From f94ae49914f960b86ca34bdfa1dd184dfe208a60 Mon Sep 17 00:00:00 2001
From: Benjamin <8467845+import-benjamin@users.noreply.github.com>
Date: Sun, 25 May 2025 23:30:09 +0200
Subject: [PATCH 1/2] ci: publish container image to GHCR on push events

All push events for main commits and new tags will push images to GHCR
---
 .github/workflows/go.yml | 30 ++++++++++++++++++++++++++++--
 Containerfile            |  2 +-
 2 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index b540557..0b9f419 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -6,13 +6,13 @@ name: Go
 on:
   push:
     branches: [ "main" ]
+    tags: ["V*.*.*"]
   pull_request:
     branches: [ "main" ]
 
 permissions: read-all
 
 jobs:
-
   build:
     runs-on: ubuntu-24.04-arm
     steps:
@@ -21,7 +21,7 @@ jobs:
       uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056
       with:
         image: ghcr.io/${{ github.repository }}
-        tags: ${{ github.sha }}
+        tags: ${{ github.ref_name }}
         containerfiles: |
           ./Containerfile
         extra-args: |
@@ -31,3 +31,29 @@ jobs:
     - name: Run go test
       run: podman run ghcr.io/${{ github.repository }}:${{ github.sha }} go test -v ./...
 
+    - name: Buildah Action
+      # Push events mean either a tag or main branch
+      if: github.event_name == 'push'
+      uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056
+      with:
+        image: ghcr.io/${{ github.repository }}
+        tags: ${{ github.ref_name }}
+        containerfiles: |
+          ./Containerfile
+        extra-args: |
+          --target=delivery
+
+    # Push the image to GHCR (Image Registry)
+    - name: Push To GHCR
+      # Push events mean either a tag or main branch
+      if: github.event_name == 'push'
+      uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c  # v2.8
+      id: push
+      with:
+        image: ${{ steps.build_image.outputs.image }}
+        tags: ${{ steps.build_image.outputs.tags }}
+        registry: ghcr.io/${{ github.repository }}
+        username: ${{ github.actor }}
+        password: ${{ github.token }}
+        extra-args: |
+          --disable-content-trust
diff --git a/Containerfile b/Containerfile
index 29500db..bef3f6f 100644
--- a/Containerfile
+++ b/Containerfile
@@ -4,7 +4,7 @@ COPY . .
 RUN apk add build-base musl-dev opencv-dev icu-libs --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
 RUN go build cmd/main.go
 
-FROM docker.io/alpine:3.21
+FROM docker.io/alpine:3.21 AS delivery
 WORKDIR /app
 RUN apk add musl opencv-dev icu-libs --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community
 COPY --from=build /app/main /app/main

From e6279bbb5b0ab7e5aeb14e07216288f335926281 Mon Sep 17 00:00:00 2001
From: Benjamin <8467845+import-benjamin@users.noreply.github.com>
Date: Sun, 25 May 2025 23:34:11 +0200
Subject: [PATCH 2/2] fix(ci): replace pull_request ref_name by commit sha

---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 0b9f419..5b89319 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -21,7 +21,7 @@ jobs:
       uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056
       with:
         image: ghcr.io/${{ github.repository }}
-        tags: ${{ github.ref_name }}
+        tags: ${{ github.event_type == 'push' && github.ref_name || github.sha }}
         containerfiles: |
           ./Containerfile
         extra-args: |