Refine workflow for generating test-ubuntu-git (#1617)

Author: jww3

.github/workflows/update-test-ubuntu-git.yml

@@ -1,4 +1,4 @@
-name: Publishes the test-ubuntu-git Container Image
+name: Publish test-ubuntu-git Container
 
 on:
   # Use an on demand workflow trigger.  
@@ -7,7 +7,7 @@ on:
   workflow_dispatch:
     inputs:
       publish:
-        description:  'Publish to ghcr.io?'
+        description:  'Publish to ghcr.io? (main branch only)'
         type: boolean
         required: true
         default: false
@@ -37,20 +37,19 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      # Use `docker/metadata-action` to preserve tags and labels that exist on the GHCR.io container image. 
-      # - name: Extract metadata (tags, labels) for Docker
-      #   id: meta
-      #   uses: docker/[email protected]
-      #   with:
-      #     images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      - name: Format Timestamp
+        id: timestamp
+        # Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects.
+        run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT"
 
       # Use `docker/build-push-action` to build (and optionally publish) the image. 
       - name: Build and push Docker image
         uses: docker/[email protected]
         with:
           context: .
           file: images/test-ubuntu-git.Dockerfile
-          push: ${{ inputs.publish }}
-          tags:  ${{ env.IMAGE_NAME }}:sha-${{ env.GITHUB_SHA }}
-          # tags: ${{ steps.meta.outputs.tags }}
-          # labels: ${{ steps.meta.outputs.labels }}
+          # For now, attempts to push to ghcr.io must target the `main` branch.
+          # In the future, consider also allowing attempts from `releases/*` branches.
+          push: ${{ inputs.publish && github.ref_name == 'main' }}
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}