✨ Add a "report images" action

.github/actions/report-images/action.yml

@@ -0,0 +1,81 @@
+name: Report Runtime Images
+description: |
+  Queries the live cluster to report all container images configured and running
+  for the Konveyor operator stack. Writes a markdown report to the GitHub Step
+  Summary and optionally uploads a JSON artifact.
+
+inputs:
+  namespace:
+    description: "Namespace where Konveyor is installed"
+    required: false
+    default: "konveyor-tackle"
+  upload_artifact:
+    description: "Upload the JSON report as a workflow artifact"
+    required: false
+    default: "false"
+  artifact_name:
+    description: "Name for the uploaded artifact"
+    required: false
+    default: "operator-runtime-image-report"
+  artifact_retention_days:
+    description: "Number of days to retain the artifact"
+    required: false
+    default: "90"
+
+outputs:
+  json:
+    description: "The full image report as a JSON string"
+    value: ${{ steps.report.outputs.json }}
+
+runs:
+  using: "composite"
+  steps:
+  - name: Ensure jq is available
+    shell: bash
+    run: |
+      if command -v jq &>/dev/null; then
+        echo "jq is already installed"
+        exit 0
+      fi
+      echo "::error::jq is required but not found in PATH"
+      exit 1
+
+  - name: Verify cluster access
+    shell: bash
+    run: |
+      KUBECTL="kubectl"
+      if ! command -v kubectl &>/dev/null; then
+        if command -v oc &>/dev/null; then
+          KUBECTL="oc"
+        else
+          echo "::error::Neither kubectl nor oc found in PATH"
+          exit 1
+        fi
+      fi
+      $KUBECTL get namespace "${{ inputs.namespace }}" >/dev/null
+
+  - name: Generate image report
+    id: report
+    shell: bash
+    working-directory: ${{ github.action_path }}/../../..
+    run: |
+      bash hack/report-images.sh -n "${{ inputs.namespace }}" >> "$GITHUB_STEP_SUMMARY"
+
+      JSON=$(bash hack/report-images.sh -n "${{ inputs.namespace }}" --json)
+      echo "$JSON" > "$RUNNER_TEMP/report-images.json"
+
+      # Make JSON available as an output (delimiter-based to handle multiline)
+      EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
+      {
+        echo "json<<$EOF"
+        echo "$JSON"
+        echo "$EOF"
+      } >> "$GITHUB_OUTPUT"
+
+  - name: Upload JSON report
+    if: ${{ inputs.upload_artifact == 'true' }}
+    uses: actions/upload-artifact@v4
+    with:
+      name: ${{ inputs.artifact_name }}
+      path: ${{ runner.temp }}/report-images.json
+      retention-days: ${{ inputs.artifact_retention_days }}

hack/report-images-map.json

@@ -0,0 +1,107 @@
+{
+  "_comment": "Component map for hack/report-images.sh. Maps RELATED_IMAGE_* env vars to human-readable component names, activation conditions (feature flags), and deployment name prefixes for drift detection. Update this file when images are added/removed from helm/templates/deployment.yaml.",
+  "components": {
+    "RELATED_IMAGE_TACKLE_HUB": {
+      "component": "Hub API Server",
+      "condition": "always",
+      "deployment_prefix": "tackle-hub"
+    },
+    "RELATED_IMAGE_TACKLE_UI": {
+      "component": "UI",
+      "condition": "always",
+      "deployment_prefix": "tackle-ui"
+    },
+    "RELATED_IMAGE_KEYCLOAK_SSO": {
+      "component": "Keycloak SSO",
+      "condition": "feature_auth_required",
+      "deployment_prefix": "tackle-keycloak-sso"
+    },
+    "RELATED_IMAGE_TACKLE_POSTGRES": {
+      "component": "Keycloak PostgreSQL",
+      "condition": "feature_auth_required",
+      "deployment_prefix": "tackle-keycloak-postgresql"
+    },
+    "RELATED_IMAGE_OAUTH_PROXY": {
+      "component": "OAuth Proxy",
+      "condition": "openshift_cluster",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_ADDON_ANALYZER": {
+      "component": "Analyzer Addon",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_ADDON_DISCOVERY": {
+      "component": "Language Discovery Addon",
+      "condition": "feature_discovery",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_ADDON_PLATFORM": {
+      "component": "Platform Addon",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_PROVIDER_JAVA": {
+      "component": "Java Provider",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_PROVIDER_GO": {
+      "component": "Go Provider",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_PROVIDER_PYTHON": {
+      "component": "Python Provider",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_PROVIDER_NODEJS": {
+      "component": "Node.js Provider",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_PROVIDER_C_SHARP": {
+      "component": "C# Provider",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_KANTRA": {
+      "component": "Kantra CLI",
+      "condition": "always",
+      "deployment_prefix": null
+    },
+    "RELATED_IMAGE_KAI": {
+      "component": "KAI Solution Server",
+      "condition": "kai_solution_server_enabled",
+      "deployment_prefix": "kai"
+    },
+    "RELATED_IMAGE_LIGHTSPEED_STACK": {
+      "component": "LLM Proxy",
+      "condition": "kai_llm_proxy_enabled",
+      "deployment_prefix": "llm-proxy"
+    }
+  },
+  "feature_flags": {
+    "feature_auth_required": {
+      "default": true,
+      "description": "Keycloak + PostgreSQL + OAuth Proxy"
+    },
+    "feature_discovery": {
+      "default": true,
+      "description": "Language Discovery Addon"
+    },
+    "kai_solution_server_enabled": {
+      "default": false,
+      "description": "KAI Solution Server"
+    },
+    "kai_llm_proxy_enabled": {
+      "default": false,
+      "description": "LLM Proxy (Lightspeed Stack)"
+    },
+    "openshift_cluster": {
+      "default": false,
+      "description": "OAuth Proxy sidecar"
+    }
+  }
+}