Merge pull request #24 from natrontech/ci/improvements

ci: improve release action

Author: janfuhrer

.github/workflows/README.md

@@ -5,10 +5,10 @@
 Following workflows are implemented in the repository.
 [SARIF](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning) is used to store the results for an analysis of code scanning tools in the Security tab of the repository.
 
-| Workflow                         | Jobs                            | Trigger                                                       | SARIF upload | Description                                                              |
-| :------------------------------- | :------------------------------ | :------------------------------------------------------------ | :----------- | ------------------------------------------------------------------------ |
-| [release.yml](./release.yml)     | see [release chapter](#release) | push tag `v*`, cron `20 14 * * *`, pr on `main`               | -            | Create release with go binaries and docker container                     |
-| [scorecard.yml](./scorecard.yml) | `analyze`                       | push to `main`, cron: `00 14 * * 1`, change branch protection | yes          | Create OpenSSF analysis and create project score                         |
+| Workflow                         | Jobs                            | Trigger                                                       | SARIF upload | Description                                          |
+| :------------------------------- | :------------------------------ | :------------------------------------------------------------ | :----------- | ---------------------------------------------------- |
+| [release.yml](./release.yml)     | see [release chapter](#release) | push tag `v*`, cron `20 10 * * *`, pr on `main`               | -            | Create release with go binaries and docker container |
+| [scorecard.yml](./scorecard.yml) | `analyze`                       | push to `main`, cron: `00 14 * * 1`, change branch protection | yes          | Create OpenSSF analysis and create project score     |
 
 ## Release
 

.github/workflows/release.yml

@@ -1,12 +1,16 @@
 name: release
 
 on:
-  workflow_dispatch:
   schedule:
-    - cron: '20 14 * * *'
+    - cron: '20 10 * * *'
   push:
     tags:
       - "v*"
+  ## uncomment if you want to release on PR merge
+  # pull_request:
+  #   branches:
+  #     - main
+
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -44,6 +48,16 @@ jobs:
         uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
         with:
           images: ghcr.io/${{ github.repository }}
+          tags: |
+            # If triggered by a schedule on main -> Tag as latest
+            type=raw,value=latest,enable={{ github.event_name == 'schedule' && github.ref_name == 'main' }}
+
+            # If tag push (e.g., v1.2.3) -> Create both versioned tag and latest
+            type=ref,event=tag
+            type=raw,value=latest,enable={{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }}
+
+            # If pull request event
+            type=ref,event=pr
       - name: Build and push Docker image
         id: build-and-push
         uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6.14.0