name: Docker

on:
  push:
    branches:
      - main
  release:
    types:
      - published

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  build-php-base:
    name: Build PHP base image on ${{ matrix.os }}
    runs-on: ${{ matrix.os }}
    permissions:
      contents: read
      packages: write
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-24.04
            arch: amd64
            platform: linux/amd64
          - os: ubuntu-24.04-arm
            arch: arm64
            platform: linux/arm64
    steps:
      - name: Code checkout
        uses: actions/checkout@v4
      
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
      
      - name: Build the base PHP image
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile.base
          push: false
          load: true
          platforms: ${{ matrix.platform }}
          tags: base-php:${{ matrix.arch }}
          cache-from: type=gha,scope=base-php${{ matrix.arch }}
          cache-to: type=gha,scope=base-php${{ matrix.arch }}

      - name: Export image to file
        run: docker save -o base-php-${{ matrix.arch }}.tar base-php:${{ matrix.arch }}
      
      - name: Push the docker build to the artifacts
        uses: actions/upload-artifact@v4
        with:
          name: base-php-${{ matrix.arch }}.tar
          path: base-php-${{ matrix.arch }}.tar
          retention-days: 7


  build-and-push:
    name: Build and Push ubuntu-24.04
    runs-on: ubuntu-24.04
    needs: build-php-base
    permissions:
      contents: read
      packages: write
    strategy:
      fail-fast: false
    # Start a temp local registry because workflow can not pull from localy loaded images
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000 
    # Always run against a tag, even if the commit into the tag has [docker skip] within the commit message.
    if: "!contains(github.ref, 'main') || (!contains(github.event.head_commit.message, 'skip docker') && !contains(github.event.head_commit.message, 'docker skip'))"
    steps:
      - name: Code checkout
        uses: actions/checkout@v4

      - name: Docker metadata
        id: docker_meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          flavor: |
            latest=false
          tags: |
            type=raw,value=latest,enable=${{ github.event_name == 'release' && github.event.action == 'published' && github.event.release.prerelease == false }}
            type=ref,event=tag
            type=ref,event=branch

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      
      # We Need to start it in host mode else it can't acces the local registry on port 5000
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3
        with:
          driver-opts: network=host

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Get Build Information
        id: build_info
        run: |
          echo "version_tag=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_OUTPUT
          echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

        # Download the base PHP image AMD64
      - uses: actions/download-artifact@v4
        with:
          name: base-php-amd64.tar
        
        # Download the base PHP image ARM64
      - uses: actions/download-artifact@v4
        with:
          name: base-php-arm64.tar

      - name: Load base images into local registry
        run: |
          docker load -i base-php-amd64.tar
          docker load -i base-php-arm64.tar
          docker tag base-php:amd64 localhost:5000/base-php:amd64
          docker tag base-php:arm64 localhost:5000/base-php:arm64
          docker push localhost:5000/base-php:amd64
          docker push localhost:5000/base-php:arm64
          rm base-php-arm64.tar base-php-amd64.tar
          
      - name: Build and Push (tag)
        uses: docker/build-push-action@v6
        if: "github.event_name == 'release' && github.event.action == 'published'"
        with:
          context: .
          file: ./Dockerfile
          push: true
          platforms: 'linux/amd64,linux/arm64'
          build-args: |
            VERSION=${{ steps.build_info.outputs.version_tag }}
          labels: ${{ steps.docker_meta.outputs.labels }}
          tags: ${{ steps.docker_meta.outputs.tags }}
          cache-from: type=gha,scope=tagged${{ matrix.os }}
          cache-to: type=gha,scope=tagged${{ matrix.os }},mode=max
        
      - name: Build and Push (main)
        uses: docker/build-push-action@v6
        if: "github.event_name == 'push' && contains(github.ref, 'main')"
        with:
          context: .
          file: ./Dockerfile
          push: ${{ github.event_name != 'pull_request' }}
          platforms: 'linux/amd64,linux/arm64'
          build-args: |
            VERSION=dev-${{ steps.build_info.outputs.short_sha }}
          labels: ${{ steps.docker_meta.outputs.labels }}
          tags: ${{ steps.docker_meta.outputs.tags }}
          cache-from: type=gha,scope=${{ matrix.os }}
          cache-to: type=gha,scope=${{ matrix.os }},mode=max