# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/github-action.json
name: "publish-container"
description: "Publishes a Container to a Gitea-hosted Container registry."
inputs:
  project:
    description: "Name of the project to containerize eg. fvcomkit"
    required: true
  container-token:
    description: "Token with which to authenticate to the Container registry."
    required: true
  registry:
    description: "Gitea registry domain, e.g. git.oceanbox.io"
    required: true
    default: "git.oceanbox.io"
  registry-owner:
    description: "Registry owner/organization name, e.g. oceanbox."
    required: true
    default: "oceanbox"
runs:
  using: "composite"
  steps:
    - name: Set image metadata
      id: envvars
      shell: bash
      run: |
        SHA="${{ github.sha }}"
        REPO="${{ github.repository }}"
        # To lowercase
        REPO_NAME="${REPO,,}"

        if [ "${{ github.ref_type }}" == "tag" ]; then
          IMAGE_TAG="${{ github.ref_name }}"
          ENV="Release"
        else
          IMAGE_TAG="${SHA:0:8}-debug"
          ENV="Debug"
        fi

        IMAGE_NAME="${{ inputs.registry }}/$REPO_NAME/${{ inputs.project }}:$IMAGE_TAG"

        echo "IMAGE_TAG=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
        echo "IMAGE_NAME=$IMAGE_NAME" >> "$GITHUB_OUTPUT"
        echo "ENV=$ENV" >> "$GITHUB_OUTPUT"
    - name: Build and push container
      if: github.event_name != 'pull_request'
      shell: bash
      run: |
        # Configure container policy to accept insecure registry
        mkdir -p ~/.config/containers
        echo '{"default":[{"type":"insecureAcceptAnything"}]}' > ~/.config/containers/policy.json

        # Skopeo temp dirs
        mkdir -p /tmp/skopeo
        chmod 755 /tmp/skopeo || true

        export TMPDIR=/tmp/skopeo
        export TMP=/tmp/skopeo
        export TEMP=/tmp/skopeo
        export XDG_RUNTIME_DIR=/tmp/skopeo

        # Login to registry
        skopeo login \
          --username "${{ github.actor }}" \
          --password "${{ inputs.container-token }}" \
          "${{ vars.REGISTRY }}"

        # Build container
        nix-build -A containers."${{ inputs.project }}" \
          --argstr env "${{ steps.envvars.outputs.ENV }}"

        ls -alh ./result
        skopeo inspect docker-archive://$(readlink -f ./result)

        echo "Pushing image: ${{ steps.envvars.outputs.IMAGE_NAME }}"
        skopeo copy \
          --tmpdir /tmp/skopeo \
          docker-archive://$(readlink -f ./result) \
          docker://${{ steps.envvars.outputs.IMAGE_NAME }}