name: Container

on:
  push:
    tags: ["[0-9]+.[0-9]+.[0-9]+*"]
    branches: [main, stable-*]
  pull_request:
    branches: [main, stable-*]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}

jobs:
  meta:
    runs-on: ubuntu-latest

    strategy:
      matrix:
        target: [analyzer, api, legacy, playout, worker]

    if: ${{ github.repository_owner == 'libretime' }}
    steps:
      - uses: actions/checkout@v4

      - name: Update Docker Hub description
        if: github.event_name == 'push'
        uses: peter-evans/dockerhub-description@v4
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
          repository: libretime/libretime-${{ matrix.target }}
          readme-filepath: ./README.md

      # This cannot be upgraded until we develop a workaround for medata-action
      # appending cwd:// to the bake-file output. 5.5 is not compatible with
      # upload-artifact
      # https://github.com/docker/metadata-action/issues/381
      - uses: docker/metadata-action@v5.4.0
        id: meta
        with:
          bake-target: ${{ matrix.target }}
          images: |
            ghcr.io/libretime/libretime-${{ matrix.target }}
            docker.io/libretime/libretime-${{ matrix.target }}
          tags: |
            type=ref,event=branch
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      - name: Upload metadata bake file
        uses: actions/upload-artifact@v4
        with:
          name: meta-${{ matrix.target }}
          path: ${{ steps.meta.outputs.bake-file }}

  build:
    needs: [meta]
    runs-on: ubuntu-latest

    if: ${{ github.repository_owner == 'libretime' }}
    steps:
      - uses: actions/checkout@v4

      - uses: docker/setup-buildx-action@v3

      - name: Login ghcr.io
        if: github.event_name == 'push'
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Login docker.io
        if: github.event_name == 'push'
        uses: docker/login-action@v3
        with:
          registry: docker.io
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Download all metadata bake files
        uses: actions/download-artifact@v4
        with:
          pattern: meta-*

      - name: Guess LIBRETIME_VERSION
        run: |
          make VERSION
          echo "LIBRETIME_VERSION=$(cat VERSION | tr -d [:blank:])" >> $GITHUB_ENV

      - name: Build
        uses: docker/bake-action@v5
        with:
          pull: true
          push: ${{ github.event_name == 'push' }}
          files: |
            docker-bake.json
            meta-analyzer/docker-metadata-action-bake.json
            meta-api/docker-metadata-action-bake.json
            meta-legacy/docker-metadata-action-bake.json
            meta-playout/docker-metadata-action-bake.json
            meta-worker/docker-metadata-action-bake.json
          set: |
            *.cache-from=type=gha,scope=container
            *.cache-to=type=gha,scope=container,mode=max
            *.args.LIBRETIME_VERSION=${{ env.LIBRETIME_VERSION }}