name: release-tag

on:
  push:
    branches:
      - master

jobs:
  release-image:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    env:
      DOCKER_LATEST: stable
      CONTAINER_NAME: op25-client
    steps:
      - name: Checkout
        uses: actions/checkout@v5

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker BuildX
        uses: docker/setup-buildx-action@v3
        with:
          config-inline: |
            [registry."git.vpn.cusano.net"] 
              http = false
              insecure = false          

      - name: Login to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: git.vpn.cusano.net
          username: ${{ gitea.actor }} # Uses the user or bot that triggered the workflow
          password: ${{ secrets.GITHUB_COM_TOKEN }} # The built-in, temporary token
          
      - name: Get Meta
        id: meta
        run: |
          echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}') >> $GITHUB_OUTPUT
          echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT        

      - name: Validate build configuration
        uses: docker/build-push-action@v6
        with:
          call: check

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./Dockerfile
          platforms: |
            linux/arm64
          push: true
          tags: |
            git.vpn.cusano.net/${{ vars.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}/${{ env.CONTAINER_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}
            git.vpn.cusano.net/${{ vars.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}/${{ env.CONTAINER_NAME }}:${{ env.DOCKER_LATEST }}