name: Build Container

on:
  workflow_dispatch: {}
  push: {}

jobs:
  build-container:
    name: Build Container
    runs-on: docker
    container:
      image: ghcr.io/osscontainertools/kaniko:alpine
    steps:
      - name: Install required system packages
        run: |
          apk add --no-cache nodejs
          apk add --no-cache skopeo

      - name: Checkout source code
        uses: actions/checkout@v6

      # - name: Login to container registry (prod only)
      #   if: ${{ forgejo.ref_name == 'main' }}
      #   run: /kaniko/executor login --username="forgejo-actions" --password="${{ secrets.PACKAGES_TOKEN }}" git.hamburg.ccc.de

      - name: Build Container
        # env:
        #   KANIKO_NO_PUSH: ${{ forgejo.ref_name != 'main' }}
        run: /kaniko/executor
          --dockerfile="${{forgejo.workspace }}/Containerfile"
          --context="dir://${{ forgejo.workspace }}"
          --destination=git.hamburg.ccc.de/ccchh/dooris:latest
          --tar-path=${{ forgejo.workspace }}/image.tar
          --no-push
          --no-push-cache
          --annotation=org.opencontainers.image.ref.name=dooris
          --annotation=org.opencontainers.image.url=${{ forgejo.server_url }}/${{ forgejo.repository }}
          --annotation=org.opencontainers.image.source=${{ forgejo.server_url }}/${{ forgejo.repository }}
          --annotation=org.opencontainers.image.licenses=AGPL-3.0

      - name: Push Container (prod-only)
        if: ${{ forgejo.ref_name == 'main' }}
        run: |
          # apk add --no-cache skopeo
          skopeo copy "docker-archive:${{ forgejo.workspace }}/image.tar" docker://git.hamburg.ccc.de/ccchh/dooris:latest --dest-creds="forgejo-actions:${{ secrets.PACKAGES_TOKEN }}"