name: Build and Push Docker Image

on:
  push:
    branches:
      - master
      - main
  pull_request:
    branches:
      - master
      - main

jobs:
  # Detects version changes in package.json compared to previous commit
  # Outputs the current version and whether it changed from the last commit
  # This is used to determine if a new release/build is needed
  check_version:
    uses: ./.gitea/workflows/check_package_version.yml
    with:
      workspacePath: '.'

  # Verifies if Docker image with current version already exists in registry
  # This prevents rebuilding the same version but allows pulls and version changes
  # to always trigger new builds. Uses lightweight manifest inspect (no download)
  check_image_version:
    uses: ./.gitea/workflows/check_image_version.yml
    with:
      workspacePath: '.'
      imageName: 'gitea-actions-demo-project'
      registryUrl: 'registry.budakova.org'
      registryUsername: ${{ vars.PROFILE_REGISTRY_USERNAME }}
      registryNamespace: 'knee-cola'
    secrets:
      registryToken: ${{ secrets.PROFILE_REGISTRY_TOKEN }}

  # Builds and pushes Docker image to registry if conditions are met:
  # - Version changed in package.json, OR
  # - Image with current version doesn't exist in registry, OR
  # - This is a pull request (always validate PRs)
  # This ensures releases are built, missing images are created, and PRs are tested
  build:
    needs: [check_version, check_image_version]
    if: |
      needs.check_version.outputs.version_changed == 'true' ||
      needs.check_image_version.outputs.image_exists == 'false' ||
      github.event_name == 'pull_request'
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Registry
        # Gitea automatically provides these secrets:
        # - `vars.REGISTRY_USERNAME` - defined as action variable in **repo settings**
        # - `secrets.REGISTRY_TOKEN` - defined as action secret in **repo settings**
        #                              created in user settings as personal access token with `write:packages` scope
        # - `vars.PROFILE_REGISTRY_USERNAME` - defined as action variable in **profile settings**
        # - `secrets.PROFILE_REGISTRY_TOKEN` - defined as action secret in **profile settings**
        #                                      created in user settings as personal access token with `write:packages` scope
        run: |
          echo "${{ secrets.PROFILE_REGISTRY_TOKEN }}" | docker login registry.budakova.org -u "${{ vars.PROFILE_REGISTRY_USERNAME }}" --password-stdin

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: |
            registry.budakova.org/knee-cola/gitea-actions-demo-project:${{ needs.check_version.outputs.version }}
            registry.budakova.org/knee-cola/gitea-actions-demo-project:latest
          cache-from: type=registry,ref=registry.budakova.org/knee-cola/gitea-actions-demo-project:buildcache
          cache-to: type=registry,ref=registry.budakova.org/knee-cola/gitea-actions-demo-project:buildcache,mode=max