Update GitHub Actions workflow to build & publish Docker image to GHCR

[nanotaboada]

Description

We want to automate Docker image builds and publish them to GitHub Container Registry (GHCR) on every push to the master branch. This improves traceability, deployment consistency, and aligns with our CI/CD efforts.

Proposed Solution

• Extend our existing GitHub Actions workflow with a new container job.
• This job will:
  • Log in to GHCR using the GITHUB_TOKEN.
  • Build the Docker image from the root Dockerfile.
  • Tag the image with latest, main, and a sha-<commit> tag.
  • Push the image to ghcr.io/nanotaboada/python-samples-fastapi-restful.

Suggested Implementation

Add a new job to the CI workflow (.github/workflows/python-app.yml):

container:
  needs: coverage
  runs-on: ubuntu-latest

  permissions:
    contents: read
    packages: write

  steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Log in to GitHub Container Registry
      uses: docker/login-action@v3
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Build and push Docker image to GHCR
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: |
          ghcr.io/${{ github.repository }}:latest
          ghcr.io/${{ github.repository }}:main
          ghcr.io/${{ github.repository }}:sha-${{ github.sha }}

Acceptance Criteria

• The container job runs after coverage
• Image is pushed to GHCR with latest, main, and sha-<commit> tags
• Public package appears under https://github.com/users/nanotaboada/packages
• Any errors during build or push fail the CI pipeline