Add release workflow

Author: soapy1

.github/workflows/release.yml

@@ -145,3 +145,57 @@ jobs:
           npm publish --verbose --access public ${{ env.PACKAGE_FILE }}
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+  build_and_push_docker_image:
+    name: "Build Docker Images 🛠"
+    runs-on: ubuntu-latest
+    needs: release-to-npmjs
+    permissions:
+      id-token: write # IMPORTANT: this permission is mandatory for trusted publishing
+      contents: read
+      packages: write
+      attestations: write
+    steps:
+      - name: "Checkout Repository 🛎"
+        uses: actions/checkout@v4
+
+      - name: "Set up Docker Buildx 🏗"
+        uses: docker/setup-buildx-action@v3
+
+      - name: "Login to GH Container Registry 🐳"
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: "Add Docker metadata 📝"
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ${{ env.REGISTRY }}/conda-store-ui
+          tags: |
+            type=ref,event=tag
+            type=ref,event=branch
+            type=sha
+
+      - name: "Publish Docker image 🚀"
+        id: push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          target: "prod"
+          tags: |
+            ${{ steps.meta.outputs.tags }}
+          push: true
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v2
+        with:
+          subject-name: ${{ env.REGISTRY }}/conda-store-ui
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true