fix: revert to old /hack/dev/kiind.install

Updated several environment variables in the
`.github/workflows/e2e.yaml` file to reflect changes in how local
development and testing environments are configured.

This included adjusting domain URLs, Docker repository, KUBECONFIG path,
and paths for running helper scripts. The changes aimed to ensure that
the end-to-end tests correctly point to the intended services and
configurations within the CI environment.

Author: chmouel

.github/workflows/e2e.yaml

@@ -53,10 +53,10 @@ jobs:
           ]
 
     env:
-      CONTROLLER_DOMAIN_URL: paac.paac-127-0-0-1.nip.io
+      CONTROLLER_DOMAIN_URL: controller.paac-127-0-0-1.nip.io
       KOCACHE: /tmp/ko-cache
-      KO_DOCKER_REPO: registry.paac-127-0-0-1.nip.io
-      KUBECONFIG: /home/runner/.kube/config.local
+      KO_DOCKER_REPO: localhost:5000
+      KUBECONFIG: /home/runner/.kube/config.kind
       TARGET_TEAM_SLUGS: "pipeline-as-code,pipeline-as-code-contributors"
       TEST_BITBUCKET_CLOUD_API_URL: https://api.bitbucket.org/2.0
       TEST_BITBUCKET_CLOUD_E2E_REPOSITORY: cboudjna/pac-e2e-tests
@@ -66,10 +66,9 @@ jobs:
       TEST_BITBUCKET_SERVER_TOKEN: ${{ secrets.BITBUCKET_SERVER_TOKEN }}
       TEST_BITBUCKET_SERVER_USER: pipelines
       TEST_BITBUCKET_SERVER_WEBHOOK_SECRET: ${{ secrets.BITBUCKET_SERVER_WEBHOOK_SECRET }}
-      TEST_EL_URL: https://paac.paac-127-0-0-1.nip.io
+      TEST_EL_URL: http://controller.paac-127-0-0-1.nip.io
       TEST_EL_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
       TEST_GITEA_API_URL: http://localhost:3000
-      TEST_GITEA_INTERNAL_URL: http://forgejo-http.forgejo.svc.cluster.local:3000
       TEST_GITEA_PASSWORD: pac
       TEST_GITEA_REPO_OWNER: pac/pac
       TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }}
@@ -80,7 +79,7 @@ jobs:
       TEST_GITHUB_REPO_OWNER_GITHUBAPP: openshift-pipelines/pipelines-as-code-e2e-tests
       TEST_GITHUB_REPO_OWNER_WEBHOOK: openshift-pipelines/pipelines-as-code-e2e-tests-webhook
       TEST_GITHUB_SECOND_API_URL: ghe.pipelinesascode.com
-      TEST_GITHUB_SECOND_EL_URL: https://ghe.paac-127-0-0-1.nip.io
+      TEST_GITHUB_SECOND_EL_URL: http://ghe.paac-127-0-0-1.nip.io
       TEST_GITHUB_SECOND_REPO_INSTALLATION_ID: 1
       TEST_GITHUB_SECOND_REPO_OWNER_GITHUBAPP: pipelines-as-code/e2e
       TEST_GITLAB_API_URL: https://gitlab.com
@@ -291,30 +290,19 @@ jobs:
         with:
           repo: chmouel/snazy
 
-      - name: Install minica
-        run: |
-          go install github.com/jsha/minica@latest
-          echo "$HOME/go/bin" >> "$GITHUB_PATH"
-
-      - name: Clone startpaac
-        uses: actions/checkout@v6
-        with:
-          repository: openshift-pipelines/startpaac
-          path: startpaac
-
       - name: Run gosmee for main controller
         run: |
-          nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.PYSMEE_URL }} "https://${CONTROLLER_DOMAIN_URL}" > /tmp/gosmee-main.log 2>&1 &
+          nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.PYSMEE_URL }} "http://${CONTROLLER_DOMAIN_URL}" > /tmp/gosmee-main.log 2>&1 &
 
       - name: Run gosmee for main controller (Gitea)
         if: startsWith(matrix.provider, 'gitea') || matrix.provider == 'concurrency'
         run: |
-          nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.TEST_GITEA_SMEEURL }} "https://${CONTROLLER_DOMAIN_URL}" >> /tmp/gosmee-main.log 2>&1 &
+          nohup gosmee client --saveDir /tmp/gosmee-replay ${{ secrets.TEST_GITEA_SMEEURL }} "http://${CONTROLLER_DOMAIN_URL}" >> /tmp/gosmee-main.log 2>&1 &
 
