avoid sign_temurin_gpg in non-adopt pipelines

[mahdipub]

fixes issue #981

This is to avoid not adoptium pipelines pick the sign_temurin_gpg

[github-actions]

Thank you for creating a pull request!

Please check out the information below if you have not made a pull request here before (or if you need a reminder how things work).

Code Quality and Contributing Guidelines

If you have not done so already, please familiarise yourself with our Contributing Guidelines and Code Of Conduct, even if you have contributed before.

Tests

Github actions will run a set of jobs against your PR that will lint and unit test your changes. Keep an eye out for the results from these on the latest commit you submitted. For more information, please see our testing documentation.

In order to run the advanced pipeline tests (executing a set of mock pipelines), it requires an admin to post run tests on this PR.
If you are not an admin, please ask for one's attention in #infrastructure on Slack or ping one here.
To run full set of tests, use "run tests"; a subset of tests on specific jdk version, use "run tests quick 11,21"

[smlambert]

Approving it because I assume no downstream user of these pipelines would want this block, though I have not confirmed with anyone about that assumption.

[sxa]

I'm going to defer to @andrew-m-leonard on this. While I'd be ok with it (and it's something I've done elsewhere) I feel there ought to be a parameter that can be used to determine whether to invoke the signing code.

@AdamBrousseau has suggested a VARIANT check as potentially suitable for this in #981 (comment) - I'd be ok with it being if VARIANT = temurin as a preference if that's feasible since I don't think we'll ever have a requirement to be doing this on another variant (since Adoptium don't ship anything else)

[AdamBrousseau]

There is ENABLE_SIGNER param. But we use that to toggle our own signing process. We kick a different job to sign our stuff with presumably different params. If you don't care to sign your OpenJ9 builds we could use variant=temurin here. I figured since you are currently signing your openj9 builds we'd go this route.

[andrew-m-leonard]

Although I feel a new param maybe ideal, we do have precedence for this same check on JENKINS_URL for things like pipeline generation authentication...
So I am good with this.

[sxa]

Although I feel a new param maybe ideal, we do have precedence for this same check on JENKINS_URL for things like pipeline generation authentication... So I am good with this.

👍🏻 in which case I'll approve too. It's a terrible (IMHO) precedent, and perhaps we should look at going through them all later (I hadn't realised it was in other places too) but I'm ok with this extra 'leak' for now.

I'll approve the workflows so they can run through but I don't anticipate a problem here (Does me saying that guaranteeing there will be?)