name: k5web-docker-ci

on: [push, pull_request]

env:
  PLATFORMS: linux/amd64
  TAG: latest

permissions:
  packages: write

jobs:
  main:
    strategy:
      fail-fast: false
      matrix:
        configuration: [Release]
        file: [Dockerfile]

    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v4.1.7
      with:
        show-progress: false
        submodules: recursive


    - name: Login to ghcr.io
      uses: docker/login-action@v3.2.0
      with:
        registry: ghcr.io
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3.3.0

    - name: Prepare environment outputs
      shell: sh
      run: |
        set -eu

        echo "DATE_ISO8601=$(date --iso-8601=seconds --utc)" >> "$GITHUB_ENV"
        echo "FIXED_TAG=$(echo ${{ github.ref }} | cut -d '/' -f 3)" >> "$GITHUB_ENV"
        echo "GHCR_REPOSITORY=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_ENV"
        echo "SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-8)" >> $GITHUB_ENV

    - name: Build ${{ matrix.configuration }} Docker image from ${{ matrix.file }}
      uses: docker/build-push-action@v6.0.0
      with:
        build-args: CONFIGURATION=${{ matrix.configuration }}
        context: .
        file: ${{ matrix.file }}
        platforms: ${{ env.PLATFORMS }}
        labels: |
          org.opencontainers.image.created=${{ env.DATE_ISO8601 }}
          org.opencontainers.image.version=${{ env.FIXED_TAG }}
          org.opencontainers.image.revision=${{ github.sha }}
        tags: |
            ghcr.io/${{ env.GHCR_REPOSITORY }}:${{ env.SHORT_SHA }}
            ghcr.io/${{ env.GHCR_REPOSITORY }}:${{ env.TAG }}
        provenance: true
        sbom: true
        push: true