name: Build (and tag) Images

on:
  push:
  workflow_dispatch:

jobs:
  build:
    runs-on: docker
    container:
      image: ghcr.io/osscontainertools/kaniko:alpine
    steps:
      - name: Install required system packages
        run: apk add --no-cache nodejs git

      - name: Checkout repository
        uses: actions/checkout@v4
      
      - name: Set image tags
        id: vars
        run: |
          if [ "${{ forgejo.ref_name }}" = "main" ] && [ "${{ forgejo.event_name }}" = "push" ]; then
            echo "tag=latest" >> $GITHUB_OUTPUT
          else
            # renovate creates sub branches with `/`; these break the tagging in the build process
            echo tag=$(echo "${{ forgejo.ref_name }}" | sed 's/[^a-zA-Z0-9._-]/_/g') >> $GITHUB_OUTPUT
          fi

      - name: Build web image
        env:
          KANIKO_NO_PUSH: ${{ forgejo.event_name != 'push' }}
          KANIKO_GIT_HAMBURG_CCC_DE_USER: ${{ secrets.REGISTRY_USERNAME }}
          KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.REGISTRY_TOKEN }}
        run: |
          /kaniko/executor \
            --dockerfile="${{ forgejo.workspace }}/web/Containerfile" \
            --context="dir://${{ forgejo.workspace }}/web" \
            --destination=git.hamburg.ccc.de/ccchh/sunders/web:${{ steps.vars.outputs.tag }} \
            --no-push-cache \
            --credential-helpers=env

      - name: Build data_handler image
        env:
          KANIKO_NO_PUSH: ${{ forgejo.event_name != 'push' }}
          KANIKO_GIT_HAMBURG_CCC_DE_USER: ${{ secrets.REGISTRY_USERNAME }}
          KANIKO_GIT_HAMBURG_CCC_DE_PASSWORD: ${{ secrets.REGISTRY_TOKEN }}
        run: |
          /kaniko/executor \
            --dockerfile="${{ forgejo.workspace }}/data_handler/Containerfile" \
            --context="dir://${{ forgejo.workspace }}/data_handler" \
            --destination=git.hamburg.ccc.de/ccchh/sunders/data_handler:${{ steps.vars.outputs.tag }} \
            --no-push-cache \
            --credential-helpers=env