name: Build and publish Docker image
on:
  push:
  pull_request:
  workflow_dispatch:

env:
  REGISTRY: git.newpipe-ev.de
  # make sure the name is lowercase, otherwise Docker won't accept it
  IMAGE_NAME: newpipe-ev/website

jobs:
  build:
    runs-on: ubuntu-latest

    permissions:
      contents: read

    steps:
      - uses: actions/checkout@v3

      - name: Log in to registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: |
            linux/amd64

      - name: Trigger redeployment
        if: gitea.ref == 'refs/heads/main'
        env:
          UPDATE_URL: ${{ secrets.UPDATE_URL }}
          UPDATE_TOKEN: ${{ secrets.UPDATE_TOKEN }}
        run: |
          curl "$UPDATE_URL" -H "Authorization: Bearer ${UPDATE_TOKEN}"