added workflow for creating a snapshot image

.github/workflows/cheetah-release.yaml

@@ -0,0 +1,21 @@
+name: Cheetah Release
+on:
+  workflow_dispatch:
+  push:
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  create-snapshot:
+    uses: ./.github/workflows/docker-create-snapshot.yaml
+    with:
+      context: opensearch-operator
+      image-name: opensearch-k8s-operator
+    secrets:
+      TRIFORK_GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/docker-create-snapshot.yaml

@@ -0,0 +1,140 @@
+name: Docker Create Release
+
+on:
+  workflow_call:
+    inputs:
+      image-name:
+        description: The name of the image to create a release for
+        required: true
+        type: string
+      context:
+        description: The directory to run the workflow inside
+        required: false
+        type: string
+        default: .
+      dockerfile-path:
+        description: The path to the Dockerfile. Defaults to {context}/Dockerfile
+        required: false
+        type: string
+      platforms:
+        description: The platforms to build the docker image for. Defaults to linux/amd64,linux/arm64
+        required: false
+        type: string
+        default: "linux/amd64,linux/arm64"
+    secrets:
+      GITHUB_PUSH_PAT:
+        description: A personal access token for pushing to a protected branch
+        required: false
+      TRIFORK_GITHUB_PAT:
+        description: A personal access token with permission to publish a package to the Trifork GitHub container registry
+        required: true
+      KAMSTRUP_GITLAB_PAT:
+        description: A personal access token with permission to publish a package to the Kamstrup GitLab container registry. If left empty, the image will not be pushed to Kamstrup GitLab container registry
+        required: false
+      KAMSTRUP_AZURE_PAT:
+        description: A personal access token with permission to publish a package to the Kamstrup Azure container registry. If left empty, the image will not be pushed to Kamstrup Azure container registry
+        required: false
+
+jobs:
+  verify-release-branch:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Success"
+        if: ${{ startsWith(github.ref_name, 'release/') }}
+        run: |
+          echo "Creating a release candidate for branch '${{ github.ref_name }}'"
+          exit 0
+
+      - name: "Error"
+        if: ${{ !startsWith(github.ref_name, 'release/') }}
+        run: |
+          echo "::error::Cannot create release candidate from branch '${{ github.ref_name }}' since it does not start with 'release/'"
+          exit 1
+
+  create-release:
+    needs: verify-release-branch
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_PUSH_PAT || github.token }}
+
+      - name: Get images
+        id: get-images
+        uses: trifork/cheetah-infrastructure-utils/.github/actions/docker/get-images@main
+        with:
+          image-name: ${{ inputs.image-name }}
+          TRIFORK_GITHUB_PAT: ${{ secrets.TRIFORK_GITHUB_PAT }}
+
+      - name: Get version
+        id: get-version
+        uses: trifork/cheetah-infrastructure-utils-workflows/.github/actions/versioning/get-version@main
+        with:
+          file-path: ${{ inputs.dockerfile-path || format('{0}/Dockerfile', inputs.context) }}
+          prefix: 'LABEL version=\"'
+          suffix: '\"'
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: metadata
+        uses: docker/metadata-action@879dcbb708d40f8b8679d4f7941b938a086e23a7
+        with:
+          images: ${{ steps.get-images.outputs.images }}
+          labels: |
+            org.opencontainers.image.vendor=Trifork
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+          tags: ${{ steps.get-version.outputs.version }}
+          flavor: latest=true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3
+
+      - name: Build and push Docker image
+        id: build-image
+        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5
+        with:
+          context: ${{ inputs.context }}
+          file: ${{ inputs.dockerfile-path }}
+          platforms: ${{ inputs.platforms }}
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
+          sbom: true
+          provenance: mode=min
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          push: true
+          secrets: |
+            GITHUB_ACTOR=${{ github.actor }}
+            GITHUB_TOKEN=${{ secrets.TRIFORK_GITHUB_PAT }}
+
+      - name: Generate checksum
+        run: "echo ${{ steps.build-image.outputs.digest }} >> digest.txt"
+
+      - name: Get release tag
+        id: get-release-tag
+        uses: trifork/cheetah-infrastructure-utils-workflows/.github/actions/versioning/get-release-tag@main
+        with:
+          version: ${{ steps.get-version.outputs.version }}
+
+      - name: Create release
+        uses: softprops/action-gh-release@v2
+        with:
+          generate_release_notes: true
+          tag_name: ${{ steps.get-release-tag.outputs.release-tag }}
+          files: digest.txt
+          target_commitish: ${{ github.ref }}
+
+      - name: Bump release branch patch version
+        id: bump-version
+        uses: trifork/cheetah-infrastructure-utils-workflows/.github/actions/versioning/bump-version@main
+        with:
+          file-path: ${{ inputs.dockerfile-path || format('{0}/Dockerfile', inputs.context) }}
+          prefix: 'LABEL version=\"'
+          suffix: '\"'
+          bump-type: patch
+
+      - name: Commit minor version bump
+        uses: EndBug/add-and-commit@v9
+        with:
+          commit: -a
+          message: Bump release branch patch version