From 7f8271a425ed66f423af8a5017a2d997fd397e85 Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Mon, 19 Feb 2024 13:19:10 +0100
Subject: [PATCH 1/6] Create Dockerfile.test-ubuntu-git

---
 images/Dockerfile.test-ubuntu-git | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 images/Dockerfile.test-ubuntu-git

diff --git a/images/Dockerfile.test-ubuntu-git b/images/Dockerfile.test-ubuntu-git
new file mode 100644
index 000000000..2ffcf382e
--- /dev/null
+++ b/images/Dockerfile.test-ubuntu-git
@@ -0,0 +1,7 @@
+# Defines the test-ubuntu-git Container Image.
+# Consumed by actions/checkout CI/CD validation workflows.
+
+FROM ubuntu:latest
+
+RUN apt update
+RUN apt install -y git

From 03ef31d0365c6cc0ddd47ad706986f597cb48309 Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Tue, 20 Feb 2024 12:18:31 +0100
Subject: [PATCH 2/6] Create update-test-ubuntu-git.yml

---
 .github/workflows/update-test-ubuntu-git.yml | 48 ++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 .github/workflows/update-test-ubuntu-git.yml

diff --git a/.github/workflows/update-test-ubuntu-git.yml b/.github/workflows/update-test-ubuntu-git.yml
new file mode 100644
index 000000000..07702cc35
--- /dev/null
+++ b/.github/workflows/update-test-ubuntu-git.yml
@@ -0,0 +1,48 @@
+#
+name: Create and publish a Docker image
+
+# Configures this workflow to run every time a change is pushed to the branch called `release`.
+on:
+  push:
+    branches: ['release']
+
+# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
+    permissions:
+      contents: read
+      packages: write
+      # 
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
+      - name: Log in to the Container registry
+        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
+      # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
+      # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
+      - name: Build and push Docker image
+        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

From 9b4cb96935543d1f350437a165848e6389720468 Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Tue, 20 Feb 2024 12:20:11 +0100
Subject: [PATCH 3/6] Rename Dockerfile.test-ubuntu-git to
 test-ubuntu-git.Dockerfile

---
 images/{Dockerfile.test-ubuntu-git => test-ubuntu-git.Dockerfile} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename images/{Dockerfile.test-ubuntu-git => test-ubuntu-git.Dockerfile} (100%)

diff --git a/images/Dockerfile.test-ubuntu-git b/images/test-ubuntu-git.Dockerfile
similarity index 100%
rename from images/Dockerfile.test-ubuntu-git
rename to images/test-ubuntu-git.Dockerfile

From 916c92864a2053f83c4d23d11a882a5e35c01cdc Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Tue, 20 Feb 2024 12:33:10 +0100
Subject: [PATCH 4/6] Add standard labels:  `description` and `licenses`

---
 images/test-ubuntu-git.Dockerfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/images/test-ubuntu-git.Dockerfile b/images/test-ubuntu-git.Dockerfile
index 2ffcf382e..ccbd47cff 100644
--- a/images/test-ubuntu-git.Dockerfile
+++ b/images/test-ubuntu-git.Dockerfile
@@ -5,3 +5,6 @@ FROM ubuntu:latest
 
 RUN apt update
 RUN apt install -y git
+
+LABEL org.opencontainers.image.description="Ubuntu image with git pre-installed"
+LABEL org.opencontainers.image.licenses=MIT

From e9a8976280e11b16300c8fe72a5549580c64a7f4 Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Tue, 20 Feb 2024 14:06:42 +0100
Subject: [PATCH 5/6] Pare down update-test-ubuntu-git.yml

---
 .github/workflows/update-test-ubuntu-git.yml | 57 +++++++++++---------
 1 file changed, 32 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/update-test-ubuntu-git.yml b/.github/workflows/update-test-ubuntu-git.yml
index 07702cc35..8e78cd334 100644
--- a/.github/workflows/update-test-ubuntu-git.yml
+++ b/.github/workflows/update-test-ubuntu-git.yml
@@ -1,17 +1,20 @@
-#
-name: Create and publish a Docker image
+name: Publishes the test-ubuntu-git Container Image
 
-# Configures this workflow to run every time a change is pushed to the branch called `release`.
 on:
-  push:
-    branches: ['release']
+  # Use an on demand workflow trigger.  
+  # (Forked copies of actions/checkout won't have permission to update GHCR.io/actions, 
+  #  so avoid trigger events that run automatically.)
+  workflow_dispatch:
+    inputs:
+      pushToContainerRegistry:
+        type: boolean
+        required: true
+        default: false
 
-# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_NAME: actions/test-ubuntu-git
 
-# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
 jobs:
   build-and-push-image:
     runs-on: ubuntu-latest
@@ -19,30 +22,34 @@ jobs:
     permissions:
       contents: read
       packages: write
-      # 
+ 
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
-      # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
-      - name: Log in to the Container registry
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+
+      # Use `docker/login-action` to log in to GHCR.io. 
+      # Once published, the packages are scoped to the account defined here.
+      - name: Log in to the ghcr.io container registry
+        uses: docker/login-action@v3.0.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-      # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
-      # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
-      # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
+
+      # Use `docker/metadata-action` to preserve tags and labels that exist on the GHCR.io container image. 
+      # - name: Extract metadata (tags, labels) for Docker
+      #   id: meta
+      #   uses: docker/metadata-action@v5.5.1
+      #   with:
+      #     images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      # Use `docker/build-push-action` to build (and optionally publish) the image. 
       - name: Build and push Docker image
-        uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
+        uses: docker/build-push-action@v5.1.0
         with:
           context: .
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
+          file: images/test-ubuntu-git.Dockerfile
+          push: ${{ inputs.pushToContainerRegistry }}
+          tags:  ${{ env.IMAGE_NAME }}:sha-${{ env.GITHUB_SHA }}
+          # tags: ${{ steps.meta.outputs.tags }}
+          # labels: ${{ steps.meta.outputs.labels }}

From 99f461a6a79cbaf7e732cebf1634b07b69a6511b Mon Sep 17 00:00:00 2001
From: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Date: Tue, 20 Feb 2024 14:32:20 +0100
Subject: [PATCH 6/6] Tweak input variable name and provide description.

---
 .github/workflows/update-test-ubuntu-git.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/update-test-ubuntu-git.yml b/.github/workflows/update-test-ubuntu-git.yml
index 8e78cd334..b5ddfe466 100644
--- a/.github/workflows/update-test-ubuntu-git.yml
+++ b/.github/workflows/update-test-ubuntu-git.yml
@@ -6,7 +6,8 @@ on:
   #  so avoid trigger events that run automatically.)
   workflow_dispatch:
     inputs:
-      pushToContainerRegistry:
+      publish:
+        description:  'Publish to ghcr.io?'
         type: boolean
         required: true
         default: false
@@ -49,7 +50,7 @@ jobs:
         with:
           context: .
           file: images/test-ubuntu-git.Dockerfile
-          push: ${{ inputs.pushToContainerRegistry }}
+          push: ${{ inputs.publish }}
           tags:  ${{ env.IMAGE_NAME }}:sha-${{ env.GITHUB_SHA }}
           # tags: ${{ steps.meta.outputs.tags }}
           # labels: ${{ steps.meta.outputs.labels }}