init: init challenge #1

	name: Build App Image

	on:
	push:
	branches:
	- main

	permissions:
	packages: write
	id-token: write

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Setup Cosign
	uses: sigstore/cosign-installer@v3.8.1
	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3.3.0
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	tags: \|
	type=schedule,pattern=nightly,enable=true,priority=1000
	type=ref,event=branch,enable=true,priority=600
	type=ref,event=tag,enable=true,priority=600
	type=ref,event=pr,prefix=pr-,enable=true,priority=600
	type=sha,enable=true
	labels: \|
	org.opencontainers.image.title=go-framework demo
	org.opencontainers.image.description=A demo application for go-framework
	sep-tags: ","
	sep-labels: ","
	sep-annotations: ","
	- name: Build and Push
	uses: docker/build-push-action@v4
	with:
	context: .
	push: true
	load: false
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}
	annotations: ${{ steps.meta.outputs.annotations }}
	file: ./Dockerfile
	platforms: linux/amd64,linux/arm64
	- name: Sign the images with GitHub OIDC Token
	env:
	DIGEST: ${{ steps.build-and-push.outputs.digest }}
	TAGS: ${{ steps.docker_meta.outputs.tags }}
	run: \|
	images=""
	for tag in ${TAGS}; do
	images+="${tag}@${DIGEST} "
	done
	cosign sign --yes ${images}

Provide feedback