name: release

on:
  workflow_dispatch:
  push:
    branches: [master, staging]

jobs:
  docker:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write
    steps:
      - name: Login to registry
        uses: docker/login-action@v3
        with:
          registry: gitea.cybertalant.ru
          username: ${{ github.actor }}
          password: ${{ secrets.REGISTRY_TOKEN }}

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Generate Docker image tag
        id: tag
        run: |
          TIMESTAMP=$(date +%s)
          SHORT_SHA=$(echo ${{ github.sha }} | cut -c1-6)
          if [ "${{ github.ref_name }}" = "master" ]; then
            ENVIRONMENT="production"
          elif [ "${{ github.ref_name }}" = "staging" ]; then
            ENVIRONMENT="staging"
          else
            ENVIRONMENT="unknown"
          fi
          echo "TAG=${TIMESTAMP}-${SHORT_SHA}-${ENVIRONMENT}" >> $GITHUB_OUTPUT

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          push: true
          file: Dockerfile
          tags: |
            gitea.cybertalant.ru/visioncareerminiapp/vision-career:${{ steps.tag.outputs.TAG }}
          cache-from: type=registry,ref=gitea.cybertalant.ru/visioncareerminiapp/vision-career:buildcache
          cache-to: type=registry,ref=gitea.cybertalant.ru/visioncareerminiapp/vision-career:buildcache,mode=max