name: Publish Docker images

on:
  push:
    branches:
      - edge
  release:
    types: [published]
  workflow_dispatch:

permissions:
  contents: read
  # packages: write

jobs:
  build-container-image:
    name: Build Docker image ${{ matrix.name }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
        include:
          - name: Debian
            file: Docker/Dockerfile
            flavor: |
              latest=auto
            tags: |
              type=edge,onlatest=false
              type=semver,pattern={{version}}
              type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/0.') }}
            #  type=semver,pattern={{major}}.{{minor}}
          - name: Alpine
            file: Docker/Dockerfile-Alpine
            flavor: |
              latest=false
            tags: |
              type=raw,value=alpine,enable=${{ github.ref == 'refs/heads/latest' || startsWith(github.ref, 'refs/tags/') }}
              type=edge,suffix=-alpine,onlatest=false
              type=semver,pattern={{version}}-alpine
              type=semver,pattern={{major}}-alpine,enable=${{ !startsWith(github.ref, 'refs/tags/0.') }}
            #  type=semver,pattern={{major}}.{{minor}}-alpine
    steps:
    - name: Set up QEMU
      uses: docker/setup-qemu-action@v3

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Checkout
      uses: actions/checkout@v6

    - name: Get FreshRSS version
      run: |
        FRESHRSS_VERSION=$(sed -n "s/^const FRESHRSS_VERSION = '\(.*\)'.*$/\1/p" constants.php)
        echo "$FRESHRSS_VERSION"
        echo "FRESHRSS_VERSION=$FRESHRSS_VERSION" >> $GITHUB_ENV

    - name: Add metadata to Docker images
      id: meta
      uses: docker/metadata-action@v5
      with:
        flavor: ${{ matrix.flavor }}
        images: |
          docker.io/freshrss/freshrss
      #     ghcr.io/${{ github.repository }}
        tags: ${{ matrix.tags }}
        labels: |
          org.opencontainers.image.url=https://freshrss.org/
          org.opencontainers.image.version=${{ env.FRESHRSS_VERSION }}

    - name: Login to Docker Hub
      if: github.repository_owner == 'FreshRSS'
      uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}

    # - name: Login to GitHub Container Registry
    #   uses: docker/login-action@v3
    #   with:
    #     registry: ghcr.io
    #     username: ${{ github.repository_owner }}
    #     password: ${{ secrets.GITHUB_TOKEN }}

    - name: Build and push Docker images
      uses: docker/build-push-action@v6
      with:
        file: ${{ matrix.file }}
        platforms: linux/amd64,linux/arm/v7,linux/arm64
        build-args: |
          FRESHRSS_VERSION=${{ env.FRESHRSS_VERSION }}
          SOURCE_COMMIT=${{ github.sha }}
        tags: ${{ steps.meta.outputs.tags }}
        labels: ${{ steps.meta.outputs.labels }}
        push: ${{ (github.ref == 'refs/heads/latest' || github.ref == 'refs/heads/edge' || startsWith(github.ref, 'refs/tags/')) && github.repository_owner == 'FreshRSS' }}