name: Build and publish Docker image

on:
  push:
    branches: [main]
    tags: ["v*"]
  workflow_dispatch:

jobs:
  build-and-push:
    runs-on: docker
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install Docker CLI
        run: |
          ARCH=$(uname -m)
          curl -fsSL "https://download.docker.com/linux/static/stable/${ARCH}/docker-27.5.1.tgz" \
            | tar xz --strip-components=1 -C /usr/local/bin docker/docker
          docker --version

      - name: Set up Docker Buildx
        uses: https://github.com/docker/setup-buildx-action@v3
        with:
          driver-opts: |
            network=host

      - name: Resolve registry vars
        id: registry
        env:
          CONTAINER_REGISTRY_HOST: ${{ vars.CONTAINER_REGISTRY_HOST }}
        run: |
          host="${CONTAINER_REGISTRY_HOST:-${{ gitea.server_url }}}"
          host="${host#https://}"
          host="${host#http://}"
          host="${host%/}"
          if [ "$host" = "forgejo:3000" ]; then
            host="127.0.0.1:13000"
          fi
          repo=$(echo "${{ gitea.repository }}" | tr '[:upper:]' '[:lower:]')
          owner="${repo%%/*}"
          {
            echo "host=${host}"
            echo "owner=${owner}"
            echo "image=${host}/${repo}"
            echo "screenshot_image=${host}/${repo}-screenshot"
          } >> "$GITHUB_OUTPUT"

      - name: Log in to Forgejo Container Registry
        uses: https://github.com/docker/login-action@v3
        with:
          registry: ${{ steps.registry.outputs.host }}
          username: ${{ steps.registry.outputs.owner }}
          password: ${{ secrets.FORGEJO_PACKAGE_TOKEN }}

      - name: Extract metadata (main)
        id: meta
        uses: https://github.com/docker/metadata-action@v5
        with:
          images: ${{ steps.registry.outputs.image }}
          tags: |
            type=sha,format=short
            type=raw,value=latest,enable={{is_default_branch}}
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      - name: Build and push (main)
        uses: https://github.com/docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=registry,ref=${{ steps.registry.outputs.image }}:buildcache
          cache-to: type=registry,ref=${{ steps.registry.outputs.image }}:buildcache,mode=max

      - name: Extract metadata (screenshot)
        id: meta-screenshot
        uses: https://github.com/docker/metadata-action@v5
        with:
          images: ${{ steps.registry.outputs.screenshot_image }}
          tags: |
            type=sha,format=short
            type=raw,value=latest,enable={{is_default_branch}}
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      - name: Build and push (screenshot)
        uses: https://github.com/docker/build-push-action@v6
        with:
          context: ./screenshot
          push: true
          tags: ${{ steps.meta-screenshot.outputs.tags }}
          labels: ${{ steps.meta-screenshot.outputs.labels }}
          cache-from: type=registry,ref=${{ steps.registry.outputs.screenshot_image }}:buildcache
          cache-to: type=registry,ref=${{ steps.registry.outputs.screenshot_image }}:buildcache,mode=max