name: docker-build

on:
  push:
    branches:
      - main
      - renovate/*
    tags:
      - 'v*'
  pull_request:

jobs:
  docker:
    runs-on: docker
    steps:
      - name: Install Docker
        run: |
          apt-get update
          apt-get install -y ca-certificates curl
          install -m 0755 -d /etc/apt/keyrings
          curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
          chmod a+r /etc/apt/keyrings/docker.asc
          echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
          apt-get update
          apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

      - name: Login to Docker Hub
        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
        with:
          registry: git.dominikstahl.dev
          username: ${{ secrets.DOER }}
          password: ${{ secrets.TOKEN }}

      - name: Set up QEMU
        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3

      - name: Get the Ref
        id: get-ref
        uses: https://github.com/ankitvgupta/ref-to-tag-action@master
        with:
          ref: ${{ github.ref }}
          head_ref: ${{ github.head_ref }}

      - name: lowercase repo name
        run: |
          echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}

      - name: Build and push (pull_request)
        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
        if: github.event_name == 'pull_request'
        with:
          push: true
          tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag}}

      - name: Build and push (push_tag)
        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
        if: github.event_name == 'push' && github.ref_type == 'tag'
        with:
          push: true
          tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag }},git.dominikstahl.dev/${{ env.REPO }}:latest

      - name: Build and push (push_branch)
        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
        if: github.event_name == 'push' && github.ref_type == 'branch'
        with:
          push: true
          tags: git.dominikstahl.dev/${{ env.REPO }}:${{ steps.get-ref.outputs.tag }}