name: Release

on:
    workflow_dispatch:
    release:
     types: [published]

permissions:
    contents: read
    packages: write

jobs:
    build:
        runs-on: ubuntu-latest
        if: "!contains(github.event.head_commit.message, '[ci-skip]')"
        steps:
          - name: Checkout
            uses: actions/checkout@v4

          - name: Prepare
            id: prep
            run: |
              DOCKER_IMAGE=phusion/baseimage
              GIT_BRANCH=${GITHUB_REF##*/}
              # Set the platforms to build for here and thus reduce duplicating it.
              PLATFORMS=amd64,arm,arm64
              TAGS="${DOCKER_IMAGE}:${GIT_BRANCH}, ghcr.io/${{ github.repository_owner }}/baseimage:${GIT_BRANCH}"

              # Determine BASE_IMAGE from release tag prefix (e.g. noble-1.0.2 -> ubuntu:24.04)
              if [[ "${GIT_BRANCH}" == noble-* ]]; then
                BASE_IMAGE="ubuntu:24.04"
              elif [[ "${GIT_BRANCH}" == jammy-* ]]; then
                BASE_IMAGE="ubuntu:22.04"
              else
                # Default to noble (latest LTS) for unrecognised tag prefixes
                echo "::warning::Unrecognized release tag prefix '${GIT_BRANCH}'. Expected it to start with 'noble-' or 'jammy-'. Defaulting BASE_IMAGE to ubuntu:24.04 (Noble)."
                BASE_IMAGE="ubuntu:24.04"
              fi
              
              # Set output parameters.
              
              if [ "${{github.event_name}}" == "pull_request" ]; then
                echo "push=false" >> $GITHUB_OUTPUT
              else
                echo "push=true" >> $GITHUB_OUTPUT
                echo "tags=${TAGS}" >> $GITHUB_OUTPUT
                echo "branch=${GIT_BRANCH}" >> $GITHUB_OUTPUT
                echo "docker_image=${DOCKER_IMAGE}" >> $GITHUB_OUTPUT
              fi
              echo "platforms=${PLATFORMS}" >> $GITHUB_OUTPUT
              echo "base_image=${BASE_IMAGE}" >> $GITHUB_OUTPUT


          - name: Set up QEMU
            uses: docker/setup-qemu-action@v3
            with:
              platforms: ${{ steps.prep.outputs.platforms }}

          - name: Login to GHCR (Github Container Registry)
            uses: docker/login-action@v3
            if: github.event_name != 'pull_request'
            with:
             registry: ghcr.io
             username: ${{ github.actor }}
             password: ${{ secrets.GITHUB_TOKEN }}

          - name: Set up Docker Buildx
            id: buildx
            uses: docker/setup-buildx-action@v3
            with:
              install: true
              version: latest
              driver-opts: image=moby/buildkit:latest


          - name: Login to Docker Hub
            if: github.event_name != 'pull_request'
            uses: docker/login-action@v3
            with:
                username: ${{ secrets.DOCKER_USERNAME }}
                password: ${{ secrets.DOCKER_PASSWORD }}

          - name: Build and Push
            uses: docker/build-push-action@v6
            with:
              builder: ${{ steps.buildx.outputs.name }}
              context: image
              platforms: ${{ steps.prep.outputs.platforms }}
              push: ${{ steps.prep.outputs.push }}
              tags: ${{ steps.prep.outputs.tags }}
              build-args: BASE_IMAGE=${{ steps.prep.outputs.base_image }}