name: Build & Push Docker image

on:
  # Trigger on pushes to main or release branches, and on manual workflow dispatch
  push:
    branches:
      - main
      - 'release/**'
      - 'beta/**'
  workflow_dispatch:

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    environment: production
    steps:
      - name: Convert to lowercase
        id: github_repository_to_lowercase
        run: |
          # Grab the value (you can also use `${{ github.ref }}`, `${{ secrets.MY_SECRET }}`, etc.)
          raw_value="${{ github.repository }}"
          # Convert to lower case
          lower_value=$(echo "$raw_value" | tr '[:upper:]' '[:lower:]')
          # Export it to the workflow environment
          # echo "MY_LOWER=$lower_value" >> $GITHUB_ENV
          # If you want to use it as an output of this step:
          echo "lowercase=$lower_value" >> $GITHUB_OUTPUT
      - name: Convert ref to buildx safe value
        id: docker_tag_from_ref
        shell: bash
        run: |
          # Grab the raw ref
          REF="${{ github.ref }}"

          # Strip the "refs/*/" prefix (refs/heads/, refs/tags/…)
          TAG=${REF#refs/*/}

          # Replace characters that Docker tags disallow
          #   * "/"  → "-"
          #   * ":"  → "-"
          #   * Any other non‑alphanumeric / . / _ / - → "-"
          TAG=${TAG//\//-}
          TAG=${TAG//:/-}
          TAG=${TAG//[^a-zA-Z0-9._-]/-}

          # (Optional) force lower‑case – Docker tags are case‑sensitive,
          #   but many people prefer lower‑case
          TAG=${TAG,,}

          # Export to the action's output
          echo "docker-tag=${TAG}" >> $GITHUB_OUTPUT
      # ------------------------------------------------------------------
      # 1. Checkout repository
      # ------------------------------------------------------------------
      - name: Checkout source
        uses: actions/checkout@v4
        with:
          fetch-depth: 0   # needed for git rev‑parse and tag generation
      
      # ------------------------------------------------------------------
      # 2. Set up Docker Buildx (optional, but recommended for multi‑arch)
      # ------------------------------------------------------------------
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      
      # ------------------------------------------------------------------
      # 3. Log in to the Gitea container registry
      # ------------------------------------------------------------------
      - name: Log in to Gitea registry
        uses: docker/login-action@v3
        with:
          registry: ${{ secrets.REGISTRY_HOST }}          # e.g. registry.example.com
          username: ${{ secrets.REGISTRY_USER }}          # e.g. admin
          password: ${{ secrets.REGISTRY_PASSWORD }}      # e.g. <api‑token>

      - name: Cache Docker layers
        uses: actions/cache@v3
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-

      # ------------------------------------------------------------------
      # 4. Build the Docker image
      # ------------------------------------------------------------------
      - name: Build image
        id: build
        uses: docker/build-push-action@v5
        with:
          context: .
          file: TinfoilVibeServer/Dockerfile
          # do not push yet
          push: false
          tags: |
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ github.sha }}
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ steps.docker_tag_from_ref.outputs.docker-tag }}
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:latest
          build-args: |
            # Add any build args here
            # ARG_NAME=VALUE
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache
      
      # ------------------------------------------------------------------
      # 5. Push the image to the registry
      # ------------------------------------------------------------------
      - name: Push image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: TinfoilVibeServer/Dockerfile
          push: true
          tags: |
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ github.sha }}
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ steps.docker_tag_from_ref.outputs.docker-tag }}
            ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:latest
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache
      
      # ------------------------------------------------------------------
      # 6. (Optional) Clean up local Docker cache
      # ------------------------------------------------------------------
      - name: Docker system prune
        run: docker system prune -f
        if: ${{ always() }}
      
      # ------------------------------------------------------------------
      # 7. Output useful info
      # ------------------------------------------------------------------
      - name: Show pushed image tags
        run: |
          echo "Pushed image tags:"
          echo "- ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ github.sha }}"
          echo "- ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:${{ steps.docker_tag_from_ref.outputs.docker-tag }}"
          echo "- ${{ vars.REGISTRY_HOST }}/${{ steps.github_repository_to_lowercase.outputs.lowercase }}:latest"