name: Publish

on:
  push:
    branches:
      - main

jobs:
  publish:
    name: Test, build, and push image
    runs-on: ubuntu-latest
    container:
      image: golang:1.24-bookworm
    steps:
      - name: Checkout
        env:
          TOKEN: ${{ github.token }}
        run: |
          set -eu
          git init .
          if [ -n "${TOKEN:-}" ]; then
            git remote add origin "https://x-access-token:${TOKEN}@k3gtpi.jumpingcrab.com/${GITHUB_REPOSITORY}.git"
          else
            git remote add origin "https://k3gtpi.jumpingcrab.com/${GITHUB_REPOSITORY}.git"
          fi
          git fetch --depth=1 origin "${GITHUB_SHA}"
          git checkout --detach FETCH_HEAD

      - name: Check formatting
        run: |
          files="$(gofmt -l .)"
          if [ -n "$files" ]; then
            echo "The following files need gofmt:"
            echo "$files"
            exit 1
          fi

      - name: Vet
        run: go vet ./...

      - name: Test
        run: go test ./...

      - name: Read version
        run: |
          version="$(tr -d '[:space:]' < VERSION)"
          if [ -z "$version" ]; then
            echo "VERSION file is empty"
            exit 1
          fi
          echo "VERSION=$version" >> "$GITHUB_ENV"
          echo "IMAGE=k3crpi.jumpingcrab.com:5000/sabisan:$version" >> "$GITHUB_ENV"

      - name: Install Docker CLI
        run: |
          apt-get update
          apt-get install -y --no-install-recommends docker.io
          rm -rf /var/lib/apt/lists/*

      - name: Log in to registry
        run: |
          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login k3crpi.jumpingcrab.com:5000 \
            --username "${{ secrets.REGISTRY_USERNAME }}" \
            --password-stdin

      - name: Build image
        run: docker build --pull --tag "$IMAGE" .

      - name: Push image
        run: docker push "$IMAGE"