name: Ubuntu MATE build

on:
  schedule:
    - cron: '0 3 * * 6'
  push:
    branches: [ "main" ]
    paths:
      - "ubuntu-mate/Dockerfile"
      - ".github/workflows/ubuntu-mate-build.yml"
    # Publish semver tags as releases.
    tags: [ 'v*.*.*' ]
  pull_request:
    branches: [ "main" ]
  workflow_dispatch:

jobs:
  build_mate:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      # This is used to complete the identity challenge
      # with sigstore/fulcio when running outside of PRs.
      id-token: write

    steps:
      - name: Set registry and token
        run: |
          if [[ "${{ github.server_url }}" == "https://github.com" ]]; then
            echo "REGISTRY=ghcr.io" >> $GITHUB_ENV
            echo "CONTAINER_TOKEN=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
          else
            # Forgejo/Gitea uses the instance domain as registry
            echo "REGISTRY=$(echo ${{ github.server_url }} | sed 's|https://||')" >> $GITHUB_ENV
            echo "CONTAINER_TOKEN=${{ secrets.FORGEJOTOKEN }}" >> $GITHUB_ENV
          fi

      - name: Set image name
        run: |
          echo "IMAGE_NAME=$(echo ${{ github.repository }}/containerdesk-ubuntu-mate | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Log in to the Container registry
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ env.CONTAINER_TOKEN }}

      - name: Extract branch name
        shell: bash
        run: |
          BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}"
          BRANCH_NAME_CLEAN=$(echo "$BRANCH_NAME" | sed 's/[^a-zA-Z0-9._-]/-/g')
          echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
          echo "BRANCH_NAME_CLEAN=$BRANCH_NAME_CLEAN" >> $GITHUB_ENV

      - name: Generate build version
        id: version
        run: |
          BUILD_DATE=$(date +'%Y%m%d')
          SHORT_SHA=$(git rev-parse --short HEAD)
          echo "BUILD_VERSION=$BUILD_DATE-$SHORT_SHA" >> $GITHUB_ENV
          echo "BUILD_DATE=$BUILD_DATE" >> $GITHUB_ENV
          echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_ENV

      - name: Generate Docker tags for main branch
        if: env.BRANCH_NAME == 'main'
        run: |
          echo "DOCKER_TAGS<<EOF" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BUILD_VERSION }}" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.BUILD_DATE }}" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV

      - name: Generate Docker tags for development branches
        if: env.BRANCH_NAME != 'main'
        run: |
          echo "DOCKER_TAGS<<EOF" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:dev-${{ env.BRANCH_NAME_CLEAN }}-${{ env.BUILD_VERSION }}" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:dev-${{ env.BRANCH_NAME_CLEAN }}-latest" >> $GITHUB_ENV
          echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:dev-latest" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV

      # Workaround: https://github.com/docker/build-push-action/issues/461
      - name: Setup Docker buildx
        uses: docker/setup-buildx-action@v3

      # Build and push Docker image with Buildx (don't push on PR)
      # https://github.com/docker/build-push-action
      - name: Build and push Docker image
        id: build-and-push
        uses: docker/build-push-action@v6
        with:
          context: ./ubuntu-mate
          file: ./ubuntu-mate/Dockerfile
          platforms: linux/amd64
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ env.DOCKER_TAGS }}
          cache-from: type=gha
          cache-to: type=gha,mode=max