name: Docker Build and Publish

on:
  schedule:
    - cron: '37 7 * * *'
  push:
    branches: [ "main" ]
    paths-ignore:
      - '**/README.md'
  pull_request:
    branches: [ "main" ]
    paths-ignore:
      - '**/README.md'
  workflow_dispatch:

env:
  ## github.repository as <account>/<repo>
  IMAGE_NAME: ${{ github.repository }}

jobs:
  ## define job to build and publish docker image
  build-and-push-docker-image:
    name: Build Docker image amd publish to Gitea
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      ## This is used to complete the identity challenge
      ## with sigstore/fulcio when running outside of PRs.
      id-token: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      ## https://github.com/docker/build-push-action
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3

      ## https://github.com/docker/login-action
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: gitea.sdgarren.com
          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_TOKEN }}

  
      ## https://github.com/docker/build-push-action
      - name: Build and push Docker image
        id: build-and-push
        uses: docker/build-push-action@v5
        with:
          provenance: false
          context: .
          platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8
          push: true
          tags: |
            gitea.sdgarren.com/${{ env.IMAGE_NAME }}:latest

      - name: Image digest
        run: echo ${{ steps.build-and-push.outputs.digest }}