126465e52c7107b0e4370efdb21280f878636e4 Mon Sep 17 00:00:00 2001
From: Guilherme Santos <santos1709@gmail.com>
Date: Thu, 21 May 2026 19:33:25 +0200
Subject: [PATCH 4/4] fix: close missing quote in notify-image-available PR
 comment body

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/lcm-pipeline.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/lcm-pipeline.yaml b/.github/workflows/lcm-pipeline.yaml
index f5d98e5bc..ed883fd92 100644
--- a/.github/workflows/lcm-pipeline.yaml
+++ b/.github/workflows/lcm-pipeline.yaml
@@ -318,7 +318,7 @@ jobs:
           | | |
           |---|---|
           | **Version** | \`${{ needs.prepare-build.outputs.service_version }}\` |
-          | **Build tag** | \`${{ needs.prepare-build.outputs.image_tag }}\` |
+          | **Build tag** | \`${{ needs.prepare-build.outputs.image_tag }}\` |"
         env:
           GH_TOKEN: ${{ secrets.TOKEN_GITHUB_YENKINS }}