name: Build and Push
on:
  push:
    branches: [main]

env:
  HARBOR_IMAGE: ${{ vars.HARBOR_ADDR }}/library/docker-compose-updater

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Login Harbor
        uses: https://gitea.songhuwan.com/actions/login-action@v3.2.0
        with:
          registry: ${{ vars.HARBOR_ADDR }}
          username: ${{ secrets.HARBOR_USERNAME }}
          password: ${{ secrets.HARBOR_PASSWORD }}

      - name: Checkout
        run: |
          git clone https://gitea.songhuwan.com/actions/docker-compose-updater.git .
          git checkout ${{ github.sha }}

      - name: Build and push updater image
        run: |
          PUBLIC_KEY_BASE64=$(base64 -w0 < keys/signing-public.pem)
          docker build \
            --build-arg PUBLIC_KEY_BASE64=$PUBLIC_KEY_BASE64 \
            -t ${{ env.HARBOR_IMAGE }}:latest \
            -t ${{ env.HARBOR_IMAGE }}:${{ github.SHA }} \
            -f deploy/Dockerfile .
          docker push --all-tags ${{ env.HARBOR_IMAGE }}