Add CI workflow for tests and Docker release

[tsshadow]

Summary

• add a GitHub Actions workflow that runs the unit tests with coverage on every push
• build and push the Docker image to Docker Hub when the tests succeed

Testing

• not run (workflow change only)

---

https://chatgpt.com/codex/tasks/task_e_69037786f16c8326827b56ecfb7b8692

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Restrict Docker pushes to release branches

The workflow runs on every branch (branches: ['**']), yet the build-and-push job unconditionally logs into Docker Hub and pushes tsshadow/music-importer:latest/${{ github.sha }}. This means any push to a feature or experimental branch will publish a latest image, overwriting whatever was last released from main. If contributors push work-in-progress changes, the public Docker tag no longer represents production code. Consider limiting the workflow or the push step to trusted branches (e.g. if: github.ref == 'refs/heads/main') or using branch-specific tags so that only vetted releases update latest.

Useful? React with 👍 / 👎.