ci: Implement gated automated PR building

Only checkout/build PR branches if labelled first

.github/workflows/publishImage.yml

@@ -19,6 +19,7 @@ on:
 jobs:
   test:
     name: Run Tests
+    if: github.event_name != 'pull_request'
     runs-on: ubuntu-latest
     steps:
       - name: Check out the repo
@@ -37,6 +38,7 @@ jobs:
 
   push_to_registry:
     name: Build and push container images
+    if: github.event_name != 'pull_request'
     runs-on: ubuntu-latest
     needs: test
     strategy:
@@ -48,8 +50,6 @@ jobs:
             platforms: 'linux/amd64,linux/arm64'
           - dockerfile: ./debian.Dockerfile
             suffix: '-debian'
-            # can't build arm64 due to a TLS issue when running npm install??
-            # https://github.com/FoxxMD/multi-scrobbler/issues/126
             platforms: 'linux/amd64,linux/arm64'
     # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
     permissions:
@@ -70,14 +70,12 @@ jobs:
           echo "COMMIT_BRANCH=$branchName" >> $GITHUB_ENV
 
       - name: Log in to Docker Hub
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Login to GitHub Container Registry
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
@@ -121,7 +119,7 @@ jobs:
           build-args: |
             APP_BUILD_VERSION=${{env.APP_VERSION}}
           file: ${{ matrix.dockerfile }}
-          push: ${{ github.event_name != 'pull_request' && !env.ACT}}
+          push: ${{ !env.ACT}}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           platforms: ${{ matrix.platforms }}