       - name: Run gosmee for second controller (GHE)
         if: matrix.provider == 'github_second_controller' || matrix.provider == 'concurrency'
         run: |
-          nohup gosmee client --saveDir /tmp/gosmee-replay-ghe ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }} "https://ghe.paac-127-0-0-1.nip.io" > /tmp/gosmee-ghe.log 2>&1 &
+          nohup gosmee client --saveDir /tmp/gosmee-replay-ghe ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }} "http://ghe.paac-127-0-0-1.nip.io" > /tmp/gosmee-ghe.log 2>&1 &
 
       - name: Setup tmate session
         uses: mxschmitt/action-tmate@v3
@@ -323,32 +311,28 @@ jobs:
           detached: true
           limit-access-to-actor: true
 
-      - name: Start installing cluster with startpaac
+      - name: Start installing cluster
+        run: |
+          export PAC_DIR=${PWD}
+          export TEST_GITEA_SMEEURL="${{ secrets.TEST_GITEA_SMEEURL }}"
+          bash -x ./hack/dev/kind/install.sh
+
+      - name: Create PAC github-app-secret
         env:
-          PAC_DIR: ${{ github.workspace }}
-          PAAC_DOMAIN: paac-127-0-0-1.nip.io
-          TEST_GITEA_SMEEURL: ${{ secrets.TEST_GITEA_SMEEURL }}
+          PAC_GITHUB_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}
+          PAC_GITHUB_APPLICATION_ID: ${{ vars.APPLICATION_ID }}
+          PAC_WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
         run: |
-          # Create real secrets for startpaac (not dummy)
-          mkdir -p ~/secrets
-          echo "${{ vars.APPLICATION_ID }}" > ~/secrets/github-application-id
-          echo "${{ secrets.APP_PRIVATE_KEY }}" > ~/secrets/github-private-key
-          echo "${{ secrets.WEBHOOK_SECRET }}" > ~/secrets/webhook.secret
-          echo "${{ secrets.PYSMEE_URL }}" > ~/secrets/smee
-
-          # Create second controller secrets
-          mkdir -p ~/secrets-second
-          echo "${{ vars.TEST_GITHUB_SECOND_APPLICATION_ID }}" > ~/secrets-second/github-application-id
-          echo "${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }}" > ~/secrets-second/github-private-key
-          echo "${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}" > ~/secrets-second/webhook.secret
-          echo "${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}" > ~/secrets-second/smee
-
-          export PAC_SECRET_FOLDER=~/secrets
-          export PAC_SECOND_SECRET_FOLDER=~/secrets-second
-          export TARGET_HOST=local
-
-          cd startpaac
-          ./startpaac --ci -a
+          ./hack/gh-workflow-ci.sh create_pac_github_app_secret
+
+      - name: Create second Github APP Controller on GHE
+        env:
+          TEST_GITHUB_SECOND_SMEE_URL: ${{ secrets.TEST_GITHUB_SECOND_SMEE_URL }}
+          TEST_GITHUB_SECOND_PRIVATE_KEY: ${{ secrets.TEST_GITHUB_SECOND_PRIVATE_KEY }}
+          TEST_GITHUB_SECOND_WEBHOOK_SECRET: ${{ secrets.TEST_GITHUB_SECOND_WEBHOOK_SECRET }}
+          TEST_GITHUB_SECOND_APPLICATION_ID: ${{ vars.TEST_GITHUB_SECOND_APPLICATION_ID }}
+        run: |
+          ./hack/gh-workflow-ci.sh create_second_github_app_controller_on_ghe
 
       - name: Enable debug logging for e2e
         run: |
@@ -360,29 +344,6 @@ jobs:
             kubectl -n pipelines-as-code rollout status deployment/pipelines-as-code-$name --timeout=120s
           done
 
-      - name: Install minica CA certificate to system trust store
-        run: |
-          set -x
-          echo "=== Installing minica CA certificate to system trust store ==="
-          if [ -f /tmp/certs/minica.pem ]; then
-            sudo mkdir -p /usr/local/share/ca-certificates/
-            sudo cp /tmp/certs/minica.pem /usr/local/share/ca-certificates/minica.crt
-            sudo update-ca-certificates
-            echo "✓ CA certificate installed to system trust store"
-
-            # Verify installation
-            ls -la /usr/local/share/ca-certificates/minica.crt
-            echo "System will now trust HTTPS connections to *.127-0-0-1.nip.io domains"
-          else
-            echo "✗ ERROR: /tmp/certs/minica.pem not found"
-            echo "startpaac should have created this file"
-            exit 1
-          fi
-
-      - name: Configure git to skip TLS verification
-        run: |
-          git config --global http.sslVerify false
-
       # Adjusted step-level conditions based on the new job-level logic
       - name: Run E2E Tests
         # This step runs for schedule, PR target (if job started), or workflow_dispatch (if job started)