ci: Make ci.yaml valid for both pushes and prs

I didn't really see the reason to keep the files split, when ci.yaml
is pretty easily made to work for both scenarios. We end up losing pushes
pushing new container images for non-main branch builds if not created by
dependabot. That was a lot to keep in context and also the correct thing to do.
A push to a branch by someone with write permissions would end up pushing to the
one and only/main use tags. This was just *wrong*. So all in all we get better
determenisitc behavior with this setup.

Signed-off-by: Manuel Mendez <mmendez@equinix.com>

Author: mmlb

.github/workflows/ci.yaml

@@ -1,8 +1,14 @@
-name: For each PR
+name: For each PR and Push
 on:
   pull_request:
     paths-ignore:
     - kernel/**
+  push:
+    paths-ignore:
+    - kernel/**
+env:
+  LINUXKIT_CONFIG: hook-ci.yaml
+  ORG: localhost:5000/tinkerbell
 jobs:
   validation:
     runs-on: ubuntu-20.04
@@ -19,11 +25,18 @@ jobs:
       uses: docker/setup-qemu-action@v1.1.0
 
     - name: Set up Docker Buildx
-      id: buildx
       uses: docker/setup-buildx-action@v1.3.0
       with:
         driver-opts: network=host
 
+    - name: Login to quay.io
+      if: github.ref == 'refs/heads/main'
+      uses: docker/login-action@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_USERNAME }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+
     - uses: cachix/install-nix-action@v16
       with:
         nix_path: nixpkgs=channel:nixos-unstable
@@ -34,12 +47,24 @@ jobs:
     # Replace hook-{bootkit,docker} but not hook-kernel
     - run: sed -E -e 's,quay.io/tinkerbell/hook-(bootkit|docker),localhost:5000/tinkerbell/hook-\1,g' hook.yaml | tee hook-ci.yaml
 
+    - name: Override the LINUXKIT_CONFIG & ORG env vars
+      if: github.ref == 'refs/heads/main'
+      run: |
+        {
+          echo 'LINUXKIT_CONFIG=hook.yaml'
+          echo 'ORG=quay.io/tinkerbell'
+        } | tee -a "$GITHUB_ENV"
+
     - name: Build Hook tarballs
       run: nix-shell --run 'make dist'
       env:
         GIT_VERSION: ${{ github.sha }}
-        LINUXKIT_CONFIG: hook-ci.yaml
-        ORG: localhost:5000/tinkerbell
+
+    - name: Publish Hook tarballs
+      if: github.ref == 'refs/heads/main'
+      run: nix-shell --run 'make deploy'
+      env:
+        GIT_VERSION: ${{ github.sha }}
 
     - uses: actions/upload-artifact@v2
       with: