github-tag-action runs too often

[jawys]

Description

Hey @timkelty, it's me again.

I noticed that there are a lot of duplicate git tags on a single git commit, probably because of the scheduled (nightly) builds

Steps to reproduce

See commit refs of tags, e.g. 74b77e0:

[timkelty]

@jawys That is actually intentional. Even though our code hasn't changed, the Github action rebuilds the docker image so we get any CVEs from upstream.

That said, how I'm triggering it from tags probably doesn't make as much sense.

It might make sense to just do this with docker tags instead, tagging the images something like craftcms/php-fpm:8.2-latest and craftcms/php-fpm:8.2-74b77e0.

[jawys]

the Github action rebuilds the docker image so we get any CVEs from upstream.

Yes I followed the CVE issues ;)

---

Maybe you could tag on pushes to main only (merges mostly) or even extract the bump job into another github actions yml?
And builds could run on tags + schedules, same as now.

---

It might make sense to just do this with docker tags instead, tagging the images something like craftcms/php-fpm:8.2-latest and craftcms/php-fpm:8.2-74b77e0.

I like.