👷(project) streamline Docker image publishing workflow

Refactored 'Hub' CI job for clarity, using 'docker/build-push-action.'
This dedicated workflow efficiently manages image releases on push tag
and main branch merges events.

'Hub' job was broken by Chat GPT translation from Circle CI.

Images are pushed to a temporary Docker Hub repository,
lasuite/people.

Duplicated 'build-docker' job was removed from people workflow.

.github/workflows/docker-hub.yml

@@ -0,0 +1,44 @@
+name: Docker Hub Workflow
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'main'
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - 'main'
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: lasuite/people
+      -
+        name: Load sops secrets
+        uses: rouja/actions-sops@main
+        with:
+          secret-file: .github/workflows/secrets.enc.env
+          age-key: ${{ secrets.SOPS_PRIVATE }}
+      -
+        name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
+      -
+        name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/people.yml

@@ -173,21 +173,6 @@ jobs:
       - name: Build mails
         run: yarn build
 
-  build-docker:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: Generate a version.json file describing app release
-        run: |
-          printf '{"commit":"${{ github.sha }}","version":"${{ github.ref }}","source":"https://github.com/${{ github.repository_owner }}/${{ github.repository }}","build":"${{ github.run_id }}"}\n' > src/backend/people/version.json
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Build production image
-        run: docker build -t people:${{ github.sha }} --target production .
-      - name: Check built image availability
-        run: docker images "people:${{ github.sha }}*"
-
   lint-back:
     runs-on: ubuntu-latest
     defaults:
@@ -323,45 +308,3 @@ jobs:
           -v "${{ github.workspace }}:/app" \
           crowdin/cli:3.16.0 \
           crowdin upload sources -c /app/crowdin/config.yml
-
-  hub:
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: Generate a version.json file describing app release
-        run: |
-          printf '{"commit":"${{ github.sha }}","version":"${{ github.ref }}","source":"https://github.com/${{ github.repository_owner }}/${{ github.repository }}","build":"${{ github.run_id }}"}\n' > src/backend/people/version.json
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Build production image
-        run: docker build -t people:${{ github.sha }} --target production .
-      - name: Check built images availability
-        run: docker images "people:${{ github.sha }}*"
-      - name: Load sops secrets
-        uses: rouja/actions-sops@main
-        with:
-          secret-file: .github/workflows/secrets.enc.env
-          age-key: ${{ secrets.SOPS_PRIVATE }}
-      - name: Login to DockerHub
-        run: echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_HUB_USER" --password-stdin
-      - name: Tag images
-        run: |
-          DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
-          RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
-          echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
-          docker tag people:${{ github.sha }} numerique-gouv/people:${DOCKER_TAG}
-          if [[ -n "${{ github.event.ref }}" ]]; then
-            docker tag people:${{ github.sha }} numerique-gouv/people:latest
-          fi
-          docker images | grep -E "^numerique-gouv/people\s*(${DOCKER_TAG}.*|latest|main)"
-      - name: Publish images
-        run: |
-          DOCKER_TAG=$([[ -z "${{ github.event.ref }}" ]] && echo "${{ github.event.ref }}" || echo "${{ github.event.ref }}" | sed 's/^v//')
-          RELEASE_TYPE=$([[ -z "${{ github.event.ref }}" ]] && echo "branch" || echo "tag ")
-          echo "DOCKER_TAG: ${DOCKER_TAG} (Git ${RELEASE_TYPE}${{ github.event.ref }})"
-          docker push numerique-gouv/people:${DOCKER_TAG}
-          if [[ -n "${{ github.event.ref }}" ]]; then
-            docker push numerique-gouv/people:latest
-          fi