ROX-35008: Add GH action to add VMs to existing OCP clusters

[vikin91]

Description

Add a self-contained scripts/ci/add-vms/ module with shell scripts that automate adding KubeVirt VMs to an ACS cluster and installing roxagent. Includes a composite GitHub Action and a workflow_dispatch workflow for one-click execution from the Actions UI.

What it does:

1. Installs OpenShift Virtualization operator (idempotent, enables VSOCK + KVM_EMULATION)
2. Deploys RHEL VMs with automation SSH keypair stored in a K8s secret
3. Adopts pre-existing VMs via password fallback (sshpass)
4. Installs roxagent via Quadlet (container) or native binary method
5. Prints summary with SSH access instructions

Why:
Manual VM setup for VM scanning development/testing is error-prone and undocumented. This enables any team member to add VMs to a cluster in one command or one click in GitHub Actions.

Architecture: A main orchestrator (add-vms.sh) sources modular scripts for each step. Quadlet files are copied verbatim from the source of truth at compliance/virtualmachines/roxagent/quadlet/. A composite action wraps CI-specific setup (infractl, virtctl, sshpass).

User-facing documentation

• CHANGELOG.md is updated OR update is not needed
• documentation PR is created and is linked above OR is not needed

Testing and quality

• the change is production ready: the change is GA, or otherwise the functionality is gated by a feature flag
• CI results are inspected

Automated testing

• added unit tests
• added e2e tests
• added regression tests
• added compatibility tests
• modified existing tests

How I validated my change

• By running the action in GH:
  1. TODO
• Manually:
  1. Creating a new VM on existing cluster
  2. Taking over existing VM (created manually) and updating roxagent

QUAY_RHACS_ENG_RO_USERNAME=user QUAY_RHACS_ENG_RO_PASSWORD=xxx \
    scripts/ci/add-vms/add-vms.sh \
        --num-vms 1 \
        --os rhel10 \
        --agent native \
        --ssh-key ~/.ssh/id_ed25519.pub

[vikin91]

This change is part of the following stack:

• ROX-35008: Add GH action to add VMs to existing OCP clusters #21060 ◀

_{Change managed by git-spice.}

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: 989f4de7-04b9-44b1-ab25-15eb59a8dd55

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch piotr/ROX-35008-action-add-VMs

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🚀 Build Images Ready

Images are ready for commit fc9f9de. To use with deploy scripts:

export MAIN_IMAGE_TAG=4.12.x-143-gfc9f9defed