From f9fbfb4571f57e1ef039b44e10f685e7dd2720da Mon Sep 17 00:00:00 2001
From: Razvan-Daniel Mihai <84674+razvan@users.noreply.github.com>
Date: Tue, 3 Jun 2025 14:56:08 +0200
Subject: [PATCH] tests: workflow to build and publish ny-tlc-report image

---
 .../publish-ny-tlc-report-image.yaml          | 40 +++++++++++++++++++
 apps/BUILD.md                                 |  2 +
 2 files changed, 42 insertions(+)
 create mode 100644 .github/workflows/publish-ny-tlc-report-image.yaml
 create mode 100644 apps/BUILD.md

diff --git a/.github/workflows/publish-ny-tlc-report-image.yaml b/.github/workflows/publish-ny-tlc-report-image.yaml
new file mode 100644
index 00000000..f6d06215
--- /dev/null
+++ b/.github/workflows/publish-ny-tlc-report-image.yaml
@@ -0,0 +1,40 @@
+name: Build and publish ny-tlc-report image
+
+on:
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      -
+        name: Login to Stackable Harbor
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        with:
+          registry: oci.stackable.tech
+          username: robot$stackable+github-action-build
+          password: ${{ secrets.HARBOR_ROBOT_STACKABLE_GITHUB_ACTION_BUILD_SECRET }}
+      -
+        name: Set up Cosign
+        uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # tag=v3.3.0
+      -
+        name: Build and push
+        id: build-and-push
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
+        with:
+          context: ./
+          file: ./apps/docker/Dockerfile
+          push: true
+          tags: oci.stackable.tech/stackable/ny-tlc-report:0.3.0
+          build-args: |
+            REVISION=${{ github.sha }}
+            VERSION=dev
+      -
+        name: Sign the published image
+        run: cosign sign -y oci.stackable.tech/stackable/ny-tlc-report@${{ steps.build-and-push.outputs.digest }}
diff --git a/apps/BUILD.md b/apps/BUILD.md
new file mode 100644
index 00000000..7cc04e75
--- /dev/null
+++ b/apps/BUILD.md
@@ -0,0 +1,2 @@
+
+This image is built and published by the `.github/workflows/publish-ny-tlc-report-image.yaml` GH workflow.