name: Build And Publish Production Image

on:
  push:
    branches:
      - main

jobs:
  build:
    name: Build And Publish Production Image
    runs-on: ubuntu-latest
    env:
      REGISTRY: gitea.lab:80
      IMAGE_NAME: sancho41/condado-newsletter
      REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
      REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
    steps:
      - uses: actions/checkout@v4
        with:
          github-server-url: http://gitea.lab

      - name: Verify Docker CLI
        run: docker version

      - name: Log in to Docker Hub (optional)
        if: ${{ secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }}
        run: echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login docker.io -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

      - name: Build all-in-one image
        run: docker build -t condado-newsletter:latest -f Dockerfile.allinone .

      - name: Log in to Gitea container registry
        run: |
          if [ -z "$REGISTRY_USERNAME" ]; then
            REGISTRY_USERNAME="${{ github.actor }}"
            echo "REGISTRY_USERNAME secret is empty; falling back to github.actor: $REGISTRY_USERNAME"
          fi

          if [ -z "$REGISTRY_PASSWORD" ]; then
            echo "REGISTRY_PASSWORD secret is empty; cannot log in to ${REGISTRY}."
            exit 1
          fi

          echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY" -u "$REGISTRY_USERNAME" --password-stdin

      - name: Tag and push registry images
        run: |
          docker tag condado-newsletter:latest ${REGISTRY}/${IMAGE_NAME}:latest
          docker tag condado-newsletter:latest ${REGISTRY}/${IMAGE_NAME}:${{ github.sha }}
          docker push ${REGISTRY}/${IMAGE_NAME}:latest
          docker push ${REGISTRY}/${IMAGE_NAME}:${{ github.sha }}