Add docker image workflow

.github/workflows/docker-image.yml

@@ -0,0 +1,77 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches: [ "main" ]
+    tags: [ "v*" ]
+  pull_request:
+    branches: [ "main" ]
+  workflow_dispatch:
+    inputs:
+      force_push:
+        description: 'Force push Docker image'
+        required: false
+        default: false
+        type: boolean
+
+env:
+  IMAGE_NAME: hackertwo/hackerone-graphql-mcp-server
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Check if should push
+      id: should_push
+      run: |
+        if [[ "${{ github.event_name }}" != "pull_request" ]]; then
+          echo "should_push=true" >> $GITHUB_OUTPUT
+        elif [[ "${{ github.event.inputs.force_push }}" == "true" ]]; then
+          echo "should_push=true" >> $GITHUB_OUTPUT
+        elif [[ "${{ contains(github.event.pull_request.labels.*.name, 'docker-push') }}" == "true" ]]; then
+          echo "should_push=true" >> $GITHUB_OUTPUT
+        else
+          echo "should_push=false" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Log in to Docker Hub
+      if: steps.should_push.outputs.should_push == 'true'
+      uses: docker/login-action@v3
+      with:
+        username: ${{ vars.DOCKERHUB_USERNAME }}
+        password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+    - name: Extract metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.IMAGE_NAME }}
+        tags: |
+          type=ref,event=pr
+          type=semver,pattern={{version}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}
+          type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
+          type=raw,value=dev-{{sha}},enable={{is_default_branch}}
+          type=raw,value=dev-{{sha}},enable=${{ github.event.inputs.force_push == 'true' }}
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        platforms: linux/amd64,linux/arm64
+        push: ${{ steps.should_push.outputs.should_push == 'true' }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max

README.md

@@ -14,6 +14,13 @@ A Docker image that provides access to HackerOne's GraphQL API through the Model
      hackertwo/hackerone-graphql-mcp-server:latest
    ```
 
+## Docker Image Tags
+
+- **`latest`**: Latest stable release (only updated on version releases)
+- **`dev-<commit>`**: Development builds from main branch (e.g., `dev-abc1234`)
+- **`v1.0.0`**: Specific version releases
+- **`pr-<ref>`**: Pull request builds
+
 ## Environment Variables
 
 - `ENDPOINT`: GraphQL endpoint URL (default: https://hackerone.com/graphql)
@@ -58,7 +65,20 @@ A Docker image that provides access to HackerOne's GraphQL API through the Model
 
 ## Development
 
-### Updating the Docker image
+### Creating a Release
+
+To create a new release:
+
+1. Create a [new release in GitHub](https://github.com/Hacker0x01/hackerone-graphql-mcp-server/releases/new)
+
+2. GitHub Actions will automatically:
+   - Build multi-architecture images (amd64, arm64)
+   - Push to Docker Hub with appropriate tags
+   - Update the `latest` tag
+
+### Manual Build (Local Development)
+
+For local development and testing:
 
 ```sh
 # Setup buildx
@@ -67,4 +87,7 @@ docker buildx inspect --bootstrap
 
 # Build and push the image
 bin/build
+
+# Clean up
+docker buildx rm multiarch
 ```