name: Build and Push Docker Image

on:
  push:
    branches:
      - "main"
    tags:
      - "v*"
  workflow_dispatch:
jobs:
  docker:
    runs-on: ubuntu-latest
    if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          # Ensure full history and all tags are available
          fetch-depth: 0

      - name: Set up QEMU (multi-arch)
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: gitea.suda.codes/${{ github.repository }}
          tags: |
            type=ref,event=tag

      - name: Determine latest Git tag
        id: latest
        shell: bash
        run: |
          set -euo pipefail
          # Fetch tags in case the runner's mirror is stale
          git fetch --tags --force --quiet || true
          if tag=$(git describe --tags --abbrev=0 2>/dev/null); then
            echo "tag=$tag" >> "$GITHUB_OUTPUT"
          else
            # Fallback when no tags exist
            echo "tag=latest" >> "$GITHUB_OUTPUT"
          fi

      - name: Log in to container registry
        uses: docker/login-action@v3
        with:
          registry: gitea.suda.codes
          username: ${{ secrets.REGISTRY_USERNAME }}
          password: ${{ secrets.REGISTRY_PASSWORD }}

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          platforms: linux/amd64
          tags: |
            ${{ steps.meta.outputs.tags }}
            gitea.suda.codes/${{ github.repository }}:${{ steps.latest.outputs.tag }}